Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner - - Probleme

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.03.2016, 11:15   #1
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hallo,

habe soeben mit Emsisoft gescannt und folgende Probleme festgestellt -

zudem lassen sich Win7 updates seit ca. 2 wochen nicht mehr installieren

hier das logfile zu emsisoft-scan


Code:
ATTFilter
Emsisoft Anti-Malware - Version 11.5.0.6191
Letztes Update: 21.03.2016 10:32:32
Benutzerkonto: Alpinarium-ARLT\Susanne

Scaneinstellungen:

Scantyp: 
Objekte: Rootkits, Speicher, Traces, C:\, D:\

Erkenne PUPs: An
Archive scannen: An
ADS-Scan: An
Dateierweiterungen: Aus
Advanced Caching: An
Direct Disk Access: Aus

Scan Beginn:	21.03.2016 10:39:23
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 932) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 939) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\Junk -> (message 214) -> [Subject: Sie haben ein akustisches Dokument gekriegt! cvxjl][Date: Wed, 23 Dec 2015 9:50:47] -> =?UTF-8?B?NTJoaWxsYW0uemlw?= -> kimmie.exe 	 Gen:Variant.Razy.11545 (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\Junk -> (message 216) -> [Subject: Sie haben ein akustisches Dokument gekriegt! cvxjl][Date: Wed, 23 Dec 2015 9:50:47] -> =?UTF-8?B?NTJoaWxsYW0uemlw?= -> kimmie.exe 	 Gen:Variant.Razy.11545 (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\INBOX -> (message 432) -> [Subject: Wir ᅢᄐbertragen Ihnen hgh][Date: Wed, 25 Nov 2015 03:52:51 -0500] -> 59godfrey.zip -> solomon.exe 	 Trojan.Spy.YRB (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\INBOX -> (message 500) -> [Subject: Sie haben gerade noch eine Audiobotschaft bekommen vrvyrk][Date: Wed, 16 Dec 2015 13:16:26] -> =?UTF-8?B?dGltb3RoYTM3LnppcA==?= -> spear.exe 	 Gen:Variant.Razy.11645 (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\INBOX -> (message 527) -> [Subject: Sie haben ein akustisches Dokument gekriegt! cvxjl][Date: Wed, 23 Dec 2015 9:50:47] -> =?UTF-8?B?NTJoaWxsYW0uemlw?= -> kimmie.exe 	 Gen:Variant.Razy.11545 (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\INBOX -> (message 631) -> [Subject: Du hast einen Gutschein erhalten! hfq][Date: Mon, 18 Jan 2016 12:6:3] -> =?UTF-8?B?NzVub3J0aHJvcC56aXA=?= -> lorayne.exe 	 Gen:Variant.Razy.18137 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$R7T35GB\Backup Files 2015-08-03 222000\Backup files 14.zip -> C\Users\Susanne\AppData\LocalLow\Google\GoogleEarth\webdata\f_00318f -> bg.kml 	 Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RG9RA4T\Backup Files 2014-12-15 162606\Backup files 30.zip -> C\Users\Susanne\AppData\LocalLow\Google\GoogleEarth\webdata\f_00318f -> bg.kml 	 Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMCGW25\Backup Files 2015-03-02 011646\Backup files 31.zip -> C\Users\Susanne\AppData\LocalLow\Google\GoogleEarth\webdata\f_00318f -> bg.kml 	 Trojan.Script.474879 (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-14 083954\Backup files 11.zip -> C\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 932) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-14 083954\Backup files 11.zip -> C\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 939) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-21 103226\Backup files 8.zip -> C\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 932) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-21 103226\Backup files 8.zip -> C\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk -> (message 939) -> [Subject: Lieferschein][Date: Tue, 22 Dec 2015 16:49:51 +0800] -> 11815--113686.doc 	 W97M.Downloader.AMK (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMCGW25\Backup Files 2015-05-31 235156\Backup files 11.zip -> C\Users\Susanne\AppData\LocalLow\Google\GoogleEarth\webdata\f_00318f -> bg.kml 	 Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMNP4KD\Backup Files 2014-10-05 212309\Backup files 11.zip -> C\Users\Susanne\AppData\LocalLow\Google\GoogleEarth\webdata\f_00318f -> bg.kml 	 Trojan.Script.474879 (B)

Gescannt	262894
Gefunden	17

Scan Ende:	21.03.2016 11:12:10
Scanzeit:	0:32:47

C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1-1.de\Junk	Unter Quarantäne: W97M.Downloader.AMK (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\Junk	Unter Quarantäne: Gen:Variant.Razy.11545 (B)
C:\Users\Susanne\AppData\Roaming\Thunderbird\Profiles\j618k2lr.default\ImapMail\imap.1und1.de\INBOX	Unter Quarantäne: Trojan.Spy.YRB (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$R7T35GB\Backup Files 2015-08-03 222000\Backup files 14.zip	Unter Quarantäne: Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RG9RA4T\Backup Files 2014-12-15 162606\Backup files 30.zip	Unter Quarantäne: Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMCGW25\Backup Files 2015-03-02 011646\Backup files 31.zip	Unter Quarantäne: Trojan.Script.474879 (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-14 083954\Backup files 11.zip	Unter Quarantäne: W97M.Downloader.AMK (B)
D:\ALPINARIUM-ARLT\Backup Set 2016-01-10 232131\Backup Files 2016-03-21 103226\Backup files 8.zip	Unter Quarantäne: W97M.Downloader.AMK (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMCGW25\Backup Files 2015-05-31 235156\Backup files 11.zip	Unter Quarantäne: Trojan.Script.474879 (B)
D:\$RECYCLE.BIN\S-1-5-21-2032422533-2031663358-3171475196-1000\$RMNP4KD\Backup Files 2014-10-05 212309\Backup files 11.zip	Unter Quarantäne: Trojan.Script.474879 (B)

Unter Quarantäne:	10
         

Alt 21.03.2016, 11:54   #2
M-K-D-B
/// TB-Ausbilder
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 22.03.2016, 10:40   #3
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hallo Matthias,

vielen Dank für Deine Hilfe - hier die log-datei von farbar's


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Susanne (ACHTUNG: der Benutzer ist kein Administrator) auf ALPINARIUM-ARLT (22-03-2016 10:32:43)
Gestartet von C:\Users\Susanne\Documents\Downloads
Geladene Profile: Alpinarium & Susanne & Gast (Verfügbare Profile: Alpinarium & Susanne & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> nvSCPAPISvr.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UMVPFSrv.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GfExperienceService.exe
konnte nicht auf den Prozess zugreifen -> iSCTAgent.exe
konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe
konnte nicht auf den Prozess zugreifen -> NvNetworkService.exe
konnte nicht auf den Prozess zugreifen -> NvStreamService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
konnte nicht auf den Prozess zugreifen -> alg.exe
konnte nicht auf den Prozess zugreifen -> NvStreamNetworkService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
konnte nicht auf den Prozess zugreifen -> NvStreamUserAgent.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
konnte nicht auf den Prozess zugreifen -> a2service.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9251528 2016-03-22] (Emsisoft Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-01-18]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B207B76-58B7-4187-9F07-D50C4EB16159}: [DhcpNameServer] 192.168.140.254
Tcpip\..\Interfaces\{9866D234-BBBA-461A-A62C-333D91C8393D}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-2032422533-2031663358-3171475196-1000] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-21-2032422533-2031663358-3171475196-1001] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-21-2032422533-2031663358-3171475196-501] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\1tao4vd9.default-1457972179389
FF Homepage: hxxp://www.ard.de/home/ard/ARD_Startseite/21920/index.html
about:preferences
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: @Google.com/GoogleEarthPlugin -> C:\Users\Susanne\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\1tao4vd9.default-1457972179389\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-20]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10978888 2016-03-22] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 adp3132; C:\Windows\system32\drivers\adp3132.sys [385072 2010-01-28] (Adaptec, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [70912 2011-11-04] (Fresco Logic)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-12-06] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [636184 2011-12-06] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ISASerial; C:\Windows\system32\drivers\ISASerial.sys [72192 2008-02-20] (Windows (R) Codename Longhorn DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
S3 MtsHID; C:\Windows\system32\drivers\MtsHID.sys [27664 2009-07-15] (TechniSat Provide)
S3 nvamacpi; C:\Windows\system32\drivers\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-05] (OCZ Technology Group, Inc.)
S1 oxpar; C:\Windows\system32\drivers\oxpar.sys [158208 2007-01-24] (OEM)
S3 OxPPort; C:\Windows\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [72192 2008-05-22] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [95744 2008-05-22] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [126464 2008-05-22] ()
S3 PPorts; C:\Windows\system32\drivers\PPorts.sys [95744 2008-02-20] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-03-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
S3 SPorts; C:\Windows\system32\drivers\SPorts.sys [124416 2008-02-20] ()
S3 StnPport; C:\Windows\system32\drivers\StnPport.sys [97280 2009-12-17] ()
S3 StnSport; C:\Windows\system32\drivers\StnSport.sys [126464 2009-11-14] ()
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [176640 2011-05-21] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [230400 2011-05-21] (VIA Technologies, Inc.)
S3 cpuz134; \??\C:\Users\ALPINA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 NmPar; \SystemRoot\system32\drivers\NmPar.sys [X]
S3 nmserial; \SystemRoot\system32\drivers\nmserial.sys [X]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [X]
S3 oxser; \SystemRoot\system32\drivers\oxser.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 10:30 - 2016-03-22 10:32 - 00000000 ____D C:\FRST
2016-03-20 17:12 - 2016-03-20 17:12 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-20 17:03 - 2016-03-20 17:03 - 00000000 ____D C:\OETemp
2016-03-20 17:02 - 2016-03-22 10:27 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-20 17:02 - 2016-03-20 17:02 - 00000856 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-03-20 17:02 - 2016-03-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-03-20 01:18 - 2016-03-20 01:18 - 00002624 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-20 (01-14-52).xml
2016-03-19 16:58 - 2016-03-19 16:58 - 00004088 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-19 (16-17-34).xml
2016-03-19 14:24 - 2016-03-19 16:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-19 12:20 - 2016-03-19 12:20 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-19 12:12 - 2016-03-19 15:26 - 00000000 ____D C:\Program Files\WinZip Driver Updater
2016-03-19 11:45 - 2016-03-20 16:16 - 00000000 ____D C:\rei
2016-03-19 11:45 - 2016-03-19 11:45 - 00000000 ____D C:\ProgramData\Reimage Protector
2016-03-19 11:26 - 2016-03-19 11:28 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-19 11:25 - 2016-03-19 11:25 - 01527296 _____ C:\Users\Susanne\Desktop\AdwCleaner_5.102.exe
2016-03-18 17:18 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160318-171859.backup
2016-03-17 01:16 - 2016-03-17 01:16 - 00000000 ____D C:\Windows\CheckSur
2016-03-17 00:45 - 2016-03-17 00:45 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\TomTom
2016-03-16 17:38 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-16 17:38 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-16 17:38 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-16 17:38 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-16 17:38 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-16 17:38 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-16 17:38 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-16 17:38 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-16 17:38 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-16 17:38 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-16 17:38 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-16 17:38 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-16 17:38 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-16 17:38 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-16 17:38 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-16 17:38 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-16 17:38 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-16 17:38 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-03-16 17:38 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-03-16 17:38 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-03-16 17:38 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-16 17:38 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-03-16 17:38 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-03-16 17:38 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-03-16 17:38 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-03-16 17:38 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-03-16 17:38 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-16 17:38 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-16 17:38 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-16 17:37 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-16 17:37 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-16 17:37 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-16 17:37 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-03-16 17:37 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-03-16 17:15 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-16 17:14 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-16 17:14 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-16 17:14 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-16 17:14 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-16 17:14 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-03-14 18:22 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160314-182243.backup
2016-02-26 16:36 - 2016-02-26 16:36 - 00000976 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Users\Susanne\AppData\Local\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-02-25 21:53 - 2016-02-25 21:53 - 13163744 _____ (Microsoft Corporation) C:\Users\Susanne\Desktop\Silverlight_x64.exe
2016-02-24 18:57 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160224-185713.backup
2016-02-24 18:49 - 2016-02-24 18:49 - 06837784 _____ (Piriform Ltd) C:\Users\Alpinarium\Downloads\ccsetup515.exe
2016-02-24 17:53 - 2016-02-24 17:53 - 00242312 _____ C:\Users\Susanne\Desktop\Firefox Setup Stub 44.0.2.exe
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____D C:\ProgramData\Intel
2016-02-24 12:40 - 2014-05-27 11:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\Program Files\Intel
2016-02-24 12:08 - 2016-03-18 17:17 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\CrashDumps

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 10:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-22 10:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-22 10:29 - 2014-09-26 00:15 - 00296448 ___SH C:\Users\Susanne\Desktop\Thumbs.db
2016-03-22 10:25 - 2012-08-16 11:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 17:17 - 2010-11-21 07:50 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-03-20 17:17 - 2010-11-21 07:50 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-03-20 17:17 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-20 17:13 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-20 17:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 17:04 - 2013-02-10 12:14 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Avira
2016-03-20 17:04 - 2013-02-01 17:30 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Avira
2016-03-20 17:04 - 2013-02-01 13:00 - 00000000 ____D C:\Program Files (x86)\Avira
2016-03-20 17:04 - 2012-10-22 14:45 - 00000000 ____D C:\ProgramData\Avira
2016-03-20 17:03 - 2014-07-30 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-20 16:34 - 2015-09-26 02:12 - 00011973 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2016-03-20 16:16 - 2014-10-21 11:38 - 00000150 _____ C:\Windows\Reimage.ini
2016-03-20 16:14 - 2016-01-04 10:25 - 00000000 ____D C:\Users\Susanne\AppData\Local\CrashDumps
2016-03-19 16:17 - 2015-02-28 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-19 16:15 - 2012-10-22 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 15:26 - 2014-05-30 11:51 - 00000000 ____D C:\ProgramData\WinZip
2016-03-19 11:21 - 2014-02-12 23:58 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\vlc
2016-03-19 10:41 - 2012-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-03-19 10:40 - 2012-10-22 15:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-18 16:03 - 2012-10-19 15:35 - 00000000 ____D C:\Users\Alpinarium
2016-03-17 00:40 - 2012-10-25 17:27 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\ElevatedDiagnostics
2016-03-16 17:50 - 2009-07-14 05:45 - 00291472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-16 17:49 - 2014-12-15 16:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-16 17:49 - 2014-05-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-16 17:49 - 2010-11-21 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-16 17:44 - 2012-08-16 11:23 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-16 17:42 - 2013-08-15 08:55 - 00000000 ____D C:\Windows\system32\MRT
2016-03-16 17:39 - 2012-10-22 16:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-15 22:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-03-14 17:19 - 2012-10-26 16:12 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-03-11 15:19 - 2012-08-16 11:19 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 15:19 - 2012-08-16 11:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 11:16 - 2016-01-16 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-06 10:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-25 21:55 - 2012-10-24 06:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-25 21:55 - 2012-08-16 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-25 21:54 - 2013-03-13 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-25 16:08 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-24 18:51 - 2015-07-14 23:46 - 00000000 ____D C:\Windows\Minidump
2016-02-24 18:50 - 2014-01-26 20:14 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-24 17:56 - 2014-10-19 05:35 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\Adobe
2016-02-24 17:56 - 2012-10-23 14:51 - 00000000 ____D C:\Users\Susanne\AppData\Local\Adobe
2016-02-24 17:54 - 2012-10-22 14:27 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-24 17:54 - 2012-10-22 14:27 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-24 17:34 - 2012-10-26 16:12 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Winamp
2016-02-24 17:06 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-24 11:49 - 2012-10-19 15:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-24 11:48 - 2012-10-23 22:31 - 00000000 ____D C:\TEMP
2016-02-24 11:48 - 2012-10-19 15:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-18 16:52 - 2015-09-18 16:52 - 0005120 _____ () C:\Users\Susanne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\Alpinarium\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Alpinarium\AppData\Local\Temp\sqlite3.exe
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Susanne (2016-03-22 10:33:31)
Gestartet von C:\Users\Susanne\Documents\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-19 14:35:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2032422533-2031663358-3171475196-500 - Administrator - Disabled)
Alpinarium (S-1-5-21-2032422533-2031663358-3171475196-1000 - Administrator - Enabled) => C:\Users\Alpinarium
Gast (S-1-5-21-2032422533-2031663358-3171475196-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2032422533-2031663358-3171475196-1003 - Limited - Enabled)
Susanne (S-1-5-21-2032422533-2031663358-3171475196-1004 - Limited - Enabled) => C:\Users\Susanne

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
NO ONE LIVES FOREVER - GAME OF THE YEAR EDITION (HKLM-x32\...\{EE3E60BC-F29F-4E7B-A110-B538387D34DA}) (Version:  - )
No One Lives Forever 2  (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version:  - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.0 - Activision, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tomb Raider Level Editor (HKLM-x32\...\Tomb Raider Level Editor) (Version:  - )
TP-LINK-Clientinstallationsprogramm (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-12 22:13 - 2016-02-12 22:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{58B51081-810F-42A5-8478-FE3DCB20071D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{608194F5-BEA9-4CC9-9109-2C37639893FE}] => (Allow) LPort=2869
FirewallRules: [{46D1F610-DE9B-4AEE-85B0-6EB4A9585715}] => (Allow) LPort=1900
FirewallRules: [{F195C26F-D7E3-4429-BFAA-FC2AE6129557}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{35BAD2D7-CABB-4938-9C57-0BA0C2271211}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{28CA718D-8E61-4A2D-B966-E6991F8F1A90}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{8E83A78A-F844-4F5E-B03F-79A980A7E562}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{816AC484-E4CD-49A6-B6A7-ABFA22BDF458}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{68741D5F-3111-474A-AF61-7FBE5314FD22}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A8FE5BC5-E6B2-4D17-A0CD-388C6C0C5A34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F522A485-295E-418D-96D1-09842F761D38}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{1F6A95F8-CEDB-4EE5-A32D-5921F12A6811}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{6C6BFA2C-0545-4C40-85E6-2108BF6C3966}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{A8A2F0FF-A645-4030-957F-B34ED3BB6D4C}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{56892508-A78E-4BA4-8609-75B6C9229105}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{CF8FF30F-B7EB-42B6-A167-C1E54B8ED986}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{49216771-5B47-4745-874D-EB5643043A5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{DFB02E41-0796-44BE-83D0-4CE7198895C4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [TCP Query User{CD999D0B-BEDF-4B04-8F05-D4C2713298B7}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [UDP Query User{37AAE9ED-1ACE-436A-831A-F70EE97E21B3}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [{F0BA29C8-5C54-4208-AC37-EC6E351889CA}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{0795D547-9087-431B-96C4-89A2FE677366}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{DAF4490C-85A9-4FE4-B380-F91C318E88D5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{5BD5CDBD-1A78-4362-A502-91478E6F3364}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{69D71781-C870-4ABD-8F78-E0D66841CF41}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{FE6EDE5A-07D9-4897-9E60-8398BAE7E59F}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{A8501114-5F8F-4A31-A315-F0F5D021816A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [{E44E7BC7-19CD-493C-A45E-AB7D5DB5C267}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{944593AE-DDA3-48FC-B19F-F21C863AD66D}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{C22E7235-F2A8-4446-AE6A-69664FB34BEC}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{E0ACFF8E-3807-4603-B431-F0676F031C38}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{26F22430-567A-40B6-B8BE-FC94D803E649}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{14DCFA97-9CC1-4EDC-8191-0D3A38AD0454}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{242EE8F8-C57C-44E5-BC37-8B3955955B6B}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{460ADF36-015E-4E1F-9977-80979B6709C5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{9EBFC355-22C6-47D6-BB83-9B369DA4BAF5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{498196B2-050B-4E05-9023-36846EB49133}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{55364784-1F66-4CFB-8DF6-BB937B2508AE}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [TCP Query User{056C0052-1E94-428B-A3C5-437F7DD088FA}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [UDP Query User{E4A32A99-E2C0-4D84-AF37-6AB2A7F7E554}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [{7A8CF39C-48B3-4065-9290-32C157AC07C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{862E5F60-3541-4026-BC97-D8D055087DA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9BB3BD07-86F1-40A3-930B-DC41D27A0D8B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D8293F-1D88-4912-835A-EAC64A160131}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{96AD2AD4-BA69-41A4-AF6E-EE0335D1E429}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{C85F7BB9-C675-4ECA-9485-B14BFFB3AA75}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{D20EDD41-6900-4238-AD0F-75F0FBC7632A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{FB84A06F-A7F5-4FFE-8371-7EB48B685F07}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{6AA585FB-57C5-44EC-9FA9-21A83115CF26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78DFDE3A-49D9-47E3-9215-1110941C9A7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{606BE1C0-1AC0-44B8-A0DE-6C578ED0E61A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{C88CB9B3-B684-4E5B-A016-855487C8C8A0}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{05D816AE-B392-4C03-A564-972A4E49DF86}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{27D50474-46F1-48AC-9A20-0690F2260658}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{94AA88EB-74B8-41F6-B541-338EA210888D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FD2B031-67ED-4618-A311-22D499A81796}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7EFD8D3C-4B6E-4E55-A5CE-19D065BAAAF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B330EDB8-868A-4BF5-A4DD-07A482D3F1E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F967479-3E85-4BC8-8F2D-B87E3BAFF0F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{77E2CB8C-4E11-4FF6-AD0B-8993ECFD24AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18ECBB98-2DDB-4B08-B108-58EA82A1D97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD67ED98-6957-4F16-A290-50DD104ACACF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{62E51D65-3CF6-435F-B525-31F01B19D021}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{030748BB-D626-4F06-86C9-22C8260D347E}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/22/2016 10:25:24 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CHIPUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at UpdateYeti.UpdateYetiApiCall.AttachSoftwareDataToCall(System.Collections.Generic.List`1<UpdateYeti.Model.Software.AppInfo>)
   at UpdateYeti.Model.MainModel.<MainModel_FindSoftwareFinished>b__2a(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/20/2016 05:15:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 05:11:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 05:06:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 04:38:32 PM) (Source: MsiInstaller) (EventID: 11706) (User: Alpinarium-ARLT)
Description: Produkt: Far Cry -- Fehler 1706. Für das Produkt Far Cry wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets "Far Cry.msi".

Error: (03/20/2016 04:24:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CHIPUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at UpdateYeti.UpdateYetiApiCall.AttachSoftwareDataToCall(System.Collections.Generic.List`1<UpdateYeti.Model.Software.AppInfo>)
   at UpdateYeti.Model.MainModel.<MainModel_FindSoftwareFinished>b__2a(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/20/2016 04:21:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/20/2016 04:15:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
   at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlTextReader.Read()
   at System.Configuration.XmlUtil..ctor(System.IO.Stream, System.String, Boolean, System.Configuration.ConfigurationSchemaErrors)
   at System.Configuration.AppSettingsSection.DeserializeElement(System.Xml.XmlReader, Boolean)
   at System.Configuration.ConfigurationSection.DeserializeSection(System.Xml.XmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionImpl(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader, System.String, Int32)

Exception Info: System.Configuration.ConfigurationErrorsException
   at System.Configuration.BaseConfigurationRecord.EvaluateOne(System.String[], System.Configuration.SectionInput, Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object)
   at System.Configuration.BaseConfigurationRecord.Evaluate(System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at NLog.Common.InternalLogger.GetSettingString(System.String, System.String)
   at NLog.Common.InternalLogger.GetSetting[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.String, Boolean)
   at NLog.Common.InternalLogger..cctor()

Exception Info: System.TypeInitializationException
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.GetConfigurationForLogger(System.String, NLog.Config.LoggingConfiguration)
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.Program.CurrentDomain_UnhandledException(System.Object, System.UnhandledExceptionEventArgs)

Error: (03/20/2016 04:14:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
   at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlTextReader.Read()
   at System.Configuration.XmlUtil..ctor(System.IO.Stream, System.String, Boolean, System.Configuration.ConfigurationSchemaErrors)
   at System.Configuration.AppSettingsSection.DeserializeElement(System.Xml.XmlReader, Boolean)
   at System.Configuration.ConfigurationSection.DeserializeSection(System.Xml.XmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionImpl(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader, System.String, Int32)

Exception Info: System.Configuration.ConfigurationErrorsException
   at System.Configuration.BaseConfigurationRecord.EvaluateOne(System.String[], System.Configuration.SectionInput, Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object)
   at System.Configuration.BaseConfigurationRecord.Evaluate(System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at NLog.Common.InternalLogger.GetSettingString(System.String, System.String)
   at NLog.Common.InternalLogger.GetSetting[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.String, Boolean)
   at NLog.Common.InternalLogger..cctor()

Exception Info: System.TypeInitializationException
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.GetConfigurationForLogger(System.String, NLog.Config.LoggingConfiguration)
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.Program.CurrentDomain_UnhandledException(System.Object, System.UnhandledExceptionEventArgs)

Error: (03/20/2016 04:14:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56258f05
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1070
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3


Systemfehler:
=============
Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/22/2016 10:25:04 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/21/2016 10:32:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/21/2016 10:32:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/21/2016 10:32:20 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/21/2016 10:32:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


CodeIntegrity:
===================================
  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.395
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:30.545
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:30.545
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16334.91 MB
Verfügbarer physikalischer RAM: 13886.02 MB
Summe virtueller Speicher: 32668.03 MB
Verfügbarer virtueller Speicher: 29746.09 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:110.02 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Fixed) (Total:1863.01 GB) (Free:586.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         
__________________

Alt 22.03.2016, 11:00   #4
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hier ein Teil des Log-files TDSS-Killer

[CODE]10:42:52.0351 0x13dc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:43:02.0825 0x13dc ============================================================
10:43:02.0825 0x13dc Current date / time: 2016/03/22 10:43:02.0825
10:43:02.0825 0x13dc SystemInfo:
10:43:02.0825 0x13dc
10:43:02.0825 0x13dc OS Version: 6.1.7601 ServicePack: 1.0
10:43:02.0825 0x13dc Product type: Workstation
10:43:02.0825 0x13dc ComputerName: ALPINARIUM-ARLT
10:43:02.0825 0x13dc UserName: Alpinarium
10:43:02.0825 0x13dc Windows directory: C:\Windows
10:43:02.0826 0x13dc System windows directory: C:\Windows
10:43:02.0826 0x13dc Running under WOW64
10:43:02.0826 0x13dc Processor architecture: Intel x64
10:43:02.0826 0x13dc Number of processors: 8
10:43:02.0826 0x13dc Page size: 0x1000
10:43:02.0826 0x13dc Boot type: Normal boot
10:43:02.0826 0x13dc ============================================================
10:43:03.0088 0x13dc KLMD registered as C:\Windows\system32\drivers\65732901.sys
10:43:03.0130 0x13dc System UUID: {69D2518C-C885-477E-A23A-63A5D7A9B6E4}
10:43:03.0331 0x13dc Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:43:03.0350 0x13dc Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:43:03.0355 0x13dc ============================================================
10:43:03.0355 0x13dc \Device\Harddisk0\DR0:
10:43:03.0355 0x13dc MBR partitions:
10:43:03.0355 0x13dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2000
10:43:03.0355 0x13dc \Device\Harddisk1\DR1:
10:43:03.0355 0x13dc MBR partitions:
10:43:03.0355 0x13dc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
10:43:03.0355 0x13dc ============================================================
10:43:03.0356 0x13dc C: <-> \Device\Harddisk0\DR0\Partition1
10:43:03.0367 0x13dc D: <-> \Device\Harddisk1\DR1\Partition1
10:43:03.0368 0x13dc ============================================================
10:43:03.0368 0x13dc Initialize success
10:43:03.0368 0x13dc ============================================================
10:45:57.0880 0x12f8 ============================================================
10:45:57.0880 0x12f8 Scan started
10:45:57.0880 0x12f8 Mode: Manual; SigCheck; TDLFS;
10:45:57.0880 0x12f8 ============================================================
10:45:57.0880 0x12f8 KSN ping started
10:46:00.0438 0x12f8 KSN ping finished: true
10:46:01.0718 0x12f8 ================ Scan system memory ========================
10:46:01.0718 0x12f8 System memory - ok
10:46:01.0718 0x12f8 ================ Scan services =============================
10:46:01.0733 0x12f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:46:01.0764 0x12f8 1394ohci - ok
10:46:01.0905 0x12f8 [ E13222F715AA93C545264D7D3E28FBDD, 960EF0AF02579B2320EA885557DCA62400BA047E332D3ECC500ECD195A0E8136 ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
10:46:02.0076 0x12f8 a2AntiMalware - ok
10:46:02.0092 0x12f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:46:02.0108 0x12f8 ACPI - ok
10:46:02.0108 0x12f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:46:02.0123 0x12f8 AcpiPmi - ok
10:46:02.0123 0x12f8 [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:02.0139 0x12f8 AdobeFlashPlayerUpdateSvc - ok
10:46:02.0154 0x12f8 [ 132190688D8E51D61F88A150D7DF9FB4, 76E1C520CCA50509AD60B7257099855674E4BB8E63CE933A0B53C7A8DCAE55C9 ] adp3132 C:\Windows\system32\drivers\adp3132.sys
10:46:02.0154 0x12f8 adp3132 - ok
10:46:02.0170 0x12f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:46:02.0186 0x12f8 adp94xx - ok
10:46:02.0186 0x12f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:46:02.0201 0x12f8 adpahci - ok
10:46:02.0201 0x12f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:46:02.0201 0x12f8 adpu320 - ok
10:46:02.0217 0x12f8 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:46:02.0217 0x12f8 AeLookupSvc - ok
10:46:02.0232 0x12f8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:46:02.0248 0x12f8 AFD - ok
10:46:02.0248 0x12f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:46:02.0248 0x12f8 agp440 - ok
10:46:02.0264 0x12f8 [ EE6DAD59BB40168BA61964E111CED923, AE9E71DD328B96C7DBD18913906D50131A6964314C4847A006959C4907837C95 ] ahcix64s C:\Windows\system32\drivers\ahcix64s.sys
10:46:02.0264 0x12f8 ahcix64s - ok
10:46:02.0264 0x12f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:46:02.0279 0x12f8 ALG - ok
10:46:02.0279 0x12f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:46:02.0279 0x12f8 aliide - ok
10:46:02.0295 0x12f8 [ D39CB7B4BB3A46BC84AD0CC1B8261FB8, 047DF172B42A536871E30E697A209BDC100615B4422ADAF958D0475412EA6E4D ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
10:46:02.0295 0x12f8 amdhub30 - ok
10:46:02.0295 0x12f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:46:02.0295 0x12f8 amdide - ok
10:46:02.0295 0x12f8 [ 0DB2DF2B692A3F70443FD14D7920F249, 2B567735CF07D2386E65A17801890C98379322DE08CA2B43CA8C33466552BE92 ] amdide64 C:\Windows\system32\drivers\amdide64.sys
10:46:02.0310 0x12f8 amdide64 - ok
10:46:02.0310 0x12f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:46:02.0310 0x12f8 AmdK8 - ok
10:46:02.0326 0x12f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:46:02.0326 0x12f8 AmdPPM - ok
10:46:02.0326 0x12f8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:46:02.0342 0x12f8 amdsata - ok
10:46:02.0342 0x12f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:46:02.0357 0x12f8 amdsbs - ok
10:46:02.0357 0x12f8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:46:02.0357 0x12f8 amdxata - ok
10:46:02.0373 0x12f8 [ 990E896740E42C6B88284AFD1799AA56, 600556B41A272588D58AB0D552AD903BD0BF5CFB9CB2F5D966E0AD5EA5F2A3F8 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
10:46:02.0373 0x12f8 amdxhc - ok
10:46:02.0373 0x12f8 [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
10:46:02.0388 0x12f8 amd_sata - ok
10:46:02.0388 0x12f8 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
10:46:02.0388 0x12f8 amd_xata - ok
10:46:02.0388 0x12f8 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
10:46:02.0404 0x12f8 AppID - ok
10:46:02.0404 0x12f8 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:46:02.0404 0x12f8 AppIDSvc - ok
10:46:02.0404 0x12f8 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
10:46:02.0420 0x12f8 Appinfo - ok
10:46:02.0420 0x12f8 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:46:02.0435 0x12f8 Apple Mobile Device Service - ok
10:46:02.0435 0x12f8 [ D73AAD4946051D074909FDFD34D94C7B, F959C1E63EAFF88C9F15F71607DF1B604981AA75AE3C0D33F6EBBFB452F634CD ] arc C:\Windows\system32\drivers\arc.sys
10:46:02.0435 0x12f8 arc - ok
10:46:02.0435 0x12f8 [ 46E8C3EB03224A1E55C6F0C100A9D2CC, 7CF7A92942117D45345C5324E1ADA5AD77EECF36C4AA63339E676D72D7624F01 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:46:02.0451 0x12f8 arcsas - ok
10:46:02.0451 0x12f8 [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64 C:\Windows\system32\drivers\asahci64.sys
10:46:02.0451 0x12f8 asahci64 - ok
10:46:02.0451 0x12f8 [ 7F0DB399731DAA70042D094D2C11DDCA, 8BBFAC6A636CF86D24355D614B17CBB77343AD286EDD4D841943B9E0D1DDC704 ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
10:46:02.0466 0x12f8 asmthub3 - ok
10:46:02.0482 0x12f8 [ 49DB39B0A504779B0D89555F684BA84E, 961245D9C9EFD08A90AB178A2B8A333445B8F83D2FE9762B41456A06F4753E6D ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
10:46:02.0482 0x12f8 asmtxhci - ok
10:46:02.0498 0x12f8 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:46:02.0498 0x12f8 aspnet_state - ok
10:46:02.0513 0x12f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:02.0529 0x12f8 AsyncMac - ok
10:46:02.0529 0x12f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:46:02.0529 0x12f8 atapi - ok
10:46:02.0560 0x12f8 [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
10:46:02.0591 0x12f8 athur - ok
10:46:02.0607 0x12f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:02.0622 0x12f8 AudioEndpointBuilder - ok
10:46:02.0638 0x12f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:46:02.0654 0x12f8 AudioSrv - ok
10:46:02.0654 0x12f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:46:02.0669 0x12f8 AxInstSV - ok
10:46:02.0669 0x12f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:46:02.0685 0x12f8 b06bdrv - ok
10:46:02.0685 0x12f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:46:02.0700 0x12f8 b57nd60a - ok
10:46:02.0716 0x12f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:46:02.0716 0x12f8 BDESVC - ok
10:46:02.0716 0x12f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:46:02.0747 0x12f8 Beep - ok
10:46:02.0763 0x12f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:46:02.0778 0x12f8 BFE - ok
10:46:02.0794 0x12f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:46:02.0825 0x12f8 BITS - ok
10:46:02.0825 0x12f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:46:02.0841 0x12f8 blbdrive - ok
10:46:02.0841 0x12f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:46:02.0841 0x12f8 bowser - ok
10:46:02.0841 0x12f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:46:02.0856 0x12f8 BrFiltLo - ok
10:46:02.0856 0x12f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:46:02.0872 0x12f8 BrFiltUp - ok
10:46:02.0872 0x12f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:46:02.0872 0x12f8 Browser - ok
10:46:02.0888 0x12f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:46:02.0888 0x12f8 Brserid - ok
10:46:02.0903 0x12f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:02.0903 0x12f8 BrSerWdm - ok
10:46:02.0903 0x12f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:02.0919 0x12f8 BrUsbMdm - ok
10:46:02.0919 0x12f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:02.0919 0x12f8 BrUsbSer - ok
10:46:02.0934 0x12f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:46:02.0934 0x12f8 BTHMODEM - ok
10:46:02.0934 0x12f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:46:02.0966 0x12f8 bthserv - ok
10:46:02.0966 0x12f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:46:02.0981 0x12f8 cdfs - ok
10:46:02.0981 0x12f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:46:02.0997 0x12f8 cdrom - ok
10:46:02.0997 0x12f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:46:03.0012 0x12f8 CertPropSvc - ok
10:46:03.0028 0x12f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:46:03.0028 0x12f8 circlass - ok
10:46:03.0044 0x12f8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:46:03.0044 0x12f8 CLFS - ok
10:46:03.0059 0x12f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:03.0059 0x12f8 clr_optimization_v2.0.50727_32 - ok
10:46:03.0059 0x12f8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:46:03.0075 0x12f8 clr_optimization_v2.0.50727_64 - ok
10:46:03.0075 0x12f8 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:03.0090 0x12f8 clr_optimization_v4.0.30319_32 - ok
10:46:03.0090 0x12f8 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:46:03.0090 0x12f8 clr_optimization_v4.0.30319_64 - ok
10:46:03.0106 0x12f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:46:03.0106 0x12f8 CmBatt - ok
10:46:03.0106 0x12f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:46:03.0106 0x12f8 cmdide - ok
10:46:03.0122 0x12f8 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
10:46:03.0137 0x12f8 CNG - ok
10:46:03.0137 0x12f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:46:03.0153 0x12f8 Compbatt - ok
10:46:03.0153 0x12f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:46:03.0153 0x12f8 CompositeBus - ok
10:46:03.0153 0x12f8 COMSysApp - ok
10:46:03.0168 0x12f8 cpuz134 - ok
10:46:03.0168 0x12f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:46:03.0168 0x12f8 crcdisk - ok
10:46:03.0184 0x12f8 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:46:03.0184 0x12f8 CryptSvc - ok
10:46:03.0200 0x12f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:46:03.0231 0x12f8 DcomLaunch - ok
10:46:03.0231 0x12f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:46:03.0262 0x12f8 defragsvc - ok
10:46:03.0262 0x12f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:46:03.0278 0x12f8 DfsC - ok
10:46:03.0278 0x12f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:46:03.0293 0x12f8 Dhcp - ok
10:46:03.0324 0x12f8 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
10:46:03.0340 0x12f8 DiagTrack - ok
10:46:03.0340 0x12f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:46:03.0371 0x12f8 discache - ok
10:46:03.0371 0x12f8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:46:03.0371 0x12f8 Disk - ok
10:46:03.0387 0x12f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:46:03.0387 0x12f8 Dnscache - ok
10:46:03.0402 0x12f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:46:03.0418 0x12f8 dot3svc - ok
10:46:03.0418 0x12f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:46:03.0449 0x12f8 DPS - ok
10:46:03.0449 0x12f8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:46:03.0449 0x12f8 drmkaud - ok
10:46:03.0480 0x12f8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:46:03.0496 0x12f8 DXGKrnl - ok
10:46:03.0496 0x12f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:46:03.0512 0x12f8 EapHost - ok
10:46:03.0558 0x12f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:46:03.0621 0x12f8 ebdrv - ok
10:46:03.0621 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
10:46:03.0621 0x12f8 EFS - ok
10:46:03.0636 0x12f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:46:03.0652 0x12f8 ehRecvr - ok
10:46:03.0668 0x12f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:46:03.0668 0x12f8 ehSched - ok
10:46:03.0683 0x12f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:46:03.0699 0x12f8 elxstor - ok
10:46:03.0699 0x12f8 [ B6A7D3B49CA93FC0AECAC7C911E81F1E, 75245217F86F6BFC94C929EF7295D1C2D3A42B3A5161E8D85599812AD7CC723D ] epp C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys
10:46:03.0699 0x12f8 epp - ok
10:46:03.0714 0x12f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:46:03.0714 0x12f8 ErrDev - ok
10:46:03.0714 0x12f8 [ 21023B3FF378D73A3483134DFD061246, 7570F2ABFEDEA6FF5E6BA5B0281DA17A6AB5A110256B03CBBBB9EA7C95F67591 ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
10:46:03.0730 0x12f8 EtronHub3 - ok
10:46:03.0730 0x12f8 [ 8D77B1E4ABAB5243172C24159D14E0F2, 351EC99EF9AB4F7FF324D92E27CBBE0F0FC736AF79C9BC325D782BE7BF7195DC ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
10:46:03.0730 0x12f8 EtronXHCI - ok
10:46:03.0746 0x12f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:46:03.0761 0x12f8 EventSystem - ok
10:46:03.0777 0x12f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:46:03.0792 0x12f8 exfat - ok
10:46:03.0792 0x12f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:46:03.0824 0x12f8 fastfat - ok
10:46:03.0839 0x12f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:46:03.0855 0x12f8 Fax - ok
10:46:03.0855 0x12f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:46:03.0855 0x12f8 fdc - ok
10:46:03.0855 0x12f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:46:03.0870 0x12f8 fdPHost - ok
10:46:03.0886 0x12f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:46:03.0902 0x12f8 FDResPub - ok
10:46:03.0902 0x12f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:46:03.0902 0x12f8 FileInfo - ok
10:46:03.0917 0x12f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:46:03.0933 0x12f8 Filetrace - ok
10:46:03.0933 0x12f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:46:03.0933 0x12f8 flpydisk - ok
10:46:03.0948 0x12f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:46:03.0948 0x12f8 FltMgr - ok
10:46:03.0964 0x12f8 [ F82F68BE29096C552CA25511F08005E7, D64B53BC94ACCD0502A0BF311826943D80D513279E5C3EF3BA89E2CE186470D2 ] FLxHCIc C:\Windows\system32\drivers\FLxHCIc.sys
10:46:03.0964 0x12f8 FLxHCIc - ok
10:46:03.0964 0x12f8 [ 256F51C79AB03AD6D68ECAE96ADB4746, 2315EB7FD51ECA441B4EDCCD1866E4027F762B8BC9456B7F8B9391D2602895F3 ] FLxHCIh C:\Windows\system32\drivers\FLxHCIh.sys
10:46:03.0980 0x12f8 FLxHCIh - ok
10:46:03.0995 0x12f8 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
10:46:04.0011 0x12f8 FontCache - ok
10:46:04.0026 0x12f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:46:04.0026 0x12f8 FontCache3.0.0.0 - ok
10:46:04.0026 0x12f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:46:04.0042 0x12f8 FsDepends - ok
10:46:04.0042 0x12f8 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:46:04.0042 0x12f8 fssfltr - ok
10:46:04.0073 0x12f8 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:46:04.0089 0x12f8 fsssvc - ok
10:46:04.0089 0x12f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:46:04.0104 0x12f8 Fs_Rec - ok
10:46:04.0104 0x12f8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:46:04.0120 0x12f8 fvevol - ok
10:46:04.0120 0x12f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:46:04.0120 0x12f8 gagp30kx - ok
10:46:04.0151 0x12f8 [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:46:04.0167 0x12f8 GfExperienceService - ok
10:46:04.0182 0x12f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:46:04.0214 0x12f8 gpsvc - ok
10:46:04.0214 0x12f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:46:04.0214 0x12f8 hcw85cir - ok
10:46:04.0229 0x12f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:04.0245 0x12f8 HdAudAddService - ok
10:46:04.0245 0x12f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:46:04.0245 0x12f8 HDAudBus - ok
10:46:04.0260 0x12f8 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
10:46:04.0260 0x12f8 HECIx64 - ok
10:46:04.0260 0x12f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:46:04.0260 0x12f8 HidBatt - ok
10:46:04.0276 0x12f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:46:04.0276 0x12f8 HidBth - ok
10:46:04.0276 0x12f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:46:04.0292 0x12f8 HidIr - ok
10:46:04.0292 0x12f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:46:04.0307 0x12f8 hidserv - ok
10:46:04.0323 0x12f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:46:04.0323 0x12f8 HidUsb - ok
10:46:04.0323 0x12f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:46:04.0338 0x12f8 hkmsvc - ok
10:46:04.0354 0x12f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:04.0354 0x12f8 HomeGroupListener - ok
10:46:04.0370 0x12f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:04.0370 0x12f8 HomeGroupProvider - ok
10:46:04.0370 0x12f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:46:04.0385 0x12f8 HpSAMD - ok
10:46:04.0401 0x12f8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:46:04.0416 0x12f8 HTTP - ok
10:46:04.0416 0x12f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:46:04.0416 0x12f8 hwpolicy - ok
10:46:04.0416 0x12f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:46:04.0432 0x12f8 i8042prt - ok
10:46:04.0448 0x12f8 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:46:04.0448 0x12f8 iaStor - ok
10:46:04.0463 0x12f8 [ BC01732B88777BB2FE58E514A945D517, DD5DC9EAEB631E68D71ADE0D5F25416B48170FC7634ACA485F8D1E2239193305 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
10:46:04.0479 0x12f8 iaStorA - ok
10:46:04.0479 0x12f8 [ F435C8A8C02067C9CD0EF430A8552BEA, DE6246A32FFEAFDEE44B0DFA35C75B20E804DAC12401BA45E20BA1FAD14141C5 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
10:46:04.0479 0x12f8 iaStorF - ok
10:46:04.0494 0x12f8 [ 4C6DE29AF58AB5387F23A822D834E5E3, 66341E86A1514C07F85A6B1CFF1F402D3D45C67C03A1857E5B42CAC222B9848A ] iaStorS C:\Windows\system32\drivers\iaStorS.sys
10:46:04.0510 0x12f8 iaStorS - ok
10:46:04.0526 0x12f8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:46:04.0526 0x12f8 iaStorV - ok
10:46:04.0541 0x12f8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:46:04.0557 0x12f8 idsvc - ok
10:46:04.0557 0x12f8 IEEtwCollectorService - ok
10:46:04.0572 0x12f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:46:04.0572 0x12f8 iirsp - ok
10:46:04.0572 0x12f8 [ FF604BCE2537A4734DA0CE19AD9B7B7A, E40E87961F46B374122ED2B06E79C575FCFA4D29F95763ADC7E88270D064AFE8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
10:46:04.0588 0x12f8 ikbevent - ok
10:46:04.0604 0x12f8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:46:04.0619 0x12f8 IKEEXT - ok
10:46:04.0619 0x12f8 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
10:46:04.0619 0x12f8 Impcd - ok
10:46:04.0619 0x12f8 [ 298E67827BE3C4403C32EAB66987A334, BE7D95E2BB0D6D60B40966305D0354CA93F773FD2FA2727F1076DC8E162D5EB1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
10:46:04.0635 0x12f8 imsevent - ok
10:46:04.0635 0x12f8 [ 0BBE196EED750C18E5D4B3CB55EB097C, 6A67BF6CD9BBC77034AD1BBDE6FD1DE78440825E317DB7C517BD4D773FEBDA39 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
10:46:04.0635 0x12f8 INETMON - ok
10:46:04.0697 0x12f8 [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:46:04.0760 0x12f8 IntcAzAudAddService - ok
10:46:04.0760 0x12f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:46:04.0760 0x12f8 intelide - ok
10:46:04.0775 0x12f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:46:04.0775 0x12f8 intelppm - ok
10:46:04.0775 0x12f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:46:04.0806 0x12f8 IPBusEnum - ok
10:46:04.0806 0x12f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:04.0822 0x12f8 IpFilterDriver - ok
10:46:04.0838 0x12f8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:46:04.0838 0x1bb8 Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc
10:46:04.0838 0x12f8 iphlpsvc - ok
10:46:04.0853 0x12f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:46:04.0853 0x12f8 IPMIDRV - ok
10:46:04.0853 0x12f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:46:04.0884 0x12f8 IPNAT - ok
10:46:04.0884 0x12f8 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:46:04.0900 0x12f8 iPod Service - ok
10:46:04.0900 0x12f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:46:04.0916 0x12f8 IRENUM - ok
10:46:04.0916 0x12f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:46:04.0916 0x12f8 isapnp - ok
10:46:04.0931 0x12f8 [ AC45D94185CF67267D06BF2F45E9E31E, 737EA8220EC265AF3C61611C2B005D2825E6ABBB19DB934ECA0BCBB88CB42EA9 ] ISASerial C:\Windows\system32\drivers\ISASerial.sys
10:46:04.0931 0x12f8 ISASerial - ok
10:46:04.0931 0x12f8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:46:04.0947 0x12f8 iScsiPrt - ok
10:46:04.0947 0x12f8 [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
10:46:04.0962 0x12f8 ISCT - ok
10:46:04.0962 0x12f8 [ DCE0DC56FAD5017F2F8157900F125D4A, DDD80C3C49419F72F5ECC4004F16DE052FC027B114516CC8C1834975EA4340DB ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
10:46:04.0978 0x12f8 ISCTAgent - ok
10:46:04.0978 0x12f8 [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir C:\Windows\system32\drivers\itecir.sys
10:46:04.0978 0x12f8 itecir - ok
10:46:04.0978 0x12f8 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
10:46:04.0994 0x12f8 iusb3hcs - ok
10:46:04.0994 0x12f8 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:46:05.0009 0x12f8 iusb3hub - ok
10:46:05.0025 0x12f8 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:46:05.0040 0x12f8 iusb3xhc - ok
10:46:05.0040 0x12f8 [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID C:\Windows\system32\drivers\jraid.sys
10:46:05.0040 0x12f8 JRAID - ok
10:46:05.0040 0x12f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:46:05.0056 0x12f8 kbdclass - ok
10:46:05.0056 0x12f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:46:05.0056 0x12f8 kbdhid - ok
10:46:05.0056 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
10:46:05.0072 0x12f8 KeyIso - ok
10:46:05.0072 0x12f8 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:46:05.0072 0x12f8 KSecDD - ok
10:46:05.0087 0x12f8 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:46:05.0087 0x12f8 KSecPkg - ok
10:46:05.0087 0x12f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:46:05.0103 0x12f8 ksthunk - ok
10:46:05.0118 0x12f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:46:05.0150 0x12f8 KtmRm - ok
10:46:05.0150 0x12f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:46:05.0165 0x12f8 LanmanServer - ok
10:46:05.0165 0x12f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:05.0196 0x12f8 LanmanWorkstation - ok
10:46:05.0196 0x12f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:46:05.0212 0x12f8 lltdio - ok
10:46:05.0228 0x12f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:46:05.0243 0x12f8 lltdsvc - ok
10:46:05.0243 0x12f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:46:05.0274 0x12f8 lmhosts - ok
10:46:05.0274 0x12f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:46:05.0274 0x12f8 LSI_FC - ok
10:46:05.0290 0x12f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:46:05.0290 0x12f8 LSI_SAS - ok
10:46:05.0290 0x12f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:46:05.0306 0x12f8 LSI_SAS2 - ok
10:46:05.0306 0x12f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:46:05.0306 0x12f8 LSI_SCSI - ok
10:46:05.0306 0x12f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:46:05.0337 0x12f8 luafv - ok
10:46:05.0337 0x12f8 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:46:05.0352 0x12f8 LVRS64 - ok
10:46:05.0415 0x12f8 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:46:05.0493 0x12f8 LVUVC64 - ok
10:46:05.0493 0x12f8 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:46:05.0508 0x12f8 MBAMProtector - ok
10:46:05.0524 0x12f8 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
10:46:05.0555 0x12f8 MBAMScheduler - ok
10:46:05.0571 0x12f8 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:46:05.0586 0x12f8 MBAMService - ok
10:46:05.0586 0x12f8 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:46:05.0602 0x12f8 MBAMWebAccessControl - ok
10:46:05.0602 0x12f8 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
10:46:05.0602 0x12f8 MBfilt - ok
10:46:05.0602 0x12f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:46:05.0618 0x12f8 Mcx2Svc - ok
10:46:05.0618 0x12f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:46:05.0633 0x12f8 megasas - ok
10:46:05.0633 0x12f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:46:05.0633 0x12f8 MegaSR - ok
10:46:05.0649 0x12f8 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:46:05.0649 0x12f8 MEIx64 - ok
10:46:05.0649 0x12f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:46:05.0664 0x12f8 MMCSS - ok
10:46:05.0680 0x12f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:46:05.0696 0x12f8 Modem - ok
10:46:05.0696 0x12f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:46:05.0711 0x12f8 monitor - ok
10:46:05.0711 0x12f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:46:05.0711 0x12f8 mouclass - ok
10:46:05.0711 0x12f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:46:05.0727 0x12f8 mouhid - ok
10:46:05.0727 0x12f8 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:46:05.0727 0x12f8 mountmgr - ok
10:46:05.0742 0x12f8 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:05.0742 0x12f8 MozillaMaintenance - ok
10:46:05.0742 0x12f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:46:05.0758 0x12f8 mpio - ok
10:46:05.0758 0x12f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:46:05.0774 0x12f8 mpsdrv - ok
10:46:05.0789 0x12f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:46:05.0820 0x12f8 MpsSvc - ok
10:46:05.0820 0x12f8 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:46:05.0836 0x12f8 MRxDAV - ok
10:46:05.0836 0x12f8 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:05.0852 0x12f8 mrxsmb - ok
10:46:05.0852 0x12f8 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:05.0867 0x12f8 mrxsmb10 - ok
10:46:05.0867 0x12f8 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:05.0867 0x12f8 mrxsmb20 - ok
10:46:05.0883 0x12f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:46:05.0883 0x12f8 msahci - ok
10:46:05.0883 0x12f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:46:05.0898 0x12f8 msdsm - ok
10:46:05.0898 0x12f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:46:05.0914 0x12f8 MSDTC - ok
10:46:05.0914 0x12f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:46:05.0930 0x12f8 Msfs - ok
10:46:05.0930 0x12f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:46:05.0945 0x12f8 mshidkmdf - ok
10:46:05.0945 0x12f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:46:05.0961 0x12f8 msisadrv - ok
10:46:05.0961 0x12f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:46:05.0976 0x12f8 MSiSCSI - ok
10:46:05.0976 0x12f8 msiserver - ok
10:46:05.0992 0x12f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:46:06.0008 0x12f8 MSKSSRV - ok
10:46:06.0008 0x12f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:06.0023 0x12f8 MSPCLOCK - ok
10:46:06.0023 0x12f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:46:06.0039 0x12f8 MSPQM - ok
10:46:06.0054 0x12f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:46:06.0070 0x12f8 MsRPC - ok
10:46:06.0070 0x12f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:46:06.0070 0x12f8 mssmbios - ok
10:46:06.0070 0x12f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:46:06.0086 0x12f8 MSTEE - ok
10:46:06.0101 0x12f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:46:06.0101 0x12f8 MTConfig - ok
10:46:06.0101 0x12f8 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\drivers\ASACPI.sys
10:46:06.0117 0x12f8 MTsensor - ok
10:46:06.0117 0x12f8 [ 07AD6825D5C658595CAB7F8F5849401C, 21DEC409C781848B8104CE23E42D3D3DFABE9CC2527C78B1ED9167E063DB1542 ] MtsHID C:\Windows\system32\drivers\MtsHID.sys
10:46:06.0117 0x12f8 MtsHID - ok
10:46:06.0117 0x12f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:46:06.0132 0x12f8 Mup - ok
10:46:06.0132 0x12f8 [ AFA051DA029FA6771746067137654584, 5AFB3B1565C68B84240337E62888191328363C1DC28C923C43BDBC9CFCDB1405 ] mv91cons C:\Windows\system32\drivers\mv91cons.sys
10:46:06.0132 0x12f8 mv91cons - ok
10:46:06.0148 0x12f8 [ D72CFFB7AF56CBB37FD8D6686A33E6C7, 373B2FAE7219413B2BE534839D37F0DCA2CDFF9ED3B358EC1DF7474DAF20E9DC ] mv91xx C:\Windows\system32\drivers\mv91xx.sys
10:46:06.0148 0x12f8 mv91xx - ok
10:46:06.0164 0x12f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:46:06.0195 0x12f8 napagent - ok
10:46:06.0195 0x12f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:46:06.0210 0x12f8 NativeWifiP - ok
10:46:06.0226 0x12f8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:46:06.0242 0x12f8 NDIS - ok
10:46:06.0257 0x12f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:06.0273 0x12f8 NdisCap - ok
10:46:06.0273 0x12f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:06.0288 0x12f8 NdisTapi - ok
10:46:06.0288 0x12f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:06.0304 0x12f8 Ndisuio - ok
10:46:06.0320 0x12f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:06.0335 0x12f8 NdisWan - ok
10:46:06.0335 0x12f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:46:06.0351 0x12f8 NDProxy - ok
10:46:06.0366 0x12f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:46:06.0382 0x12f8 NetBIOS - ok
10:46:06.0382 0x12f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:46:06.0413 0x12f8 NetBT - ok
10:46:06.0413 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
10:46:06.0413 0x12f8 Netlogon - ok
10:46:06.0429 0x12f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:46:06.0444 0x12f8 Netman - ok
10:46:06.0444 0x12f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:06.0460 0x12f8 NetMsmqActivator - ok
10:46:06.0460 0x12f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:06.0476 0x12f8 NetPipeActivator - ok
10:46:06.0476 0x12f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:46:06.0507 0x12f8 netprofm - ok
10:46:06.0507 0x12f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:06.0522 0x12f8 NetTcpActivator - ok
10:46:06.0522 0x12f8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:46:06.0522 0x12f8 NetTcpPortSharing - ok
10:46:06.0522 0x12f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:46:06.0538 0x12f8 nfrd960 - ok
10:46:06.0538 0x12f8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:46:06.0554 0x12f8 NlaSvc - ok
10:46:06.0554 0x12f8 NmPar - ok
10:46:06.0554 0x12f8 nmserial - ok
10:46:06.0554 0x12f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:46:06.0585 0x12f8 Npfs - ok
10:46:06.0585 0x12f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:46:06.0600 0x12f8 nsi - ok
10:46:06.0600 0x12f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:46:06.0616 0x12f8 nsiproxy - ok
10:46:06.0647 0x12f8 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:46:06.0678 0x12f8 Ntfs - ok
10:46:06.0678 0x12f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:46:06.0710 0x12f8 Null - ok
10:46:06.0710 0x12f8 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
10:46:06.0710 0x12f8 nusb3hub - ok
10:46:06.0710 0x12f8 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
10:46:06.0725 0x12f8 nusb3xhc - ok
10:46:06.0725 0x12f8 [ 7FD5C060CB907489A5702F628226F54A, 56101B878DCBFDEF4D5C8BBC6BE0D7710108E651809812BAB876A2E1D4ACB256 ] nvamacpi C:\Windows\system32\drivers\NVAMACPI.sys
10:46:06.0725 0x12f8 nvamacpi - ok
10:46:06.0741 0x12f8 [ 102806B360D0E6BC6E55BF47EF655D43, A0571D4B231568E7C977328C4D4633597B47C05E2668ACDBE2DE01BB46FF872F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:46:06.0741 0x12f8 NVHDA - ok
10:46:06.0897 0x12f8 [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:46:07.0037 0x12f8 nvlddmkm - ok
10:46:07.0084 0x12f8 [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:46:07.0115 0x12f8 NvNetworkService - ok
10:46:07.0115 0x12f8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:46:07.0115 0x12f8 nvraid - ok
10:46:07.0131 0x12f8 [ 694F5E9D9D624D47F432F5B2E66A0528, 5ACE83A62CBBA735D516FD1C603C69A2136132203679D1F3C92AC5266E84DD8C ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
10:46:07.0131 0x12f8 nvrd64 - ok
10:46:07.0131 0x12f8 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
10:46:07.0146 0x12f8 nvsmu - ok
10:46:07.0146 0x12f8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:46:07.0146 0x12f8 nvstor - ok
10:46:07.0162 0x12f8 [ 05DE5DC43AFE6CAB78F9C7CA044CBCBE, 59643F2B07DC964EDCE583CEA6AD81B33CB6D5923C9A5881268E7FCD5700601E ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
10:46:07.0162 0x12f8 nvstor64 - ok
10:46:07.0162 0x12f8 [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:46:07.0178 0x12f8 NvStreamKms - ok
10:46:07.0287 0x12f8 [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
10:46:07.0334 0x1bb8 Object send P2P result: true
10:46:07.0396 0x12f8 NvStreamNetworkSvc - ok
10:46:07.0490 0x12f8 [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
10:46:07.0583 0x12f8 NvStreamSvc - ok
10:46:07.0599 0x12f8 [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:46:07.0614 0x12f8 nvsvc - ok
10:46:07.0630 0x12f8 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:46:07.0630 0x12f8 nvvad_WaveExtensible - ok
10:46:07.0630 0x12f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:46:07.0646 0x12f8 nv_agp - ok
10:46:07.0646 0x12f8 [ 7B372B3C006280BCB8C8C7AFC8C38DF4, 3E5ECF426AEA89EC88AE13B73994DF3B363132106635C23DD898305544D36E57 ] ocz10xx C:\Windows\system32\drivers\ocz10xx.sys
10:46:07.0646 0x12f8 ocz10xx - ok
10:46:07.0661 0x12f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:46:07.0661 0x12f8 ohci1394 - ok
10:46:07.0661 0x12f8 Oxmfuf - ok
10:46:07.0677 0x12f8 [ 00E332D6BF1D15521EFEB5DF1EBFAE3E, DDD263ABF5F240EF1AD85686BD6297465BFD6AD4F775EB64F873EE86CE611DBE ] oxpar C:\Windows\system32\drivers\oxpar.sys
10:46:07.0677 0x12f8 oxpar - ok
10:46:07.0677 0x12f8 [ DC3FA0B732B5EF07C0CDE1682F6D0824, C20923BF74BD632EA56247E438D22A7D1519B63FF26974BCC9DA9255C37318F6 ] OxPPort C:\Windows\system32\drivers\OxPPort.sys
10:46:07.0692 0x12f8 OxPPort - ok
10:46:07.0692 0x12f8 oxser - ok
10:46:07.0692 0x12f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:46:07.0708 0x12f8 p2pimsvc - ok
10:46:07.0708 0x12f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:46:07.0724 0x12f8 p2psvc - ok
10:46:07.0724 0x12f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:46:07.0739 0x12f8 Parport - ok
10:46:07.0739 0x12f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:46:07.0755 0x12f8 partmgr - ok
10:46:07.0755 0x12f8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:46:07.0755 0x12f8 PcaSvc - ok
10:46:07.0770 0x12f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:46:07.0770 0x12f8 pci - ok
10:46:07.0770 0x12f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:46:07.0786 0x12f8 pciide - ok
10:46:07.0786 0x12f8 [ D7C203015E2C2A2EAC8DACEF156D8DC3, FDE6B49A36588C22D92B591576FF1A1D8E60BE11EC3FBE8242FA671CF5A27031 ] PciIsaSerial C:\Windows\system32\drivers\PciIsaSerial.sys
10:46:07.0786 0x12f8 PciIsaSerial - ok
10:46:07.0802 0x12f8 [ 088B509B2F35A3CEE00AC0E0BC4C5BED, BD778FE0BAE72045511F1D66F980749443CC6EE2C3600FD55BD908BCCFD18B24 ] PciPPorts C:\Windows\system32\drivers\PciPPorts.sys
10:46:07.0802 0x12f8 PciPPorts - ok
10:46:07.0802 0x12f8 [ 7F97CDD5E91FC73DA2B01344957AA058, 72A887B477ADBBC9CC7071AF1A62EF3D62B3385B7D817AFE140CEBBA59948B41 ] PciSPorts C:\Windows\system32\drivers\PciSPorts.sys
10:46:07.0817 0x12f8 PciSPorts - ok
10:46:07.0817 0x12f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:46:07.0833 0x12f8 pcmcia - ok
10:46:07.0833 0x12f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:46:07.0833 0x12f8 pcw - ok
10:46:07.0848 0x12f8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:46:07.0864 0x12f8 PEAUTH - ok
10:46:07.0864 0x12f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:46:07.0880 0x12f8 PerfHost - ok
10:46:07.0895 0x12f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:46:07.0942 0x12f8 pla - ok
10:46:07.0942 0x12f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:46:07.0958 0x12f8 PlugPlay - ok
10:46:07.0958 0x12f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:46:07.0973 0x12f8 PNRPAutoReg - ok
10:46:07.0973 0x12f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:46:07.0989 0x12f8 PNRPsvc - ok
10:46:08.0004 0x12f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:46:08.0020 0x12f8 PolicyAgent - ok
10:46:08.0020 0x12f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:46:08.0051 0x12f8 Power - ok
10:46:08.0051 0x12f8 [ 14C04684A25C221EBE2105D169B4B6FF, 7331F3C7419102D1C710310BA82642EA50FDA05AC81D713506A60AAD208C74F8 ] PPorts C:\Windows\system32\drivers\PPorts.sys
10:46:08.0051 0x12f8 PPorts - ok
10:46:08.0067 0x12f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:46:08.0082 0x12f8 PptpMiniport - ok
10:46:08.0082 0x12f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:46:08.0082 0x12f8 Processor - ok
10:46:08.0098 0x12f8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:46:08.0098 0x12f8 ProfSvc - ok
10:46:08.0114 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:08.0114 0x12f8 ProtectedStorage - ok
10:46:08.0114 0x12f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:46:08.0145 0x12f8 Psched - ok
10:46:08.0160 0x12f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:46:08.0192 0x12f8 ql2300 - ok
10:46:08.0192 0x12f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:46:08.0207 0x12f8 ql40xx - ok
10:46:08.0207 0x12f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:46:08.0223 0x12f8 QWAVE - ok
10:46:08.0223 0x12f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:46:08.0238 0x12f8 QWAVEdrv - ok
10:46:08.0238 0x12f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:46:08.0254 0x12f8 RasAcd - ok
10:46:08.0254 0x12f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:08.0270 0x12f8 RasAgileVpn - ok
10:46:08.0285 0x12f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:46:08.0301 0x12f8 RasAuto - ok
10:46:08.0301 0x12f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:08.0316 0x12f8 Rasl2tp - ok
10:46:08.0332 0x12f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:46:08.0348 0x12f8 RasMan - ok
10:46:08.0348 0x12f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:08.0379 0x12f8 RasPppoe - ok
10:46:08.0379 0x12f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:46:08.0394 0x12f8 RasSstp - ok
10:46:08.0410 0x12f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:46:08.0426 0x12f8 rdbss - ok
10:46:08.0426 0x12f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:46:08.0441 0x12f8 rdpbus - ok
10:46:08.0441 0x12f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:08.0457 0x12f8 RDPCDD - ok
10:46:08.0457 0x12f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:46:08.0472 0x12f8 RDPENCDD - ok
10:46:08.0472 0x12f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:46:08.0504 0x12f8 RDPREFMP - ok
10:46:08.0504 0x12f8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:46:08.0519 0x12f8 RDPWD - ok
10:46:08.0519 0x12f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:46:08.0519 0x12f8 rdyboost - ok
10:46:08.0535 0x12f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:46:08.0550 0x12f8 RemoteAccess - ok
10:46:08.0550 0x12f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:46:08.0582 0x12f8 RemoteRegistry - ok
10:46:08.0582 0x12f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:46:08.0597 0x12f8 RpcEptMapper - ok
10:46:08.0597 0x12f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:46:08.0613 0x12f8 RpcLocator - ok
10:46:08.0613 0x12f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:46:08.0644 0x12f8 RpcSs - ok
10:46:08.0644 0x12f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:46:08.0660 0x12f8 rspndr - ok
10:46:08.0675 0x12f8 [ CF1864604344F78C9192D65D4732A689, DD98471FC7EC752A49D24AD089A6A2D5310FB899EC8611235475EC3C1D048AB6 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
10:46:08.0675 0x12f8 RTL2832UBDA - ok
10:46:08.0675 0x12f8 [ CF111A6EF6741F8B4BD229C008F79BA9, BFC7C649AD3B7F8BCA9099F6C6473BA7DF9A73E04B906561E6FA60A78ACF8683 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
10:46:08.0691 0x12f8 RTL2832UUSB - ok
10:46:08.0691 0x12f8 [ 22AB78A109A1703A80F2B98890A42954, 40E5A436B6AD553E76B6D1DB70AA43CD66621F4C2B6C2A1D04746BE2F784E21D ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
10:46:08.0691 0x12f8 RTL2832U_IRHID - ok
10:46:08.0706 0x12f8 [ BD9BA262CF26EFE9A9867EBE32D12164, FF549FA3CC66C31FE228ECEC7649D76DBB577A89B2F6A0EA0BE3D5B7B2EEF9D9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:46:08.0722 0x12f8 RTL8167 - ok
10:46:08.0722 0x12f8 [ ADC93A9B608729C2F9D22505032497B8, A25059D903C82F048670D9E4B1E947C93EB573161D386DE16A0AA45C3893C647 ] rusb3hub C:\Windows\system32\drivers\rusb3hub.sys
10:46:08.0738 0x12f8 rusb3hub - ok
10:46:08.0738 0x12f8 [ 0F9CF3CA4D93BE07FE2989766597AF41, D7C712738453D3494DAB4641DA8107B3B99F316FE2EDE768773BDD0F58D25DA4 ] rusb3xhc C:\Windows\system32\drivers\rusb3xhc.sys
10:46:08.0753 0x12f8 rusb3xhc - ok
10:46:08.0753 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
10:46:08.0753 0x12f8 SamSs - ok
10:46:08.0753 0x12f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:46:08.0769 0x12f8 sbp2port - ok
10:46:08.0769 0x12f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:46:08.0800 0x12f8 SCardSvr - ok
10:46:08.0800 0x12f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:46:08.0816 0x12f8 scfilter - ok
10:46:08.0831 0x12f8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:46:08.0847 0x12f8 Schedule - ok
10:46:08.0862 0x12f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:46:08.0878 0x12f8 SCPolicySvc - ok
10:46:08.0878 0x12f8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:46:08.0894 0x12f8 sdbus - ok
10:46:08.0894 0x12f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:46:08.0909 0x12f8 SDRSVC - ok
10:46:08.0909 0x12f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:46:08.0909 0x12f8 secdrv - ok
10:46:08.0909 0x12f8 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:46:08.0925 0x12f8 seclogon - ok
10:46:08.0925 0x12f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:46:08.0940 0x12f8 SENS - ok
10:46:08.0940 0x12f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:46:08.0956 0x12f8 SensrSvc - ok
10:46:08.0956 0x12f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:46:08.0972 0x12f8 Serenum - ok
10:46:08.0972 0x12f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:46:08.0972 0x12f8 Serial - ok
10:46:08.0972 0x12f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:46:08.0987 0x12f8 sermouse - ok
10:46:08.0987 0x12f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:46:09.0003 0x12f8 SessionEnv - ok
10:46:09.0018 0x12f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:46:09.0018 0x12f8 sffdisk - ok
10:46:09.0018 0x12f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:46:09.0034 0x12f8 sffp_mmc - ok
10:46:09.0034 0x12f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:46:09.0034 0x12f8 sffp_sd - ok
10:46:09.0034 0x12f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:46:09.0050 0x12f8 sfloppy - ok
10:46:09.0050 0x12f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:46:09.0081 0x12f8 SharedAccess - ok
10:46:09.0081 0x12f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:09.0112 0x12f8 ShellHWDetection - ok
10:46:09.0112 0x12f8 [ DA492C8305434EC6F9BDD60C8B83B10E, 572C5A1F77E0644B4EB2EAC89C141869F071748CA5BB33F846D284C545166A35 ] Si3124r5 C:\Windows\system32\drivers\Si3124r5.sys
10:46:09.0128 0x12f8 Si3124r5 - ok
10:46:09.0128 0x12f8 [ 8D10887A1699CF61E74467694B929B09, 096A1284092B0002B1405485690C7FC05D9A0FA8809D04327FA2BDEAECA2D199 ] SiFilter C:\Windows\system32\drivers\SiWinAcc.sys
10:46:09.0128 0x12f8 SiFilter - ok
10:46:09.0143 0x12f8 [ 94E1EDA9A0B305A67EE1BBD0A68CE21A, 1EC0E459117100F8C8C325DD4CE2250D51D44B36E5C46FE598A319C353499524 ] SiRemFil C:\Windows\system32\drivers\SiRemFil.sys
10:46:09.0143 0x12f8 SiRemFil - ok
10:46:09.0143 0x12f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:46:09.0143 0x12f8 SiSRaid2 - ok
10:46:09.0159 0x12f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:46:09.0159 0x12f8 SiSRaid4 - ok
10:46:09.0174 0x12f8 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:46:09.0174 0x12f8 SkypeUpdate - ok
10:46:09.0190 0x12f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:46:09.0206 0x12f8 Smb - ok
10:46:09.0206 0x12f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:46:09.0221 0x12f8 SNMPTRAP - ok
10:46:09.0221 0x12f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:46:09.0221 0x12f8 spldr - ok
10:46:09.0237 0x12f8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:46:09.0252 0x12f8 Spooler - ok
10:46:09.0252 0x12f8 [ 739C2571867F351167D1D958990E9D84, 0560C2E7FF35790D1B64E9D736DEEA22B4C194809E1435A60FCFA466B19B63B0 ] SPorts C:\Windows\system32\drivers\SPorts.sys
10:46:09.0252 0x12f8 SPorts - ok
10:46:09.0299 0x12f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:46:09.0377 0x12f8 sppsvc - ok
10:46:09.0377 0x12f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:46:09.0393 0x12f8 sppuinotify - ok
10:46:09.0408 0x12f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:46:09.0424 0x12f8 srv - ok
10:46:09.0424 0x12f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:46:09.0440 0x12f8 srv2 - ok
10:46:09.0440 0x12f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:46:09.0455 0x12f8 srvnet - ok
10:46:09.0455 0x12f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:46:09.0471 0x12f8 SSDPSRV - ok
10:46:09.0486 0x12f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:46:09.0502 0x12f8 SstpSvc - ok
10:46:09.0518 0x12f8 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:46:09.0533 0x12f8 Steam Client Service - ok
10:46:09.0549 0x12f8 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:46:09.0549 0x12f8 Stereo Service - ok
10:46:09.0549 0x12f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:46:09.0564 0x12f8 stexstor - ok
10:46:09.0564 0x12f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:46:09.0596 0x12f8 stisvc - ok
10:46:09.0596 0x12f8 [ 335AB4A483C5318182DCEC4EDAE08112, 48A5B188E4BBDF47C424BC07843AFA764A9764FE957375746BBD324749D2FBDA ] StnPport C:\Windows\system32\drivers\StnPport.sys
10:46:09.0596 0x12f8 StnPport - ok
10:46:09.0596 0x12f8 [ 922E545E81C50E8D4A5D327B907D67FE, 035D7239B995F429A7FCAFA207DB102ED74B902B1AEEB585F8D6EEDB13CA6E13 ] StnSport C:\Windows\system32\drivers\StnSport.sys
10:46:09.0611 0x12f8 StnSport - ok
10:46:09.0611 0x12f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:46:09.0611 0x12f8 swenum - ok
10:46:09.0627 0x12f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:46:09.0658 0x12f8 swprv - ok
10:46:09.0674 0x12f8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:46:09.0705 0x12f8 SysMain - ok
10:46:09.0720 0x12f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:09.0720 0x12f8 TabletInputService - ok
10:46:09.0736 0x12f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:46:09.0752 0x12f8 TapiSrv - ok
10:46:09.0752 0x12f8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:46:09.0783 0x12f8 TBS - ok
10:46:09.0814 0x12f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:46:09.0845 0x12f8 Tcpip - ok
10:46:09.0876 0x12f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:46:09.0908 0x12f8 TCPIP6 - ok
10:46:09.0908 0x12f8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:46:09.0908 0x12f8 tcpipreg - ok
10:46:09.0908 0x12f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:46:09.0923 0x12f8 TDPIPE - ok
10:46:09.0923 0x12f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:46:09.0923 0x12f8 TDTCP - ok
10:46:09.0939 0x12f8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:46:09.0939 0x12f8 tdx - ok
10:46:09.0939 0x12f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:46:09.0954 0x12f8 TermDD - ok
10:46:09.0970 0x12f8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:46:09.0986 0x12f8 TermService - ok
10:46:09.0986 0x12f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:46:09.0986 0x12f8 Themes - ok
10:46:10.0001 0x12f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:46:10.0017 0x12f8 THREADORDER - ok
10:46:10.0017 0x12f8 [ 68FE3D89829E27D4FD5EEA7BD2C41985, DCA9187F7480B4363BB57F604CC0172E03E50216CF9CF79CE5D053C6B60564E0 ] tihub3 C:\Windows\system32\drivers\tihub3.sys
10:46:10.0032 0x12f8 tihub3 - ok
10:46:10.0032 0x12f8 [ 0102C9633CE1F18A6AC021F28B734DB5, 247F8971739B62728D18B1D07F4B2BCFA4C873F38E978FE4D3F77CF3120AB584 ] tixhci C:\Windows\system32\drivers\tixhci.sys
10:46:10.0048 0x12f8 tixhci - ok
10:46:10.0048 0x12f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:46:10.0064 0x12f8 TrkWks - ok
10:46:10.0079 0x12f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:10.0095 0x12f8 TrustedInstaller - ok
10:46:10.0095 0x12f8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:10.0110 0x12f8 tssecsrv - ok
10:46:10.0110 0x12f8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:46:10.0110 0x12f8 TsUsbFlt - ok
10:46:10.0110 0x12f8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:46:10.0126 0x12f8 TsUsbGD - ok
10:46:10.0126 0x12f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:46:10.0142 0x12f8 tunnel - ok
10:46:10.0142 0x12f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:46:10.0157 0x12f8 uagp35 - ok
10:46:10.0157 0x12f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:46:10.0188 0x12f8 udfs - ok
10:46:10.0188 0x12f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:46:10.0204 0x12f8 UI0Detect - ok
10:46:10.0204 0x12f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:46:10.0204 0x12f8 uliagpkx - ok
10:46:10.0204 0x12f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:46:10.0220 0x12f8 umbus - ok
10:46:10.0220 0x12f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:46:10.0220 0x12f8 UmPass - ok
10:46:10.0235 0x12f8 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:46:10.0251 0x12f8 UMVPFSrv - ok
10:46:10.0251 0x12f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:46:10.0282 0x12f8 upnphost - ok
10:46:10.0282 0x12f8 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:46:10.0282 0x12f8 USBAAPL64 - ok
10:46:10.0282 0x12f8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:46:10.0298 0x12f8 usbaudio - ok
10:46:10.0298 0x12f8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:10.0313 0x12f8 usbccgp - ok
10:46:10.0313 0x12f8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:46:10.0313 0x12f8 usbcir - ok
10:46:10.0313 0x12f8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:46:10.0329 0x12f8 usbehci - ok
10:46:10.0329 0x12f8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:46:10.0344 0x12f8 usbhub - ok
10:46:10.0344 0x12f8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:46:10.0360 0x12f8 usbohci - ok
10:46:10.0360 0x12f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:46:10.0360 0x12f8 usbprint - ok
10:46:10.0360 0x12f8 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
10:46:10.0376 0x12f8 USBSTOR - ok
10:46:10.0376 0x12f8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:46:10.0376 0x12f8 usbuhci - ok
10:46:10.0391 0x12f8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:46:10.0391 0x12f8 usb_rndisx - ok
10:46:10.0391 0x12f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:46:10.0407 0x12f8 UxSms - ok
10:46:10.0422 0x12f8 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
10:46:10.0422 0x12f8 VaultSvc - ok
10:46:10.0422 0x12f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:46:10.0438 0x12f8 vdrvroot - ok
10:46:10.0438 0x12f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:46:10.0469 0x12f8 vds - ok
10:46:10.0469 0x12f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:10.0485 0x12f8 vga - ok
10:46:10.0485 0x12f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:46:10.0500 0x12f8 VgaSave - ok
10:46:10.0500 0x12f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:46:10.0516 0x12f8 vhdmp - ok
10:46:10.0516 0x12f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:46:10.0516 0x12f8 viaide - ok
10:46:10.0516 0x12f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:46:10.0532 0x12f8 volmgr - ok
10:46:10.0532 0x12f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:46:10.0547 0x12f8 volmgrx - ok
10:46:10.0547 0x12f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:46:10.0563 0x12f8 volsnap - ok
10:46:10.0563 0x12f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:46:10.0578 0x12f8 vsmraid - ok
10:46:10.0594 0x12f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:46:10.0641 0x12f8 VSS - ok
10:46:10.0641 0x12f8 [ 5BE34BFADE20FF6C154B4663605B6212, 810F7956588F1A177FEE9C4D45C834954122BB9429D7E915D7F6F8EA3DA9802A ] VUSB3HUB C:\Windows\system32\drivers\ViaHub3.sys
10:46:10.0656 0x12f8 VUSB3HUB - ok
10:46:10.0656 0x12f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:46:10.0656 0x12f8 vwifibus - ok
10:46:10.0672 0x12f8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:10.0672 0x12f8 vwififlt - ok
10:46:10.0672 0x12f8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:46:10.0688 0x12f8 vwifimp - ok
10:46:10.0688 0x12f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:46:10.0719 0x12f8 W32Time - ok
10:46:10.0719 0x12f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:46:10.0734 0x12f8 WacomPen - ok
10:46:10.0734 0x12f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:46:10.0750 0x12f8 WANARP - ok
10:46:10.0750 0x12f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:46:10.0766 0x12f8 Wanarpv6 - ok
10:46:10.0797 0x12f8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:46:10.0812 0x12f8 WatAdminSvc - ok
10:46:10.0844 0x12f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:46:10.0859 0x12f8 wbengine - ok
10:46:10.0875 0x12f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:46:10.0890 0x12f8 WbioSrvc - ok
10:46:10.0890 0x12f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:46:10.0906 0x12f8 wcncsvc - ok
10:46:10.0906 0x12f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:10.0922 0x12f8 WcsPlugInService - ok
10:46:10.0922 0x12f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:46:10.0922 0x12f8 Wd - ok
10:46:10.0937 0x12f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:46:10.0953 0x12f8 Wdf01000 - ok
10:46:10.0968 0x12f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:46:10.0968 0x12f8 WdiServiceHost - ok
10:46:10.0968 0x12f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:46:10.0984 0x12f8 WdiSystemHost - ok
10:46:10.0984 0x12f8 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:46:11.0000 0x12f8 WebClient - ok
10:46:11.0000 0x12f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:46:11.0015 0x12f8 Wecsvc - ok
10:46:11.0031 0x12f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:46:11.0046 0x12f8 wercplsupport - ok
10:46:11.0046 0x12f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:46:11.0078 0x12f8 WerSvc - ok
10:46:11.0078 0x12f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:11.0093 0x12f8 WfpLwf - ok
10:46:11.0093 0x12f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:46:11.0093 0x12f8 WIMMount - ok
10:46:11.0109 0x12f8 WinDefend - ok
10:46:11.0109 0x12f8 WinHttpAutoProxySvc - ok
10:46:11.0109 0x12f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:46:11.0140 0x12f8 Winmgmt - ok
10:46:11.0172 0x12f8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:46:11.0203 0x12f8 WinRM - ok
10:46:11.0203 0x12f8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:46:11.0219 0x12f8 WinUsb - ok
10:46:11.0235 0x12f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:46:11.0250 0x12f8 Wlansvc - ok
10:46:11.0250 0x12f8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:46:11.0266 0x12f8 wlcrasvc - ok
10:46:11.0297 0x12f8 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:46:11.0328 0x12f8 wlidsvc - ok
10:46:11.0328 0x12f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:46:11.0344 0x12f8 WmiAcpi - ok
10:46:11.0344 0x12f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:46:11.0359 0x12f8 wmiApSrv - ok
10:46:11.0359 0x12f8 WMPNetworkSvc - ok
10:46:11.0359 0x12f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:46:11.0375 0x12f8 WPCSvc - ok
10:46:11.0375 0x12f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:46:11.0375 0x12f8 WPDBusEnum - ok
10:46:11.0391 0x12f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:46:11.0406 0x12f8 ws2ifsl - ok
10:46:11.0406 0x12f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:46:11.0422 0x12f8 wscsvc - ok
10:46:11.0422 0x12f8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:46:11.0422 0x12f8 WSDPrintDevice - ok
10:46:11.0437 0x12f8 WSearch - ok
10:46:11.0469 0x12f8 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
10:46:11.0515 0x12f8 wuauserv - ok
10:46:11.0515 0x12f8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:46:11.0515 0x12f8 WudfPf - ok
10:46:11.0531 0x12f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:11.0531 0x12f8 WUDFRd - ok
10:46:11.0547 0x12f8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:46:11.0547 0x12f8 wudfsvc - ok
10:46:11.0547 0x12f8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:46:11.0562 0x12f8 WwanSvc - ok
10:46:11.0562 0x12f8 [ 109B6F1888845661D19B7A458776D5D1, 526F9655480726345A4E3395EC841BAFB25AFF7AD84C51AD2A6BBA9605BD26FD ] xhcdrv C:\Windows\system32\drivers\xhcdrv.sys
10:46:11.0578 0x12f8 xhcdrv - ok
10:46:11.0578 0x12f8 ================ Scan global ===============================
10:46:11.0593 0x12f8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:46:11.0593 0x12f8 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:46:11.0593 0x12f8 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:46:11.0609 0x12f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:46:11.0609 0x12f8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:46:11.0609 0x12f8 [ Global ] - ok
10:46:11.0609 0x12f8 ================ Scan MBR ==================================
10:46:11.0625 0x12f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:11.0687 0x12f8 \Device\Harddisk0\DR0 - ok
10:46:11.0687 0x12f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:46:12.0172 0x12f8 \Device\Harddisk1\DR1 - ok
10:46:12.0172 0x12f8 ================ Scan VBR ==================================
10:46:12.0172 0x12f8 [ FBBFE800E056193778E0ACA1A30859A9 ] \Device\Harddisk0\DR0\Partition1
10:46:12.0172 0x12f8 \Device\Harddisk0\DR0\Partition1 - ok
10:46:12.0172 0x12f8 [ F34D03E428B3CEF11E258A6D232FD3AB ] \Device\Harddisk1\DR1\Partition1
10:46:12.0234 0x12f8 \Device\Harddisk1\DR1\Partition1 - ok
10:46:12.0250 0x12f8 ================ Scan generic autorun ======================
10:46:12.0328 0x12f8 [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:46:12.0437 0x12f8 RTHDVCPL - ok
10:46:12.0484 0x12f8 [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:46:12.0515 0x12f8 NvBackend - ok
10:46:12.0530 0x12f8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:46:12.0530 0x12f8 ShadowPlay - ok
10:46:12.0530 0x12f8 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
10:46:12.0546 0x12f8 iTunesHelper - ok
10:46:12.0624 0x12f8 [ 614AD0BC23DC9DF1F345E7F24060C30D, C59A7EBDCCE6AB4D23A943858F2A425D384A5158C990959D549765F80F2CF457 ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
10:46:12.0718 0x12f8 ISCT Tray - ok
10:46:12.0858 0x12f8 [ 0467E315A8C2632A9506D6D791A54E81, 9C85BEB5037B20CC309956274DDC1916E4A4177716C7D05EF46A0B6D0501AE14 ] c:\program files\emsisoft anti-malware\a2guard.exe
10:46:12.0983 0x12f8 emsisoft anti-malware - ok
10:46:13.0014 0x12f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:13.0045 0x12f8 Sidebar - ok
10:46:13.0045 0x12f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:13.0045 0x12f8 mctadmin - ok
10:46:13.0076 0x12f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:13.0092 0x12f8 Sidebar - ok
10:46:13.0092 0x12f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:13.0108 0x12f8 mctadmin - ok
10:46:13.0295 0x12f8 [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
10:46:13.0357 0x12f8 Steam - ok
10:46:13.0498 0x12f8 [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
10:46:13.0638 0x12f8 CCleaner Monitoring - ok
10:46:13.0669 0x12f8 [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:46:13.0700 0x12f8 MyDriveConnect.exe - ok
10:46:13.0732 0x12f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:13.0747 0x12f8 Sidebar - ok
10:46:13.0747 0x12f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:13.0763 0x12f8 mctadmin - ok
10:46:13.0903 0x12f8 [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
10:46:14.0012 0x12f8 CCleaner Monitoring - ok
10:46:14.0059 0x12f8 [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:46:14.0090 0x12f8 MyDriveConnect.exe - ok
10:46:14.0090 0x12f8 Waiting for KSN requests completion. In queue: 320
10:46:15.0104 0x12f8 Waiting for KSN requests completion. In queue: 14
10:46:16.0118 0x12f8 Waiting for KSN requests completion. In queue: 14
10:46:16.0446 0x1024 Object required for P2P: [ 614AD0BC23DC9DF1F345E7F24060C30D ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
10:46:17.0132 0x12f8 Waiting for KSN requests completion. In queue: 13
10:46:18.0146 0x12f8 Waiting for KSN requests completion. In queue: 13
10:46:18.0989 0x1024 Object send P2P result: true
10:46:18.0989 0x1024 Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
10:46:19.0160 0x12f8 Waiting for KSN requests completion. In queue: 5
10:46:20.0174 0x12f8 Waiting for KSN requests completion. In queue: 5
10:46:21.0188 0x12f8 Waiting for KSN requests completion. In queue: 5
10:46:21.0454 0x1024 Object send P2P result: true
10:46:21.0454 0x1024 Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
10:46:22.0202 0x12f8 Waiting for KSN requests completion. In queue: 4
10:46:23.0216 0x12f8 Waiting for KSN requests completion. In queue: 4
10:46:23.0934 0x1024 Object send P2P result: true
10:46:23.0934 0x1024 Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
10:46:24.0230 0x12f8 Waiting for KSN requests completion. In queue: 3
10:46:25.0244 0x12f8 Waiting for KSN requests completion. In queue: 3
10:46:26.0258 0x12f8 Waiting for KSN requests completion. In queue: 3
10:46:26.0555 0x1024 Object send P2P result: true
10:46:26.0555 0x1024 Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:46:27.0272 0x12f8 Waiting for KSN requests completion. In queue: 2
10:46:28.0286 0x12f8 Waiting for KSN requests completion. In queue: 2
10:46:29.0020 0x1024 Object send P2P result: true
10:46:29.0020 0x1024 Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:46:29.0300 0x12f8 Waiting for KSN requests completion. In queue: 1
10:46:30.0314 0x12f8 Waiting for KSN requests completion. In queue: 1
10:46:31.0328 0x12f8 Waiting for KSN requests completion. In queue: 1
10:46:31.0484 0x1024 Object send P2P result: true
10:46:32.0342 0x12f8 AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 11.5.1.6247 ), 0x41000 ( enabled : updated )
10:46:32.0358 0x12f8 Win FW state via NFP2: enabled ( trusted )
10:46:34.0807 0x12f8 ============================================================
10:46:34.0807 0x12f8 Scan finished
10:46:34.0807 0x12f8 ============================================================

Alt 22.03.2016, 11:13   #5
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Rest log-file TDSS
============================================================
10:46:34.0807 0x18a0 Detected object count: 0
10:46:34.0807 0x18a0 Actual detected object count: 0
10:49:49.0761 0x1684 ============================================================
10:49:49.0761 0x1684 Scan started
10:49:49.0761 0x1684 Mode: Manual; SigCheck; TDLFS;
10:49:49.0761 0x1684 ============================================================
10:49:49.0761 0x1684 KSN ping started
10:49:52.0132 0x1684 KSN ping finished: true
10:49:52.0647 0x1684 ================ Scan system memory ========================
10:49:52.0647 0x1684 System memory - ok
10:49:52.0647 0x1684 ================ Scan services =============================
10:49:52.0662 0x1684 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:49:52.0678 0x1684 1394ohci - ok
10:49:52.0834 0x1684 [ E13222F715AA93C545264D7D3E28FBDD, 960EF0AF02579B2320EA885557DCA62400BA047E332D3ECC500ECD195A0E8136 ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
10:49:52.0990 0x1684 a2AntiMalware - ok
10:49:53.0005 0x1684 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:49:53.0021 0x1684 ACPI - ok
10:49:53.0021 0x1684 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:49:53.0037 0x1684 AcpiPmi - ok
10:49:53.0037 0x1684 [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:49:53.0052 0x1684 AdobeFlashPlayerUpdateSvc - ok
10:49:53.0052 0x1684 Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc
10:49:55.0501 0x1684 Object send P2P result: true
10:49:55.0517 0x1684 [ 132190688D8E51D61F88A150D7DF9FB4, 76E1C520CCA50509AD60B7257099855674E4BB8E63CE933A0B53C7A8DCAE55C9 ] adp3132 C:\Windows\system32\drivers\adp3132.sys
10:49:55.0517 0x1684 adp3132 - ok
10:49:55.0533 0x1684 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:49:55.0548 0x1684 adp94xx - ok
10:49:55.0548 0x1684 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:49:55.0564 0x1684 adpahci - ok
10:49:55.0564 0x1684 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:49:55.0579 0x1684 adpu320 - ok
10:49:55.0579 0x1684 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:49:55.0579 0x1684 AeLookupSvc - ok
10:49:55.0595 0x1684 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:49:55.0611 0x1684 AFD - ok
10:49:55.0611 0x1684 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:49:55.0611 0x1684 agp440 - ok
10:49:55.0626 0x1684 [ EE6DAD59BB40168BA61964E111CED923, AE9E71DD328B96C7DBD18913906D50131A6964314C4847A006959C4907837C95 ] ahcix64s C:\Windows\system32\drivers\ahcix64s.sys
10:49:55.0626 0x1684 ahcix64s - ok
10:49:55.0642 0x1684 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:49:55.0642 0x1684 ALG - ok
10:49:55.0642 0x1684 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:49:55.0657 0x1684 aliide - ok
10:49:55.0657 0x1684 [ D39CB7B4BB3A46BC84AD0CC1B8261FB8, 047DF172B42A536871E30E697A209BDC100615B4422ADAF958D0475412EA6E4D ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
10:49:55.0657 0x1684 amdhub30 - ok
10:49:55.0657 0x1684 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:49:55.0673 0x1684 amdide - ok
10:49:55.0673 0x1684 [ 0DB2DF2B692A3F70443FD14D7920F249, 2B567735CF07D2386E65A17801890C98379322DE08CA2B43CA8C33466552BE92 ] amdide64 C:\Windows\system32\drivers\amdide64.sys
10:49:55.0673 0x1684 amdide64 - ok
10:49:55.0673 0x1684 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:49:55.0689 0x1684 AmdK8 - ok
10:49:55.0689 0x1684 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:49:55.0704 0x1684 AmdPPM - ok
10:49:55.0704 0x1684 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:49:55.0704 0x1684 amdsata - ok
10:49:55.0720 0x1684 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:49:55.0720 0x1684 amdsbs - ok
10:49:55.0720 0x1684 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:49:55.0735 0x1684 amdxata - ok
10:49:55.0735 0x1684 [ 990E896740E42C6B88284AFD1799AA56, 600556B41A272588D58AB0D552AD903BD0BF5CFB9CB2F5D966E0AD5EA5F2A3F8 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
10:49:55.0735 0x1684 amdxhc - ok
10:49:55.0751 0x1684 [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
10:49:55.0751 0x1684 amd_sata - ok
10:49:55.0751 0x1684 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
10:49:55.0751 0x1684 amd_xata - ok
10:49:55.0767 0x1684 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
10:49:55.0767 0x1684 AppID - ok
10:49:55.0767 0x1684 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:49:55.0782 0x1684 AppIDSvc - ok
10:49:55.0782 0x1684 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
10:49:55.0782 0x1684 Appinfo - ok
10:49:55.0798 0x1684 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:49:55.0798 0x1684 Apple Mobile Device Service - ok
10:49:55.0798 0x1684 [ D73AAD4946051D074909FDFD34D94C7B, F959C1E63EAFF88C9F15F71607DF1B604981AA75AE3C0D33F6EBBFB452F634CD ] arc C:\Windows\system32\drivers\arc.sys
10:49:55.0813 0x1684 arc - ok
10:49:55.0813 0x1684 [ 46E8C3EB03224A1E55C6F0C100A9D2CC, 7CF7A92942117D45345C5324E1ADA5AD77EECF36C4AA63339E676D72D7624F01 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:49:55.0813 0x1684 arcsas - ok
10:49:55.0813 0x1684 [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64 C:\Windows\system32\drivers\asahci64.sys
10:49:55.0829 0x1684 asahci64 - ok
10:49:55.0829 0x1684 [ 7F0DB399731DAA70042D094D2C11DDCA, 8BBFAC6A636CF86D24355D614B17CBB77343AD286EDD4D841943B9E0D1DDC704 ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
10:49:55.0829 0x1684 asmthub3 - ok
10:49:55.0845 0x1684 [ 49DB39B0A504779B0D89555F684BA84E, 961245D9C9EFD08A90AB178A2B8A333445B8F83D2FE9762B41456A06F4753E6D ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
10:49:55.0860 0x1684 asmtxhci - ok
10:49:55.0860 0x1684 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:49:55.0860 0x1684 aspnet_state - ok
10:49:55.0876 0x1684 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:49:55.0891 0x1684 AsyncMac - ok
10:49:55.0891 0x1684 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:49:55.0891 0x1684 atapi - ok
10:49:55.0923 0x1684 [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
10:49:55.0954 0x1684 athur - ok
10:49:55.0969 0x1684 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:49:55.0985 0x1684 AudioEndpointBuilder - ok
10:49:56.0001 0x1684 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:49:56.0016 0x1684 AudioSrv - ok
10:49:56.0016 0x1684 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:49:56.0032 0x1684 AxInstSV - ok
10:49:56.0032 0x1684 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:49:56.0047 0x1684 b06bdrv - ok
10:49:56.0047 0x1684 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:49:56.0063 0x1684 b57nd60a - ok
10:49:56.0063 0x1684 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:49:56.0079 0x1684 BDESVC - ok
10:49:56.0079 0x1684 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:49:56.0094 0x1684 Beep - ok
10:49:56.0110 0x1684 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:49:56.0125 0x1684 BFE - ok
10:49:56.0141 0x1684 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:49:56.0172 0x1684 BITS - ok
10:49:56.0172 0x1684 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:49:56.0172 0x1684 blbdrive - ok
10:49:56.0172 0x1684 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:49:56.0188 0x1684 bowser - ok
10:49:56.0188 0x1684 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:49:56.0203 0x1684 BrFiltLo - ok
10:49:56.0203 0x1684 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:49:56.0203 0x1684 BrFiltUp - ok
10:49:56.0203 0x1684 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:49:56.0219 0x1684 Browser - ok
10:49:56.0219 0x1684 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:49:56.0235 0x1684 Brserid - ok
10:49:56.0235 0x1684 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:49:56.0250 0x1684 BrSerWdm - ok
10:49:56.0250 0x1684 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:49:56.0250 0x1684 BrUsbMdm - ok
10:49:56.0266 0x1684 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:49:56.0266 0x1684 BrUsbSer - ok
10:49:56.0266 0x1684 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:49:56.0281 0x1684 BTHMODEM - ok
10:49:56.0281 0x1684 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:49:56.0297 0x1684 bthserv - ok
10:49:56.0297 0x1684 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:49:56.0328 0x1684 cdfs - ok
10:49:56.0328 0x1684 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:49:56.0344 0x1684 cdrom - ok
10:49:56.0344 0x1684 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:49:56.0359 0x1684 CertPropSvc - ok
10:49:56.0359 0x1684 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:49:56.0375 0x1684 circlass - ok
10:49:56.0375 0x1684 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:49:56.0391 0x1684 CLFS - ok
10:49:56.0391 0x1684 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:49:56.0406 0x1684 clr_optimization_v2.0.50727_32 - ok
10:49:56.0406 0x1684 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:49:56.0406 0x1684 clr_optimization_v2.0.50727_64 - ok
10:49:56.0422 0x1684 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:49:56.0422 0x1684 clr_optimization_v4.0.30319_32 - ok
10:49:56.0422 0x1684 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:49:56.0437 0x1684 clr_optimization_v4.0.30319_64 - ok
10:49:56.0437 0x1684 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:49:56.0437 0x1684 CmBatt - ok
10:49:56.0453 0x1684 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:49:56.0453 0x1684 cmdide - ok
10:49:56.0453 0x1684 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
10:49:56.0469 0x1684 CNG - ok
10:49:56.0484 0x1684 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:49:56.0484 0x1684 Compbatt - ok
10:49:56.0484 0x1684 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:49:56.0500 0x1684 CompositeBus - ok
10:49:56.0500 0x1684 COMSysApp - ok
10:49:56.0500 0x1684 cpuz134 - ok
10:49:56.0500 0x1684 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:49:56.0500 0x1684 crcdisk - ok
10:49:56.0515 0x1684 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:49:56.0515 0x1684 CryptSvc - ok
10:49:56.0531 0x1684 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:49:56.0562 0x1684 DcomLaunch - ok
10:49:56.0562 0x1684 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:49:56.0593 0x1684 defragsvc - ok
10:49:56.0593 0x1684 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:49:56.0609 0x1684 DfsC - ok
10:49:56.0609 0x1684 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:49:56.0625 0x1684 Dhcp - ok
10:49:56.0656 0x1684 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
10:49:56.0671 0x1684 DiagTrack - ok
10:49:56.0671 0x1684 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:49:56.0703 0x1684 discache - ok
10:49:56.0703 0x1684 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:49:56.0703 0x1684 Disk - ok
10:49:56.0703 0x1684 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:49:56.0718 0x1684 Dnscache - ok
10:49:56.0718 0x1684 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:49:56.0749 0x1684 dot3svc - ok
10:49:56.0749 0x1684 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:49:56.0765 0x1684 DPS - ok
10:49:56.0781 0x1684 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:49:56.0781 0x1684 drmkaud - ok
10:49:56.0796 0x1684 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:49:56.0812 0x1684 DXGKrnl - ok
10:49:56.0812 0x1684 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:49:56.0843 0x1684 EapHost - ok
10:49:56.0890 0x1684 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:49:56.0937 0x1684 ebdrv - ok
10:49:56.0937 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
10:49:56.0952 0x1684 EFS - ok
10:49:56.0952 0x1684 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:49:56.0968 0x1684 ehRecvr - ok
10:49:56.0983 0x1684 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:49:56.0983 0x1684 ehSched - ok
10:49:56.0999 0x1684 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:49:57.0015 0x1684 elxstor - ok
10:49:57.0015 0x1684 [ B6A7D3B49CA93FC0AECAC7C911E81F1E, 75245217F86F6BFC94C929EF7295D1C2D3A42B3A5161E8D85599812AD7CC723D ] epp C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys
10:49:57.0030 0x1684 epp - ok
10:49:57.0030 0x1684 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:49:57.0030 0x1684 ErrDev - ok
10:49:57.0030 0x1684 [ 21023B3FF378D73A3483134DFD061246, 7570F2ABFEDEA6FF5E6BA5B0281DA17A6AB5A110256B03CBBBB9EA7C95F67591 ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
10:49:57.0046 0x1684 EtronHub3 - ok
10:49:57.0046 0x1684 [ 8D77B1E4ABAB5243172C24159D14E0F2, 351EC99EF9AB4F7FF324D92E27CBBE0F0FC736AF79C9BC325D782BE7BF7195DC ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
10:49:57.0046 0x1684 EtronXHCI - ok
10:49:57.0061 0x1684 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:49:57.0093 0x1684 EventSystem - ok
10:49:57.0093 0x1684 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:49:57.0108 0x1684 exfat - ok
10:49:57.0124 0x1684 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:49:57.0139 0x1684 fastfat - ok
10:49:57.0155 0x1684 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:49:57.0171 0x1684 Fax - ok
10:49:57.0171 0x1684 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:49:57.0171 0x1684 fdc - ok
10:49:57.0171 0x1684 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:49:57.0202 0x1684 fdPHost - ok
10:49:57.0202 0x1684 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:49:57.0217 0x1684 FDResPub - ok
10:49:57.0217 0x1684 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:49:57.0233 0x1684 FileInfo - ok
10:49:57.0233 0x1684 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:49:57.0249 0x1684 Filetrace - ok
10:49:57.0249 0x1684 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:49:57.0249 0x1684 flpydisk - ok
10:49:57.0264 0x1684 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:49:57.0264 0x1684 FltMgr - ok
10:49:57.0280 0x1684 [ F82F68BE29096C552CA25511F08005E7, D64B53BC94ACCD0502A0BF311826943D80D513279E5C3EF3BA89E2CE186470D2 ] FLxHCIc C:\Windows\system32\drivers\FLxHCIc.sys
10:49:57.0280 0x1684 FLxHCIc - ok
10:49:57.0295 0x1684 [ 256F51C79AB03AD6D68ECAE96ADB4746, 2315EB7FD51ECA441B4EDCCD1866E4027F762B8BC9456B7F8B9391D2602895F3 ] FLxHCIh C:\Windows\system32\drivers\FLxHCIh.sys
10:49:57.0295 0x1684 FLxHCIh - ok
10:49:57.0311 0x1684 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
10:49:57.0342 0x1684 FontCache - ok
10:49:57.0342 0x1684 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:49:57.0342 0x1684 FontCache3.0.0.0 - ok
10:49:57.0342 0x1684 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:49:57.0358 0x1684 FsDepends - ok
10:49:57.0358 0x1684 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:49:57.0358 0x1684 fssfltr - ok
10:49:57.0389 0x1684 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:49:57.0405 0x1684 fsssvc - ok
10:49:57.0420 0x1684 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:49:57.0420 0x1684 Fs_Rec - ok
10:49:57.0420 0x1684 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:49:57.0436 0x1684 fvevol - ok
10:49:57.0436 0x1684 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:49:57.0436 0x1684 gagp30kx - ok
10:49:57.0467 0x1684 [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:49:57.0483 0x1684 GfExperienceService - ok
10:49:57.0498 0x1684 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:49:57.0529 0x1684 gpsvc - ok
10:49:57.0529 0x1684 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:49:57.0529 0x1684 hcw85cir - ok
10:49:57.0545 0x1684 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:49:57.0561 0x1684 HdAudAddService - ok
10:49:57.0561 0x1684 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:49:57.0576 0x1684 HDAudBus - ok
10:49:57.0576 0x1684 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
10:49:57.0576 0x1684 HECIx64 - ok
10:49:57.0576 0x1684 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:49:57.0592 0x1684 HidBatt - ok
10:49:57.0592 0x1684 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:49:57.0607 0x1684 HidBth - ok
10:49:57.0607 0x1684 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:49:57.0623 0x1684 HidIr - ok
10:49:57.0623 0x1684 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:49:57.0639 0x1684 hidserv - ok
10:49:57.0639 0x1684 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:49:57.0654 0x1684 HidUsb - ok
10:49:57.0654 0x1684 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:49:57.0670 0x1684 hkmsvc - ok
10:49:57.0685 0x1684 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:49:57.0685 0x1684 HomeGroupListener - ok
10:49:57.0701 0x1684 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:49:57.0701 0x1684 HomeGroupProvider - ok
10:49:57.0701 0x1684 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:49:57.0717 0x1684 HpSAMD - ok
10:49:57.0732 0x1684 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:49:57.0748 0x1684 HTTP - ok
10:49:57.0748 0x1684 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:49:57.0748 0x1684 hwpolicy - ok
10:49:57.0763 0x1684 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:49:57.0763 0x1684 i8042prt - ok
10:49:57.0779 0x1684 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:49:57.0795 0x1684 iaStor - ok
10:49:57.0810 0x1684 [ BC01732B88777BB2FE58E514A945D517, DD5DC9EAEB631E68D71ADE0D5F25416B48170FC7634ACA485F8D1E2239193305 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
10:49:57.0810 0x1684 iaStorA - ok
10:49:57.0826 0x1684 [ F435C8A8C02067C9CD0EF430A8552BEA, DE6246A32FFEAFDEE44B0DFA35C75B20E804DAC12401BA45E20BA1FAD14141C5 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
10:49:57.0826 0x1684 iaStorF - ok
10:49:57.0841 0x1684 [ 4C6DE29AF58AB5387F23A822D834E5E3, 66341E86A1514C07F85A6B1CFF1F402D3D45C67C03A1857E5B42CAC222B9848A ] iaStorS C:\Windows\system32\drivers\iaStorS.sys
10:49:57.0857 0x1684 iaStorS - ok
10:49:57.0857 0x1684 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:49:57.0873 0x1684 iaStorV - ok
10:49:57.0888 0x1684 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:49:57.0904 0x1684 idsvc - ok
10:49:57.0904 0x1684 IEEtwCollectorService - ok
10:49:57.0904 0x1684 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:49:57.0919 0x1684 iirsp - ok
10:49:57.0919 0x1684 [ FF604BCE2537A4734DA0CE19AD9B7B7A, E40E87961F46B374122ED2B06E79C575FCFA4D29F95763ADC7E88270D064AFE8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
10:49:57.0919 0x1684 ikbevent - ok
10:49:57.0935 0x1684 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:49:57.0951 0x1684 IKEEXT - ok
10:49:57.0966 0x1684 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
10:49:57.0966 0x1684 Impcd - ok
10:49:57.0966 0x1684 [ 298E67827BE3C4403C32EAB66987A334, BE7D95E2BB0D6D60B40966305D0354CA93F773FD2FA2727F1076DC8E162D5EB1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
10:49:57.0982 0x1684 imsevent - ok
10:49:57.0982 0x1684 [ 0BBE196EED750C18E5D4B3CB55EB097C, 6A67BF6CD9BBC77034AD1BBDE6FD1DE78440825E317DB7C517BD4D773FEBDA39 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
10:49:57.0982 0x1684 INETMON - ok
10:49:58.0044 0x1684 [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:49:58.0107 0x1684 IntcAzAudAddService - ok
10:49:58.0107 0x1684 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:49:58.0122 0x1684 intelide - ok
10:49:58.0122 0x1684 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:49:58.0122 0x1684 intelppm - ok
10:49:58.0138 0x1684 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:49:58.0153 0x1684 IPBusEnum - ok
10:49:58.0153 0x1684 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:49:58.0169 0x1684 IpFilterDriver - ok
10:49:58.0185 0x1684 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:49:58.0200 0x1684 iphlpsvc - ok
10:49:58.0200 0x1684 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:49:58.0216 0x1684 IPMIDRV - ok
10:49:58.0216 0x1684 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:49:58.0231 0x1684 IPNAT - ok
10:49:58.0247 0x1684 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:49:58.0263 0x1684 iPod Service - ok
10:49:58.0263 0x1684 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:49:58.0278 0x1684 IRENUM - ok
10:49:58.0278 0x1684 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:49:58.0278 0x1684 isapnp - ok
10:49:58.0278 0x1684 [ AC45D94185CF67267D06BF2F45E9E31E, 737EA8220EC265AF3C61611C2B005D2825E6ABBB19DB934ECA0BCBB88CB42EA9 ] ISASerial C:\Windows\system32\drivers\ISASerial.sys
10:49:58.0294 0x1684 ISASerial - ok
10:49:58.0294 0x1684 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:49:58.0309 0x1684 iScsiPrt - ok
10:49:58.0309 0x1684 [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
10:49:58.0309 0x1684 ISCT - ok
10:49:58.0325 0x1684 [ DCE0DC56FAD5017F2F8157900F125D4A, DDD80C3C49419F72F5ECC4004F16DE052FC027B114516CC8C1834975EA4340DB ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
10:49:58.0325 0x1684 ISCTAgent - ok
10:49:58.0341 0x1684 [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir C:\Windows\system32\drivers\itecir.sys
10:49:58.0341 0x1684 itecir - ok
10:49:58.0341 0x1684 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
10:49:58.0341 0x1684 iusb3hcs - ok
10:49:58.0356 0x1684 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:49:58.0372 0x1684 iusb3hub - ok
10:49:58.0387 0x1684 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:49:58.0403 0x1684 iusb3xhc - ok
10:49:58.0403 0x1684 [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID C:\Windows\system32\drivers\jraid.sys
10:49:58.0403 0x1684 JRAID - ok
10:49:58.0403 0x1684 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:49:58.0419 0x1684 kbdclass - ok
10:49:58.0419 0x1684 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:49:58.0419 0x1684 kbdhid - ok
10:49:58.0434 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
10:49:58.0434 0x1684 KeyIso - ok
10:49:58.0434 0x1684 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:49:58.0450 0x1684 KSecDD - ok
10:49:58.0450 0x1684 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:49:58.0465 0x1684 KSecPkg - ok
10:49:58.0465 0x1684 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:49:58.0481 0x1684 ksthunk - ok
10:49:58.0481 0x1684 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:49:58.0512 0x1684 KtmRm - ok
10:49:58.0512 0x1684 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:49:58.0543 0x1684 LanmanServer - ok
10:49:58.0543 0x1684 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:49:58.0559 0x1684 LanmanWorkstation - ok
10:49:58.0575 0x1684 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:49:58.0590 0x1684 lltdio - ok
10:49:58.0590 0x1684 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:49:58.0621 0x1684 lltdsvc - ok
10:49:58.0621 0x1684 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:49:58.0637 0x1684 lmhosts - ok
10:49:58.0653 0x1684 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:49:58.0653 0x1684 LSI_FC - ok
10:49:58.0653 0x1684 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:49:58.0668 0x1684 LSI_SAS - ok
10:49:58.0668 0x1684 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:49:58.0668 0x1684 LSI_SAS2 - ok
10:49:58.0684 0x1684 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:49:58.0684 0x1684 LSI_SCSI - ok
10:49:58.0684 0x1684 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:49:58.0715 0x1684 luafv - ok
10:49:58.0715 0x1684 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:49:58.0731 0x1684 LVRS64 - ok
10:49:58.0793 0x1684 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:49:58.0871 0x1684 LVUVC64 - ok
10:49:58.0871 0x1684 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:49:58.0887 0x1684 MBAMProtector - ok
10:49:58.0902 0x1684 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
10:49:58.0933 0x1684 MBAMScheduler - ok
10:49:58.0949 0x1684 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:49:58.0965 0x1684 MBAMService - ok
10:49:58.0980 0x1684 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:49:58.0980 0x1684 MBAMWebAccessControl - ok
10:49:58.0980 0x1684 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
10:49:58.0996 0x1684 MBfilt - ok
10:49:58.0996 0x1684 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:49:58.0996 0x1684 Mcx2Svc - ok
10:49:58.0996 0x1684 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:49:59.0011 0x1684 megasas - ok
10:49:59.0011 0x1684 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:49:59.0027 0x1684 MegaSR - ok
10:49:59.0027 0x1684 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:49:59.0027 0x1684 MEIx64 - ok
10:49:59.0043 0x1684 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:49:59.0058 0x1684 MMCSS - ok
10:49:59.0058 0x1684 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:49:59.0074 0x1684 Modem - ok
10:49:59.0089 0x1684 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:49:59.0089 0x1684 monitor - ok
10:49:59.0089 0x1684 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:49:59.0105 0x1684 mouclass - ok
10:49:59.0105 0x1684 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:49:59.0105 0x1684 mouhid - ok
10:49:59.0121 0x1684 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:49:59.0121 0x1684 mountmgr - ok
10:49:59.0121 0x1684 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:49:59.0136 0x1684 MozillaMaintenance - ok
10:49:59.0136 0x1684 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:49:59.0152 0x1684 mpio - ok
10:49:59.0152 0x1684 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:49:59.0167 0x1684 mpsdrv - ok
10:49:59.0183 0x1684 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:49:59.0214 0x1684 MpsSvc - ok
10:49:59.0214 0x1684 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:49:59.0230 0x1684 MRxDAV - ok
10:49:59.0230 0x1684 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:49:59.0245 0x1684 mrxsmb - ok
10:49:59.0245 0x1684 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:49:59.0261 0x1684 mrxsmb10 - ok
10:49:59.0261 0x1684 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:49:59.0261 0x1684 mrxsmb20 - ok
10:49:59.0277 0x1684 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:49:59.0277 0x1684 msahci - ok
10:49:59.0277 0x1684 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:49:59.0292 0x1684 msdsm - ok
10:49:59.0292 0x1684 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:49:59.0308 0x1684 MSDTC - ok
10:49:59.0308 0x1684 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:49:59.0323 0x1684 Msfs - ok
10:49:59.0323 0x1684 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:49:59.0339 0x1684 mshidkmdf - ok
10:49:59.0355 0x1684 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:49:59.0355 0x1684 msisadrv - ok
10:49:59.0355 0x1684 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:49:59.0370 0x1684 MSiSCSI - ok
10:49:59.0386 0x1684 msiserver - ok
10:49:59.0386 0x1684 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:49:59.0401 0x1684 MSKSSRV - ok
10:49:59.0401 0x1684 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:49:59.0417 0x1684 MSPCLOCK - ok
10:49:59.0433 0x1684 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:49:59.0448 0x1684 MSPQM - ok
10:49:59.0448 0x1684 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:49:59.0464 0x1684 MsRPC - ok
10:49:59.0464 0x1684 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:49:59.0479 0x1684 mssmbios - ok
10:49:59.0479 0x1684 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:49:59.0495 0x1684 MSTEE - ok
10:49:59.0495 0x1684 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:49:59.0511 0x1684 MTConfig - ok
10:49:59.0511 0x1684 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\drivers\ASACPI.sys
10:49:59.0511 0x1684 MTsensor - ok
10:49:59.0511 0x1684 [ 07AD6825D5C658595CAB7F8F5849401C, 21DEC409C781848B8104CE23E42D3D3DFABE9CC2527C78B1ED9167E063DB1542 ] MtsHID C:\Windows\system32\drivers\MtsHID.sys
10:49:59.0526 0x1684 MtsHID - ok
10:49:59.0526 0x1684 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:49:59.0526 0x1684 Mup - ok
10:49:59.0526 0x1684 [ AFA051DA029FA6771746067137654584, 5AFB3B1565C68B84240337E62888191328363C1DC28C923C43BDBC9CFCDB1405 ] mv91cons C:\Windows\system32\drivers\mv91cons.sys
10:49:59.0542 0x1684 mv91cons - ok
10:49:59.0542 0x1684 [ D72CFFB7AF56CBB37FD8D6686A33E6C7, 373B2FAE7219413B2BE534839D37F0DCA2CDFF9ED3B358EC1DF7474DAF20E9DC ] mv91xx C:\Windows\system32\drivers\mv91xx.sys
10:49:59.0557 0x1684 mv91xx - ok
10:49:59.0557 0x1684 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:49:59.0589 0x1684 napagent - ok
10:49:59.0604 0x1684 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:49:59.0604 0x1684 NativeWifiP - ok
10:49:59.0635 0x1684 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:49:59.0651 0x1684 NDIS - ok
10:49:59.0651 0x1684 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:49:59.0667 0x1684 NdisCap - ok
10:49:59.0667 0x1684 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:49:59.0698 0x1684 NdisTapi - ok
10:49:59.0698 0x1684 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:49:59.0713 0x1684 Ndisuio - ok
10:49:59.0713 0x1684 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:49:59.0745 0x1684 NdisWan - ok
10:49:59.0745 0x1684 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:49:59.0760 0x1684 NDProxy - ok
10:49:59.0760 0x1684 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:49:59.0776 0x1684 NetBIOS - ok
10:49:59.0791 0x1684 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:49:59.0807 0x1684 NetBT - ok
10:49:59.0807 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
10:49:59.0823 0x1684 Netlogon - ok
10:49:59.0823 0x1684 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:49:59.0854 0x1684 Netman - ok
10:49:59.0854 0x1684 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:59.0869 0x1684 NetMsmqActivator - ok
10:49:59.0869 0x1684 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:59.0885 0x1684 NetPipeActivator - ok
10:49:59.0885 0x1684 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:49:59.0916 0x1684 netprofm - ok
10:49:59.0916 0x1684 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:59.0932 0x1684 NetTcpActivator - ok
10:49:59.0932 0x1684 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:59.0932 0x1684 NetTcpPortSharing - ok
10:49:59.0947 0x1684 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:49:59.0947 0x1684 nfrd960 - ok
10:49:59.0947 0x1684 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:49:59.0963 0x1684 NlaSvc - ok
10:49:59.0963 0x1684 NmPar - ok
10:49:59.0963 0x1684 nmserial - ok
10:49:59.0979 0x1684 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:49:59.0994 0x1684 Npfs - ok
10:49:59.0994 0x1684 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:50:00.0010 0x1684 nsi - ok
10:50:00.0010 0x1684 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:50:00.0041 0x1684 nsiproxy - ok
10:50:00.0057 0x1684 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:50:00.0088 0x1684 Ntfs - ok
10:50:00.0088 0x1684 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:50:00.0103 0x1684 Null - ok
10:50:00.0119 0x1684 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
10:50:00.0119 0x1684 nusb3hub - ok
10:50:00.0135 0x1684 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
10:50:00.0135 0x1684 nusb3xhc - ok
10:50:00.0135 0x1684 [ 7FD5C060CB907489A5702F628226F54A, 56101B878DCBFDEF4D5C8BBC6BE0D7710108E651809812BAB876A2E1D4ACB256 ] nvamacpi C:\Windows\system32\drivers\NVAMACPI.sys
10:50:00.0150 0x1684 nvamacpi - ok
10:50:00.0150 0x1684 [ 102806B360D0E6BC6E55BF47EF655D43, A0571D4B231568E7C977328C4D4633597B47C05E2668ACDBE2DE01BB46FF872F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:50:00.0150 0x1684 NVHDA - ok
10:50:00.0306 0x1684 [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:50:00.0462 0x1684 nvlddmkm - ok
10:50:00.0493 0x1684 [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:50:00.0525 0x1684 NvNetworkService - ok
10:50:00.0540 0x1684 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:50:00.0540 0x1684 nvraid - ok
10:50:00.0540 0x1684 [ 694F5E9D9D624D47F432F5B2E66A0528, 5ACE83A62CBBA735D516FD1C603C69A2136132203679D1F3C92AC5266E84DD8C ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
10:50:00.0556 0x1684 nvrd64 - ok
10:50:00.0556 0x1684 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
10:50:00.0556 0x1684 nvsmu - ok
10:50:00.0571 0x1684 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:50:00.0571 0x1684 nvstor - ok
10:50:00.0571 0x1684 [ 05DE5DC43AFE6CAB78F9C7CA044CBCBE, 59643F2B07DC964EDCE583CEA6AD81B33CB6D5923C9A5881268E7FCD5700601E ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
10:50:00.0587 0x1684 nvstor64 - ok
10:50:00.0587 0x1684 [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:50:00.0603 0x1684 NvStreamKms - ok
10:50:00.0712 0x1684 [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
10:50:00.0821 0x1684 NvStreamNetworkSvc - ok
10:50:00.0915 0x1684 [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
10:50:01.0008 0x1684 NvStreamSvc - ok
10:50:01.0024 0x1684 [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:50:01.0055 0x1684 nvsvc - ok
10:50:01.0055 0x1684 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:50:01.0055 0x1684 nvvad_WaveExtensible - ok
10:50:01.0071 0x1684 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:50:01.0071 0x1684 nv_agp - ok
10:50:01.0071 0x1684 [ 7B372B3C006280BCB8C8C7AFC8C38DF4, 3E5ECF426AEA89EC88AE13B73994DF3B363132106635C23DD898305544D36E57 ] ocz10xx C:\Windows\system32\drivers\ocz10xx.sys
10:50:01.0086 0x1684 ocz10xx - ok
10:50:01.0086 0x1684 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:50:01.0086 0x1684 ohci1394 - ok
10:50:01.0102 0x1684 Oxmfuf - ok
10:50:01.0102 0x1684 [ 00E332D6BF1D15521EFEB5DF1EBFAE3E, DDD263ABF5F240EF1AD85686BD6297465BFD6AD4F775EB64F873EE86CE611DBE ] oxpar C:\Windows\system32\drivers\oxpar.sys
10:50:01.0102 0x1684 oxpar - ok
10:50:01.0117 0x1684 [ DC3FA0B732B5EF07C0CDE1682F6D0824, C20923BF74BD632EA56247E438D22A7D1519B63FF26974BCC9DA9255C37318F6 ] OxPPort C:\Windows\system32\drivers\OxPPort.sys
10:50:01.0117 0x1684 OxPPort - ok
10:50:01.0117 0x1684 oxser - ok
10:50:01.0133 0x1684 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:50:01.0133 0x1684 p2pimsvc - ok
10:50:01.0149 0x1684 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:50:01.0164 0x1684 p2psvc - ok
10:50:01.0164 0x1684 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:50:01.0180 0x1684 Parport - ok
10:50:01.0180 0x1684 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:50:01.0180 0x1684 partmgr - ok
10:50:01.0195 0x1684 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:50:01.0195 0x1684 PcaSvc - ok
10:50:01.0195 0x1684 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:50:01.0211 0x1684 pci - ok
10:50:01.0211 0x1684 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:50:01.0211 0x1684 pciide - ok
10:50:01.0227 0x1684 [ D7C203015E2C2A2EAC8DACEF156D8DC3, FDE6B49A36588C22D92B591576FF1A1D8E60BE11EC3FBE8242FA671CF5A27031 ] PciIsaSerial C:\Windows\system32\drivers\PciIsaSerial.sys
10:50:01.0227 0x1684 PciIsaSerial - ok
10:50:01.0227 0x1684 [ 088B509B2F35A3CEE00AC0E0BC4C5BED, BD778FE0BAE72045511F1D66F980749443CC6EE2C3600FD55BD908BCCFD18B24 ] PciPPorts C:\Windows\system32\drivers\PciPPorts.sys
10:50:01.0242 0x1684 PciPPorts - ok
10:50:01.0242 0x1684 [ 7F97CDD5E91FC73DA2B01344957AA058, 72A887B477ADBBC9CC7071AF1A62EF3D62B3385B7D817AFE140CEBBA59948B41 ] PciSPorts C:\Windows\system32\drivers\PciSPorts.sys
10:50:01.0258 0x1684 PciSPorts - ok
10:50:01.0258 0x1684 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:50:01.0258 0x1684 pcmcia - ok
10:50:01.0273 0x1684 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:50:01.0273 0x1684 pcw - ok
10:50:01.0289 0x1684 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:50:01.0305 0x1684 PEAUTH - ok
10:50:01.0305 0x1684 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:50:01.0320 0x1684 PerfHost - ok
10:50:01.0336 0x1684 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:50:01.0383 0x1684 pla - ok
10:50:01.0383 0x1684 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:50:01.0398 0x1684 PlugPlay - ok
10:50:01.0398 0x1684 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:50:01.0414 0x1684 PNRPAutoReg - ok
10:50:01.0414 0x1684 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:50:01.0429 0x1684 PNRPsvc - ok
10:50:01.0445 0x1684 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:50:01.0461 0x1684 PolicyAgent - ok
10:50:01.0476 0x1684 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:50:01.0492 0x1684 Power - ok
10:50:01.0492 0x1684 [ 14C04684A25C221EBE2105D169B4B6FF, 7331F3C7419102D1C710310BA82642EA50FDA05AC81D713506A60AAD208C74F8 ] PPorts C:\Windows\system32\drivers\PPorts.sys
10:50:01.0507 0x1684 PPorts - ok
10:50:01.0507 0x1684 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:50:01.0523 0x1684 PptpMiniport - ok
10:50:01.0539 0x1684 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:50:01.0539 0x1684 Processor - ok
10:50:01.0539 0x1684 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:50:01.0554 0x1684 ProfSvc - ok
10:50:01.0554 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:01.0570 0x1684 ProtectedStorage - ok
10:50:01.0570 0x1684 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:50:01.0585 0x1684 Psched - ok
10:50:01.0617 0x1684 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:50:01.0632 0x1684 ql2300 - ok
10:50:01.0648 0x1684 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:50:01.0648 0x1684 ql40xx - ok
10:50:01.0648 0x1684 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:50:01.0663 0x1684 QWAVE - ok
10:50:01.0679 0x1684 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:50:01.0679 0x1684 QWAVEdrv - ok
10:50:01.0679 0x1684 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:50:01.0710 0x1684 RasAcd - ok
10:50:01.0710 0x1684 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:01.0726 0x1684 RasAgileVpn - ok
10:50:01.0726 0x1684 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:50:01.0757 0x1684 RasAuto - ok
10:50:01.0757 0x1684 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:01.0773 0x1684 Rasl2tp - ok
10:50:01.0788 0x1684 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:50:01.0804 0x1684 RasMan - ok
10:50:01.0804 0x1684 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:01.0835 0x1684 RasPppoe - ok
10:50:01.0835 0x1684 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:50:01.0851 0x1684 RasSstp - ok
10:50:01.0866 0x1684 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:50:01.0882 0x1684 rdbss - ok
10:50:01.0882 0x1684 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:50:01.0897 0x1684 rdpbus - ok
10:50:01.0897 0x1684 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:01.0913 0x1684 RDPCDD - ok
10:50:01.0913 0x1684 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:50:01.0929 0x1684 RDPENCDD - ok
10:50:01.0944 0x1684 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:50:01.0960 0x1684 RDPREFMP - ok
10:50:01.0960 0x1684 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:50:01.0975 0x1684 RDPWD - ok
10:50:01.0975 0x1684 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:50:01.0991 0x1684 rdyboost - ok
10:50:01.0991 0x1684 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:50:02.0007 0x1684 RemoteAccess - ok
10:50:02.0007 0x1684 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:50:02.0038 0x1684 RemoteRegistry - ok
10:50:02.0038 0x1684 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:50:02.0053 0x1684 RpcEptMapper - ok
10:50:02.0069 0x1684 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:50:02.0069 0x1684 RpcLocator - ok
10:50:02.0085 0x1684 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:50:02.0100 0x1684 RpcSs - ok
10:50:02.0116 0x1684 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:50:02.0131 0x1684 rspndr - ok
10:50:02.0131 0x1684 [ CF1864604344F78C9192D65D4732A689, DD98471FC7EC752A49D24AD089A6A2D5310FB899EC8611235475EC3C1D048AB6 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
10:50:02.0147 0x1684 RTL2832UBDA - ok
10:50:02.0147 0x1684 [ CF111A6EF6741F8B4BD229C008F79BA9, BFC7C649AD3B7F8BCA9099F6C6473BA7DF9A73E04B906561E6FA60A78ACF8683 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
10:50:02.0147 0x1684 RTL2832UUSB - ok
10:50:02.0147 0x1684 [ 22AB78A109A1703A80F2B98890A42954, 40E5A436B6AD553E76B6D1DB70AA43CD66621F4C2B6C2A1D04746BE2F784E21D ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
10:50:02.0163 0x1684 RTL2832U_IRHID - ok
10:50:02.0178 0x1684 [ BD9BA262CF26EFE9A9867EBE32D12164, FF549FA3CC66C31FE228ECEC7649D76DBB577A89B2F6A0EA0BE3D5B7B2EEF9D9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:50:02.0178 0x1684 RTL8167 - ok
10:50:02.0194 0x1684 [ ADC93A9B608729C2F9D22505032497B8, A25059D903C82F048670D9E4B1E947C93EB573161D386DE16A0AA45C3893C647 ] rusb3hub C:\Windows\system32\drivers\rusb3hub.sys
10:50:02.0194 0x1684 rusb3hub - ok
10:50:02.0209 0x1684 [ 0F9CF3CA4D93BE07FE2989766597AF41, D7C712738453D3494DAB4641DA8107B3B99F316FE2EDE768773BDD0F58D25DA4 ] rusb3xhc C:\Windows\system32\drivers\rusb3xhc.sys
10:50:02.0209 0x1684 rusb3xhc - ok
10:50:02.0209 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
10:50:02.0225 0x1684 SamSs - ok
10:50:02.0225 0x1684 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:50:02.0225 0x1684 sbp2port - ok
10:50:02.0241 0x1684 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:50:02.0256 0x1684 SCardSvr - ok
10:50:02.0256 0x1684 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:50:02.0272 0x1684 scfilter - ok
10:50:02.0303 0x1684 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:50:02.0319 0x1684 Schedule - ok
10:50:02.0319 0x1684 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:50:02.0350 0x1684 SCPolicySvc - ok
10:50:02.0350 0x1684 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:50:02.0365 0x1684 sdbus - ok
10:50:02.0365 0x1684 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:50:02.0365 0x1684 SDRSVC - ok
10:50:02.0381 0x1684 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:50:02.0381 0x1684 secdrv - ok
10:50:02.0381 0x1684 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:50:02.0397 0x1684 seclogon - ok
10:50:02.0397 0x1684 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:50:02.0412 0x1684 SENS - ok
10:50:02.0412 0x1684 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:50:02.0428 0x1684 SensrSvc - ok
10:50:02.0428 0x1684 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:50:02.0428 0x1684 Serenum - ok
10:50:02.0443 0x1684 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:50:02.0443 0x1684 Serial - ok
10:50:02.0443 0x1684 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:50:02.0459 0x1684 sermouse - ok
10:50:02.0459 0x1684 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:50:02.0475 0x1684 SessionEnv - ok
10:50:02.0490 0x1684 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:50:02.0490 0x1684 sffdisk - ok
10:50:02.0490 0x1684 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:50:02.0506 0x1684 sffp_mmc - ok
10:50:02.0506 0x1684 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:50:02.0506 0x1684 sffp_sd - ok
10:50:02.0506 0x1684 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:50:02.0521 0x1684 sfloppy - ok
10:50:02.0521 0x1684 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:50:02.0553 0x1684 SharedAccess - ok
10:50:02.0553 0x1684 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:02.0584 0x1684 ShellHWDetection - ok
10:50:02.0584 0x1684 [ DA492C8305434EC6F9BDD60C8B83B10E, 572C5A1F77E0644B4EB2EAC89C141869F071748CA5BB33F846D284C545166A35 ] Si3124r5 C:\Windows\system32\drivers\Si3124r5.sys
10:50:02.0599 0x1684 Si3124r5 - ok
10:50:02.0599 0x1684 [ 8D10887A1699CF61E74467694B929B09, 096A1284092B0002B1405485690C7FC05D9A0FA8809D04327FA2BDEAECA2D199 ] SiFilter C:\Windows\system32\drivers\SiWinAcc.sys
10:50:02.0615 0x1684 SiFilter - ok
10:50:02.0615 0x1684 [ 94E1EDA9A0B305A67EE1BBD0A68CE21A, 1EC0E459117100F8C8C325DD4CE2250D51D44B36E5C46FE598A319C353499524 ] SiRemFil C:\Windows\system32\drivers\SiRemFil.sys
10:50:02.0615 0x1684 SiRemFil - ok
10:50:02.0615 0x1684 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:50:02.0631 0x1684 SiSRaid2 - ok
10:50:02.0631 0x1684 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:50:02.0631 0x1684 SiSRaid4 - ok
10:50:02.0646 0x1684 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:50:02.0646 0x1684 SkypeUpdate - ok
10:50:02.0662 0x1684 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:50:02.0677 0x1684 Smb - ok
10:50:02.0677 0x1684 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:50:02.0693 0x1684 SNMPTRAP - ok
10:50:02.0693 0x1684 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:50:02.0693 0x1684 spldr - ok
10:50:02.0709 0x1684 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:50:02.0724 0x1684 Spooler - ok
10:50:02.0724 0x1684 [ 739C2571867F351167D1D958990E9D84, 0560C2E7FF35790D1B64E9D736DEEA22B4C194809E1435A60FCFA466B19B63B0 ] SPorts C:\Windows\system32\drivers\SPorts.sys
10:50:02.0740 0x1684 SPorts - ok
10:50:02.0787 0x1684 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:50:02.0849 0x1684 sppsvc - ok
10:50:02.0849 0x1684 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:50:02.0880 0x1684 sppuinotify - ok
10:50:02.0880 0x1684 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:50:02.0896 0x1684 srv - ok
10:50:02.0911 0x1684 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:50:02.0927 0x1684 srv2 - ok
10:50:02.0927 0x1684 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:50:02.0927 0x1684 srvnet - ok
10:50:02.0943 0x1684 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:50:02.0958 0x1684 SSDPSRV - ok
10:50:02.0958 0x1684 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:50:02.0989 0x1684 SstpSvc - ok
10:50:03.0005 0x1684 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:50:03.0021 0x1684 Steam Client Service - ok
10:50:03.0021 0x1684 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:50:03.0036 0x1684 Stereo Service - ok
10:50:03.0036 0x1684 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:50:03.0036 0x1684 stexstor - ok
10:50:03.0052 0x1684 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:50:03.0067 0x1684 stisvc - ok
10:50:03.0083 0x1684 [ 335AB4A483C5318182DCEC4EDAE08112, 48A5B188E4BBDF47C424BC07843AFA764A9764FE957375746BBD324749D2FBDA ] StnPport C:\Windows\system32\drivers\StnPport.sys
10:50:03.0083 0x1684 StnPport - ok
10:50:03.0083 0x1684 [ 922E545E81C50E8D4A5D327B907D67FE, 035D7239B995F429A7FCAFA207DB102ED74B902B1AEEB585F8D6EEDB13CA6E13 ] StnSport C:\Windows\system32\drivers\StnSport.sys
10:50:03.0099 0x1684 StnSport - ok
10:50:03.0099 0x1684 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:50:03.0099 0x1684 swenum - ok
10:50:03.0114 0x1684 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:50:03.0145 0x1684 swprv - ok
10:50:03.0177 0x1684 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:50:03.0208 0x1684 SysMain - ok
10:50:03.0208 0x1684 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:03.0223 0x1684 TabletInputService - ok
10:50:03.0223 0x1684 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:50:03.0255 0x1684 TapiSrv - ok
10:50:03.0255 0x1684 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:50:03.0270 0x1684 TBS - ok
10:50:03.0301 0x1684 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:50:03.0333 0x1684 Tcpip - ok
10:50:03.0364 0x1684 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:50:03.0395 0x1684 TCPIP6 - ok
10:50:03.0395 0x1684 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:50:03.0411 0x1684 tcpipreg - ok
10:50:03.0411 0x1684 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:50:03.0411 0x1684 TDPIPE - ok
10:50:03.0411 0x1684 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:50:03.0426 0x1684 TDTCP - ok
10:50:03.0426 0x1684 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:50:03.0442 0x1684 tdx - ok
10:50:03.0442 0x1684 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:50:03.0442 0x1684 TermDD - ok
10:50:03.0457 0x1684 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:50:03.0473 0x1684 TermService - ok
10:50:03.0473 0x1684 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:50:03.0489 0x1684 Themes - ok
10:50:03.0489 0x1684 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:50:03.0504 0x1684 THREADORDER - ok
10:50:03.0520 0x1684 [ 68FE3D89829E27D4FD5EEA7BD2C41985, DCA9187F7480B4363BB57F604CC0172E03E50216CF9CF79CE5D053C6B60564E0 ] tihub3 C:\Windows\system32\drivers\tihub3.sys
10:50:03.0520 0x1684 tihub3 - ok
10:50:03.0535 0x1684 [ 0102C9633CE1F18A6AC021F28B734DB5, 247F8971739B62728D18B1D07F4B2BCFA4C873F38E978FE4D3F77CF3120AB584 ] tixhci C:\Windows\system32\drivers\tixhci.sys
10:50:03.0535 0x1684 tixhci - ok
10:50:03.0551 0x1684 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:50:03.0567 0x1684 TrkWks - ok
10:50:03.0567 0x1684 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:03.0598 0x1684 TrustedInstaller - ok
10:50:03.0598 0x1684 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:03.0598 0x1684 tssecsrv - ok
10:50:03.0613 0x1684 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:50:03.0613 0x1684 TsUsbFlt - ok
10:50:03.0613 0x1684 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:50:03.0629 0x1684 TsUsbGD - ok
10:50:03.0629 0x1684 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:50:03.0645 0x1684 tunnel - ok
10:50:03.0645 0x1684 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:50:03.0660 0x1684 uagp35 - ok
10:50:03.0660 0x1684 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:50:03.0691 0x1684 udfs - ok
10:50:03.0691 0x1684 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:50:03.0707 0x1684 UI0Detect - ok
10:50:03.0707 0x1684 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:50:03.0707 0x1684 uliagpkx - ok
10:50:03.0707 0x1684 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:50:03.0723 0x1684 umbus - ok
10:50:03.0723 0x1684 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:50:03.0723 0x1684 UmPass - ok
10:50:03.0738 0x1684 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:50:03.0754 0x1684 UMVPFSrv - ok
10:50:03.0754 0x1684 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:50:03.0785 0x1684 upnphost - ok
10:50:03.0785 0x1684 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:50:03.0801 0x1684 USBAAPL64 - ok
10:50:03.0801 0x1684 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:50:03.0801 0x1684 usbaudio - ok
10:50:03.0816 0x1684 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:03.0816 0x1684 usbccgp - ok
10:50:03.0816 0x1684 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:50:03.0832 0x1684 usbcir - ok
10:50:03.0832 0x1684 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:50:03.0832 0x1684 usbehci - ok
10:50:03.0847 0x1684 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:50:03.0847 0x1684 usbhub - ok
10:50:03.0863 0x1684 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:50:03.0863 0x1684 usbohci - ok
10:50:03.0863 0x1684 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:50:03.0879 0x1684 usbprint - ok
10:50:03.0879 0x1684 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
10:50:03.0879 0x1684 USBSTOR - ok
10:50:03.0894 0x1684 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:50:03.0894 0x1684 usbuhci - ok
10:50:03.0894 0x1684 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:50:03.0910 0x1684 usb_rndisx - ok
10:50:03.0910 0x1684 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:50:03.0925 0x1684 UxSms - ok
10:50:03.0925 0x1684 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
10:50:03.0941 0x1684 VaultSvc - ok
10:50:03.0941 0x1684 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:50:03.0941 0x1684 vdrvroot - ok
10:50:03.0957 0x1684 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:50:03.0988 0x1684 vds - ok
10:50:03.0988 0x1684 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:03.0988 0x1684 vga - ok
10:50:03.0988 0x1684 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:50:04.0019 0x1684 VgaSave - ok
10:50:04.0019 0x1684 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:50:04.0035 0x1684 vhdmp - ok
10:50:04.0035 0x1684 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:50:04.0035 0x1684 viaide - ok
10:50:04.0035 0x1684 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:50:04.0050 0x1684 volmgr - ok
10:50:04.0050 0x1684 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:50:04.0066 0x1684 volmgrx - ok
10:50:04.0066 0x1684 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:50:04.0081 0x1684 volsnap - ok
10:50:04.0081 0x1684 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:50:04.0097 0x1684 vsmraid - ok
10:50:04.0113 0x1684 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:50:04.0159 0x1684 VSS - ok
10:50:04.0159 0x1684 [ 5BE34BFADE20FF6C154B4663605B6212, 810F7956588F1A177FEE9C4D45C834954122BB9429D7E915D7F6F8EA3DA9802A ] VUSB3HUB C:\Windows\system32\drivers\ViaHub3.sys
10:50:04.0175 0x1684 VUSB3HUB - ok
10:50:04.0175 0x1684 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:50:04.0191 0x1684 vwifibus - ok
10:50:04.0191 0x1684 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:04.0191 0x1684 vwififlt - ok
10:50:04.0206 0x1684 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:50:04.0206 0x1684 vwifimp - ok
10:50:04.0222 0x1684 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:50:04.0237 0x1684 W32Time - ok
10:50:04.0253 0x1684 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:50:04.0253 0x1684 WacomPen - ok
10:50:04.0253 0x1684 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:50:04.0284 0x1684 WANARP - ok
10:50:04.0284 0x1684 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:50:04.0300 0x1684 Wanarpv6 - ok
10:50:04.0315 0x1684 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:50:04.0347 0x1684 WatAdminSvc - ok
10:50:04.0362 0x1684 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:50:04.0393 0x1684 wbengine - ok
10:50:04.0393 0x1684 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:50:04.0409 0x1684 WbioSrvc - ok
10:50:04.0425 0x1684 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:50:04.0440 0x1684 wcncsvc - ok
10:50:04.0440 0x1684 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:04.0440 0x1684 WcsPlugInService - ok
10:50:04.0456 0x1684 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:50:04.0456 0x1684 Wd - ok
10:50:04.0471 0x1684 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:50:04.0487 0x1684 Wdf01000 - ok
10:50:04.0487 0x1684 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:50:04.0503 0x1684 WdiServiceHost - ok
10:50:04.0503 0x1684 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:50:04.0503 0x1684 WdiSystemHost - ok
10:50:04.0518 0x1684 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:50:04.0518 0x1684 WebClient - ok
10:50:04.0534 0x1684 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:50:04.0549 0x1684 Wecsvc - ok
10:50:04.0549 0x1684 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:50:04.0581 0x1684 wercplsupport - ok
10:50:04.0581 0x1684 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:50:04.0596 0x1684 WerSvc - ok
10:50:04.0596 0x1684 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:04.0627 0x1684 WfpLwf - ok
10:50:04.0627 0x1684 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:50:04.0627 0x1684 WIMMount - ok
10:50:04.0627 0x1684 WinDefend - ok
10:50:04.0627 0x1684 WinHttpAutoProxySvc - ok
10:50:04.0643 0x1684 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:50:04.0659 0x1684 Winmgmt - ok
10:50:04.0690 0x1684 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:50:04.0721 0x1684 WinRM - ok
10:50:04.0737 0x1684 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:50:04.0737 0x1684 WinUsb - ok
10:50:04.0752 0x1684 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:50:04.0783 0x1684 Wlansvc - ok
10:50:04.0783 0x1684 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:50:04.0783 0x1684 wlcrasvc - ok
10:50:04.0830 0x1684 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:50:04.0861 0x1684 wlidsvc - ok
10:50:04.0861 0x1684 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:50:04.0877 0x1684 WmiAcpi - ok
10:50:04.0877 0x1684 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:50:04.0893 0x1684 wmiApSrv - ok
10:50:04.0893 0x1684 WMPNetworkSvc - ok
10:50:04.0893 0x1684 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:50:04.0893 0x1684 WPCSvc - ok
10:50:04.0908 0x1684 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:50:04.0908 0x1684 WPDBusEnum - ok
10:50:04.0908 0x1684 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:50:04.0939 0x1684 ws2ifsl - ok
10:50:04.0939 0x1684 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:50:04.0939 0x1684 wscsvc - ok
10:50:04.0955 0x1684 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:50:04.0955 0x1684 WSDPrintDevice - ok
10:50:04.0955 0x1684 WSearch - ok
10:50:05.0002 0x1684 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
10:50:05.0033 0x1684 wuauserv - ok
10:50:05.0049 0x1684 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:50:05.0049 0x1684 WudfPf - ok
10:50:05.0064 0x1684 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:05.0064 0x1684 WUDFRd - ok
10:50:05.0064 0x1684 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:50:05.0080 0x1684 wudfsvc - ok
10:50:05.0080 0x1684 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:50:05.0095 0x1684 WwanSvc - ok
10:50:05.0095 0x1684 [ 109B6F1888845661D19B7A458776D5D1, 526F9655480726345A4E3395EC841BAFB25AFF7AD84C51AD2A6BBA9605BD26FD ] xhcdrv C:\Windows\system32\drivers\xhcdrv.sys
10:50:05.0111 0x1684 xhcdrv - ok
10:50:05.0111 0x1684 ================ Scan global ===============================
10:50:05.0111 0x1684 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:50:05.0127 0x1684 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:50:05.0127 0x1684 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:50:05.0142 0x1684 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:50:05.0142 0x1684 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:50:05.0142 0x1684 [ Global ] - ok
10:50:05.0142 0x1684 ================ Scan MBR ==================================
10:50:05.0158 0x1684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:50:05.0220 0x1684 \Device\Harddisk0\DR0 - ok
10:50:05.0220 0x1684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:50:05.0236 0x1684 \Device\Harddisk1\DR1 - ok
10:50:05.0236 0x1684 ================ Scan VBR ==================================
10:50:05.0236 0x1684 [ FBBFE800E056193778E0ACA1A30859A9 ] \Device\Harddisk0\DR0\Partition1
10:50:05.0236 0x1684 \Device\Harddisk0\DR0\Partition1 - ok
10:50:05.0236 0x1684 [ F34D03E428B3CEF11E258A6D232FD3AB ] \Device\Harddisk1\DR1\Partition1
10:50:05.0236 0x1684 \Device\Harddisk1\DR1\Partition1 - ok
10:50:05.0236 0x1684 ================ Scan generic autorun ======================
10:50:05.0329 0x1684 [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:50:05.0423 0x1684 RTHDVCPL - ok
10:50:05.0470 0x1684 [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:50:05.0501 0x1684 NvBackend - ok
10:50:05.0501 0x1684 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:50:05.0517 0x1684 ShadowPlay - ok
10:50:05.0517 0x1684 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
10:50:05.0532 0x1684 iTunesHelper - ok
10:50:05.0610 0x1684 [ 614AD0BC23DC9DF1F345E7F24060C30D, C59A7EBDCCE6AB4D23A943858F2A425D384A5158C990959D549765F80F2CF457 ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
10:50:05.0688 0x1684 ISCT Tray - ok
10:50:05.0704 0x1684 Object required for P2P: [ 614AD0BC23DC9DF1F345E7F24060C30D ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
10:50:08.0356 0x1684 Object send P2P result: true
10:50:08.0481 0x1684 [ 0467E315A8C2632A9506D6D791A54E81, 9C85BEB5037B20CC309956274DDC1916E4A4177716C7D05EF46A0B6D0501AE14 ] c:\program files\emsisoft anti-malware\a2guard.exe
10:50:08.0621 0x1684 emsisoft anti-malware - ok
10:50:08.0652 0x1684 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:08.0668 0x1684 Sidebar - ok
10:50:08.0683 0x1684 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:08.0683 0x1684 mctadmin - ok
10:50:08.0699 0x1684 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:08.0730 0x1684 Sidebar - ok
10:50:08.0730 0x1684 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:08.0746 0x1684 mctadmin - ok
10:50:09.0229 0x1684 [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
10:50:09.0276 0x1684 Steam - ok
10:50:09.0276 0x1684 Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
10:50:11.0741 0x1684 Object send P2P result: true
10:50:11.0881 0x1684 [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
10:50:12.0006 0x1684 CCleaner Monitoring - ok
10:50:12.0006 0x1684 Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
10:50:14.0580 0x1684 Object send P2P result: true
10:50:14.0611 0x1684 [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:50:14.0643 0x1684 MyDriveConnect.exe - ok
10:50:14.0643 0x1684 Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:50:18.0839 0x1684 Object send P2P result: true
10:50:18.0870 0x1684 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:18.0886 0x1684 Sidebar - ok
10:50:18.0886 0x1684 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:18.0901 0x1684 mctadmin - ok
10:50:19.0042 0x1684 [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
10:50:19.0167 0x1684 CCleaner Monitoring - ok
10:50:19.0167 0x1684 Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
10:50:21.0647 0x1684 Object send P2P result: true
10:50:21.0678 0x1684 [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:50:21.0709 0x1684 MyDriveConnect.exe - ok
10:50:21.0709 0x1684 Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
10:50:24.0174 0x1684 Object send P2P result: true
10:50:24.0174 0x1684 AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 11.5.1.6247 ), 0x41000 ( enabled : updated )
10:50:24.0174 0x1684 Win FW state via NFP2: enabled ( trusted )
10:50:26.0577 0x1684 ============================================================
10:50:26.0577 0x1684 Scan finished
10:50:26.0577 0x1684 ============================================================
10:50:26.0577 0x1968 Detected object count: 0
10:50:26.0577 0x1968 Actual detected object count: 0
[/CODE]

Hallo Matthias,

habe die log-files von FRST und TDSS-Killer gepostet - und
warte dann auf weitere Nachricht von Dir -

bitte sehe mir nach, wenn nicht alles immer sofort auf Anhieb klappt -
bin da nicht so der Experte - bin aber eben dafür dankbar, dass es so gut gesinnte
Leute wie Euch gibt, die anderen diesbezgl. helfen.
Wie ja bereits im ersten Anschreiben betont, lässt sich ja Win7-update nicht mehr installieren - nehme an, dass dies ja im Zuge Deiner Empfehlungen in den Griff bekommen
wird.

Herzlichen Dank
Alpinarium


Alt 22.03.2016, 11:37   #6
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Ich glaube, ich schick Dir alles nochmals, da vorher nicht als Admin gestartet -

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Alpinarium (Administrator) auf ALPINARIUM-ARLT (22-03-2016 11:30:38)
Gestartet von C:\Users\Susanne\Documents\Downloads
Geladene Profile: Alpinarium & Susanne & Gast (Verfügbare Profile: Alpinarium & Susanne & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9251528 2016-03-22] (Emsisoft Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [Steam] => D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-01-18]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B207B76-58B7-4187-9F07-D50C4EB16159}: [DhcpNameServer] 192.168.140.254
Tcpip\..\Interfaces\{9866D234-BBBA-461A-A62C-333D91C8393D}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://www.ard.de/home/ard/ARD_Startseite/21920/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: @Google.com/GoogleEarthPlugin -> C:\Users\Susanne\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\11-suche.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\englische-ergebnisse.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\gmx-suche.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\google-maps.xml [2014-10-21]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\lastminute.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\webde-suche.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\youtube.xml [2015-11-16]
FF Extension: WOT - C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-18]
FF Extension: WEB.DE MailCheck - C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\extensions\mailcheck@web.de [2016-03-18]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]
FF HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10978888 2016-03-22] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 adp3132; C:\Windows\system32\drivers\adp3132.sys [385072 2010-01-28] (Adaptec, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [70912 2011-11-04] (Fresco Logic)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-12-06] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [636184 2011-12-06] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ISASerial; C:\Windows\system32\drivers\ISASerial.sys [72192 2008-02-20] (Windows (R) Codename Longhorn DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
S3 MtsHID; C:\Windows\system32\drivers\MtsHID.sys [27664 2009-07-15] (TechniSat Provide)
S3 nvamacpi; C:\Windows\system32\drivers\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-05] (OCZ Technology Group, Inc.)
S1 oxpar; C:\Windows\system32\drivers\oxpar.sys [158208 2007-01-24] (OEM)
S3 OxPPort; C:\Windows\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [72192 2008-05-22] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [95744 2008-05-22] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [126464 2008-05-22] ()
S3 PPorts; C:\Windows\system32\drivers\PPorts.sys [95744 2008-02-20] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-03-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
S3 SPorts; C:\Windows\system32\drivers\SPorts.sys [124416 2008-02-20] ()
S3 StnPport; C:\Windows\system32\drivers\StnPport.sys [97280 2009-12-17] ()
S3 StnSport; C:\Windows\system32\drivers\StnSport.sys [126464 2009-11-14] ()
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [176640 2011-05-21] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [230400 2011-05-21] (VIA Technologies, Inc.)
S3 cpuz134; \??\C:\Users\ALPINA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 NmPar; \SystemRoot\system32\drivers\NmPar.sys [X]
S3 nmserial; \SystemRoot\system32\drivers\nmserial.sys [X]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [X]
S3 oxser; \SystemRoot\system32\drivers\oxser.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 11:19 - 2016-03-22 11:19 - 00000988 _____ C:\Users\Susanne\Desktop\TDSS rootkit removing tool.lnk
2016-03-22 10:42 - 2016-03-22 11:08 - 00454526 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_10.42.52_log.txt
2016-03-22 10:34 - 2016-03-22 10:34 - 00000926 _____ C:\Users\Susanne\Desktop\Farbar Recovery Scan Tool.lnk
2016-03-22 10:30 - 2016-03-22 11:30 - 00000000 ____D C:\FRST
2016-03-20 17:12 - 2016-03-20 17:12 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-20 17:03 - 2016-03-20 17:03 - 00000000 ____D C:\OETemp
2016-03-20 17:02 - 2016-03-22 11:30 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-20 17:02 - 2016-03-20 17:02 - 00000856 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-03-20 17:02 - 2016-03-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-03-20 01:18 - 2016-03-20 01:18 - 00002624 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-20 (01-14-52).xml
2016-03-19 16:58 - 2016-03-19 16:58 - 00004088 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-19 (16-17-34).xml
2016-03-19 14:24 - 2016-03-19 16:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-19 12:20 - 2016-03-19 12:20 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-19 12:12 - 2016-03-19 15:26 - 00000000 ____D C:\Program Files\WinZip Driver Updater
2016-03-19 11:46 - 2016-03-20 16:16 - 00003468 _____ C:\Windows\System32\Tasks\Reimage Reminder
2016-03-19 11:45 - 2016-03-20 16:16 - 00000000 ____D C:\rei
2016-03-19 11:45 - 2016-03-19 11:45 - 00004298 _____ C:\Windows\System32\Tasks\ReimageUpdater
2016-03-19 11:45 - 2016-03-19 11:45 - 00000000 ____D C:\ProgramData\Reimage Protector
2016-03-19 11:26 - 2016-03-19 11:28 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-19 11:25 - 2016-03-19 11:25 - 01527296 _____ C:\Users\Susanne\Desktop\AdwCleaner_5.102.exe
2016-03-18 17:18 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160318-171859.backup
2016-03-17 01:16 - 2016-03-17 01:16 - 00000000 ____D C:\Windows\CheckSur
2016-03-17 00:45 - 2016-03-17 00:45 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\TomTom
2016-03-16 17:38 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-16 17:38 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-16 17:38 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-16 17:38 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-16 17:38 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-16 17:38 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-16 17:38 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-16 17:38 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-16 17:38 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-16 17:38 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-16 17:38 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-16 17:38 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-16 17:38 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-16 17:38 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-16 17:38 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-16 17:38 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-16 17:38 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-16 17:38 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-03-16 17:38 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-03-16 17:38 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-03-16 17:38 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-16 17:38 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-03-16 17:38 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-03-16 17:38 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-03-16 17:38 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-03-16 17:38 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-03-16 17:38 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-16 17:38 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-16 17:38 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-16 17:37 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-16 17:37 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-16 17:37 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-16 17:37 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-03-16 17:37 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-03-16 17:15 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-16 17:14 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-16 17:14 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-16 17:14 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-16 17:14 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-16 17:14 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-03-14 18:22 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160314-182243.backup
2016-02-26 16:36 - 2016-02-26 16:36 - 00000976 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Users\Susanne\AppData\Local\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-02-25 21:53 - 2016-02-25 21:53 - 13163744 _____ (Microsoft Corporation) C:\Users\Susanne\Desktop\Silverlight_x64.exe
2016-02-24 18:57 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160224-185713.backup
2016-02-24 18:49 - 2016-02-24 18:49 - 06837784 _____ (Piriform Ltd) C:\Users\Alpinarium\Downloads\ccsetup515.exe
2016-02-24 17:53 - 2016-02-24 17:53 - 00242312 _____ C:\Users\Susanne\Desktop\Firefox Setup Stub 44.0.2.exe
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____D C:\ProgramData\Intel
2016-02-24 12:40 - 2014-05-27 11:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\Program Files\Intel
2016-02-24 12:08 - 2016-03-18 17:17 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\CrashDumps

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 11:19 - 2012-08-16 11:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 10:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-22 10:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-22 10:29 - 2014-09-26 00:15 - 00296448 ___SH C:\Users\Susanne\Desktop\Thumbs.db
2016-03-22 10:25 - 2014-10-21 11:12 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2016-03-20 17:17 - 2010-11-21 07:50 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-03-20 17:17 - 2010-11-21 07:50 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-03-20 17:17 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-20 17:13 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-20 17:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 17:04 - 2013-02-10 12:14 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Avira
2016-03-20 17:04 - 2013-02-01 17:30 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Avira
2016-03-20 17:04 - 2013-02-01 13:00 - 00000000 ____D C:\Program Files (x86)\Avira
2016-03-20 17:04 - 2012-10-22 14:45 - 00000000 ____D C:\ProgramData\Avira
2016-03-20 17:03 - 2014-07-30 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-20 16:34 - 2015-09-26 02:12 - 00011973 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2016-03-20 16:34 - 2012-10-21 16:14 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-20 16:21 - 2013-07-10 20:38 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1155198B-AA36-4D0D-A13E-20202C4A568A}
2016-03-20 16:16 - 2014-10-21 11:38 - 00000150 _____ C:\Windows\Reimage.ini
2016-03-20 16:14 - 2016-01-04 10:25 - 00000000 ____D C:\Users\Susanne\AppData\Local\CrashDumps
2016-03-19 16:17 - 2015-02-28 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-19 16:15 - 2012-10-22 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 15:26 - 2014-05-30 11:51 - 00000000 ____D C:\ProgramData\WinZip
2016-03-19 11:21 - 2014-02-12 23:58 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\vlc
2016-03-19 10:41 - 2012-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-03-19 10:40 - 2012-10-22 15:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-18 16:03 - 2012-10-19 15:35 - 00000000 ____D C:\Users\Alpinarium
2016-03-17 00:40 - 2012-10-25 17:27 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\ElevatedDiagnostics
2016-03-16 17:50 - 2009-07-14 05:45 - 00291472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-16 17:49 - 2014-12-15 16:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-16 17:49 - 2014-05-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-16 17:49 - 2010-11-21 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-16 17:44 - 2012-08-16 11:23 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-16 17:42 - 2013-08-15 08:55 - 00000000 ____D C:\Windows\system32\MRT
2016-03-16 17:39 - 2012-10-22 16:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-15 22:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-03-14 17:20 - 2013-06-01 15:29 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reality Pump
2016-03-14 17:19 - 2012-10-26 16:12 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-03-11 15:19 - 2012-08-16 11:19 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 15:19 - 2012-08-16 11:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 15:19 - 2012-08-16 11:19 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-08 11:16 - 2016-01-16 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-06 10:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-25 21:55 - 2012-10-24 06:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-25 21:55 - 2012-08-16 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-25 21:54 - 2013-03-13 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-25 16:08 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-24 18:51 - 2015-07-14 23:46 - 00000000 ____D C:\Windows\Minidump
2016-02-24 18:50 - 2014-01-26 20:14 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-24 17:56 - 2014-10-19 05:35 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\Adobe
2016-02-24 17:56 - 2012-10-23 14:51 - 00000000 ____D C:\Users\Susanne\AppData\Local\Adobe
2016-02-24 17:54 - 2012-10-22 14:27 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-24 17:54 - 2012-10-22 14:27 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-24 17:34 - 2012-10-26 16:12 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Winamp
2016-02-24 17:06 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-24 11:49 - 2012-10-19 15:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-24 11:48 - 2012-10-23 22:31 - 00000000 ____D C:\TEMP
2016-02-24 11:48 - 2012-10-19 15:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

Einige Dateien in TEMP:
====================
C:\Users\Alpinarium\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Alpinarium\AppData\Local\Temp\sqlite3.exe
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-15 21:58

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Alpinarium (2016-03-22 11:34:38)
Gestartet von C:\Users\Susanne\Documents\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-19 14:35:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2032422533-2031663358-3171475196-500 - Administrator - Disabled)
Alpinarium (S-1-5-21-2032422533-2031663358-3171475196-1000 - Administrator - Enabled) => C:\Users\Alpinarium
Gast (S-1-5-21-2032422533-2031663358-3171475196-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2032422533-2031663358-3171475196-1003 - Limited - Enabled)
Susanne (S-1-5-21-2032422533-2031663358-3171475196-1004 - Limited - Enabled) => C:\Users\Susanne

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
NO ONE LIVES FOREVER - GAME OF THE YEAR EDITION (HKLM-x32\...\{EE3E60BC-F29F-4E7B-A110-B538387D34DA}) (Version:  - )
No One Lives Forever 2  (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version:  - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.0 - Activision, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tomb Raider Level Editor (HKLM-x32\...\Tomb Raider Level Editor) (Version:  - )
TP-LINK-Clientinstallationsprogramm (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1091ACE5-1E29-48BB-91A9-5C7819D4AEEB} - System32\Tasks\{39E9EFA1-B82C-44A6-BB2D-EB9B5A8767B7} => D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe [2015-12-14] (Valve Corporation)
Task: {14224729-2BCD-40D0-9E5B-AB557ABE938D} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe <==== ACHTUNG
Task: {142682D6-9414-4BFB-8D57-8413855719EC} - System32\Tasks\{7289A42A-6CB3-4C32-BAC8-CF8D3AD26520} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {1DB26A9A-67E9-438D-A0FD-C54A0A81174A} - System32\Tasks\{170CEE81-B621-49B8-A14A-A2F73DCE1F7A} => C:\Users\Susanne\Desktop\FarCryAutoCD.exe
Task: {26907555-0E88-4AE0-8141-D3C6FAB2FDFF} - System32\Tasks\{D1272826-7480-4CF7-8D14-333200118DDE} => D:\ALPINARIUM-ARLT\Spiele\NFS most wanted\speed.exe [2005-11-01] ()
Task: {67EFE98D-C167-4F0B-94F1-45D193C9BDCA} - System32\Tasks\{02A99633-0D3A-4852-A40D-63E9C6583CC8} => pcalua.exe -a E:\Setup\rsrc\Autorun.exe -d E:\
Task: {7001F6BF-2B45-421A-BD59-CB0BB8C854A7} - System32\Tasks\{64E49214-55E7-4496-A501-CD78C96F6056} => D:\ALPINARIUM-ARLT\Spiele\NFS most wanted\speed.exe [2005-11-01] ()
Task: {8B176521-3E04-4C5E-B59A-272212BA56F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {9E5E04CC-D661-4242-8E3A-68C7A1965641} - System32\Tasks\{A3FBC2DD-DC61-47AD-85B4-7A14FDA35A18} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/eula
Task: {A063BDEC-EE10-479D-AE4C-7EDD84D547DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {AB1D8429-C75A-4308-B6E4-B6F71F5485A4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {C7CC2143-DDDA-419C-ACAF-6B2AD3391773} - System32\Tasks\{2B1071ED-B0A5-4BB8-96DE-9CBE5F089D0C} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {D1A7942E-761E-401B-A104-406D7F7D26E7} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ACHTUNG
Task: {DED471E1-FA78-4909-AE84-49673A1A5F56} - System32\Tasks\{D9481452-34F3-49EC-9BF6-ACC5E36BC6C0} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {FCC00E0F-C23F-472E-8282-85BEB834A693} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {FD8306D0-FF5F-49E1-9295-E1E4156C95F2} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-19] (CHIP)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-19 15:40 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2016-01-03 22:43 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-12 22:13 - 2016-02-12 22:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-03 22:43 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-11 16:06 - 2014-09-11 16:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 16:08 - 2014-09-11 16:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 16:06 - 2014-09-11 16:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-501\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2032422533-2031663358-3171475196-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{58B51081-810F-42A5-8478-FE3DCB20071D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{608194F5-BEA9-4CC9-9109-2C37639893FE}] => (Allow) LPort=2869
FirewallRules: [{46D1F610-DE9B-4AEE-85B0-6EB4A9585715}] => (Allow) LPort=1900
FirewallRules: [{F195C26F-D7E3-4429-BFAA-FC2AE6129557}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{35BAD2D7-CABB-4938-9C57-0BA0C2271211}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{28CA718D-8E61-4A2D-B966-E6991F8F1A90}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{8E83A78A-F844-4F5E-B03F-79A980A7E562}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{816AC484-E4CD-49A6-B6A7-ABFA22BDF458}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{68741D5F-3111-474A-AF61-7FBE5314FD22}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A8FE5BC5-E6B2-4D17-A0CD-388C6C0C5A34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F522A485-295E-418D-96D1-09842F761D38}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{1F6A95F8-CEDB-4EE5-A32D-5921F12A6811}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{6C6BFA2C-0545-4C40-85E6-2108BF6C3966}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{A8A2F0FF-A645-4030-957F-B34ED3BB6D4C}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{56892508-A78E-4BA4-8609-75B6C9229105}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{CF8FF30F-B7EB-42B6-A167-C1E54B8ED986}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{49216771-5B47-4745-874D-EB5643043A5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{DFB02E41-0796-44BE-83D0-4CE7198895C4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [TCP Query User{CD999D0B-BEDF-4B04-8F05-D4C2713298B7}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [UDP Query User{37AAE9ED-1ACE-436A-831A-F70EE97E21B3}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [{F0BA29C8-5C54-4208-AC37-EC6E351889CA}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{0795D547-9087-431B-96C4-89A2FE677366}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{DAF4490C-85A9-4FE4-B380-F91C318E88D5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{5BD5CDBD-1A78-4362-A502-91478E6F3364}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{69D71781-C870-4ABD-8F78-E0D66841CF41}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{FE6EDE5A-07D9-4897-9E60-8398BAE7E59F}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{A8501114-5F8F-4A31-A315-F0F5D021816A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [{E44E7BC7-19CD-493C-A45E-AB7D5DB5C267}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{944593AE-DDA3-48FC-B19F-F21C863AD66D}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{C22E7235-F2A8-4446-AE6A-69664FB34BEC}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{E0ACFF8E-3807-4603-B431-F0676F031C38}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{26F22430-567A-40B6-B8BE-FC94D803E649}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{14DCFA97-9CC1-4EDC-8191-0D3A38AD0454}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{242EE8F8-C57C-44E5-BC37-8B3955955B6B}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{460ADF36-015E-4E1F-9977-80979B6709C5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{9EBFC355-22C6-47D6-BB83-9B369DA4BAF5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{498196B2-050B-4E05-9023-36846EB49133}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{55364784-1F66-4CFB-8DF6-BB937B2508AE}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [TCP Query User{056C0052-1E94-428B-A3C5-437F7DD088FA}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [UDP Query User{E4A32A99-E2C0-4D84-AF37-6AB2A7F7E554}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [{7A8CF39C-48B3-4065-9290-32C157AC07C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{862E5F60-3541-4026-BC97-D8D055087DA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9BB3BD07-86F1-40A3-930B-DC41D27A0D8B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D8293F-1D88-4912-835A-EAC64A160131}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{96AD2AD4-BA69-41A4-AF6E-EE0335D1E429}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{C85F7BB9-C675-4ECA-9485-B14BFFB3AA75}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{D20EDD41-6900-4238-AD0F-75F0FBC7632A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{FB84A06F-A7F5-4FFE-8371-7EB48B685F07}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{6AA585FB-57C5-44EC-9FA9-21A83115CF26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78DFDE3A-49D9-47E3-9215-1110941C9A7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{606BE1C0-1AC0-44B8-A0DE-6C578ED0E61A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{C88CB9B3-B684-4E5B-A016-855487C8C8A0}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{05D816AE-B392-4C03-A564-972A4E49DF86}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{27D50474-46F1-48AC-9A20-0690F2260658}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{94AA88EB-74B8-41F6-B541-338EA210888D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FD2B031-67ED-4618-A311-22D499A81796}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7EFD8D3C-4B6E-4E55-A5CE-19D065BAAAF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B330EDB8-868A-4BF5-A4DD-07A482D3F1E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F967479-3E85-4BC8-8F2D-B87E3BAFF0F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{77E2CB8C-4E11-4FF6-AD0B-8993ECFD24AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18ECBB98-2DDB-4B08-B108-58EA82A1D97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD67ED98-6957-4F16-A290-50DD104ACACF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{62E51D65-3CF6-435F-B525-31F01B19D021}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{030748BB-D626-4F06-86C9-22C8260D347E}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe

==================== Wiederherstellungspunkte =========================

17-03-2016 02:42:13 Windows Update
17-03-2016 18:00:55 Windows Update
17-03-2016 18:08:27 Windows Update
18-03-2016 01:46:09 Windows Update
18-03-2016 02:20:08 Windows Update
18-03-2016 16:19:49 Windows Update
18-03-2016 16:36:14 Windows Update
18-03-2016 16:40:28 Windows Update
18-03-2016 17:02:08 Windows Update
19-03-2016 00:53:50 Windows Update
19-03-2016 10:34:27 WinZip 18.5 wird entfernt
20-03-2016 01:37:11 Windows Update
20-03-2016 02:12:59 Windows Update
20-03-2016 16:37:04 Konfiguriert Far Cry
20-03-2016 16:38:59 Konfiguriert Far Cry
21-03-2016 10:32:43 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/22/2016 10:25:24 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CHIPUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at UpdateYeti.UpdateYetiApiCall.AttachSoftwareDataToCall(System.Collections.Generic.List`1<UpdateYeti.Model.Software.AppInfo>)
   at UpdateYeti.Model.MainModel.<MainModel_FindSoftwareFinished>b__2a(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/20/2016 05:15:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 05:11:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 05:06:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2016 04:38:32 PM) (Source: MsiInstaller) (EventID: 11706) (User: Alpinarium-ARLT)
Description: Produkt: Far Cry -- Fehler 1706. Für das Produkt Far Cry wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets "Far Cry.msi".

Error: (03/20/2016 04:24:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CHIPUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at UpdateYeti.UpdateYetiApiCall.AttachSoftwareDataToCall(System.Collections.Generic.List`1<UpdateYeti.Model.Software.AppInfo>)
   at UpdateYeti.Model.MainModel.<MainModel_FindSoftwareFinished>b__2a(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/20/2016 04:21:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/20/2016 04:15:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
   at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlTextReader.Read()
   at System.Configuration.XmlUtil..ctor(System.IO.Stream, System.String, Boolean, System.Configuration.ConfigurationSchemaErrors)
   at System.Configuration.AppSettingsSection.DeserializeElement(System.Xml.XmlReader, Boolean)
   at System.Configuration.ConfigurationSection.DeserializeSection(System.Xml.XmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionImpl(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader, System.String, Int32)

Exception Info: System.Configuration.ConfigurationErrorsException
   at System.Configuration.BaseConfigurationRecord.EvaluateOne(System.String[], System.Configuration.SectionInput, Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object)
   at System.Configuration.BaseConfigurationRecord.Evaluate(System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at NLog.Common.InternalLogger.GetSettingString(System.String, System.String)
   at NLog.Common.InternalLogger.GetSetting[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.String, Boolean)
   at NLog.Common.InternalLogger..cctor()

Exception Info: System.TypeInitializationException
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.GetConfigurationForLogger(System.String, NLog.Config.LoggingConfiguration)
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.Program.CurrentDomain_UnhandledException(System.Object, System.UnhandledExceptionEventArgs)

Error: (03/20/2016 04:14:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
   at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlTextReader.Read()
   at System.Configuration.XmlUtil..ctor(System.IO.Stream, System.String, Boolean, System.Configuration.ConfigurationSchemaErrors)
   at System.Configuration.AppSettingsSection.DeserializeElement(System.Xml.XmlReader, Boolean)
   at System.Configuration.ConfigurationSection.DeserializeSection(System.Xml.XmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionImpl(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord+RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(System.Configuration.RuntimeConfigurationRecord, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader)
   at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, System.Configuration.ConfigXmlReader, System.String, Int32)

Exception Info: System.Configuration.ConfigurationErrorsException
   at System.Configuration.BaseConfigurationRecord.EvaluateOne(System.String[], System.Configuration.SectionInput, Boolean, System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object)
   at System.Configuration.BaseConfigurationRecord.Evaluate(System.Configuration.FactoryRecord, System.Configuration.SectionRecord, System.Object, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at NLog.Common.InternalLogger.GetSettingString(System.String, System.String)
   at NLog.Common.InternalLogger.GetSetting[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.String, Boolean)
   at NLog.Common.InternalLogger..cctor()

Exception Info: System.TypeInitializationException
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.GetConfigurationForLogger(System.String, NLog.Config.LoggingConfiguration)
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.Program.CurrentDomain_UnhandledException(System.Object, System.UnhandledExceptionEventArgs)

Error: (03/20/2016 04:14:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56258f05
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1070
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3


Systemfehler:
=============
Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/22/2016 10:25:04 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/22/2016 10:25:04 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/21/2016 10:32:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/21/2016 10:32:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/21/2016 10:32:20 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/21/2016 10:32:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


CodeIntegrity:
===================================
  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.395
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:30.545
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:30.545
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16334.91 MB
Verfügbarer physikalischer RAM: 14105.45 MB
Summe virtueller Speicher: 32668.03 MB
Verfügbarer virtueller Speicher: 29531.48 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:109.83 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:1863.01 GB) (Free:586.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 9B915867)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9B91585F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 22.03.2016, 11:43   #7
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



... und hier nochmals die log-files von TDSSKiller

Code:
ATTFilter
11:38:24.0231 0x1b10  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:38:31.0205 0x1b10  ============================================================
11:38:31.0205 0x1b10  Current date / time: 2016/03/22 11:38:31.0205
11:38:31.0205 0x1b10  SystemInfo:
11:38:31.0205 0x1b10  
11:38:31.0205 0x1b10  OS Version: 6.1.7601 ServicePack: 1.0
11:38:31.0205 0x1b10  Product type: Workstation
11:38:31.0205 0x1b10  ComputerName: ALPINARIUM-ARLT
11:38:31.0205 0x1b10  UserName: Alpinarium
11:38:31.0205 0x1b10  Windows directory: C:\Windows
11:38:31.0205 0x1b10  System windows directory: C:\Windows
11:38:31.0205 0x1b10  Running under WOW64
11:38:31.0205 0x1b10  Processor architecture: Intel x64
11:38:31.0205 0x1b10  Number of processors: 8
11:38:31.0205 0x1b10  Page size: 0x1000
11:38:31.0205 0x1b10  Boot type: Normal boot
11:38:31.0205 0x1b10  ============================================================
11:38:31.0361 0x1b10  KLMD registered as C:\Windows\system32\drivers\26753115.sys
11:38:31.0407 0x1b10  System UUID: {69D2518C-C885-477E-A23A-63A5D7A9B6E4}
11:38:31.0563 0x1b10  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:38:31.0563 0x1b10  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:38:31.0579 0x1b10  ============================================================
11:38:31.0579 0x1b10  \Device\Harddisk0\DR0:
11:38:31.0579 0x1b10  MBR partitions:
11:38:31.0579 0x1b10  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2000
11:38:31.0579 0x1b10  \Device\Harddisk1\DR1:
11:38:31.0579 0x1b10  MBR partitions:
11:38:31.0579 0x1b10  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
11:38:31.0579 0x1b10  ============================================================
11:38:31.0579 0x1b10  C: <-> \Device\Harddisk0\DR0\Partition1
11:38:31.0579 0x1b10  D: <-> \Device\Harddisk1\DR1\Partition1
11:38:31.0579 0x1b10  ============================================================
11:38:31.0579 0x1b10  Initialize success
11:38:31.0579 0x1b10  ============================================================
11:40:00.0384 0x10ac  ============================================================
11:40:00.0384 0x10ac  Scan started
11:40:00.0384 0x10ac  Mode: Manual; SigCheck; TDLFS; 
11:40:00.0384 0x10ac  ============================================================
11:40:00.0384 0x10ac  KSN ping started
11:40:02.0793 0x10ac  KSN ping finished: true
11:40:03.0363 0x10ac  ================ Scan system memory ========================
11:40:03.0363 0x10ac  System memory - ok
11:40:03.0363 0x10ac  ================ Scan services =============================
11:40:03.0383 0x10ac  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:40:03.0414 0x10ac  1394ohci - ok
11:40:03.0566 0x10ac  [ E13222F715AA93C545264D7D3E28FBDD, 960EF0AF02579B2320EA885557DCA62400BA047E332D3ECC500ECD195A0E8136 ] a2AntiMalware   C:\Program Files\Emsisoft Anti-Malware\a2service.exe
11:40:03.0734 0x10ac  a2AntiMalware - ok
11:40:03.0749 0x10ac  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:40:03.0759 0x10ac  ACPI - ok
11:40:03.0762 0x10ac  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:40:03.0770 0x10ac  AcpiPmi - ok
11:40:03.0782 0x10ac  [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:03.0791 0x10ac  AdobeFlashPlayerUpdateSvc - ok
11:40:03.0799 0x10ac  [ 132190688D8E51D61F88A150D7DF9FB4, 76E1C520CCA50509AD60B7257099855674E4BB8E63CE933A0B53C7A8DCAE55C9 ] adp3132         C:\Windows\system32\drivers\adp3132.sys
11:40:03.0810 0x10ac  adp3132 - ok
11:40:03.0820 0x10ac  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:40:03.0831 0x10ac  adp94xx - ok
11:40:03.0839 0x10ac  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:40:03.0848 0x10ac  adpahci - ok
11:40:03.0853 0x10ac  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:40:03.0861 0x10ac  adpu320 - ok
11:40:03.0865 0x10ac  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:40:03.0872 0x10ac  AeLookupSvc - ok
11:40:03.0882 0x10ac  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:40:03.0894 0x10ac  AFD - ok
11:40:03.0897 0x10ac  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:40:03.0903 0x10ac  agp440 - ok
11:40:03.0910 0x10ac  [ EE6DAD59BB40168BA61964E111CED923, AE9E71DD328B96C7DBD18913906D50131A6964314C4847A006959C4907837C95 ] ahcix64s        C:\Windows\system32\drivers\ahcix64s.sys
11:40:03.0919 0x10ac  ahcix64s - ok
11:40:03.0923 0x10ac  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:40:03.0930 0x10ac  ALG - ok
11:40:03.0933 0x10ac  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:40:03.0938 0x10ac  aliide - ok
11:40:03.0941 0x10ac  [ D39CB7B4BB3A46BC84AD0CC1B8261FB8, 047DF172B42A536871E30E697A209BDC100615B4422ADAF958D0475412EA6E4D ] amdhub30        C:\Windows\system32\drivers\amdhub30.sys
11:40:03.0948 0x10ac  amdhub30 - ok
11:40:03.0950 0x10ac  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:40:03.0955 0x10ac  amdide - ok
11:40:03.0957 0x10ac  [ 0DB2DF2B692A3F70443FD14D7920F249, 2B567735CF07D2386E65A17801890C98379322DE08CA2B43CA8C33466552BE92 ] amdide64        C:\Windows\system32\drivers\amdide64.sys
11:40:03.0962 0x10ac  amdide64 - ok
11:40:03.0965 0x10ac  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:40:03.0971 0x10ac  AmdK8 - ok
11:40:03.0974 0x10ac  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:40:03.0981 0x10ac  AmdPPM - ok
11:40:03.0984 0x10ac  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:40:03.0991 0x10ac  amdsata - ok
11:40:03.0996 0x10ac  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:40:04.0004 0x10ac  amdsbs - ok
11:40:04.0006 0x10ac  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:40:04.0011 0x10ac  amdxata - ok
11:40:04.0017 0x10ac  [ 990E896740E42C6B88284AFD1799AA56, 600556B41A272588D58AB0D552AD903BD0BF5CFB9CB2F5D966E0AD5EA5F2A3F8 ] amdxhc          C:\Windows\system32\drivers\amdxhc.sys
11:40:04.0025 0x10ac  amdxhc - ok
11:40:04.0028 0x10ac  [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
11:40:04.0034 0x10ac  amd_sata - ok
11:40:04.0036 0x10ac  [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
11:40:04.0042 0x10ac  amd_xata - ok
11:40:04.0045 0x10ac  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
11:40:04.0051 0x10ac  AppID - ok
11:40:04.0054 0x10ac  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:40:04.0060 0x10ac  AppIDSvc - ok
11:40:04.0063 0x10ac  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
11:40:04.0070 0x10ac  Appinfo - ok
11:40:04.0075 0x10ac  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:04.0081 0x10ac  Apple Mobile Device Service - ok
11:40:04.0084 0x10ac  [ D73AAD4946051D074909FDFD34D94C7B, F959C1E63EAFF88C9F15F71607DF1B604981AA75AE3C0D33F6EBBFB452F634CD ] arc             C:\Windows\system32\drivers\arc.sys
11:40:04.0090 0x10ac  arc - ok
11:40:04.0094 0x10ac  [ 46E8C3EB03224A1E55C6F0C100A9D2CC, 7CF7A92942117D45345C5324E1ADA5AD77EECF36C4AA63339E676D72D7624F01 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:40:04.0099 0x10ac  arcsas - ok
11:40:04.0102 0x10ac  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\drivers\asahci64.sys
11:40:04.0108 0x10ac  asahci64 - ok
11:40:04.0112 0x10ac  [ 7F0DB399731DAA70042D094D2C11DDCA, 8BBFAC6A636CF86D24355D614B17CBB77343AD286EDD4D841943B9E0D1DDC704 ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
11:40:04.0118 0x10ac  asmthub3 - ok
11:40:04.0126 0x10ac  [ 49DB39B0A504779B0D89555F684BA84E, 961245D9C9EFD08A90AB178A2B8A333445B8F83D2FE9762B41456A06F4753E6D ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
11:40:04.0137 0x10ac  asmtxhci - ok
11:40:04.0145 0x10ac  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:04.0152 0x10ac  aspnet_state - ok
11:40:04.0154 0x10ac  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:04.0173 0x10ac  AsyncMac - ok
11:40:04.0175 0x10ac  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:40:04.0181 0x10ac  atapi - ok
11:40:04.0209 0x10ac  [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur           C:\Windows\system32\DRIVERS\athurx.sys
11:40:04.0239 0x10ac  athur - ok
11:40:04.0253 0x10ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:04.0269 0x10ac  AudioEndpointBuilder - ok
11:40:04.0281 0x10ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:40:04.0296 0x10ac  AudioSrv - ok
11:40:04.0301 0x10ac  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:40:04.0311 0x10ac  AxInstSV - ok
11:40:04.0320 0x10ac  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:40:04.0333 0x10ac  b06bdrv - ok
11:40:04.0339 0x10ac  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:04.0349 0x10ac  b57nd60a - ok
11:40:04.0354 0x10ac  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:40:04.0362 0x10ac  BDESVC - ok
11:40:04.0364 0x10ac  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:40:04.0382 0x10ac  Beep - ok
11:40:04.0396 0x10ac  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:40:04.0412 0x10ac  BFE - ok
11:40:04.0428 0x10ac  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:40:04.0457 0x10ac  BITS - ok
11:40:04.0460 0x10ac  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:04.0468 0x10ac  blbdrive - ok
11:40:04.0471 0x10ac  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:40:04.0478 0x10ac  bowser - ok
11:40:04.0480 0x10ac  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:40:04.0488 0x10ac  BrFiltLo - ok
11:40:04.0490 0x10ac  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:40:04.0497 0x10ac  BrFiltUp - ok
11:40:04.0502 0x10ac  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:40:04.0510 0x10ac  Browser - ok
11:40:04.0517 0x10ac  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:40:04.0527 0x10ac  Brserid - ok
11:40:04.0530 0x10ac  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:04.0538 0x10ac  BrSerWdm - ok
11:40:04.0540 0x10ac  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:04.0548 0x10ac  BrUsbMdm - ok
11:40:04.0551 0x10ac  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:04.0557 0x10ac  BrUsbSer - ok
11:40:04.0560 0x10ac  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:40:04.0569 0x10ac  BTHMODEM - ok
11:40:04.0573 0x10ac  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:40:04.0592 0x10ac  bthserv - ok
11:40:04.0596 0x10ac  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:40:04.0615 0x10ac  cdfs - ok
11:40:04.0619 0x10ac  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:40:04.0627 0x10ac  cdrom - ok
11:40:04.0631 0x10ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:40:04.0649 0x10ac  CertPropSvc - ok
11:40:04.0652 0x10ac  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:40:04.0660 0x10ac  circlass - ok
11:40:04.0667 0x10ac  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:40:04.0678 0x10ac  CLFS - ok
11:40:04.0682 0x10ac  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:04.0689 0x10ac  clr_optimization_v2.0.50727_32 - ok
11:40:04.0693 0x10ac  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:04.0699 0x10ac  clr_optimization_v2.0.50727_64 - ok
11:40:04.0705 0x10ac  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:04.0713 0x10ac  clr_optimization_v4.0.30319_32 - ok
11:40:04.0716 0x10ac  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:04.0724 0x10ac  clr_optimization_v4.0.30319_64 - ok
11:40:04.0727 0x10ac  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:40:04.0733 0x10ac  CmBatt - ok
11:40:04.0735 0x10ac  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:40:04.0740 0x10ac  cmdide - ok
11:40:04.0749 0x10ac  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:40:04.0763 0x10ac  CNG - ok
11:40:04.0766 0x10ac  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:40:04.0771 0x10ac  Compbatt - ok
11:40:04.0774 0x10ac  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:40:04.0782 0x10ac  CompositeBus - ok
11:40:04.0783 0x10ac  COMSysApp - ok
11:40:04.0791 0x10ac  cpuz134 - ok
11:40:04.0793 0x10ac  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:40:04.0798 0x10ac  crcdisk - ok
11:40:04.0804 0x10ac  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:40:04.0813 0x10ac  CryptSvc - ok
11:40:04.0823 0x10ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:40:04.0848 0x10ac  DcomLaunch - ok
11:40:04.0855 0x10ac  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:40:04.0877 0x10ac  defragsvc - ok
11:40:04.0881 0x10ac  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:40:04.0899 0x10ac  DfsC - ok
11:40:04.0906 0x10ac  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:40:04.0917 0x10ac  Dhcp - ok
11:40:04.0941 0x10ac  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:40:04.0966 0x10ac  DiagTrack - ok
11:40:04.0969 0x10ac  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:40:04.0988 0x10ac  discache - ok
11:40:04.0991 0x10ac  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:40:04.0997 0x10ac  Disk - ok
11:40:05.0002 0x10ac  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:40:05.0010 0x10ac  Dnscache - ok
11:40:05.0017 0x10ac  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:40:05.0037 0x10ac  dot3svc - ok
11:40:05.0042 0x10ac  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:40:05.0062 0x10ac  DPS - ok
11:40:05.0064 0x10ac  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:40:05.0070 0x10ac  drmkaud - ok
11:40:05.0087 0x10ac  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:40:05.0105 0x10ac  DXGKrnl - ok
11:40:05.0110 0x10ac  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:40:05.0130 0x10ac  EapHost - ok
11:40:05.0178 0x10ac  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:40:05.0227 0x10ac  ebdrv - ok
11:40:05.0232 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
11:40:05.0239 0x10ac  EFS - ok
11:40:05.0252 0x10ac  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:40:05.0268 0x10ac  ehRecvr - ok
11:40:05.0272 0x10ac  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:40:05.0280 0x10ac  ehSched - ok
11:40:05.0290 0x10ac  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:40:05.0302 0x10ac  elxstor - ok
11:40:05.0308 0x10ac  [ B6A7D3B49CA93FC0AECAC7C911E81F1E, 75245217F86F6BFC94C929EF7295D1C2D3A42B3A5161E8D85599812AD7CC723D ] epp             C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys
11:40:05.0316 0x10ac  epp - ok
11:40:05.0318 0x10ac  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:40:05.0324 0x10ac  ErrDev - ok
11:40:05.0328 0x10ac  [ 21023B3FF378D73A3483134DFD061246, 7570F2ABFEDEA6FF5E6BA5B0281DA17A6AB5A110256B03CBBBB9EA7C95F67591 ] EtronHub3       C:\Windows\System32\Drivers\EtronHub3.sys
11:40:05.0334 0x10ac  EtronHub3 - ok
11:40:05.0337 0x10ac  [ 8D77B1E4ABAB5243172C24159D14E0F2, 351EC99EF9AB4F7FF324D92E27CBBE0F0FC736AF79C9BC325D782BE7BF7195DC ] EtronXHCI       C:\Windows\System32\Drivers\EtronXHCI.sys
11:40:05.0343 0x10ac  EtronXHCI - ok
11:40:05.0352 0x10ac  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:40:05.0375 0x10ac  EventSystem - ok
11:40:05.0380 0x10ac  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:40:05.0401 0x10ac  exfat - ok
11:40:05.0406 0x10ac  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:40:05.0426 0x10ac  fastfat - ok
11:40:05.0439 0x10ac  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:40:05.0454 0x10ac  Fax - ok
11:40:05.0457 0x10ac  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:40:05.0464 0x10ac  fdc - ok
11:40:05.0466 0x10ac  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:40:05.0485 0x10ac  fdPHost - ok
11:40:05.0487 0x10ac  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:40:05.0506 0x10ac  FDResPub - ok
11:40:05.0509 0x10ac  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:40:05.0515 0x10ac  FileInfo - ok
11:40:05.0517 0x10ac  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:40:05.0536 0x10ac  Filetrace - ok
11:40:05.0538 0x10ac  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:40:05.0545 0x10ac  flpydisk - ok
11:40:05.0551 0x10ac  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:40:05.0560 0x10ac  FltMgr - ok
11:40:05.0565 0x10ac  [ F82F68BE29096C552CA25511F08005E7, D64B53BC94ACCD0502A0BF311826943D80D513279E5C3EF3BA89E2CE186470D2 ] FLxHCIc         C:\Windows\system32\drivers\FLxHCIc.sys
11:40:05.0573 0x10ac  FLxHCIc - ok
11:40:05.0577 0x10ac  [ 256F51C79AB03AD6D68ECAE96ADB4746, 2315EB7FD51ECA441B4EDCCD1866E4027F762B8BC9456B7F8B9391D2602895F3 ] FLxHCIh         C:\Windows\system32\drivers\FLxHCIh.sys
11:40:05.0582 0x10ac  FLxHCIh - ok
11:40:05.0602 0x10ac  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
11:40:05.0624 0x10ac  FontCache - ok
11:40:05.0628 0x10ac  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:05.0633 0x10ac  FontCache3.0.0.0 - ok
11:40:05.0635 0x10ac  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:40:05.0641 0x10ac  FsDepends - ok
11:40:05.0644 0x10ac  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
11:40:05.0649 0x10ac  fssfltr - ok
11:40:05.0673 0x10ac  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:40:05.0697 0x10ac  fsssvc - ok
11:40:05.0701 0x10ac  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:40:05.0706 0x10ac  Fs_Rec - ok
11:40:05.0712 0x10ac  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:40:05.0721 0x10ac  fvevol - ok
11:40:05.0724 0x10ac  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:40:05.0730 0x10ac  gagp30kx - ok
11:40:05.0751 0x10ac  [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:40:05.0772 0x10ac  GfExperienceService - ok
11:40:05.0787 0x10ac  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:40:05.0814 0x10ac  gpsvc - ok
11:40:05.0817 0x10ac  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:40:05.0824 0x10ac  hcw85cir - ok
11:40:05.0831 0x10ac  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:05.0843 0x10ac  HdAudAddService - ok
11:40:05.0847 0x10ac  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:05.0856 0x10ac  HDAudBus - ok
11:40:05.0859 0x10ac  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] HECIx64         C:\Windows\system32\drivers\HECIx64.sys
11:40:05.0865 0x10ac  HECIx64 - ok
11:40:05.0867 0x10ac  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:40:05.0873 0x10ac  HidBatt - ok
11:40:05.0877 0x10ac  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:40:05.0885 0x10ac  HidBth - ok
11:40:05.0888 0x10ac  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:40:05.0896 0x10ac  HidIr - ok
11:40:05.0898 0x10ac  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:40:05.0917 0x10ac  hidserv - ok
11:40:05.0920 0x10ac  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:40:05.0926 0x10ac  HidUsb - ok
11:40:05.0929 0x10ac  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:40:05.0948 0x10ac  hkmsvc - ok
11:40:05.0954 0x10ac  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:05.0963 0x10ac  HomeGroupListener - ok
11:40:05.0968 0x10ac  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:05.0977 0x10ac  HomeGroupProvider - ok
11:40:05.0980 0x10ac  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:40:05.0986 0x10ac  HpSAMD - ok
11:40:06.0000 0x10ac  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:40:06.0015 0x10ac  HTTP - ok
11:40:06.0018 0x10ac  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:40:06.0023 0x10ac  hwpolicy - ok
11:40:06.0027 0x10ac  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:40:06.0034 0x10ac  i8042prt - ok
11:40:06.0045 0x10ac  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:40:06.0058 0x10ac  iaStor - ok
11:40:06.0069 0x10ac  [ BC01732B88777BB2FE58E514A945D517, DD5DC9EAEB631E68D71ADE0D5F25416B48170FC7634ACA485F8D1E2239193305 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:40:06.0082 0x10ac  iaStorA - ok
11:40:06.0085 0x10ac  [ F435C8A8C02067C9CD0EF430A8552BEA, DE6246A32FFEAFDEE44B0DFA35C75B20E804DAC12401BA45E20BA1FAD14141C5 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
11:40:06.0090 0x10ac  iaStorF - ok
11:40:06.0102 0x10ac  [ 4C6DE29AF58AB5387F23A822D834E5E3, 66341E86A1514C07F85A6B1CFF1F402D3D45C67C03A1857E5B42CAC222B9848A ] iaStorS         C:\Windows\system32\drivers\iaStorS.sys
11:40:06.0115 0x10ac  iaStorS - ok
11:40:06.0124 0x10ac  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:40:06.0135 0x10ac  iaStorV - ok
11:40:06.0150 0x10ac  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:06.0167 0x10ac  idsvc - ok
11:40:06.0170 0x10ac  IEEtwCollectorService - ok
11:40:06.0173 0x10ac  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:40:06.0179 0x10ac  iirsp - ok
11:40:06.0181 0x10ac  [ FF604BCE2537A4734DA0CE19AD9B7B7A, E40E87961F46B374122ED2B06E79C575FCFA4D29F95763ADC7E88270D064AFE8 ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
11:40:06.0187 0x10ac  ikbevent - ok
11:40:06.0202 0x10ac  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:40:06.0220 0x10ac  IKEEXT - ok
11:40:06.0225 0x10ac  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\drivers\Impcd.sys
11:40:06.0232 0x10ac  Impcd - ok
11:40:06.0234 0x10ac  [ 298E67827BE3C4403C32EAB66987A334, BE7D95E2BB0D6D60B40966305D0354CA93F773FD2FA2727F1076DC8E162D5EB1 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
11:40:06.0240 0x10ac  imsevent - ok
11:40:06.0244 0x10ac  [ 0BBE196EED750C18E5D4B3CB55EB097C, 6A67BF6CD9BBC77034AD1BBDE6FD1DE78440825E317DB7C517BD4D773FEBDA39 ] INETMON         C:\Windows\System32\Drivers\INETMON.sys
11:40:06.0249 0x10ac  INETMON - ok
11:40:06.0322 0x10ac  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:40:06.0381 0x10ac  IntcAzAudAddService - ok
11:40:06.0387 0x10ac  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:40:06.0392 0x10ac  intelide - ok
11:40:06.0395 0x10ac  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:40:06.0398 0x03a8  Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc
11:40:06.0404 0x10ac  intelppm - ok
11:40:06.0407 0x10ac  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:40:06.0427 0x10ac  IPBusEnum - ok
11:40:06.0430 0x10ac  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:06.0448 0x10ac  IpFilterDriver - ok
11:40:06.0459 0x10ac  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:40:06.0472 0x10ac  iphlpsvc - ok
11:40:06.0476 0x10ac  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:40:06.0483 0x10ac  IPMIDRV - ok
11:40:06.0486 0x10ac  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:40:06.0505 0x10ac  IPNAT - ok
11:40:06.0518 0x10ac  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:40:06.0531 0x10ac  iPod Service - ok
11:40:06.0534 0x10ac  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:40:06.0543 0x10ac  IRENUM - ok
11:40:06.0545 0x10ac  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:40:06.0551 0x10ac  isapnp - ok
11:40:06.0554 0x10ac  [ AC45D94185CF67267D06BF2F45E9E31E, 737EA8220EC265AF3C61611C2B005D2825E6ABBB19DB934ECA0BCBB88CB42EA9 ] ISASerial       C:\Windows\system32\drivers\ISASerial.sys
11:40:06.0560 0x10ac  ISASerial - ok
11:40:06.0567 0x10ac  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:40:06.0575 0x10ac  iScsiPrt - ok
11:40:06.0578 0x10ac  [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT            C:\Windows\system32\DRIVERS\ISCTD.sys
11:40:06.0584 0x10ac  ISCT - ok
11:40:06.0591 0x10ac  [ DCE0DC56FAD5017F2F8157900F125D4A, DDD80C3C49419F72F5ECC4004F16DE052FC027B114516CC8C1834975EA4340DB ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
11:40:06.0600 0x10ac  ISCTAgent - ok
11:40:06.0603 0x10ac  [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir          C:\Windows\system32\drivers\itecir.sys
11:40:06.0609 0x10ac  itecir - ok
11:40:06.0611 0x10ac  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
11:40:06.0616 0x10ac  iusb3hcs - ok
11:40:06.0623 0x10ac  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:40:06.0633 0x10ac  iusb3hub - ok
11:40:06.0648 0x10ac  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:40:06.0663 0x10ac  iusb3xhc - ok
11:40:06.0667 0x10ac  [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID           C:\Windows\system32\drivers\jraid.sys
11:40:06.0674 0x10ac  JRAID - ok
11:40:06.0676 0x10ac  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:06.0682 0x10ac  kbdclass - ok
11:40:06.0684 0x10ac  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:40:06.0691 0x10ac  kbdhid - ok
11:40:06.0693 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
11:40:06.0700 0x10ac  KeyIso - ok
11:40:06.0703 0x10ac  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:40:06.0709 0x10ac  KSecDD - ok
11:40:06.0714 0x10ac  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:40:06.0721 0x10ac  KSecPkg - ok
11:40:06.0723 0x10ac  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:40:06.0741 0x10ac  ksthunk - ok
11:40:06.0749 0x10ac  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:40:06.0771 0x10ac  KtmRm - ok
11:40:06.0777 0x10ac  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:40:06.0798 0x10ac  LanmanServer - ok
11:40:06.0802 0x10ac  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:06.0822 0x10ac  LanmanWorkstation - ok
11:40:06.0825 0x10ac  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:40:06.0845 0x10ac  lltdio - ok
11:40:06.0852 0x10ac  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:40:06.0874 0x10ac  lltdsvc - ok
11:40:06.0876 0x10ac  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:40:06.0897 0x10ac  lmhosts - ok
11:40:06.0901 0x10ac  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:40:06.0908 0x10ac  LSI_FC - ok
11:40:06.0911 0x10ac  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:40:06.0918 0x10ac  LSI_SAS - ok
11:40:06.0921 0x10ac  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:40:06.0927 0x10ac  LSI_SAS2 - ok
11:40:06.0931 0x10ac  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:40:06.0937 0x10ac  LSI_SCSI - ok
11:40:06.0941 0x10ac  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:40:06.0961 0x10ac  luafv - ok
11:40:06.0968 0x10ac  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
11:40:06.0979 0x10ac  LVRS64 - ok
11:40:07.0047 0x10ac  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
11:40:07.0116 0x10ac  LVUVC64 - ok
11:40:07.0123 0x10ac  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:40:07.0129 0x10ac  MBAMProtector - ok
11:40:07.0153 0x10ac  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:40:07.0177 0x10ac  MBAMScheduler - ok
11:40:07.0196 0x10ac  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:40:07.0215 0x10ac  MBAMService - ok
11:40:07.0220 0x10ac  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:40:07.0226 0x10ac  MBAMWebAccessControl - ok
11:40:07.0228 0x10ac  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
11:40:07.0233 0x10ac  MBfilt - ok
11:40:07.0237 0x10ac  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:40:07.0244 0x10ac  Mcx2Svc - ok
11:40:07.0247 0x10ac  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:40:07.0252 0x10ac  megasas - ok
11:40:07.0258 0x10ac  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:40:07.0267 0x10ac  MegaSR - ok
11:40:07.0270 0x10ac  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:40:07.0275 0x10ac  MEIx64 - ok
11:40:07.0278 0x10ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:40:07.0297 0x10ac  MMCSS - ok
11:40:07.0300 0x10ac  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:40:07.0318 0x10ac  Modem - ok
11:40:07.0320 0x10ac  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:40:07.0328 0x10ac  monitor - ok
11:40:07.0331 0x10ac  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:40:07.0336 0x10ac  mouclass - ok
11:40:07.0338 0x10ac  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:40:07.0346 0x10ac  mouhid - ok
11:40:07.0349 0x10ac  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:40:07.0356 0x10ac  mountmgr - ok
11:40:07.0361 0x10ac  [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:07.0368 0x10ac  MozillaMaintenance - ok
11:40:07.0372 0x10ac  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:40:07.0380 0x10ac  mpio - ok
11:40:07.0383 0x10ac  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:40:07.0404 0x10ac  mpsdrv - ok
11:40:07.0419 0x10ac  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:40:07.0448 0x10ac  MpsSvc - ok
11:40:07.0452 0x10ac  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:40:07.0460 0x10ac  MRxDAV - ok
11:40:07.0465 0x10ac  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:07.0473 0x10ac  mrxsmb - ok
11:40:07.0480 0x10ac  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:07.0490 0x10ac  mrxsmb10 - ok
11:40:07.0494 0x10ac  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:07.0501 0x10ac  mrxsmb20 - ok
11:40:07.0504 0x10ac  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:40:07.0509 0x10ac  msahci - ok
11:40:07.0513 0x10ac  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:40:07.0520 0x10ac  msdsm - ok
11:40:07.0524 0x10ac  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:40:07.0533 0x10ac  MSDTC - ok
11:40:07.0537 0x10ac  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:40:07.0555 0x10ac  Msfs - ok
11:40:07.0557 0x10ac  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:40:07.0576 0x10ac  mshidkmdf - ok
11:40:07.0578 0x10ac  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:40:07.0583 0x10ac  msisadrv - ok
11:40:07.0588 0x10ac  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:40:07.0608 0x10ac  MSiSCSI - ok
11:40:07.0610 0x10ac  msiserver - ok
11:40:07.0613 0x10ac  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:40:07.0631 0x10ac  MSKSSRV - ok
11:40:07.0633 0x10ac  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:07.0651 0x10ac  MSPCLOCK - ok
11:40:07.0653 0x10ac  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:40:07.0671 0x10ac  MSPQM - ok
11:40:07.0679 0x10ac  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:40:07.0689 0x10ac  MsRPC - ok
11:40:07.0692 0x10ac  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:40:07.0697 0x10ac  mssmbios - ok
11:40:07.0700 0x10ac  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:40:07.0718 0x10ac  MSTEE - ok
11:40:07.0720 0x10ac  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:40:07.0727 0x10ac  MTConfig - ok
11:40:07.0729 0x10ac  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\drivers\ASACPI.sys
11:40:07.0734 0x10ac  MTsensor - ok
11:40:07.0737 0x10ac  [ 07AD6825D5C658595CAB7F8F5849401C, 21DEC409C781848B8104CE23E42D3D3DFABE9CC2527C78B1ED9167E063DB1542 ] MtsHID          C:\Windows\system32\drivers\MtsHID.sys
11:40:07.0742 0x10ac  MtsHID - ok
11:40:07.0745 0x10ac  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:40:07.0750 0x10ac  Mup - ok
11:40:07.0752 0x10ac  [ AFA051DA029FA6771746067137654584, 5AFB3B1565C68B84240337E62888191328363C1DC28C923C43BDBC9CFCDB1405 ] mv91cons        C:\Windows\system32\drivers\mv91cons.sys
11:40:07.0758 0x10ac  mv91cons - ok
11:40:07.0765 0x10ac  [ D72CFFB7AF56CBB37FD8D6686A33E6C7, 373B2FAE7219413B2BE534839D37F0DCA2CDFF9ED3B358EC1DF7474DAF20E9DC ] mv91xx          C:\Windows\system32\drivers\mv91xx.sys
11:40:07.0774 0x10ac  mv91xx - ok
11:40:07.0784 0x10ac  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:40:07.0808 0x10ac  napagent - ok
11:40:07.0815 0x10ac  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:40:07.0828 0x10ac  NativeWifiP - ok
11:40:07.0845 0x10ac  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:40:07.0862 0x10ac  NDIS - ok
11:40:07.0865 0x10ac  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:07.0884 0x10ac  NdisCap - ok
11:40:07.0886 0x10ac  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:07.0905 0x10ac  NdisTapi - ok
11:40:07.0908 0x10ac  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:07.0927 0x10ac  Ndisuio - ok
11:40:07.0932 0x10ac  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:07.0951 0x10ac  NdisWan - ok
11:40:07.0954 0x10ac  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:40:07.0972 0x10ac  NDProxy - ok
11:40:07.0975 0x10ac  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:40:07.0994 0x10ac  NetBIOS - ok
11:40:08.0000 0x10ac  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:40:08.0021 0x10ac  NetBT - ok
11:40:08.0023 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
11:40:08.0030 0x10ac  Netlogon - ok
11:40:08.0038 0x10ac  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:40:08.0061 0x10ac  Netman - ok
11:40:08.0066 0x10ac  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:08.0074 0x10ac  NetMsmqActivator - ok
11:40:08.0077 0x10ac  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:08.0084 0x10ac  NetPipeActivator - ok
11:40:08.0093 0x10ac  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:40:08.0118 0x10ac  netprofm - ok
11:40:08.0122 0x10ac  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:08.0130 0x10ac  NetTcpActivator - ok
11:40:08.0133 0x10ac  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:08.0141 0x10ac  NetTcpPortSharing - ok
11:40:08.0144 0x10ac  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:40:08.0149 0x10ac  nfrd960 - ok
11:40:08.0156 0x10ac  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:40:08.0167 0x10ac  NlaSvc - ok
11:40:08.0168 0x10ac  NmPar - ok
11:40:08.0170 0x10ac  nmserial - ok
11:40:08.0173 0x10ac  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:40:08.0191 0x10ac  Npfs - ok
11:40:08.0194 0x10ac  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:40:08.0212 0x10ac  nsi - ok
11:40:08.0215 0x10ac  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:40:08.0233 0x10ac  nsiproxy - ok
11:40:08.0260 0x10ac  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:40:08.0288 0x10ac  Ntfs - ok
11:40:08.0291 0x10ac  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:40:08.0309 0x10ac  Null - ok
11:40:08.0312 0x10ac  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
11:40:08.0319 0x10ac  nusb3hub - ok
11:40:08.0324 0x10ac  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
11:40:08.0331 0x10ac  nusb3xhc - ok
11:40:08.0334 0x10ac  [ 7FD5C060CB907489A5702F628226F54A, 56101B878DCBFDEF4D5C8BBC6BE0D7710108E651809812BAB876A2E1D4ACB256 ] nvamacpi        C:\Windows\system32\drivers\NVAMACPI.sys
11:40:08.0339 0x10ac  nvamacpi - ok
11:40:08.0344 0x10ac  [ 102806B360D0E6BC6E55BF47EF655D43, A0571D4B231568E7C977328C4D4633597B47C05E2668ACDBE2DE01BB46FF872F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:40:08.0352 0x10ac  NVHDA - ok
11:40:08.0504 0x10ac  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:40:08.0653 0x10ac  nvlddmkm - ok
11:40:08.0690 0x10ac  [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:40:08.0720 0x10ac  NvNetworkService - ok
11:40:08.0725 0x10ac  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:40:08.0732 0x10ac  nvraid - ok
11:40:08.0737 0x10ac  [ 694F5E9D9D624D47F432F5B2E66A0528, 5ACE83A62CBBA735D516FD1C603C69A2136132203679D1F3C92AC5266E84DD8C ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
11:40:08.0744 0x10ac  nvrd64 - ok
11:40:08.0747 0x10ac  [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
11:40:08.0752 0x10ac  nvsmu - ok
11:40:08.0756 0x10ac  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:40:08.0764 0x10ac  nvstor - ok
11:40:08.0769 0x10ac  [ 05DE5DC43AFE6CAB78F9C7CA044CBCBE, 59643F2B07DC964EDCE583CEA6AD81B33CB6D5923C9A5881268E7FCD5700601E ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
11:40:08.0777 0x10ac  nvstor64 - ok
11:40:08.0780 0x10ac  [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:40:08.0785 0x10ac  NvStreamKms - ok
11:40:08.0855 0x03a8  Object send P2P result: true
11:40:08.0915 0x10ac  [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:40:09.0027 0x10ac  NvStreamNetworkSvc - ok
11:40:09.0123 0x10ac  [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:40:09.0213 0x10ac  NvStreamSvc - ok
11:40:09.0234 0x10ac  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:40:09.0252 0x10ac  nvsvc - ok
11:40:09.0256 0x10ac  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:40:09.0263 0x10ac  nvvad_WaveExtensible - ok
11:40:09.0266 0x10ac  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:40:09.0273 0x10ac  nv_agp - ok
11:40:09.0277 0x10ac  [ 7B372B3C006280BCB8C8C7AFC8C38DF4, 3E5ECF426AEA89EC88AE13B73994DF3B363132106635C23DD898305544D36E57 ] ocz10xx         C:\Windows\system32\drivers\ocz10xx.sys
11:40:09.0284 0x10ac  ocz10xx - ok
11:40:09.0287 0x10ac  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:40:09.0294 0x10ac  ohci1394 - ok
11:40:09.0296 0x10ac  Oxmfuf - ok
11:40:09.0300 0x10ac  [ 00E332D6BF1D15521EFEB5DF1EBFAE3E, DDD263ABF5F240EF1AD85686BD6297465BFD6AD4F775EB64F873EE86CE611DBE ] oxpar           C:\Windows\system32\drivers\oxpar.sys
11:40:09.0307 0x10ac  oxpar - ok
11:40:09.0310 0x10ac  [ DC3FA0B732B5EF07C0CDE1682F6D0824, C20923BF74BD632EA56247E438D22A7D1519B63FF26974BCC9DA9255C37318F6 ] OxPPort         C:\Windows\system32\drivers\OxPPort.sys
11:40:09.0317 0x10ac  OxPPort - ok
11:40:09.0318 0x10ac  oxser - ok
11:40:09.0326 0x10ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:40:09.0336 0x10ac  p2pimsvc - ok
11:40:09.0345 0x10ac  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:40:09.0357 0x10ac  p2psvc - ok
11:40:09.0361 0x10ac  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:40:09.0368 0x10ac  Parport - ok
11:40:09.0371 0x10ac  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:40:09.0377 0x10ac  partmgr - ok
11:40:09.0382 0x10ac  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:40:09.0391 0x10ac  PcaSvc - ok
11:40:09.0396 0x10ac  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:40:09.0403 0x10ac  pci - ok
11:40:09.0406 0x10ac  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:40:09.0411 0x10ac  pciide - ok
11:40:09.0414 0x10ac  [ D7C203015E2C2A2EAC8DACEF156D8DC3, FDE6B49A36588C22D92B591576FF1A1D8E60BE11EC3FBE8242FA671CF5A27031 ] PciIsaSerial    C:\Windows\system32\drivers\PciIsaSerial.sys
11:40:09.0420 0x10ac  PciIsaSerial - ok
11:40:09.0423 0x10ac  [ 088B509B2F35A3CEE00AC0E0BC4C5BED, BD778FE0BAE72045511F1D66F980749443CC6EE2C3600FD55BD908BCCFD18B24 ] PciPPorts       C:\Windows\system32\drivers\PciPPorts.sys
11:40:09.0430 0x10ac  PciPPorts - ok
11:40:09.0433 0x10ac  [ 7F97CDD5E91FC73DA2B01344957AA058, 72A887B477ADBBC9CC7071AF1A62EF3D62B3385B7D817AFE140CEBBA59948B41 ] PciSPorts       C:\Windows\system32\drivers\PciSPorts.sys
11:40:09.0440 0x10ac  PciSPorts - ok
11:40:09.0445 0x10ac  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:40:09.0453 0x10ac  pcmcia - ok
11:40:09.0456 0x10ac  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:40:09.0462 0x10ac  pcw - ok
11:40:09.0474 0x10ac  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:40:09.0489 0x10ac  PEAUTH - ok
11:40:09.0499 0x10ac  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:40:09.0506 0x10ac  PerfHost - ok
11:40:09.0531 0x10ac  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:40:09.0568 0x10ac  pla - ok
11:40:09.0577 0x10ac  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:40:09.0589 0x10ac  PlugPlay - ok
11:40:09.0592 0x10ac  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:40:09.0599 0x10ac  PNRPAutoReg - ok
11:40:09.0606 0x10ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:40:09.0617 0x10ac  PNRPsvc - ok
11:40:09.0626 0x10ac  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:40:09.0651 0x10ac  PolicyAgent - ok
11:40:09.0657 0x10ac  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:40:09.0677 0x10ac  Power - ok
11:40:09.0681 0x10ac  [ 14C04684A25C221EBE2105D169B4B6FF, 7331F3C7419102D1C710310BA82642EA50FDA05AC81D713506A60AAD208C74F8 ] PPorts          C:\Windows\system32\drivers\PPorts.sys
11:40:09.0687 0x10ac  PPorts - ok
11:40:09.0691 0x10ac  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:40:09.0709 0x10ac  PptpMiniport - ok
11:40:09.0712 0x10ac  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:40:09.0719 0x10ac  Processor - ok
11:40:09.0724 0x10ac  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:40:09.0733 0x10ac  ProfSvc - ok
11:40:09.0735 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:09.0742 0x10ac  ProtectedStorage - ok
11:40:09.0746 0x10ac  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:40:09.0764 0x10ac  Psched - ok
11:40:09.0788 0x10ac  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:40:09.0813 0x10ac  ql2300 - ok
11:40:09.0818 0x10ac  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:40:09.0825 0x10ac  ql40xx - ok
11:40:09.0831 0x10ac  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:40:09.0843 0x10ac  QWAVE - ok
11:40:09.0846 0x10ac  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:40:09.0855 0x10ac  QWAVEdrv - ok
11:40:09.0857 0x10ac  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:40:09.0875 0x10ac  RasAcd - ok
11:40:09.0878 0x10ac  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:09.0897 0x10ac  RasAgileVpn - ok
11:40:09.0900 0x10ac  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:40:09.0920 0x10ac  RasAuto - ok
11:40:09.0924 0x10ac  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:09.0943 0x10ac  Rasl2tp - ok
11:40:09.0950 0x10ac  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:40:09.0972 0x10ac  RasMan - ok
11:40:09.0976 0x10ac  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:09.0994 0x10ac  RasPppoe - ok
11:40:09.0997 0x10ac  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:40:10.0017 0x10ac  RasSstp - ok
11:40:10.0023 0x10ac  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:40:10.0044 0x10ac  rdbss - ok
11:40:10.0047 0x10ac  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:40:10.0055 0x10ac  rdpbus - ok
11:40:10.0056 0x10ac  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:10.0075 0x10ac  RDPCDD - ok
11:40:10.0078 0x10ac  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:40:10.0096 0x10ac  RDPENCDD - ok
11:40:10.0099 0x10ac  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:40:10.0117 0x10ac  RDPREFMP - ok
11:40:10.0123 0x10ac  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:40:10.0131 0x10ac  RDPWD - ok
11:40:10.0137 0x10ac  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:40:10.0144 0x10ac  rdyboost - ok
11:40:10.0148 0x10ac  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:40:10.0167 0x10ac  RemoteAccess - ok
11:40:10.0172 0x10ac  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:40:10.0192 0x10ac  RemoteRegistry - ok
11:40:10.0196 0x10ac  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:40:10.0215 0x10ac  RpcEptMapper - ok
11:40:10.0217 0x10ac  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:40:10.0224 0x10ac  RpcLocator - ok
11:40:10.0233 0x10ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:40:10.0258 0x10ac  RpcSs - ok
11:40:10.0262 0x10ac  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:40:10.0280 0x10ac  rspndr - ok
11:40:10.0286 0x10ac  [ CF1864604344F78C9192D65D4732A689, DD98471FC7EC752A49D24AD089A6A2D5310FB899EC8611235475EC3C1D048AB6 ] RTL2832UBDA     C:\Windows\system32\drivers\RTL2832UBDA.sys
11:40:10.0295 0x10ac  RTL2832UBDA - ok
11:40:10.0297 0x10ac  [ CF111A6EF6741F8B4BD229C008F79BA9, BFC7C649AD3B7F8BCA9099F6C6473BA7DF9A73E04B906561E6FA60A78ACF8683 ] RTL2832UUSB     C:\Windows\system32\Drivers\RTL2832UUSB.sys
11:40:10.0303 0x10ac  RTL2832UUSB - ok
11:40:10.0305 0x10ac  [ 22AB78A109A1703A80F2B98890A42954, 40E5A436B6AD553E76B6D1DB70AA43CD66621F4C2B6C2A1D04746BE2F784E21D ] RTL2832U_IRHID  C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
11:40:10.0311 0x10ac  RTL2832U_IRHID - ok
11:40:10.0324 0x10ac  [ BD9BA262CF26EFE9A9867EBE32D12164, FF549FA3CC66C31FE228ECEC7649D76DBB577A89B2F6A0EA0BE3D5B7B2EEF9D9 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:40:10.0338 0x10ac  RTL8167 - ok
11:40:10.0342 0x10ac  [ ADC93A9B608729C2F9D22505032497B8, A25059D903C82F048670D9E4B1E947C93EB573161D386DE16A0AA45C3893C647 ] rusb3hub        C:\Windows\system32\drivers\rusb3hub.sys
11:40:10.0348 0x10ac  rusb3hub - ok
11:40:10.0354 0x10ac  [ 0F9CF3CA4D93BE07FE2989766597AF41, D7C712738453D3494DAB4641DA8107B3B99F316FE2EDE768773BDD0F58D25DA4 ] rusb3xhc        C:\Windows\system32\drivers\rusb3xhc.sys
11:40:10.0362 0x10ac  rusb3xhc - ok
11:40:10.0364 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
11:40:10.0370 0x10ac  SamSs - ok
11:40:10.0374 0x10ac  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:40:10.0380 0x10ac  sbp2port - ok
11:40:10.0385 0x10ac  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:40:10.0406 0x10ac  SCardSvr - ok
11:40:10.0408 0x10ac  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:40:10.0427 0x10ac  scfilter - ok
11:40:10.0445 0x10ac  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:40:10.0466 0x10ac  Schedule - ok
11:40:10.0470 0x10ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:40:10.0488 0x10ac  SCPolicySvc - ok
11:40:10.0493 0x10ac  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:40:10.0502 0x10ac  sdbus - ok
11:40:10.0506 0x10ac  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:40:10.0515 0x10ac  SDRSVC - ok
11:40:10.0517 0x10ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:40:10.0523 0x10ac  secdrv - ok
11:40:10.0526 0x10ac  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:40:10.0532 0x10ac  seclogon - ok
11:40:10.0535 0x10ac  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:40:10.0555 0x10ac  SENS - ok
11:40:10.0557 0x10ac  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:40:10.0564 0x10ac  SensrSvc - ok
11:40:10.0567 0x10ac  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:40:10.0573 0x10ac  Serenum - ok
11:40:10.0576 0x10ac  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:40:10.0583 0x10ac  Serial - ok
11:40:10.0586 0x10ac  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:40:10.0592 0x10ac  sermouse - ok
11:40:10.0598 0x10ac  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:40:10.0617 0x10ac  SessionEnv - ok
11:40:10.0620 0x10ac  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:40:10.0627 0x10ac  sffdisk - ok
11:40:10.0629 0x10ac  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:40:10.0636 0x10ac  sffp_mmc - ok
11:40:10.0638 0x10ac  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:40:10.0646 0x10ac  sffp_sd - ok
11:40:10.0648 0x10ac  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:40:10.0655 0x10ac  sfloppy - ok
11:40:10.0662 0x10ac  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:40:10.0685 0x10ac  SharedAccess - ok
11:40:10.0693 0x10ac  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:10.0715 0x10ac  ShellHWDetection - ok
11:40:10.0722 0x10ac  [ DA492C8305434EC6F9BDD60C8B83B10E, 572C5A1F77E0644B4EB2EAC89C141869F071748CA5BB33F846D284C545166A35 ] Si3124r5        C:\Windows\system32\drivers\Si3124r5.sys
11:40:10.0732 0x10ac  Si3124r5 - ok
11:40:10.0735 0x10ac  [ 8D10887A1699CF61E74467694B929B09, 096A1284092B0002B1405485690C7FC05D9A0FA8809D04327FA2BDEAECA2D199 ] SiFilter        C:\Windows\system32\drivers\SiWinAcc.sys
11:40:10.0740 0x10ac  SiFilter - ok
11:40:10.0742 0x10ac  [ 94E1EDA9A0B305A67EE1BBD0A68CE21A, 1EC0E459117100F8C8C325DD4CE2250D51D44B36E5C46FE598A319C353499524 ] SiRemFil        C:\Windows\system32\drivers\SiRemFil.sys
11:40:10.0746 0x10ac  SiRemFil - ok
11:40:10.0749 0x10ac  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:40:10.0755 0x10ac  SiSRaid2 - ok
11:40:10.0758 0x10ac  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:40:10.0764 0x10ac  SiSRaid4 - ok
11:40:10.0772 0x10ac  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:40:10.0782 0x10ac  SkypeUpdate - ok
11:40:10.0786 0x10ac  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:40:10.0805 0x10ac  Smb - ok
11:40:10.0809 0x10ac  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:40:10.0816 0x10ac  SNMPTRAP - ok
11:40:10.0819 0x10ac  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:40:10.0824 0x10ac  spldr - ok
11:40:10.0835 0x10ac  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:40:10.0848 0x10ac  Spooler - ok
11:40:10.0853 0x10ac  [ 739C2571867F351167D1D958990E9D84, 0560C2E7FF35790D1B64E9D736DEEA22B4C194809E1435A60FCFA466B19B63B0 ] SPorts          C:\Windows\system32\drivers\SPorts.sys
11:40:10.0859 0x10ac  SPorts - ok
11:40:10.0910 0x10ac  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:40:10.0974 0x10ac  sppsvc - ok
11:40:10.0980 0x10ac  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:40:11.0000 0x10ac  sppuinotify - ok
11:40:11.0009 0x10ac  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:40:11.0021 0x10ac  srv - ok
11:40:11.0030 0x10ac  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:40:11.0041 0x10ac  srv2 - ok
11:40:11.0045 0x10ac  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:40:11.0053 0x10ac  srvnet - ok
11:40:11.0058 0x10ac  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:40:11.0079 0x10ac  SSDPSRV - ok
11:40:11.0082 0x10ac  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:40:11.0102 0x10ac  SstpSvc - ok
11:40:11.0118 0x10ac  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:40:11.0133 0x10ac  Steam Client Service - ok
11:40:11.0142 0x10ac  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:40:11.0152 0x10ac  Stereo Service - ok
11:40:11.0155 0x10ac  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:40:11.0160 0x10ac  stexstor - ok
11:40:11.0171 0x10ac  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:40:11.0187 0x10ac  stisvc - ok
11:40:11.0191 0x10ac  [ 335AB4A483C5318182DCEC4EDAE08112, 48A5B188E4BBDF47C424BC07843AFA764A9764FE957375746BBD324749D2FBDA ] StnPport        C:\Windows\system32\drivers\StnPport.sys
11:40:11.0198 0x10ac  StnPport - ok
11:40:11.0202 0x10ac  [ 922E545E81C50E8D4A5D327B907D67FE, 035D7239B995F429A7FCAFA207DB102ED74B902B1AEEB585F8D6EEDB13CA6E13 ] StnSport        C:\Windows\system32\drivers\StnSport.sys
11:40:11.0208 0x10ac  StnSport - ok
11:40:11.0210 0x10ac  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:40:11.0215 0x10ac  swenum - ok
11:40:11.0225 0x10ac  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:40:11.0250 0x10ac  swprv - ok
11:40:11.0278 0x10ac  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:40:11.0307 0x10ac  SysMain - ok
11:40:11.0312 0x10ac  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:11.0322 0x10ac  TabletInputService - ok
11:40:11.0329 0x10ac  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:40:11.0351 0x10ac  TapiSrv - ok
11:40:11.0355 0x10ac  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:40:11.0374 0x10ac  TBS - ok
11:40:11.0403 0x10ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:40:11.0433 0x10ac  Tcpip - ok
11:40:11.0463 0x10ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:40:11.0492 0x10ac  TCPIP6 - ok
11:40:11.0497 0x10ac  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:40:11.0504 0x10ac  tcpipreg - ok
11:40:11.0507 0x10ac  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:40:11.0513 0x10ac  TDPIPE - ok
11:40:11.0515 0x10ac  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:40:11.0521 0x10ac  TDTCP - ok
11:40:11.0525 0x10ac  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:40:11.0532 0x10ac  tdx - ok
11:40:11.0535 0x10ac  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:40:11.0541 0x10ac  TermDD - ok
11:40:11.0554 0x10ac  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:40:11.0569 0x10ac  TermService - ok
11:40:11.0572 0x10ac  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:40:11.0582 0x10ac  Themes - ok
11:40:11.0585 0x10ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:40:11.0605 0x10ac  THREADORDER - ok
11:40:11.0609 0x10ac  [ 68FE3D89829E27D4FD5EEA7BD2C41985, DCA9187F7480B4363BB57F604CC0172E03E50216CF9CF79CE5D053C6B60564E0 ] tihub3          C:\Windows\system32\drivers\tihub3.sys
11:40:11.0616 0x10ac  tihub3 - ok
11:40:11.0624 0x10ac  [ 0102C9633CE1F18A6AC021F28B734DB5, 247F8971739B62728D18B1D07F4B2BCFA4C873F38E978FE4D3F77CF3120AB584 ] tixhci          C:\Windows\system32\drivers\tixhci.sys
11:40:11.0635 0x10ac  tixhci - ok
11:40:11.0639 0x10ac  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:40:11.0658 0x10ac  TrkWks - ok
11:40:11.0664 0x10ac  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:11.0683 0x10ac  TrustedInstaller - ok
11:40:11.0687 0x10ac  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:11.0693 0x10ac  tssecsrv - ok
11:40:11.0696 0x10ac  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:40:11.0703 0x10ac  TsUsbFlt - ok
11:40:11.0705 0x10ac  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:40:11.0711 0x10ac  TsUsbGD - ok
11:40:11.0715 0x10ac  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:40:11.0734 0x10ac  tunnel - ok
11:40:11.0737 0x10ac  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:40:11.0743 0x10ac  uagp35 - ok
11:40:11.0750 0x10ac  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:40:11.0771 0x10ac  udfs - ok
11:40:11.0776 0x10ac  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:40:11.0784 0x10ac  UI0Detect - ok
11:40:11.0787 0x10ac  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:40:11.0793 0x10ac  uliagpkx - ok
11:40:11.0796 0x10ac  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:40:11.0803 0x10ac  umbus - ok
11:40:11.0805 0x10ac  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:40:11.0811 0x10ac  UmPass - ok
11:40:11.0820 0x10ac  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
11:40:11.0832 0x10ac  UMVPFSrv - ok
11:40:11.0839 0x10ac  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:40:11.0862 0x10ac  upnphost - ok
11:40:11.0866 0x10ac  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:40:11.0873 0x10ac  USBAAPL64 - ok
11:40:11.0877 0x10ac  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:40:11.0884 0x10ac  usbaudio - ok
11:40:11.0888 0x10ac  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:11.0895 0x10ac  usbccgp - ok
11:40:11.0898 0x10ac  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:40:11.0906 0x10ac  usbcir - ok
11:40:11.0908 0x10ac  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:40:11.0915 0x10ac  usbehci - ok
11:40:11.0922 0x10ac  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:40:11.0932 0x10ac  usbhub - ok
11:40:11.0935 0x10ac  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:40:11.0941 0x10ac  usbohci - ok
11:40:11.0943 0x10ac  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:40:11.0951 0x10ac  usbprint - ok
11:40:11.0954 0x10ac  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
11:40:11.0962 0x10ac  USBSTOR - ok
11:40:11.0964 0x10ac  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:40:11.0970 0x10ac  usbuhci - ok
11:40:11.0973 0x10ac  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
11:40:11.0980 0x10ac  usb_rndisx - ok
11:40:11.0982 0x10ac  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:40:12.0001 0x10ac  UxSms - ok
11:40:12.0003 0x10ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
11:40:12.0010 0x10ac  VaultSvc - ok
11:40:12.0012 0x10ac  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:40:12.0018 0x10ac  vdrvroot - ok
11:40:12.0028 0x10ac  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:40:12.0052 0x10ac  vds - ok
11:40:12.0055 0x10ac  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:40:12.0063 0x10ac  vga - ok
11:40:12.0065 0x10ac  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:40:12.0083 0x10ac  VgaSave - ok
11:40:12.0089 0x10ac  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:40:12.0097 0x10ac  vhdmp - ok
11:40:12.0099 0x10ac  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:40:12.0104 0x10ac  viaide - ok
11:40:12.0107 0x10ac  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:40:12.0114 0x10ac  volmgr - ok
11:40:12.0121 0x10ac  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:40:12.0131 0x10ac  volmgrx - ok
11:40:12.0138 0x10ac  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:40:12.0147 0x10ac  volsnap - ok
11:40:12.0152 0x10ac  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:40:12.0159 0x10ac  vsmraid - ok
11:40:12.0184 0x10ac  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:40:12.0223 0x10ac  VSS - ok
11:40:12.0228 0x10ac  [ 5BE34BFADE20FF6C154B4663605B6212, 810F7956588F1A177FEE9C4D45C834954122BB9429D7E915D7F6F8EA3DA9802A ] VUSB3HUB        C:\Windows\system32\drivers\ViaHub3.sys
11:40:12.0236 0x10ac  VUSB3HUB - ok
11:40:12.0238 0x10ac  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:40:12.0246 0x10ac  vwifibus - ok
11:40:12.0249 0x10ac  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:40:12.0258 0x10ac  vwififlt - ok
11:40:12.0260 0x10ac  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:40:12.0269 0x10ac  vwifimp - ok
11:40:12.0277 0x10ac  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:40:12.0300 0x10ac  W32Time - ok
11:40:12.0304 0x10ac  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:40:12.0311 0x10ac  WacomPen - ok
11:40:12.0314 0x10ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:40:12.0332 0x10ac  WANARP - ok
11:40:12.0334 0x10ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:40:12.0353 0x10ac  Wanarpv6 - ok
11:40:12.0375 0x10ac  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:40:12.0396 0x10ac  WatAdminSvc - ok
11:40:12.0421 0x10ac  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:40:12.0449 0x10ac  wbengine - ok
11:40:12.0455 0x10ac  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:40:12.0467 0x10ac  WbioSrvc - ok
11:40:12.0474 0x10ac  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:40:12.0489 0x10ac  wcncsvc - ok
11:40:12.0491 0x10ac  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:40:12.0498 0x10ac  WcsPlugInService - ok
11:40:12.0501 0x10ac  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:40:12.0506 0x10ac  Wd - ok
11:40:12.0520 0x10ac  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:40:12.0536 0x10ac  Wdf01000 - ok
11:40:12.0540 0x10ac  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:40:12.0548 0x10ac  WdiServiceHost - ok
11:40:12.0550 0x10ac  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:40:12.0558 0x10ac  WdiSystemHost - ok
11:40:12.0564 0x10ac  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
11:40:12.0574 0x10ac  WebClient - ok
11:40:12.0580 0x10ac  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:40:12.0601 0x10ac  Wecsvc - ok
11:40:12.0605 0x10ac  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:40:12.0625 0x10ac  wercplsupport - ok
11:40:12.0628 0x10ac  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:40:12.0648 0x10ac  WerSvc - ok
11:40:12.0651 0x10ac  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:40:12.0669 0x10ac  WfpLwf - ok
11:40:12.0671 0x10ac  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:40:12.0677 0x10ac  WIMMount - ok
11:40:12.0678 0x10ac  WinDefend - ok
11:40:12.0682 0x10ac  WinHttpAutoProxySvc - ok
11:40:12.0689 0x10ac  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:40:12.0711 0x10ac  Winmgmt - ok
11:40:12.0742 0x10ac  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:40:12.0775 0x10ac  WinRM - ok
11:40:12.0781 0x10ac  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:40:12.0790 0x10ac  WinUsb - ok
11:40:12.0805 0x10ac  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:40:12.0826 0x10ac  Wlansvc - ok
11:40:12.0830 0x10ac  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:40:12.0835 0x10ac  wlcrasvc - ok
11:40:12.0870 0x10ac  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:40:12.0904 0x10ac  wlidsvc - ok
11:40:12.0908 0x10ac  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:40:12.0915 0x10ac  WmiAcpi - ok
11:40:12.0921 0x10ac  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:40:12.0930 0x10ac  wmiApSrv - ok
11:40:12.0932 0x10ac  WMPNetworkSvc - ok
11:40:12.0935 0x10ac  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:40:12.0942 0x10ac  WPCSvc - ok
11:40:12.0945 0x10ac  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:40:12.0954 0x10ac  WPDBusEnum - ok
11:40:12.0956 0x10ac  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:40:12.0975 0x10ac  ws2ifsl - ok
11:40:12.0978 0x10ac  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:40:12.0989 0x10ac  wscsvc - ok
11:40:12.0992 0x10ac  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
11:40:13.0000 0x10ac  WSDPrintDevice - ok
11:40:13.0001 0x10ac  WSearch - ok
11:40:13.0041 0x10ac  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:40:13.0083 0x10ac  wuauserv - ok
11:40:13.0088 0x10ac  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:40:13.0095 0x10ac  WudfPf - ok
11:40:13.0100 0x10ac  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:40:13.0108 0x10ac  WUDFRd - ok
11:40:13.0112 0x10ac  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:40:13.0119 0x10ac  wudfsvc - ok
11:40:13.0125 0x10ac  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:40:13.0135 0x10ac  WwanSvc - ok
11:40:13.0141 0x10ac  [ 109B6F1888845661D19B7A458776D5D1, 526F9655480726345A4E3395EC841BAFB25AFF7AD84C51AD2A6BBA9605BD26FD ] xhcdrv          C:\Windows\system32\drivers\xhcdrv.sys
11:40:13.0149 0x10ac  xhcdrv - ok
11:40:13.0155 0x10ac  ================ Scan global ===============================
11:40:13.0157 0x10ac  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:40:13.0163 0x10ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
11:40:13.0169 0x10ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
11:40:13.0174 0x10ac  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:40:13.0182 0x10ac  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:40:13.0186 0x10ac  [ Global ] - ok
11:40:13.0186 0x10ac  ================ Scan MBR ==================================
11:40:13.0187 0x10ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:40:13.0270 0x10ac  \Device\Harddisk0\DR0 - ok
11:40:13.0272 0x10ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:40:13.0293 0x10ac  \Device\Harddisk1\DR1 - ok
11:40:13.0294 0x10ac  ================ Scan VBR ==================================
11:40:13.0296 0x10ac  [ FBBFE800E056193778E0ACA1A30859A9 ] \Device\Harddisk0\DR0\Partition1
11:40:13.0297 0x10ac  \Device\Harddisk0\DR0\Partition1 - ok
11:40:13.0299 0x10ac  [ F34D03E428B3CEF11E258A6D232FD3AB ] \Device\Harddisk1\DR1\Partition1
11:40:13.0300 0x10ac  \Device\Harddisk1\DR1\Partition1 - ok
11:40:13.0300 0x10ac  ================ Scan generic autorun ======================
11:40:13.0416 0x10ac  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:40:13.0506 0x10ac  RTHDVCPL - ok
11:40:13.0550 0x10ac  [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:40:13.0592 0x10ac  NvBackend - ok
11:40:13.0596 0x10ac  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:40:13.0604 0x10ac  ShadowPlay - ok
11:40:13.0608 0x10ac  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
11:40:13.0614 0x10ac  iTunesHelper - ok
11:40:13.0696 0x10ac  [ 614AD0BC23DC9DF1F345E7F24060C30D, C59A7EBDCCE6AB4D23A943858F2A425D384A5158C990959D549765F80F2CF457 ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
11:40:13.0777 0x10ac  ISCT Tray - ok
11:40:13.0907 0x10ac  [ 0467E315A8C2632A9506D6D791A54E81, 9C85BEB5037B20CC309956274DDC1916E4A4177716C7D05EF46A0B6D0501AE14 ] c:\program files\emsisoft anti-malware\a2guard.exe
11:40:14.0044 0x10ac  emsisoft anti-malware - ok
11:40:14.0068 0x10ac  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:14.0090 0x10ac  Sidebar - ok
11:40:14.0094 0x10ac  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:14.0104 0x10ac  mctadmin - ok
11:40:14.0123 0x10ac  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:14.0145 0x10ac  Sidebar - ok
11:40:14.0151 0x10ac  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:14.0161 0x10ac  mctadmin - ok
11:40:14.0204 0x10ac  [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
11:40:14.0246 0x10ac  Steam - ok
11:40:14.0407 0x10ac  [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
11:40:14.0524 0x10ac  CCleaner Monitoring - ok
11:40:14.0563 0x10ac  [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
11:40:14.0593 0x10ac  MyDriveConnect.exe - ok
11:40:14.0614 0x10ac  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:14.0635 0x10ac  Sidebar - ok
11:40:14.0639 0x10ac  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:14.0650 0x10ac  mctadmin - ok
11:40:14.0813 0x10ac  [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
11:40:14.0929 0x10ac  CCleaner Monitoring - ok
11:40:14.0968 0x10ac  [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
11:40:14.0998 0x10ac  MyDriveConnect.exe - ok
11:40:14.0999 0x10ac  Waiting for KSN requests completion. In queue: 320
11:40:15.0999 0x10ac  Waiting for KSN requests completion. In queue: 320
11:40:16.0999 0x10ac  Waiting for KSN requests completion. In queue: 14
11:40:17.0340 0x0d28  Object required for P2P: [ 614AD0BC23DC9DF1F345E7F24060C30D ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
11:40:17.0999 0x10ac  Waiting for KSN requests completion. In queue: 13
11:40:19.0000 0x10ac  Waiting for KSN requests completion. In queue: 13
11:40:19.0802 0x0d28  Object send P2P result: true
11:40:19.0802 0x0d28  Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
11:40:20.0000 0x10ac  Waiting for KSN requests completion. In queue: 5
11:40:21.0000 0x10ac  Waiting for KSN requests completion. In queue: 5
11:40:22.0000 0x10ac  Waiting for KSN requests completion. In queue: 5
11:40:22.0257 0x0d28  Object send P2P result: true
11:40:22.0257 0x0d28  Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
11:40:23.0000 0x10ac  Waiting for KSN requests completion. In queue: 4
11:40:24.0000 0x10ac  Waiting for KSN requests completion. In queue: 4
11:40:24.0720 0x0d28  Object send P2P result: true
11:40:24.0720 0x0d28  Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
11:40:25.0000 0x10ac  Waiting for KSN requests completion. In queue: 3
11:40:26.0000 0x10ac  Waiting for KSN requests completion. In queue: 3
11:40:27.0000 0x10ac  Waiting for KSN requests completion. In queue: 3
11:40:27.0191 0x0d28  Object send P2P result: true
11:40:27.0191 0x0d28  Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
11:40:28.0000 0x10ac  Waiting for KSN requests completion. In queue: 2
11:40:29.0000 0x10ac  Waiting for KSN requests completion. In queue: 2
11:40:29.0661 0x0d28  Object send P2P result: true
11:40:29.0661 0x0d28  Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
11:40:30.0000 0x10ac  Waiting for KSN requests completion. In queue: 1
11:40:31.0000 0x10ac  Waiting for KSN requests completion. In queue: 1
11:40:32.0000 0x10ac  Waiting for KSN requests completion. In queue: 1
11:40:32.0197 0x0d28  Object send P2P result: true
11:40:33.0018 0x10ac  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 11.5.1.6247 ), 0x41000 ( enabled : updated )
11:40:33.0024 0x10ac  Win FW state via NFP2: enabled ( trusted )
11:40:35.0649 0x10ac  ============================================================
11:40:35.0649 0x10ac  Scan finished
11:40:35.0649 0x10ac  ============================================================
11:40:35.0657 0x01bc  Detected object count: 0
11:40:35.0657 0x01bc  Actual detected object count: 0
         

Alt 22.03.2016, 15:05   #8
M-K-D-B
/// TB-Ausbilder
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Servus,



Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Susanne\Documents\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.








Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Alt 22.03.2016, 21:17   #9
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Halllo,

farbar und TDSS-Killer hatte es bei mir leider nicht auf desktop geladen, sondern auf
taskleiste - das war ja auch der Grund, weshalb ich es danach auf das desktop gezogen
hatte - erst von da konnte ich die Anwendung dann als Admin starten und die entsprd.
logfiles erstellen.

Hoffe, das unten gefundene ist das richtige logfile.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.03.22.07
  rootkit: v2016.03.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18124
Alpinarium :: ALPINARIUM-ARLT [administrator]

22.03.2016 20:22:35
mbar-log-2016-03-22 (20-22-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 452878
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 23.03.2016, 16:11   #10
M-K-D-B
/// TB-Ausbilder
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Servus,



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alt 23.03.2016, 17:09   #11
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hallo,
hier das logfile (übrigens waren tlw. meine Lesezeichen weg, u.a. Trojanboard
ist natürlich kein Problem
Gruss
A.


[CODE]ACombofix Logfile:
Code:
ATTFilter
ComboFix 16-03-19.01 - Alpinarium 23.03.2016  16:49:58.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16335.14109 [GMT 1:00]
ausgeführt von:: c:\users\Susanne\Desktop\ComboFix.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
SP: Emsisoft Anti-Malware *Disabled/Updated* {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-02-23 bis 2016-03-23  ))))))))))))))))))))))))))))))
.
.
2016-03-23 15:58 . 2016-03-23 15:58	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0F00BC9-2335-4624-BB19-06EE107C1670}\offreg.2560.dll
2016-03-23 15:55 . 2016-03-23 15:55	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2016-03-23 15:55 . 2016-03-23 15:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-03-23 15:55 . 2016-03-23 15:55	--------	d-----w-	c:\users\Alpinarium\AppData\Local\temp
2016-03-22 20:32 . 2016-03-22 20:39	--------	d-----w-	c:\users\Alpinarium\mbar
2016-03-22 20:28 . 2016-02-19 01:53	11249080	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0F00BC9-2335-4624-BB19-06EE107C1670}\mpengine.dll
2016-03-22 19:59 . 2016-03-23 14:35	--------	d-----w-	c:\users\Susanne\Logfiles
2016-03-22 19:22 . 2016-03-23 15:41	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-03-22 09:30 . 2016-03-22 10:57	--------	d-----w-	C:\FRST
2016-03-20 16:12 . 2016-03-20 16:12	--------	d-----w-	c:\programdata\Emsisoft
2016-03-20 16:03 . 2016-03-20 16:03	--------	d-----w-	C:\OETemp
2016-03-20 16:02 . 2016-03-23 15:48	--------	d-----w-	c:\program files\Emsisoft Anti-Malware
2016-03-19 11:20 . 2016-03-19 11:20	--------	d-----w-	c:\program files (x86)\ESET
2016-03-19 11:12 . 2016-03-19 14:26	--------	d-----w-	c:\program files\WinZip Driver Updater
2016-03-19 10:45 . 2016-03-19 10:45	--------	d-----w-	c:\programdata\Reimage Protector
2016-03-19 10:45 . 2016-03-20 15:16	--------	d-----w-	C:\rei
2016-03-19 10:26 . 2016-03-19 10:28	--------	d-----w-	c:\program files (x86)\AdwCleaner
2016-03-17 00:16 . 2016-03-17 00:16	--------	d-----w-	c:\windows\CheckSur
2016-03-16 23:45 . 2016-03-16 23:45	--------	d-----w-	c:\users\Alpinarium\AppData\Local\TomTom
2016-03-16 16:37 . 2016-02-09 09:55	30720	----a-w-	c:\windows\system32\seclogon.dll
2016-03-16 16:15 . 2016-02-03 18:07	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2016-03-16 16:14 . 2016-02-19 19:02	38336	----a-w-	c:\windows\system32\CompatTelRunner.exe
2016-03-16 16:14 . 2016-02-19 18:54	1168896	----a-w-	c:\windows\system32\aeinv.dll
2016-03-16 16:14 . 2016-02-19 14:07	1373184	----a-w-	c:\windows\system32\appraiser.dll
2016-03-16 16:14 . 2016-02-11 14:07	689152	----a-w-	c:\windows\system32\generaltel.dll
2016-03-16 16:14 . 2016-02-05 14:07	696832	----a-w-	c:\windows\system32\invagent.dll
2016-03-16 16:14 . 2016-02-05 14:07	499200	----a-w-	c:\windows\system32\devinv.dll
2016-03-16 16:14 . 2016-02-05 14:07	76800	----a-w-	c:\windows\system32\acmigration.dll
2016-03-16 16:14 . 2015-11-16 20:17	210432	----a-w-	c:\windows\system32\aepic.dll
2016-02-26 15:36 . 2016-02-26 15:36	--------	d-----w-	c:\users\Susanne\AppData\Local\TomTom
2016-02-26 15:36 . 2016-02-26 15:36	--------	d-----w-	c:\program files (x86)\TomTom International B.V
2016-02-26 15:36 . 2016-02-26 15:36	--------	d-----w-	c:\program files (x86)\MyDrive Connect
2016-02-24 11:40 . 2014-05-27 10:21	25800	----a-w-	c:\windows\system32\drivers\INETMON.sys
2016-02-24 11:40 . 2016-02-24 11:40	--------	d-----w-	c:\programdata\Intel
2016-02-24 11:30 . 2016-02-24 11:30	--------	d-----w-	c:\program files\Intel
2016-02-24 11:08 . 2016-03-18 16:17	--------	d-----w-	c:\users\Alpinarium\AppData\Local\CrashDumps
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-23 15:01 . 2015-02-28 10:57	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-23 15:01 . 2015-02-28 10:57	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2016-03-20 15:34 . 2015-09-26 01:12	11973	----a-w-	c:\windows\SysWow64\drivers\SECDRV.SYS
2016-03-16 16:39 . 2012-10-22 15:19	143659408	----a-w-	c:\windows\system32\MRT.exe
2016-03-11 14:19 . 2012-08-16 10:19	797376	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-11 14:19 . 2012-08-16 10:19	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\alpinarium-arlt\Spiele\SeriousSam3\Steam.exe" [2015-12-14 3013712]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-02-12 8641240]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" [2015-11-20 1958248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 oxpar;OX16PCI95x Parallel port driver;c:\windows\system32\drivers\oxpar.sys;c:\windows\SYSNATIVE\drivers\oxpar.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 adp3132;adp3132;c:\windows\system32\drivers\adp3132.sys;c:\windows\SYSNATIVE\drivers\adp3132.sys [x]
R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys;c:\windows\SYSNATIVE\drivers\ahcix64s.sys [x]
R3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdide64;amdide64;c:\windows\system32\drivers\amdide64.sys;c:\windows\SYSNATIVE\drivers\amdide64.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 cpuz134;cpuz134;c:\users\ALPINA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\ALPINA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys;c:\windows\SYSNATIVE\drivers\iaStorS.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 ISASerial;PCIe-ISA Communication Port;c:\windows\system32\drivers\ISASerial.sys;c:\windows\SYSNATIVE\drivers\ISASerial.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 905(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys;c:\windows\SYSNATIVE\drivers\MtsHID.sys [x]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\drivers\NmPar.sys;c:\windows\SYSNATIVE\drivers\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\nmserial.sys;c:\windows\SYSNATIVE\drivers\nmserial.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\drivers\NVAMACPI.sys;c:\windows\SYSNATIVE\drivers\NVAMACPI.sys [x]
R3 ocz10xx;ocz10xx;c:\windows\system32\drivers\ocz10xx.sys;c:\windows\SYSNATIVE\drivers\ocz10xx.sys [x]
R3 Oxmfuf;Filter driver for OX16PCI95x ports;c:\windows\system32\drivers\oxmfuf.sys;c:\windows\SYSNATIVE\drivers\oxmfuf.sys [x]
R3 OxPPort;OxPPort;c:\windows\system32\drivers\OxPPort.sys;c:\windows\SYSNATIVE\drivers\OxPPort.sys [x]
R3 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\oxser.sys;c:\windows\SYSNATIVE\drivers\oxser.sys [x]
R3 PciIsaSerial;PCI-ISA Communication Port;c:\windows\system32\drivers\PciIsaSerial.sys;c:\windows\SYSNATIVE\drivers\PciIsaSerial.sys [x]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys;c:\windows\SYSNATIVE\drivers\PciPPorts.sys [x]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys;c:\windows\SYSNATIVE\drivers\PciSPorts.sys [x]
R3 PPorts;PCIe ECP Parallel Port;c:\windows\system32\drivers\PPorts.sys;c:\windows\SYSNATIVE\drivers\PPorts.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 Si3124r5;Si3124r5;c:\windows\system32\drivers\Si3124r5.sys;c:\windows\SYSNATIVE\drivers\Si3124r5.sys [x]
R3 SPorts;High-Speed PCIe Serial Port;c:\windows\system32\drivers\SPorts.sys;c:\windows\SYSNATIVE\drivers\SPorts.sys [x]
R3 StnPport;PCIe to Multi Mode Parallel Port;c:\windows\system32\drivers\StnPport.sys;c:\windows\SYSNATIVE\drivers\StnPport.sys [x]
R3 StnSport;PCIe to High Speed Serial Port;c:\windows\system32\drivers\StnSport.sys;c:\windows\SYSNATIVE\drivers\StnSport.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys;c:\windows\SYSNATIVE\drivers\ViaHub3.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys;c:\windows\SYSNATIVE\drivers\xhcdrv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 epp;epp;c:\program files\EMSISOFT ANTI-MALWARE\epp.sys;c:\program files\EMSISOFT ANTI-MALWARE\epp.sys [x]
S2 a2AntiMalware;Emsisoft Protection Service;c:\program files\Emsisoft Anti-Malware\a2service.exe;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe  [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL2832U_IRHID;TERRATEC T-Stick Plus HID service;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
S3 RTL2832UBDA;TERRATEC T-Stick PLUS BDA service;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
S3 RTL2832UUSB;TERRATEC T-Stick PLUS USB service;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NVSTREAMKMS
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2016-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 14:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-12-09 2771576]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-12-09 1846016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-12-17 170256]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-06-18 5860656]
"emsisoft anti-malware"="c:\program files\emsisoft anti-malware\a2guard.exe" [2016-03-22 9251528]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\
FF - prefs.js: browser.startup.homepage - hxxp://www.ard.de/home/ard/ARD_Startseite/21920/index.html
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Tomb Raider Level Editor - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-03-23  17:03:53
ComboFix-quarantined-files.txt  2016-03-23 16:03
.
Vor Suchlauf: 10 Verzeichnis(se), 119.623.843.840 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 119.219.044.352 Bytes frei
.
- - End Of File - - BC51C0328A5393FFF3E6A6E7BA4F1BD8
         
--- --- ---

Alt 24.03.2016, 13:34   #12
M-K-D-B
/// TB-Ausbilder
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 24.03.2016, 16:03   #13
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hallo,

hier die logfiles adw-cleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.105 - Bericht erstellt am 24/03/2016 um 14:57:50
# Aktualisiert am 21/03/2016 von Xplode
# Datenbank : 2016-03-24.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Alpinarium - ALPINARIUM-ARLT
# Gestartet von : C:\Users\Susanne\Desktop\AdwCleaner_5.105.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : \rei
Ordner Gefunden : C:\Program Files\WinZip Driver Updater
Ordner Gefunden : C:\ProgramData\Reimage Protector

***** [ Dateien ] *****

Datei Gefunden : C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\11-suche.xml
Datei Gefunden : C:\Windows\Reimage.ini

***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : ReimageUpdater

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Schlüssel Gefunden : HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Software\OCS
Schlüssel Gefunden : HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Schlüssel Gefunden : HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\Software\OCS
Schlüssel Gefunden : HKU\S-1-5-21-2032422533-2031663358-3171475196-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Internetbrowser ] *****

[C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\prefs.js] [Preference] Gefunden : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");

*************************

\AdwCleaner\AdwCleaner[S1].txt - [2642 Bytes] - [24/03/2016 14:57:50]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [2713 Bytes] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.105 - Bericht erstellt am 24/03/2016 um 14:58:52
# Aktualisiert am 21/03/2016 von Xplode
# Datenbank : 2016-03-24.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Alpinarium - ALPINARIUM-ARLT
# Gestartet von : C:\Users\Susanne\Desktop\AdwCleaner_5.105.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : \rei
[-] Ordner Gelöscht : C:\Program Files\WinZip Driver Updater
[-] Ordner Gelöscht : C:\ProgramData\Reimage Protector

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\11-suche.xml
[-] Datei Gelöscht : C:\Windows\Reimage.ini

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : ReimageUpdater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2032422533-2031663358-3171475196-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Internetbrowser ] *****

[-] [C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C1].txt - [2718 Bytes] - [24/03/2016 14:58:52]
\AdwCleaner\AdwCleaner[S1].txt - [2790 Bytes] - [24/03/2016 14:57:50]

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [2860 Bytes] ##########
         
--- --- ---


logfile mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.03.2016
Suchlaufzeit: 10:32
Protokolldatei: mbam-log.txt
Administrator: Nein

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.21.02
Rootkit-Datenbank: v2016.03.12.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Susanne

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 317041
Abgelaufene Zeit: 2 Min., 44 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
logfile jrt

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Alpinarium (Administrator) on 24.03.2016 at 15:53:26,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 34 

Successfully deleted: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\extensions\mailcheck@web.de\searchplugins\mailcom-search.xml (File) 
Successfully deleted: C:\Windows\system32\Tasks\Reimage Reminder (Task)
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\235RSJYP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5180C8YF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8V9C6BOG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ODIVDU4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VGBQRXA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASKGUH7W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4CRT086 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4J19FC3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7DTYOBR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFF45QWU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VABT9QS8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alpinarium\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2S9V3JF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\235RSJYP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5180C8YF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8V9C6BOG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ODIVDU4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VGBQRXA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASKGUH7W (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4CRT086 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4J19FC3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7DTYOBR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFF45QWU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VABT9QS8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2S9V3JF (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2016 at 15:54:21,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
logfile FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Alpinarium (Administrator) auf ALPINARIUM-ARLT (24-03-2016 15:58:46)
Gestartet von C:\Users\Susanne\Documents\Downloads
Geladene Profile: Alpinarium & Susanne (Verfügbare Profile: Alpinarium & Susanne & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9251528 2016-03-22] (Emsisoft Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [Steam] => D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-01-18]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B207B76-58B7-4187-9F07-D50C4EB16159}: [DhcpNameServer] 192.168.140.254
Tcpip\..\Interfaces\{9866D234-BBBA-461A-A62C-333D91C8393D}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367
FF Homepage: hxxp://www.ard.de/home/ard/ARD_Startseite/21920/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: @Google.com/GoogleEarthPlugin -> C:\Users\Susanne\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin HKU\S-1-5-21-2032422533-2031663358-3171475196-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\englische-ergebnisse.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\gmx-suche.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\google-maps.xml [2014-10-21]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\lastminute.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\webde-suche.xml [2014-12-31]
FF SearchPlugin: C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\searchplugins\youtube.xml [2015-11-16]
FF Extension: WOT - C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-18]
FF Extension: WEB.DE MailCheck - C:\Users\Alpinarium\AppData\Roaming\Mozilla\Firefox\Profiles\7895q9ak.default-1398684933367\extensions\mailcheck@web.de [2016-03-18]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]
FF HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10978888 2016-03-22] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 adp3132; C:\Windows\system32\drivers\adp3132.sys [385072 2010-01-28] (Adaptec, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [70912 2011-11-04] (Fresco Logic)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-12-06] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [636184 2011-12-06] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ISASerial; C:\Windows\system32\drivers\ISASerial.sys [72192 2008-02-20] (Windows (R) Codename Longhorn DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-24] (Malwarebytes)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
S3 MtsHID; C:\Windows\system32\drivers\MtsHID.sys [27664 2009-07-15] (TechniSat Provide)
S3 nvamacpi; C:\Windows\system32\drivers\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-05] (OCZ Technology Group, Inc.)
S1 oxpar; C:\Windows\system32\drivers\oxpar.sys [158208 2007-01-24] (OEM)
S3 OxPPort; C:\Windows\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [72192 2008-05-22] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [95744 2008-05-22] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [126464 2008-05-22] ()
S3 PPorts; C:\Windows\system32\drivers\PPorts.sys [95744 2008-02-20] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-03-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
S3 SPorts; C:\Windows\system32\drivers\SPorts.sys [124416 2008-02-20] ()
S3 StnPport; C:\Windows\system32\drivers\StnPport.sys [97280 2009-12-17] ()
S3 StnSport; C:\Windows\system32\drivers\StnSport.sys [126464 2009-11-14] ()
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [176640 2011-05-21] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [230400 2011-05-21] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\ALPINA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 NmPar; \SystemRoot\system32\drivers\NmPar.sys [X]
S3 nmserial; \SystemRoot\system32\drivers\nmserial.sys [X]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [X]
S3 oxser; \SystemRoot\system32\drivers\oxser.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-24 15:54 - 2016-03-24 15:54 - 00006145 _____ C:\Users\Alpinarium\Desktop\JRT.txt
2016-03-24 15:52 - 2016-03-24 15:52 - 01610352 _____ (Malwarebytes) C:\Users\Susanne\Desktop\JRT.exe
2016-03-24 15:48 - 2016-03-24 15:48 - 00001217 _____ C:\mbam-log.txt
2016-03-24 15:36 - 2016-03-24 15:36 - 00002632 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-24 (15-33-38).xml
2016-03-24 15:08 - 2016-03-24 15:08 - 00002632 _____ C:\Users\Alpinarium\Desktop\mbam-log-2016-03-24 (15-05-05).xml
2016-03-24 14:57 - 2016-03-24 14:58 - 00000000 ____D C:\AdwCleaner
2016-03-24 14:56 - 2016-03-24 14:56 - 01530368 _____ C:\Users\Susanne\Desktop\AdwCleaner_5.105.exe
2016-03-24 14:50 - 2016-03-24 14:50 - 00000000 ____D C:\Users\Alpinarium\Desktop\ Malwarebytes Anti-Malware 
2016-03-23 17:04 - 2016-03-23 17:04 - 00024403 _____ C:\ComboFix.txt
2016-03-23 16:49 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-03-23 16:49 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-03-23 16:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-03-23 16:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-03-23 16:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-03-23 16:49 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-03-23 16:49 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-03-23 16:49 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-03-23 16:41 - 2016-03-23 17:04 - 00000000 ____D C:\Qoobox
2016-03-23 16:41 - 2016-03-23 17:01 - 00000000 ____D C:\Windows\erdnt
2016-03-23 16:40 - 2016-03-23 16:40 - 05658151 ____R (Swearware) C:\Users\Susanne\Desktop\ComboFix.exe
2016-03-23 15:59 - 2016-03-23 15:59 - 00000000 ____D C:\Users\Alpinarium\Desktop\mbar-1.09.3.1001(1)
2016-03-23 15:35 - 2016-03-23 15:35 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Susanne\Desktop\mbar-1.09.3.1001(1).exe
2016-03-22 21:32 - 2016-03-22 21:39 - 00000000 ____D C:\Users\Alpinarium\mbar
2016-03-22 20:22 - 2016-03-23 16:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-22 20:19 - 2016-03-23 15:51 - 00000000 ____D C:\Users\Alpinarium\Desktop\mbar
2016-03-22 11:38 - 2016-03-22 11:54 - 00230996 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_11.38.24_log.txt
2016-03-22 11:19 - 2016-03-22 11:19 - 00000988 _____ C:\Users\Susanne\Desktop\TDSS rootkit removing tool.lnk
2016-03-22 10:42 - 2016-03-22 11:08 - 00454526 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_10.42.52_log.txt
2016-03-22 10:34 - 2016-03-22 10:34 - 00000926 _____ C:\Users\Susanne\Desktop\Farbar Recovery Scan Tool.lnk
2016-03-22 10:30 - 2016-03-24 15:58 - 00000000 ____D C:\FRST
2016-03-20 17:12 - 2016-03-20 17:12 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-20 17:03 - 2016-03-20 17:03 - 00000000 ____D C:\OETemp
2016-03-20 17:02 - 2016-03-24 15:48 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-20 17:02 - 2016-03-23 17:11 - 00001013 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-03-20 17:02 - 2016-03-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-03-19 14:24 - 2016-03-19 16:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-19 12:20 - 2016-03-19 12:20 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-19 11:26 - 2016-03-19 11:28 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-18 17:18 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160318-171859.backup
2016-03-17 01:16 - 2016-03-17 01:16 - 00000000 ____D C:\Windows\CheckSur
2016-03-17 00:45 - 2016-03-17 00:45 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\TomTom
2016-03-16 17:38 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-16 17:38 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-16 17:38 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-16 17:38 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-16 17:38 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-16 17:38 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-16 17:38 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-16 17:38 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-16 17:38 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-16 17:38 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-16 17:38 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-16 17:38 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-16 17:38 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-16 17:38 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-16 17:38 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-16 17:38 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-16 17:38 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-16 17:38 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-16 17:38 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-16 17:38 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-16 17:38 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-16 17:38 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-16 17:38 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-16 17:38 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-16 17:38 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-16 17:38 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-16 17:38 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-16 17:38 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-16 17:38 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-03-16 17:38 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-03-16 17:38 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-03-16 17:38 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-16 17:38 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-03-16 17:38 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-03-16 17:38 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-03-16 17:38 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-03-16 17:38 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-03-16 17:38 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-03-16 17:38 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-03-16 17:38 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-03-16 17:38 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-03-16 17:38 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-03-16 17:38 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-16 17:38 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-16 17:38 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-16 17:38 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-16 17:38 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-16 17:38 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-16 17:37 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-16 17:37 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-16 17:37 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-16 17:37 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-16 17:37 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-16 17:37 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-03-16 17:37 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-03-16 17:15 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-16 17:14 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-16 17:14 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-16 17:14 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-16 17:14 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-16 17:14 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-16 17:14 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-03-14 18:22 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160314-182243.backup
2016-02-26 16:36 - 2016-02-26 16:36 - 00000976 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Users\Susanne\AppData\Local\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-02-26 16:36 - 2016-02-26 16:36 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-02-25 21:53 - 2016-02-25 21:53 - 13163744 _____ (Microsoft Corporation) C:\Users\Susanne\Desktop\Silverlight_x64.exe
2016-02-24 18:57 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160224-185713.backup
2016-02-24 18:49 - 2016-02-24 18:49 - 06837784 _____ (Piriform Ltd) C:\Users\Alpinarium\Downloads\ccsetup515.exe
2016-02-24 17:53 - 2016-02-24 17:53 - 00242312 _____ C:\Users\Susanne\Desktop\Firefox Setup Stub 44.0.2.exe
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2016-02-24 12:40 - 2016-02-24 12:40 - 00000000 ____D C:\ProgramData\Intel
2016-02-24 12:40 - 2014-05-27 11:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 12:30 - 2016-02-24 12:30 - 00000000 ____D C:\Program Files\Intel
2016-02-24 12:08 - 2016-03-18 17:17 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\CrashDumps

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-24 15:33 - 2015-02-28 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-24 15:19 - 2012-08-16 11:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-24 15:07 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-24 15:07 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-24 15:05 - 2010-11-21 07:50 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-03-24 15:05 - 2010-11-21 07:50 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-03-24 15:05 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-24 15:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-24 14:59 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-24 14:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-24 14:50 - 2015-02-28 11:57 - 00000808 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-24 14:50 - 2015-02-28 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-24 14:48 - 2014-10-21 11:12 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2016-03-23 18:24 - 2015-03-01 17:19 - 00000000 __SHD C:\Users\Susanne\AppData\Local\EmieBrowserModeList
2016-03-23 18:24 - 2014-09-09 17:24 - 00000000 __SHD C:\Users\Susanne\AppData\Local\EmieUserList
2016-03-23 18:24 - 2014-09-09 17:24 - 00000000 __SHD C:\Users\Susanne\AppData\Local\EmieSiteList
2016-03-23 17:04 - 2012-10-19 15:40 - 00000000 ____D C:\Users\UpdatusUser
2016-03-23 17:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-23 16:56 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-03-23 15:30 - 2013-07-10 20:38 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1155198B-AA36-4D0D-A13E-20202C4A568A}
2016-03-23 09:57 - 2014-12-31 15:49 - 00000000 __SHD C:\Users\Alpinarium\AppData\Local\EmieBrowserModeList
2016-03-23 09:57 - 2014-05-30 11:31 - 00000000 __SHD C:\Users\Alpinarium\AppData\Local\EmieUserList
2016-03-23 09:57 - 2014-05-30 11:31 - 00000000 __SHD C:\Users\Alpinarium\AppData\Local\EmieSiteList
2016-03-23 09:48 - 2014-09-26 00:15 - 00296448 ___SH C:\Users\Susanne\Desktop\Thumbs.db
2016-03-22 21:32 - 2012-10-19 15:35 - 00000000 ____D C:\Users\Alpinarium
2016-03-22 21:31 - 2016-01-04 10:25 - 00000000 ____D C:\Users\Susanne\AppData\Local\CrashDumps
2016-03-22 20:59 - 2012-10-22 15:40 - 00000000 ____D C:\Users\Susanne
2016-03-22 20:22 - 2015-02-28 11:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-20 17:04 - 2013-02-10 12:14 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Avira
2016-03-20 17:04 - 2013-02-01 17:30 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Avira
2016-03-20 17:04 - 2012-10-22 14:45 - 00000000 ____D C:\ProgramData\Avira
2016-03-20 17:03 - 2014-07-30 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-20 16:34 - 2015-09-26 02:12 - 00011973 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2016-03-20 16:34 - 2012-10-21 16:14 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-19 16:15 - 2012-10-22 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 15:26 - 2014-05-30 11:51 - 00000000 ____D C:\ProgramData\WinZip
2016-03-19 11:21 - 2014-02-12 23:58 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\vlc
2016-03-19 10:41 - 2012-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-03-19 10:40 - 2012-10-22 15:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-17 00:40 - 2012-10-25 17:27 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\ElevatedDiagnostics
2016-03-16 17:50 - 2009-07-14 05:45 - 00291472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-16 17:49 - 2015-04-04 17:36 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-16 17:49 - 2014-12-15 16:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-16 17:49 - 2014-05-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-16 17:49 - 2010-11-21 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-16 17:44 - 2012-08-16 11:23 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-16 17:42 - 2013-08-15 08:55 - 00000000 ____D C:\Windows\system32\MRT
2016-03-16 17:39 - 2012-10-22 16:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-15 22:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-03-14 17:20 - 2013-06-01 15:29 - 00000000 ____D C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reality Pump
2016-03-14 17:19 - 2012-10-26 16:12 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-03-11 15:19 - 2012-08-16 11:19 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 15:19 - 2012-08-16 11:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 15:19 - 2012-08-16 11:19 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-10 14:09 - 2015-02-28 11:57 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2015-02-28 11:57 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-10 14:08 - 2015-02-28 11:57 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-08 11:16 - 2016-01-16 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-06 10:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-25 21:55 - 2012-10-24 06:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-25 21:55 - 2012-08-16 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-25 21:54 - 2013-03-13 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-25 16:08 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-24 18:51 - 2015-07-14 23:46 - 00000000 ____D C:\Windows\Minidump
2016-02-24 18:50 - 2014-01-26 20:14 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-24 17:56 - 2014-10-19 05:35 - 00000000 ____D C:\Users\Alpinarium\AppData\Local\Adobe
2016-02-24 17:56 - 2012-10-23 14:51 - 00000000 ____D C:\Users\Susanne\AppData\Local\Adobe
2016-02-24 17:54 - 2012-10-22 14:27 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-24 17:54 - 2012-10-22 14:27 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-24 17:34 - 2012-10-26 16:12 - 00000000 ____D C:\Users\Susanne\AppData\Roaming\Winamp
2016-02-24 17:06 - 2012-10-19 15:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-24 11:49 - 2012-10-19 15:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-24 11:48 - 2012-10-23 22:31 - 00000000 ____D C:\TEMP
2016-02-24 11:48 - 2012-10-19 15:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

Einige Dateien in TEMP:
====================
C:\Users\Susanne\AppData\Local\temp\Foxit Reader Updater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-15 21:58

==================== Ende von FRST.txt ============================
         

add-logfile

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Alpinarium (2016-03-24 15:58:59)
Gestartet von C:\Users\Susanne\Documents\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-19 14:35:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2032422533-2031663358-3171475196-500 - Administrator - Disabled)
Alpinarium (S-1-5-21-2032422533-2031663358-3171475196-1000 - Administrator - Enabled) => C:\Users\Alpinarium
Gast (S-1-5-21-2032422533-2031663358-3171475196-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2032422533-2031663358-3171475196-1003 - Limited - Enabled)
Susanne (S-1-5-21-2032422533-2031663358-3171475196-1004 - Limited - Enabled) => C:\Users\Susanne

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
NO ONE LIVES FOREVER - GAME OF THE YEAR EDITION (HKLM-x32\...\{EE3E60BC-F29F-4E7B-A110-B538387D34DA}) (Version:  - )
No One Lives Forever 2  (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version:  - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.0 - Activision, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tomb Raider Level Editor (HKLM-x32\...\Tomb Raider Level Editor) (Version:  - )
TP-LINK-Clientinstallationsprogramm (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1091ACE5-1E29-48BB-91A9-5C7819D4AEEB} - System32\Tasks\{39E9EFA1-B82C-44A6-BB2D-EB9B5A8767B7} => D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe [2015-12-14] (Valve Corporation)
Task: {14224729-2BCD-40D0-9E5B-AB557ABE938D} - \Reimage Reminder -> Keine Datei <==== ACHTUNG
Task: {142682D6-9414-4BFB-8D57-8413855719EC} - System32\Tasks\{7289A42A-6CB3-4C32-BAC8-CF8D3AD26520} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {1DB26A9A-67E9-438D-A0FD-C54A0A81174A} - System32\Tasks\{170CEE81-B621-49B8-A14A-A2F73DCE1F7A} => C:\Users\Susanne\Desktop\FarCryAutoCD.exe
Task: {26907555-0E88-4AE0-8141-D3C6FAB2FDFF} - System32\Tasks\{D1272826-7480-4CF7-8D14-333200118DDE} => D:\ALPINARIUM-ARLT\Spiele\NFS most wanted\speed.exe [2005-11-01] ()
Task: {67EFE98D-C167-4F0B-94F1-45D193C9BDCA} - System32\Tasks\{02A99633-0D3A-4852-A40D-63E9C6583CC8} => pcalua.exe -a E:\Setup\rsrc\Autorun.exe -d E:\
Task: {7001F6BF-2B45-421A-BD59-CB0BB8C854A7} - System32\Tasks\{64E49214-55E7-4496-A501-CD78C96F6056} => D:\ALPINARIUM-ARLT\Spiele\NFS most wanted\speed.exe [2005-11-01] ()
Task: {8B176521-3E04-4C5E-B59A-272212BA56F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {969BC2CB-A2CA-4932-B203-706342FC092C} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-19] (CHIP)
Task: {9E5E04CC-D661-4242-8E3A-68C7A1965641} - System32\Tasks\{A3FBC2DD-DC61-47AD-85B4-7A14FDA35A18} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/eula
Task: {A063BDEC-EE10-479D-AE4C-7EDD84D547DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {AB1D8429-C75A-4308-B6E4-B6F71F5485A4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {C7CC2143-DDDA-419C-ACAF-6B2AD3391773} - System32\Tasks\{2B1071ED-B0A5-4BB8-96DE-9CBE5F089D0C} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {DED471E1-FA78-4909-AE84-49673A1A5F56} - System32\Tasks\{D9481452-34F3-49EC-9BF6-ACC5E36BC6C0} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {FCC00E0F-C23F-472E-8282-85BEB834A693} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2016-01-03 22:43 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-12 22:13 - 2016-02-12 22:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7772 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\...\123simsen.com -> www.123simsen.com

Da befinden sich 7774 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-03-23 16:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2032422533-2031663358-3171475196-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alpinarium\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2032422533-2031663358-3171475196-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{58B51081-810F-42A5-8478-FE3DCB20071D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{608194F5-BEA9-4CC9-9109-2C37639893FE}] => (Allow) LPort=2869
FirewallRules: [{46D1F610-DE9B-4AEE-85B0-6EB4A9585715}] => (Allow) LPort=1900
FirewallRules: [{F195C26F-D7E3-4429-BFAA-FC2AE6129557}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{35BAD2D7-CABB-4938-9C57-0BA0C2271211}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{28CA718D-8E61-4A2D-B966-E6991F8F1A90}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{8E83A78A-F844-4F5E-B03F-79A980A7E562}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{816AC484-E4CD-49A6-B6A7-ABFA22BDF458}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{68741D5F-3111-474A-AF61-7FBE5314FD22}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A8FE5BC5-E6B2-4D17-A0CD-388C6C0C5A34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F522A485-295E-418D-96D1-09842F761D38}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{1F6A95F8-CEDB-4EE5-A32D-5921F12A6811}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{6C6BFA2C-0545-4C40-85E6-2108BF6C3966}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{A8A2F0FF-A645-4030-957F-B34ED3BB6D4C}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{56892508-A78E-4BA4-8609-75B6C9229105}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{CF8FF30F-B7EB-42B6-A167-C1E54B8ED986}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{49216771-5B47-4745-874D-EB5643043A5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{DFB02E41-0796-44BE-83D0-4CE7198895C4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [TCP Query User{CD999D0B-BEDF-4B04-8F05-D4C2713298B7}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [UDP Query User{37AAE9ED-1ACE-436A-831A-F70EE97E21B3}D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry\bin32\farcry.exe
FirewallRules: [{F0BA29C8-5C54-4208-AC37-EC6E351889CA}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{0795D547-9087-431B-96C4-89A2FE677366}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3.exe
FirewallRules: [{DAF4490C-85A9-4FE4-B380-F91C318E88D5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{5BD5CDBD-1A78-4362-A502-91478E6F3364}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{69D71781-C870-4ABD-8F78-E0D66841CF41}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{FE6EDE5A-07D9-4897-9E60-8398BAE7E59F}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Updater.exe
FirewallRules: [{A8501114-5F8F-4A31-A315-F0F5D021816A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [{E44E7BC7-19CD-493C-A45E-AB7D5DB5C267}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{944593AE-DDA3-48FC-B19F-F21C863AD66D}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{C22E7235-F2A8-4446-AE6A-69664FB34BEC}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3_d3d11.exe
FirewallRules: [{E0ACFF8E-3807-4603-B431-F0676F031C38}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{26F22430-567A-40B6-B8BE-FC94D803E649}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\Steam.exe
FirewallRules: [{14DCFA97-9CC1-4EDC-8191-0D3A38AD0454}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{242EE8F8-C57C-44E5-BC37-8B3955955B6B}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{460ADF36-015E-4E1F-9977-80979B6709C5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{9EBFC355-22C6-47D6-BB83-9B369DA4BAF5}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{498196B2-050B-4E05-9023-36846EB49133}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{55364784-1F66-4CFB-8DF6-BB937B2508AE}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [TCP Query User{056C0052-1E94-428B-A3C5-437F7DD088FA}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [UDP Query User{E4A32A99-E2C0-4D84-AF37-6AB2A7F7E554}D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe] => (Block) D:\alpinarium-arlt\spiele\farcry3\bin\farcry3.exe
FirewallRules: [{7A8CF39C-48B3-4065-9290-32C157AC07C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{862E5F60-3541-4026-BC97-D8D055087DA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9BB3BD07-86F1-40A3-930B-DC41D27A0D8B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D8293F-1D88-4912-835A-EAC64A160131}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{96AD2AD4-BA69-41A4-AF6E-EE0335D1E429}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{C85F7BB9-C675-4ECA-9485-B14BFFB3AA75}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\FarCry4.exe
FirewallRules: [{D20EDD41-6900-4238-AD0F-75F0FBC7632A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{FB84A06F-A7F5-4FFE-8371-7EB48B685F07}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\Farcry4\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{6AA585FB-57C5-44EC-9FA9-21A83115CF26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78DFDE3A-49D9-47E3-9215-1110941C9A7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{606BE1C0-1AC0-44B8-A0DE-6C578ED0E61A}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{C88CB9B3-B684-4E5B-A016-855487C8C8A0}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\bin\steamwebhelper.exe
FirewallRules: [{05D816AE-B392-4C03-A564-972A4E49DF86}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{27D50474-46F1-48AC-9A20-0690F2260658}] => (Allow) D:\ALPINARIUM-ARLT\Spiele\SeriousSam3\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{94AA88EB-74B8-41F6-B541-338EA210888D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FD2B031-67ED-4618-A311-22D499A81796}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7EFD8D3C-4B6E-4E55-A5CE-19D065BAAAF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B330EDB8-868A-4BF5-A4DD-07A482D3F1E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F967479-3E85-4BC8-8F2D-B87E3BAFF0F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{77E2CB8C-4E11-4FF6-AD0B-8993ECFD24AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18ECBB98-2DDB-4B08-B108-58EA82A1D97D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD67ED98-6957-4F16-A290-50DD104ACACF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{62E51D65-3CF6-435F-B525-31F01B19D021}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{030748BB-D626-4F06-86C9-22C8260D347E}D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe] => (Allow) D:\alpinarium-arlt\spiele\farcry4\farcry 4\bin\farcry4.exe

==================== Wiederherstellungspunkte =========================

18-03-2016 16:19:49 Windows Update
18-03-2016 16:36:14 Windows Update
18-03-2016 16:40:28 Windows Update
18-03-2016 17:02:08 Windows Update
19-03-2016 00:53:50 Windows Update
19-03-2016 10:34:27 WinZip 18.5 wird entfernt
20-03-2016 01:37:11 Windows Update
20-03-2016 02:12:59 Windows Update
20-03-2016 16:37:04 Konfiguriert Far Cry
20-03-2016 16:38:59 Konfiguriert Far Cry
21-03-2016 10:32:43 Windows-Sicherung
22-03-2016 21:28:07 Windows Update
23-03-2016 01:24:28 Windows Update
24-03-2016 15:53:30 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/24/2016 03:01:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/24/2016 02:50:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 3.1.7.0, Zeitstempel: 0x56aac2ef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1030
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3

Error: (03/24/2016 02:48:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CHIPUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at UpdateYeti.UpdateYetiApiCall.AttachSoftwareDataToCall(System.Collections.Generic.List`1<UpdateYeti.Model.Software.AppInfo>)
   at UpdateYeti.Model.MainModel.<MainModel_FindSoftwareFinished>b__2a(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/23/2016 05:17:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/23/2016 04:49:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/23/2016 09:58:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/23/2016 09:58:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/23/2016 09:49:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2016 09:42:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/22/2016 09:42:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (03/24/2016 03:53:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2016 03:01:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/24/2016 03:00:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/24/2016 03:00:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/24/2016 03:00:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/24/2016 03:00:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/24/2016 03:00:18 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/24/2016 03:00:18 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/24/2016 03:00:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/24/2016 03:00:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535


CodeIntegrity:
===================================
  Date: 2016-03-23 16:53:22.821
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-03-23 16:53:22.759
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.455
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.445
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.395
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-08-24 11:05:31.385
  Description: Die Integrität der Datei "\Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16334.91 MB
Verfügbarer physikalischer RAM: 13454.1 MB
Summe virtueller Speicher: 32668.03 MB
Verfügbarer virtueller Speicher: 29761.17 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:113.07 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1234.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 9B915867)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9B91585F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Danke
Alpinarium

Alt 24.03.2016, 22:22   #14
M-K-D-B
/// TB-Ausbilder
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Servus,


wir spüren noch evtl. Reste auf:






Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *Reimage*
    *WinZip Driver Updater*
    
    :folderfind
    *Reimage*
    *WinZip Driver Updater*
    
    :regfind
    Reimage
    WinZip Driver Updater
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.


Alt 25.03.2016, 01:53   #15
Alpinarium
 
Trojaner - - Probleme - Standard

Trojaner - - Probleme



Hallo,

ich kann das genannte tool zwar auf desktop downloaden, jedesmal, wenn ich dann 'look' drücke erscheint der Hinweis: - script required - und dann tut sich nichts mehr.

Gruss
A.

Hallo,

habe jetzt den o.g. Text kopiert und eingefügt mit folgendem Ergebnis:

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 01:50 on 25/03/2016 by Alpinarium
Administrator - Elevation successful

========== filefind ==========

Searching for "*Reimage*"
C:\AdwCleaner\FileQuarantine\C\Windows\Reimage.ini.vir	--a---- 150 bytes	[10:38 21/10/2014]	[15:16 20/03/2016] C93DD6651E3AFA18E09BD53854C12F4B
C:\AdwCleaner\FileQuarantine\rei\reimage.qsr.vir	--a---- 2084 bytes	[10:46 19/03/2016]	[15:45 20/03/2016] F8E7E53AB7BBBC59FFBCACB3EE99C2DB
C:\Users\Susanne\Documents\Downloads\ReimageRepair.exe	--a---- 772016 bytes	[10:42 19/03/2016]	[10:42 19/03/2016] 72CB31555DA5996B6DC008F2F6BCBBFF

Searching for "*WinZip Driver Updater*"
No files found.

========== folderfind ==========

Searching for "*Reimage*"
C:\AdwCleaner\FileQuarantine\C\ProgramData\Reimage Protector	d------	[13:58 24/03/2016]

Searching for "*WinZip Driver Updater*"
No folders found.

========== regfind ==========

Searching for "Reimage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"Name"="Reimage.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14224729-2BCD-40D0-9E5B-AB557ABE938D}]
"Path"="\Reimage Reminder"

Searching for "WinZip Driver Updater"
No data found.

-= EOF =-
         
Danke
Alpinariium

Antwort

Themen zu Trojaner - - Probleme
access, anti-malware, appdata, backup, code, dokument, einstellungen, erhalte, gen, google, inbox, lieferschein, message, problem, probleme, quarantäne, roaming, rootkits, scanne, scannen, speicher, thunderbird, trojaner, update, version




Ähnliche Themen: Trojaner - - Probleme


  1. Probleme PC Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.11.2014 (1)
  2. Windows 7: Verdacht auf Trojaner (Probleme über Probleme)
    Log-Analyse und Auswertung - 18.03.2014 (10)
  3. Probleme mit dem 50€ Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.02.2012 (1)
  4. Probleme mit Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.09.2010 (28)
  5. Probleme mit dem Pc - Trojaner?
    Log-Analyse und Auswertung - 04.05.2010 (2)
  6. System Probleme nach Trojaner/ Trojaner wirklich besiegt?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2009 (3)
  7. Probleme mit trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.07.2009 (4)
  8. Probleme mit Trojaner
    Log-Analyse und Auswertung - 01.05.2009 (23)
  9. Trojaner probleme!
    Mülltonne - 18.12.2008 (0)
  10. Probleme mit Trojaner TR/BHO.Gen
    Plagegeister aller Art und deren Bekämpfung - 25.11.2008 (18)
  11. Probleme mit IE bzw. mit Trojaner
    Log-Analyse und Auswertung - 16.02.2007 (8)
  12. Probleme mit trojaner !!
    Log-Analyse und Auswertung - 25.12.2006 (3)
  13. trojaner probleme
    Log-Analyse und Auswertung - 17.09.2006 (1)
  14. Probleme mit Trojaner etc.
    Log-Analyse und Auswertung - 30.05.2006 (16)
  15. Probleme mit Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.08.2005 (8)
  16. Probleme mit Trojaner
    Log-Analyse und Auswertung - 19.05.2005 (1)
  17. Probleme mit Trojaner
    Log-Analyse und Auswertung - 12.12.2004 (17)

Zum Thema Trojaner - - Probleme - Hallo, habe soeben mit Emsisoft gescannt und folgende Probleme festgestellt - zudem lassen sich Win7 updates seit ca. 2 wochen nicht mehr installieren hier das logfile zu emsisoft-scan Code: Alles - Trojaner - - Probleme...
Archiv
Du betrachtest: Trojaner - - Probleme auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.