| |
| |||||||
Log-Analyse und Auswertung: Win 7 Laptop, infiziert, gehackt, verlangsamtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.04.2016, 04:47
| #1 |
| |  Win 7 Laptop, infiziert, gehackt, verlangsamt Hallo liebes Trojaner-board! In meinem aller ersten Post suche ich direkt eure Hilfe auf Folgendes Problem: 1)bei meinem Laptop ist Win 7 stark verlangsamt, 2) Die CPU Auslastung ist viel höher, sodass Surfen mit Firefox in mehreren Tabs oder streamen nicht mehr möglich ist. 4) Buttons wie z.B. Suchfunktionen oder Downloads oder die Texteditorfunktionen hier lassen sich nicht mehr in Firefox starten, sodass ich jetzt über den Internetexplorer schreiben muss 3) Ich kann keine Dokumente mehr drucken 5) Irgendwie hat sich mein Biospasswort geändert, obwohl ich es genauso eintippe wie ich es mir aufgeschrieben habe  6) Kaspersky Internet Security findet nichts Und alles trotz aktualisierter Treiber und Systemprogramme Danke schon mal im Voraus und hier sind meine logs, denn ich hoffe es ist noch zu retten, bevor ich ihn platt machen muss bzw. selbst wenn ,wie komme ich jetzt an den Bios dran? Code:
ATTFilter 04:23:24.0576 0x42c4 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
04:23:31.0425 0x42c4 ============================================================
04:23:31.0425 0x42c4 Current date / time: 2016/04/19 04:23:31.0425
04:23:31.0425 0x42c4 SystemInfo:
04:23:31.0425 0x42c4
04:23:31.0425 0x42c4 OS Version: 6.1.7601 ServicePack: 1.0
04:23:31.0425 0x42c4 Product type: Workstation
04:23:31.0425 0x42c4 ComputerName: SEBBO
04:23:31.0425 0x42c4 UserName: LaptopSeb
04:23:31.0425 0x42c4 Windows directory: C:\Windows
04:23:31.0425 0x42c4 System windows directory: C:\Windows
04:23:31.0425 0x42c4 Processor architecture: Intel x86
04:23:31.0425 0x42c4 Number of processors: 2
04:23:31.0425 0x42c4 Page size: 0x1000
04:23:31.0425 0x42c4 Boot type: Normal boot
04:23:31.0425 0x42c4 ============================================================
04:23:34.0997 0x42c4 KLMD registered as C:\Windows\system32\drivers\55020932.sys
04:23:35.0621 0x42c4 System UUID: {93B157FC-376E-D061-5E32-FF35090935AA}
04:23:37.0041 0x42c4 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:23:37.0041 0x42c4 ============================================================
04:23:37.0041 0x42c4 \Device\Harddisk0\DR0:
04:23:37.0041 0x42c4 MBR partitions:
04:23:37.0041 0x42c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
04:23:37.0041 0x42c4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9CFB000
04:23:37.0041 0x42c4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9D2D800, BlocksNum 0x13497800
04:23:37.0041 0x42c4 ============================================================
04:23:37.0056 0x42c4 C: <-> \Device\Harddisk0\DR0\Partition2
04:23:37.0103 0x42c4 D: <-> \Device\Harddisk0\DR0\Partition3
04:23:37.0103 0x42c4 ============================================================
04:23:37.0103 0x42c4 Initialize success
04:23:37.0103 0x42c4 ============================================================
04:29:09.0317 0x3824 ============================================================
04:29:09.0317 0x3824 Scan started
04:29:09.0317 0x3824 Mode: Manual; SigCheck; TDLFS;
04:29:09.0317 0x3824 ============================================================
04:29:09.0317 0x3824 KSN ping started
04:29:12.0047 0x3824 KSN ping finished: true
04:29:13.0950 0x3824 ================ Scan system memory ========================
04:29:13.0950 0x3824 System memory - ok
04:29:13.0950 0x3824 ================ Scan services =============================
04:29:14.0153 0x3824 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
04:29:14.0262 0x3824 1394ohci - ok
04:29:14.0324 0x3824 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
04:29:14.0355 0x3824 ACPI - ok
04:29:14.0387 0x3824 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
04:29:14.0465 0x3824 AcpiPmi - ok
04:29:14.0605 0x3824 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
04:29:14.0621 0x3824 AdobeARMservice - ok
04:29:14.0699 0x3824 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:29:14.0730 0x3824 AdobeFlashPlayerUpdateSvc - ok
04:29:14.0761 0x3824 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
04:29:14.0808 0x3824 adp94xx - ok
04:29:14.0839 0x3824 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
04:29:14.0870 0x3824 adpahci - ok
04:29:14.0901 0x3824 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
04:29:14.0917 0x3824 adpu320 - ok
04:29:15.0057 0x3824 [ 91C596BE98F65830352B466C19705533, 4FB4614839E405F127B7E9B801CF9E6166EBCBAB62506F2153CEAFB07CA6BB8D ] AdvancedSystemCareService9 C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
04:29:15.0089 0x3824 AdvancedSystemCareService9 - ok
04:29:15.0135 0x3824 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
04:29:15.0182 0x3824 AeLookupSvc - ok
04:29:15.0229 0x3824 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
04:29:15.0307 0x3824 AFD - ok
04:29:15.0338 0x3824 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
04:29:15.0354 0x3824 agp440 - ok
04:29:15.0385 0x3824 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
04:29:15.0401 0x3824 aic78xx - ok
04:29:15.0432 0x3824 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
04:29:15.0463 0x3824 ALG - ok
04:29:15.0494 0x3824 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
04:29:15.0510 0x3824 aliide - ok
04:29:15.0525 0x3824 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
04:29:15.0541 0x3824 amdagp - ok
04:29:15.0557 0x3824 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
04:29:15.0572 0x3824 amdide - ok
04:29:15.0603 0x3824 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
04:29:15.0635 0x3824 AmdK8 - ok
04:29:15.0650 0x3824 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
04:29:15.0681 0x3824 AmdPPM - ok
04:29:15.0713 0x3824 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
04:29:15.0728 0x3824 amdsata - ok
04:29:15.0759 0x3824 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
04:29:15.0775 0x3824 amdsbs - ok
04:29:15.0806 0x3824 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
04:29:15.0822 0x3824 amdxata - ok
04:29:15.0853 0x3824 [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID C:\Windows\system32\drivers\appid.sys
04:29:15.0900 0x3824 AppID - ok
04:29:15.0931 0x3824 [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc C:\Windows\System32\appidsvc.dll
04:29:15.0947 0x3824 AppIDSvc - ok
04:29:15.0993 0x3824 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
04:29:16.0025 0x3824 Appinfo - ok
04:29:16.0087 0x3824 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
04:29:16.0134 0x3824 AppMgmt - ok
04:29:16.0165 0x3824 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
04:29:16.0181 0x3824 arc - ok
04:29:16.0196 0x3824 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
04:29:16.0227 0x3824 arcsas - ok
04:29:16.0352 0x3824 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
04:29:16.0368 0x3824 aspnet_state - ok
04:29:16.0415 0x3824 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
04:29:16.0508 0x3824 AsyncMac - ok
04:29:16.0539 0x3824 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
04:29:16.0555 0x3824 atapi - ok
04:29:16.0617 0x3824 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:29:16.0680 0x3824 AudioEndpointBuilder - ok
04:29:16.0727 0x3824 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
04:29:16.0758 0x3824 Audiosrv - ok
04:29:16.0820 0x3824 [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
04:29:16.0851 0x3824 AVP15.0.2 - ok
04:29:16.0898 0x3824 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
04:29:16.0976 0x3824 AxInstSV - ok
04:29:17.0023 0x3824 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
04:29:17.0085 0x3824 b06bdrv - ok
04:29:17.0101 0x3824 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
04:29:17.0148 0x3824 b57nd60x - ok
04:29:17.0179 0x3824 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
04:29:17.0241 0x3824 BDESVC - ok
04:29:17.0257 0x3824 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
04:29:17.0288 0x3824 Beep - ok
04:29:17.0335 0x3824 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
04:29:17.0397 0x3824 BFE - ok
04:29:17.0460 0x3824 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
04:29:17.0538 0x3824 BITS - ok
04:29:17.0569 0x3824 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
04:29:17.0585 0x3824 blbdrive - ok
04:29:17.0616 0x3824 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
04:29:17.0647 0x3824 bowser - ok
04:29:17.0678 0x3824 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
04:29:17.0709 0x3824 BrFiltLo - ok
04:29:17.0741 0x3824 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
04:29:17.0756 0x3824 BrFiltUp - ok
04:29:17.0819 0x3824 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
04:29:17.0897 0x3824 Browser - ok
04:29:17.0943 0x3824 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
04:29:17.0990 0x3824 Brserid - ok
04:29:18.0037 0x3824 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
04:29:18.0053 0x3824 BrSerWdm - ok
04:29:18.0068 0x3824 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
04:29:18.0099 0x3824 BrUsbMdm - ok
04:29:18.0131 0x3824 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
04:29:18.0193 0x3824 BrUsbSer - ok
04:29:18.0271 0x3824 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
04:29:18.0302 0x3824 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
04:29:20.0985 0x3824 Detect skipped due to KSN trusted
04:29:20.0985 0x3824 BrYNSvc - ok
04:29:21.0048 0x3824 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
04:29:21.0079 0x3824 BTHMODEM - ok
04:29:21.0141 0x3824 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
04:29:21.0219 0x3824 BTHPORT - ok
04:29:21.0251 0x3824 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
04:29:21.0297 0x3824 bthserv - ok
04:29:21.0360 0x3824 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
04:29:21.0391 0x3824 BTHUSB - ok
04:29:21.0407 0x3824 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
04:29:21.0453 0x3824 cdfs - ok
04:29:21.0485 0x3824 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
04:29:21.0516 0x3824 cdrom - ok
04:29:21.0547 0x3824 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
04:29:21.0578 0x3824 CertPropSvc - ok
04:29:21.0609 0x3824 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
04:29:21.0641 0x3824 circlass - ok
04:29:21.0687 0x3824 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
04:29:21.0719 0x3824 CLFS - ok
04:29:21.0765 0x3824 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:29:21.0797 0x3824 clr_optimization_v2.0.50727_32 - ok
04:29:21.0843 0x3824 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:29:21.0875 0x3824 clr_optimization_v4.0.30319_32 - ok
04:29:21.0921 0x3824 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
04:29:21.0953 0x3824 CmBatt - ok
04:29:21.0984 0x3824 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
04:29:21.0999 0x3824 cmdide - ok
04:29:22.0109 0x3824 [ 7B02F50D5BCA75B85C0A83B8E229BD18, CCE92E22C21068DD8A0CB7A69DDD8847564813C393518DB5F5485243F9BB9B5C ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
04:29:22.0124 0x3824 cm_km_w - ok
04:29:22.0171 0x3824 [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG C:\Windows\system32\Drivers\cng.sys
04:29:22.0218 0x3824 CNG - ok
04:29:22.0233 0x3824 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
04:29:22.0249 0x3824 Compbatt - ok
04:29:22.0265 0x3824 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
04:29:22.0296 0x3824 CompositeBus - ok
04:29:22.0311 0x3824 COMSysApp - ok
04:29:22.0327 0x3824 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
04:29:22.0358 0x3824 crcdisk - ok
04:29:22.0405 0x3824 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
04:29:22.0452 0x3824 CryptSvc - ok
04:29:22.0499 0x3824 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
04:29:22.0545 0x3824 CSC - ok
04:29:22.0592 0x3824 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
04:29:22.0639 0x3824 CscService - ok
04:29:22.0701 0x3824 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
04:29:22.0764 0x3824 DcomLaunch - ok
04:29:22.0811 0x3824 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
04:29:22.0904 0x3824 defragsvc - ok
04:29:22.0920 0x3824 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
04:29:22.0967 0x3824 DfsC - ok
04:29:23.0013 0x3824 [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
04:29:23.0029 0x3824 dg_ssudbus - ok
04:29:23.0076 0x3824 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
04:29:23.0154 0x3824 Dhcp - ok
04:29:23.0247 0x3824 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
04:29:23.0388 0x3824 DiagTrack - ok
04:29:23.0528 0x3824 [ 74F7E518FB12C2D10C9BCF9C8E72B885, 2123A5F4B739B9EE536D26C4FB2AC6448664848FAC4B58260CD2285BE28D16D5 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
04:29:23.0591 0x3824 Disc Soft Lite Bus Service - ok
04:29:23.0622 0x3824 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
04:29:23.0669 0x3824 discache - ok
04:29:23.0684 0x3824 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
04:29:23.0715 0x3824 Disk - ok
04:29:23.0747 0x3824 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
04:29:23.0778 0x3824 dmvsc - ok
04:29:23.0825 0x3824 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
04:29:23.0871 0x3824 Dnscache - ok
04:29:23.0918 0x3824 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
04:29:23.0965 0x3824 dot3svc - ok
04:29:23.0996 0x3824 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
04:29:24.0043 0x3824 DPS - ok
04:29:24.0074 0x3824 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
04:29:24.0105 0x3824 drmkaud - ok
04:29:24.0168 0x3824 [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
04:29:24.0183 0x3824 dtlitescsibus - ok
04:29:24.0230 0x3824 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
04:29:24.0293 0x3824 DXGKrnl - ok
04:29:24.0308 0x3824 [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
04:29:24.0324 0x3824 E1G60 - ok
04:29:24.0355 0x3824 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
04:29:24.0402 0x3824 EapHost - ok
04:29:24.0558 0x3824 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
04:29:24.0729 0x3824 ebdrv - ok
04:29:24.0761 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] EFS C:\Windows\System32\lsass.exe
04:29:24.0807 0x3824 EFS - ok
04:29:24.0885 0x3824 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
04:29:24.0963 0x3824 ehRecvr - ok
04:29:24.0979 0x3824 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
04:29:25.0010 0x3824 ehSched - ok
04:29:25.0073 0x3824 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
04:29:25.0104 0x3824 elxstor - ok
04:29:25.0135 0x3824 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
04:29:25.0151 0x3824 ErrDev - ok
04:29:25.0229 0x3824 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
04:29:25.0275 0x3824 EventSystem - ok
04:29:25.0322 0x3824 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
04:29:25.0353 0x3824 exfat - ok
04:29:25.0369 0x3824 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
04:29:25.0431 0x3824 fastfat - ok
04:29:25.0463 0x3824 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
04:29:25.0587 0x3824 Fax - ok
04:29:25.0619 0x3824 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
04:29:25.0634 0x3824 fdc - ok
04:29:25.0650 0x3824 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
04:29:25.0697 0x3824 fdPHost - ok
04:29:25.0728 0x3824 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
04:29:25.0775 0x3824 FDResPub - ok
04:29:25.0806 0x3824 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
04:29:25.0821 0x3824 FileInfo - ok
04:29:25.0868 0x3824 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
04:29:25.0915 0x3824 Filetrace - ok
04:29:25.0931 0x3824 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
04:29:25.0977 0x3824 flpydisk - ok
04:29:25.0993 0x3824 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
04:29:26.0024 0x3824 FltMgr - ok
04:29:26.0087 0x3824 [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache C:\Windows\system32\FntCache.dll
04:29:26.0196 0x3824 FontCache - ok
04:29:26.0258 0x3824 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
04:29:26.0274 0x3824 FontCache3.0.0.0 - ok
04:29:26.0289 0x3824 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
04:29:26.0305 0x3824 FsDepends - ok
04:29:26.0336 0x3824 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
04:29:26.0352 0x3824 Fs_Rec - ok
04:29:26.0383 0x3824 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
04:29:26.0399 0x3824 fvevol - ok
04:29:26.0430 0x3824 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
04:29:26.0445 0x3824 gagp30kx - ok
04:29:26.0508 0x3824 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
04:29:26.0570 0x3824 gpsvc - ok
04:29:26.0601 0x3824 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
04:29:26.0648 0x3824 hcw85cir - ok
04:29:26.0695 0x3824 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:29:26.0726 0x3824 HdAudAddService - ok
04:29:26.0757 0x3824 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
04:29:26.0789 0x3824 HDAudBus - ok
04:29:26.0804 0x3824 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
04:29:26.0835 0x3824 HidBatt - ok
04:29:26.0867 0x3824 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
04:29:26.0898 0x3824 HidBth - ok
04:29:26.0898 0x3824 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
04:29:26.0929 0x3824 HidIr - ok
04:29:26.0945 0x3824 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
04:29:26.0991 0x3824 hidserv - ok
04:29:27.0023 0x3824 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
04:29:27.0069 0x3824 HidUsb - ok
04:29:27.0101 0x3824 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
04:29:27.0132 0x3824 hkmsvc - ok
04:29:27.0163 0x3824 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:29:27.0210 0x3824 HomeGroupListener - ok
04:29:27.0257 0x3824 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:29:27.0303 0x3824 HomeGroupProvider - ok
04:29:27.0335 0x3824 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
04:29:27.0350 0x3824 HpSAMD - ok
04:29:27.0397 0x3824 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
04:29:27.0444 0x3824 HTTP - ok
04:29:27.0506 0x3824 [ 4004657E385E6C714825EB9031ED2062, 6AB3F3AE72B5939E5D551FBBAE1CDDA54CD63631685E311706FD2389B4F2BE56 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO32.SYS
04:29:27.0522 0x3824 HWiNFO32 - ok
04:29:27.0537 0x3824 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
04:29:27.0553 0x3824 hwpolicy - ok
04:29:27.0584 0x3824 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
04:29:27.0600 0x3824 i8042prt - ok
04:29:27.0662 0x3824 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
04:29:27.0678 0x3824 iaStorV - ok
04:29:27.0771 0x3824 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:29:27.0834 0x3824 idsvc - ok
04:29:27.0849 0x3824 IEEtwCollectorService - ok
04:29:28.0083 0x3824 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
04:29:28.0395 0x3824 igfx - ok
04:29:28.0458 0x3824 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
04:29:28.0473 0x3824 iirsp - ok
04:29:28.0567 0x3824 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
04:29:28.0661 0x3824 IKEEXT - ok
04:29:28.0707 0x3824 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
04:29:28.0707 0x3824 intelide - ok
04:29:28.0754 0x3824 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
04:29:28.0801 0x3824 intelppm - ok
04:29:28.0817 0x3824 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
04:29:28.0848 0x3824 IPBusEnum - ok
04:29:28.0879 0x3824 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:29:28.0926 0x3824 IpFilterDriver - ok
04:29:28.0973 0x3824 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
04:29:29.0019 0x3824 iphlpsvc - ok
04:29:29.0066 0x3824 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
04:29:29.0097 0x3824 IPMIDRV - ok
04:29:29.0129 0x3824 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
04:29:29.0175 0x3824 IPNAT - ok
04:29:29.0191 0x3824 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
04:29:29.0269 0x3824 IRENUM - ok
04:29:29.0285 0x3824 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
04:29:29.0316 0x3824 isapnp - ok
04:29:29.0347 0x3824 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
04:29:29.0363 0x3824 iScsiPrt - ok
04:29:29.0394 0x3824 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
04:29:29.0409 0x3824 kbdclass - ok
04:29:29.0456 0x3824 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
04:29:29.0472 0x3824 kbdhid - ok
04:29:29.0503 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] KeyIso C:\Windows\system32\lsass.exe
04:29:29.0519 0x3824 KeyIso - ok
04:29:29.0597 0x3824 [ B1DE832A8D46E3AB591EFE7BBD343338, 7348C26900CA9051BAA77E6D13071898CFD2DC973104AF725F3E8446EBD1BBB6 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
04:29:29.0628 0x3824 kl1 - ok
04:29:29.0659 0x3824 [ F427E0844E07AF495EB3DEB6C46531D8, F1BBF652EFE060AA2FED677F4D9D293981D0EE47B70BB0F86C921539AA8FDA61 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
04:29:29.0690 0x3824 kldisk - ok
04:29:29.0737 0x3824 [ A68696E4973081A57EE93A1CA74FA069, 24E5910982C864EED45B7BE42C63FF96B138152C3C21E1654D7E539C4496CD20 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
04:29:29.0753 0x3824 klflt - ok
04:29:29.0831 0x3824 [ 1B1A0F3FADE99452881823DF00851813, 2109F6190ABA3527C65BA4DABC3E3EA462D91334793129D9D55ADAB39863B301 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
04:29:29.0846 0x3824 klhk - ok
04:29:29.0893 0x3824 [ 8775275A4DB1F7BB230116D31F252771, 50EB71FA52D461D89E4B48C2A9590670C9F036E5CE463071E3567BAC9D1D22D4 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
04:29:29.0955 0x3824 KLIF - ok
04:29:29.0971 0x3824 [ B095E4E96165B85E4347CE4CC5F6663C, 5B4B92C95326FBFC8DDAEBE3B233B170FEC0E0F80AD16E3C491EB7686FD06A17 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
04:29:29.0987 0x3824 KLIM6 - ok
04:29:30.0033 0x3824 [ 69C131D4BC961DB09924A2D22A525A29, 724C20A45452C1AA188BEEB3F47D285978864FA012E4D8F4438A1B342439AAAE ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
04:29:30.0065 0x3824 klkbdflt - ok
04:29:30.0080 0x3824 [ 90706424106B9155CBFB8811EA906890, 7FCE21ADC2BC1C7AEB7716E2454BC7F8F39ED46FC189BCF5164A8BDF50472517 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
04:29:30.0111 0x3824 klmouflt - ok
04:29:30.0127 0x3824 [ 0F2C2BA832893F65D97AB8B75FCD3CCD, 9BA8C0CE08320B60D1E069694301777B217842482053EB827DCF0160DDE06815 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
04:29:30.0143 0x3824 klpd - ok
04:29:30.0158 0x3824 [ 8E682FBB727A3A3C3B7FAF986FF4EA54, 7AA1A8E71D665B33E00E36BD076C0AA4450769D6F51A70C932CEB02108690A0D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
04:29:30.0174 0x3824 kltdi - ok
04:29:30.0221 0x3824 [ 2D93705D0EA33B34F796169D2830CD8E, 64E3CFE035DA49D2F5075420A0793C82601184D6EA83534B7E3A3E4E48CFE9E4 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
04:29:30.0252 0x3824 Klwtp - ok
04:29:30.0267 0x3824 [ 7763289520B9BB8803E2778D332EADEB, 0851A5B6320BBB3F7A5E8E1F899A4DA1EDF1DD718AB5865F90AD6902DDBE2A46 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
04:29:30.0283 0x3824 kneps - ok
04:29:30.0330 0x3824 [ E58CFE0F44B9775603BA70813D48D66A, C65EC45F05B3C000D2328FE454A7C3C0D328CB16DF9C197A129E8FF7225480F6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
04:29:30.0345 0x3824 KSecDD - ok
04:29:30.0408 0x3824 [ 50D1D9B3C24E783B6A8451158215AA55, DDF0D0736097B4F643C8664F2115F860101CA447F6B9D9F2FAE0BBDBA6F25DA4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
04:29:30.0423 0x3824 KSecPkg - ok
04:29:30.0470 0x3824 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
04:29:30.0564 0x3824 KtmRm - ok
04:29:30.0595 0x3824 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
04:29:30.0657 0x3824 LanmanServer - ok
04:29:30.0689 0x3824 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:29:30.0720 0x3824 LanmanWorkstation - ok
04:29:30.0907 0x3824 [ ED6923BF4D8D4383893825E2F74E2543, 55B044E09B0D254E5E76A054046CF76B6AB91D3A585630A272B832B3DF94C838 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
04:29:31.0063 0x3824 LiveUpdateSvc - ok
04:29:31.0110 0x3824 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
04:29:31.0157 0x3824 lltdio - ok
04:29:31.0188 0x3824 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
04:29:31.0235 0x3824 lltdsvc - ok
04:29:31.0266 0x3824 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
04:29:31.0297 0x3824 lmhosts - ok
04:29:31.0328 0x3824 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
04:29:31.0344 0x3824 LSI_FC - ok
04:29:31.0359 0x3824 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
04:29:31.0375 0x3824 LSI_SAS - ok
04:29:31.0406 0x3824 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
04:29:31.0422 0x3824 LSI_SAS2 - ok
04:29:31.0437 0x3824 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
04:29:31.0453 0x3824 LSI_SCSI - ok
04:29:31.0484 0x3824 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
04:29:31.0515 0x3824 luafv - ok
04:29:31.0562 0x3824 [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
04:29:31.0578 0x3824 MBAMProtector - ok
04:29:31.0718 0x3824 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
04:29:31.0812 0x3824 MBAMScheduler - ok
04:29:31.0890 0x3824 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
04:29:31.0968 0x3824 MBAMService - ok
04:29:32.0015 0x3824 [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
04:29:32.0030 0x3824 MBAMSwissArmy - ok
04:29:32.0061 0x3824 [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
04:29:32.0077 0x3824 MBAMWebAccessControl - ok
04:29:32.0124 0x3824 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
04:29:32.0155 0x3824 Mcx2Svc - ok
04:29:32.0186 0x3824 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
04:29:32.0202 0x3824 megasas - ok
04:29:32.0280 0x3824 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
04:29:32.0295 0x3824 MegaSR - ok
04:29:32.0373 0x3824 Microsoft SharePoint Workspace Audit Service - ok
04:29:32.0405 0x3824 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
04:29:32.0451 0x3824 MMCSS - ok
04:29:32.0467 0x3824 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
04:29:32.0529 0x3824 Modem - ok
04:29:32.0561 0x3824 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
04:29:32.0576 0x3824 monitor - ok
04:29:32.0607 0x3824 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
04:29:32.0623 0x3824 mouclass - ok
04:29:32.0639 0x3824 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
04:29:32.0670 0x3824 mouhid - ok
04:29:32.0717 0x3824 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
04:29:32.0732 0x3824 mountmgr - ok
04:29:32.0795 0x3824 [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
04:29:32.0810 0x3824 MozillaMaintenance - ok
04:29:32.0841 0x3824 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
04:29:32.0857 0x3824 mpio - ok
04:29:32.0919 0x3824 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
04:29:32.0966 0x3824 mpsdrv - ok
04:29:33.0029 0x3824 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
04:29:33.0107 0x3824 MpsSvc - ok
04:29:33.0138 0x3824 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
04:29:33.0169 0x3824 MRxDAV - ok
04:29:33.0216 0x3824 [ 1D5CC65FECC628397CB72F87DD6A78F3, D011572DA403281DEB211870FA52B3886D2019302079F46E3B52A0A2EC4688E0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
04:29:33.0263 0x3824 mrxsmb - ok
04:29:33.0294 0x3824 [ D405E63A7FEED75B40ACE03E57B44AB5, 99C109BF745D60B2A1032D4D8C74790B26FD546C200061AEFEF7DBCAD20086E8 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:29:33.0341 0x3824 mrxsmb10 - ok
04:29:33.0372 0x3824 [ E688B7D9B5422F23102E1920E19473E9, 762B242B94153C813129F806A4E92BB33DE11C27CA52241D9317FC4B483639BA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:29:33.0387 0x3824 mrxsmb20 - ok
04:29:33.0434 0x3824 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
04:29:33.0450 0x3824 msahci - ok
04:29:33.0481 0x3824 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
04:29:33.0497 0x3824 msdsm - ok
04:29:33.0528 0x3824 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
04:29:33.0559 0x3824 MSDTC - ok
04:29:33.0590 0x3824 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
04:29:33.0637 0x3824 Msfs - ok
04:29:33.0653 0x3824 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
04:29:33.0699 0x3824 mshidkmdf - ok
04:29:33.0731 0x3824 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
04:29:33.0746 0x3824 msisadrv - ok
04:29:33.0777 0x3824 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
04:29:33.0824 0x3824 MSiSCSI - ok
04:29:33.0824 0x3824 msiserver - ok
04:29:33.0855 0x3824 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
04:29:33.0887 0x3824 MSKSSRV - ok
04:29:33.0918 0x3824 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
04:29:33.0949 0x3824 MSPCLOCK - ok
04:29:33.0965 0x3824 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
04:29:33.0996 0x3824 MSPQM - ok
04:29:34.0027 0x3824 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
04:29:34.0043 0x3824 MsRPC - ok
04:29:34.0074 0x3824 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
04:29:34.0089 0x3824 mssmbios - ok
04:29:34.0105 0x3824 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
04:29:34.0136 0x3824 MSTEE - ok
04:29:34.0167 0x3824 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
04:29:34.0183 0x3824 MTConfig - ok
04:29:34.0199 0x3824 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
04:29:34.0214 0x3824 Mup - ok
04:29:34.0261 0x3824 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
04:29:34.0308 0x3824 napagent - ok
04:29:34.0355 0x3824 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
04:29:34.0386 0x3824 NativeWifiP - ok
04:29:34.0448 0x3824 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
04:29:34.0495 0x3824 NDIS - ok
04:29:34.0526 0x3824 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
04:29:34.0557 0x3824 NdisCap - ok
04:29:34.0573 0x3824 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
04:29:34.0620 0x3824 NdisTapi - ok
04:29:34.0651 0x3824 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
04:29:34.0682 0x3824 Ndisuio - ok
04:29:34.0698 0x3824 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
04:29:34.0729 0x3824 NdisWan - ok
04:29:34.0745 0x3824 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
04:29:34.0791 0x3824 NDProxy - ok
04:29:34.0823 0x3824 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
04:29:34.0869 0x3824 NetBIOS - ok
04:29:34.0901 0x3824 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
04:29:34.0947 0x3824 NetBT - ok
04:29:34.0979 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] Netlogon C:\Windows\system32\lsass.exe
04:29:34.0994 0x3824 Netlogon - ok
04:29:35.0041 0x3824 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
04:29:35.0103 0x3824 Netman - ok
04:29:35.0135 0x3824 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0166 0x3824 NetMsmqActivator - ok
04:29:35.0181 0x3824 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0197 0x3824 NetPipeActivator - ok
04:29:35.0244 0x3824 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
04:29:35.0275 0x3824 netprofm - ok
04:29:35.0291 0x3824 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0322 0x3824 NetTcpActivator - ok
04:29:35.0337 0x3824 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0353 0x3824 NetTcpPortSharing - ok
04:29:35.0587 0x3824 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
04:29:35.0837 0x3824 netw5v32 - ok
04:29:36.0164 0x3824 [ D4EF7A9767C05905500EC312CB29EF46, 464DE67D1BE3A3A684206B2D494FEE723FB5B6559F3783EF929352F22B0A9492 ] NETwLv32 C:\Windows\system32\DRIVERS\NETwLv32.sys
04:29:36.0570 0x3824 NETwLv32 - ok
04:29:36.0617 0x3824 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
04:29:36.0632 0x3824 nfrd960 - ok
04:29:36.0679 0x3824 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
04:29:36.0710 0x3824 NlaSvc - ok
04:29:36.0726 0x3824 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
04:29:36.0757 0x3824 Npfs - ok
04:29:36.0819 0x3824 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
04:29:36.0851 0x3824 nsi - ok
04:29:36.0866 0x3824 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
04:29:36.0913 0x3824 nsiproxy - ok
04:29:36.0991 0x3824 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
04:29:37.0069 0x3824 Ntfs - ok
04:29:37.0085 0x3824 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
04:29:37.0116 0x3824 Null - ok
04:29:37.0147 0x3824 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
04:29:37.0163 0x3824 nvraid - ok
04:29:37.0194 0x3824 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
04:29:37.0209 0x3824 nvstor - ok
04:29:37.0241 0x3824 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
04:29:37.0256 0x3824 nv_agp - ok
04:29:37.0272 0x3824 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
04:29:37.0287 0x3824 ohci1394 - ok
04:29:37.0365 0x3824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:29:37.0381 0x3824 ose - ok
04:29:37.0615 0x3824 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
04:29:37.0849 0x3824 osppsvc - ok
04:29:37.0911 0x3824 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
04:29:37.0974 0x3824 p2pimsvc - ok
04:29:38.0005 0x3824 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
04:29:38.0052 0x3824 p2psvc - ok
04:29:38.0083 0x3824 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
04:29:38.0114 0x3824 Parport - ok
04:29:38.0145 0x3824 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
04:29:38.0161 0x3824 partmgr - ok
04:29:38.0177 0x3824 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
04:29:38.0192 0x3824 Parvdm - ok
04:29:38.0286 0x3824 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
04:29:38.0317 0x3824 PcaSvc - ok
04:29:38.0379 0x3824 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
04:29:38.0395 0x3824 pci - ok
04:29:38.0426 0x3824 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
04:29:38.0442 0x3824 pciide - ok
04:29:38.0473 0x3824 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
04:29:38.0489 0x3824 pcmcia - ok
04:29:38.0520 0x3824 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
04:29:38.0535 0x3824 pcw - ok
04:29:38.0598 0x3824 [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
04:29:38.0613 0x3824 PDFProFiltSrvPP - ok
04:29:38.0660 0x3824 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
04:29:38.0723 0x3824 PEAUTH - ok
04:29:38.0801 0x3824 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
04:29:38.0910 0x3824 PeerDistSvc - ok
04:29:39.0003 0x3824 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
04:29:39.0097 0x3824 pla - ok
04:29:39.0144 0x3824 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
04:29:39.0206 0x3824 PlugPlay - ok
04:29:39.0237 0x3824 [ 0C0FF5946A63C75A3D4D0CB35F787B12, 08BC45E48C3008109749C41899CAFE344BA4AFBD841C274AD2A73E4D1D940F64 ] PNPMEM C:\Windows\system32\DRIVERS\pnpmem.sys
04:29:39.0269 0x3824 PNPMEM - ok
04:29:39.0300 0x3824 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
04:29:39.0315 0x3824 PNRPAutoReg - ok
04:29:39.0347 0x3824 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
04:29:39.0378 0x3824 PNRPsvc - ok
04:29:39.0425 0x3824 [ 438302072ED37F3F7320AB3DA3525822, 761FF92708EDDF5531513582A447123E739B5C162DFB2CA49D3C0D8CC559521D ] Point32 C:\Windows\system32\DRIVERS\point32.sys
04:29:39.0456 0x3824 Point32 - ok
04:29:39.0487 0x3824 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
04:29:39.0534 0x3824 PolicyAgent - ok
04:29:39.0565 0x3824 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
04:29:39.0612 0x3824 Power - ok
04:29:39.0643 0x3824 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
04:29:39.0674 0x3824 PptpMiniport - ok
04:29:39.0721 0x3824 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
04:29:39.0752 0x3824 Processor - ok
04:29:39.0799 0x3824 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
04:29:39.0846 0x3824 ProfSvc - ok
04:29:39.0861 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:29:39.0877 0x3824 ProtectedStorage - ok
04:29:39.0908 0x3824 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
04:29:39.0939 0x3824 Psched - ok
04:29:40.0017 0x3824 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
04:29:40.0111 0x3824 ql2300 - ok
04:29:40.0142 0x3824 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
04:29:40.0158 0x3824 ql40xx - ok
04:29:40.0189 0x3824 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
04:29:40.0220 0x3824 QWAVE - ok
04:29:40.0236 0x3824 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
04:29:40.0267 0x3824 QWAVEdrv - ok
04:29:40.0298 0x3824 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
04:29:40.0329 0x3824 RasAcd - ok
04:29:40.0423 0x3824 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
04:29:40.0454 0x3824 RasAgileVpn - ok
04:29:40.0501 0x3824 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
04:29:40.0532 0x3824 RasAuto - ok
04:29:40.0563 0x3824 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
04:29:40.0610 0x3824 Rasl2tp - ok
04:29:40.0657 0x3824 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
04:29:40.0751 0x3824 RasMan - ok
04:29:40.0813 0x3824 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
04:29:40.0860 0x3824 RasPppoe - ok
04:29:40.0875 0x3824 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
04:29:40.0938 0x3824 RasSstp - ok
04:29:40.0985 0x3824 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
04:29:41.0016 0x3824 rdbss - ok
04:29:41.0063 0x3824 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
04:29:41.0094 0x3824 rdpbus - ok
04:29:41.0141 0x3824 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
04:29:41.0172 0x3824 RDPCDD - ok
04:29:41.0203 0x3824 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
04:29:41.0234 0x3824 RDPDR - ok
04:29:41.0250 0x3824 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
04:29:41.0281 0x3824 RDPENCDD - ok
04:29:41.0312 0x3824 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
04:29:41.0343 0x3824 RDPREFMP - ok
04:29:41.0375 0x3824 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
04:29:41.0421 0x3824 RdpVideoMiniport - ok
04:29:41.0437 0x3824 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
04:29:41.0453 0x3824 RDPWD - ok
04:29:41.0484 0x3824 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
04:29:41.0499 0x3824 rdyboost - ok
04:29:41.0531 0x3824 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
04:29:41.0562 0x3824 RemoteAccess - ok
04:29:41.0609 0x3824 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
04:29:41.0655 0x3824 RemoteRegistry - ok
04:29:41.0671 0x3824 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
04:29:41.0702 0x3824 RpcEptMapper - ok
04:29:41.0733 0x3824 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
04:29:41.0749 0x3824 RpcLocator - ok
04:29:41.0796 0x3824 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
04:29:41.0827 0x3824 RpcSs - ok
04:29:41.0858 0x3824 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
04:29:41.0889 0x3824 rspndr - ok
04:29:41.0983 0x3824 [ 1E4AE018CD65B242C99FA19A3CAC1F09, 06C8737CEC445ED88478B9F9F3E7DDFE10741EA0E853A8E51F4AA0EC22A11151 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
04:29:42.0030 0x3824 RTL8167 - ok
04:29:42.0108 0x3824 [ 51053B3D3CF8DB997C850D21E73A3983, EBF5DC463F5A12FF4D34417F44968AB3ECB6A9A4CEDC2B7FA2009ABCC1F8443C ] RTSUER C:\Windows\system32\Drivers\RtsUer.sys
04:29:42.0139 0x3824 RTSUER - ok
04:29:42.0155 0x3824 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
04:29:42.0217 0x3824 s3cap - ok
04:29:42.0248 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] SamSs C:\Windows\system32\lsass.exe
04:29:42.0264 0x3824 SamSs - ok
04:29:42.0279 0x3824 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
04:29:42.0311 0x3824 sbp2port - ok
04:29:42.0404 0x3824 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
04:29:42.0451 0x3824 SCardSvr - ok
04:29:42.0498 0x3824 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
04:29:42.0529 0x3824 scfilter - ok
04:29:42.0607 0x3824 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
04:29:42.0669 0x3824 Schedule - ok
04:29:42.0716 0x3824 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
04:29:42.0747 0x3824 SCPolicySvc - ok
04:29:42.0794 0x3824 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
04:29:42.0841 0x3824 SDRSVC - ok
04:29:42.0857 0x3824 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
04:29:42.0888 0x3824 secdrv - ok
04:29:42.0903 0x3824 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
04:29:42.0950 0x3824 seclogon - ok
04:29:42.0966 0x3824 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
04:29:43.0028 0x3824 SENS - ok
04:29:43.0059 0x3824 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
04:29:43.0091 0x3824 SensrSvc - ok
04:29:43.0106 0x3824 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys
04:29:43.0122 0x3824 Serenum - ok
04:29:43.0153 0x3824 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys
04:29:43.0184 0x3824 Serial - ok
04:29:43.0231 0x3824 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
04:29:43.0247 0x3824 sermouse - ok
04:29:43.0293 0x3824 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
04:29:43.0340 0x3824 SessionEnv - ok
04:29:43.0340 0x3824 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
04:29:43.0371 0x3824 sffdisk - ok
04:29:43.0387 0x3824 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
04:29:43.0403 0x3824 sffp_mmc - ok
04:29:43.0449 0x3824 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
04:29:43.0512 0x3824 sffp_sd - ok
04:29:43.0543 0x3824 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
04:29:43.0605 0x3824 sfloppy - ok
04:29:43.0715 0x3824 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
04:29:43.0761 0x3824 SharedAccess - ok
04:29:43.0824 0x3824 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:29:43.0871 0x3824 ShellHWDetection - ok
04:29:43.0886 0x3824 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
04:29:43.0917 0x3824 sisagp - ok
04:29:43.0933 0x3824 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
04:29:43.0949 0x3824 SiSRaid2 - ok
04:29:43.0964 0x3824 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
04:29:43.0980 0x3824 SiSRaid4 - ok
04:29:44.0011 0x3824 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
04:29:44.0058 0x3824 Smb - ok
04:29:44.0089 0x3824 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
04:29:44.0120 0x3824 SNMPTRAP - ok
04:29:44.0136 0x3824 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
04:29:44.0151 0x3824 spldr - ok
04:29:44.0167 0x3824 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
04:29:44.0245 0x3824 Spooler - ok
04:29:44.0463 0x3824 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
04:29:44.0651 0x3824 sppsvc - ok
04:29:44.0682 0x3824 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
04:29:44.0729 0x3824 sppuinotify - ok
04:29:44.0775 0x3824 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
04:29:44.0838 0x3824 srv - ok
04:29:44.0869 0x3824 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
04:29:44.0885 0x3824 srv2 - ok
04:29:44.0916 0x3824 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
04:29:44.0931 0x3824 srvnet - ok
04:29:44.0963 0x3824 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
04:29:44.0994 0x3824 SSDPSRV - ok
04:29:45.0025 0x3824 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
04:29:45.0056 0x3824 SstpSvc - ok
04:29:45.0087 0x3824 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
04:29:45.0103 0x3824 stexstor - ok
04:29:45.0181 0x3824 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
04:29:45.0228 0x3824 StiSvc - ok
04:29:45.0259 0x3824 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
04:29:45.0275 0x3824 storflt - ok
04:29:45.0290 0x3824 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
04:29:45.0306 0x3824 storvsc - ok
04:29:45.0321 0x3824 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
04:29:45.0337 0x3824 swenum - ok
04:29:45.0368 0x3824 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
04:29:45.0431 0x3824 swprv - ok
04:29:45.0446 0x3824 [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
04:29:45.0462 0x3824 Synth3dVsc - ok
04:29:45.0555 0x3824 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
04:29:45.0649 0x3824 SysMain - ok
04:29:45.0665 0x3824 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
04:29:45.0696 0x3824 TabletInputService - ok
04:29:45.0711 0x3824 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
04:29:45.0758 0x3824 TapiSrv - ok
04:29:45.0789 0x3824 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
04:29:45.0821 0x3824 TBS - ok
04:29:45.0899 0x3824 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
04:29:45.0977 0x3824 Tcpip - ok
04:29:46.0039 0x3824 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
04:29:46.0101 0x3824 TCPIP6 - ok
04:29:46.0148 0x3824 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
04:29:46.0179 0x3824 tcpipreg - ok
04:29:46.0211 0x3824 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
04:29:46.0226 0x3824 TDPIPE - ok
04:29:46.0242 0x3824 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
04:29:46.0273 0x3824 TDTCP - ok
04:29:46.0335 0x3824 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
04:29:46.0382 0x3824 tdx - ok
04:29:46.0398 0x3824 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
04:29:46.0445 0x3824 TermDD - ok
04:29:46.0460 0x3824 [ E951866BAC5A23403F62A349EDBB6EEB, BE6FB3C09D1CF8952B4D041F45B4DEE53D78EE7D27A5135012BC92B2F7CFBEA3 ] terminpt C:\Windows\system32\drivers\terminpt.sys
04:29:46.0507 0x3824 terminpt - ok
04:29:46.0569 0x3824 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
04:29:46.0647 0x3824 TermService - ok
04:29:46.0694 0x3824 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
04:29:46.0725 0x3824 Themes - ok
04:29:46.0772 0x3824 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
04:29:46.0803 0x3824 THREADORDER - ok
04:29:46.0866 0x3824 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
04:29:46.0913 0x3824 TrkWks - ok
04:29:47.0006 0x3824 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:29:47.0037 0x3824 TrustedInstaller - ok
04:29:47.0084 0x3824 [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
04:29:47.0115 0x3824 tssecsrv - ok
04:29:47.0147 0x3824 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
04:29:47.0178 0x3824 TsUsbFlt - ok
04:29:47.0209 0x3824 [ 7E6E0797EB91F1D63641058416044313, 3A681A337DFCE9108B73CC4707462114E8D534C52BF8C8E226C0B31326FF24D5 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
04:29:47.0240 0x3824 TsUsbGD - ok
04:29:47.0271 0x3824 [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
04:29:47.0303 0x3824 tsusbhub - ok
04:29:47.0318 0x3824 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
04:29:47.0381 0x3824 tunnel - ok
04:29:47.0412 0x3824 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
04:29:47.0427 0x3824 uagp35 - ok
04:29:47.0459 0x3824 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
04:29:47.0505 0x3824 udfs - ok
04:29:47.0552 0x3824 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
04:29:47.0583 0x3824 UI0Detect - ok
04:29:47.0583 0x3824 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
04:29:47.0615 0x3824 uliagpkx - ok
04:29:47.0630 0x3824 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
04:29:47.0646 0x3824 umbus - ok
04:29:47.0677 0x3824 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
04:29:47.0708 0x3824 UmPass - ok
04:29:47.0739 0x3824 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
04:29:47.0755 0x3824 UmRdpService - ok
04:29:47.0786 0x3824 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
04:29:47.0833 0x3824 upnphost - ok
04:29:47.0864 0x3824 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
04:29:47.0895 0x3824 usbccgp - ok
04:29:47.0911 0x3824 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
04:29:47.0958 0x3824 usbcir - ok
04:29:47.0973 0x3824 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
04:29:48.0005 0x3824 usbehci - ok
04:29:48.0051 0x3824 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
04:29:48.0067 0x3824 usbhub - ok
04:29:48.0098 0x3824 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
04:29:48.0114 0x3824 usbohci - ok
04:29:48.0176 0x3824 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
04:29:48.0207 0x3824 usbprint - ok
04:29:48.0239 0x3824 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
04:29:48.0270 0x3824 usbscan - ok
04:29:48.0332 0x3824 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:29:48.0441 0x3824 USBSTOR - ok
04:29:48.0488 0x3824 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
04:29:48.0519 0x3824 usbuhci - ok
04:29:48.0582 0x3824 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
04:29:48.0629 0x3824 UxSms - ok
04:29:48.0691 0x3824 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] VaultSvc C:\Windows\system32\lsass.exe
04:29:48.0707 0x3824 VaultSvc - ok
04:29:48.0738 0x3824 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
04:29:48.0800 0x3824 vdrvroot - ok
04:29:48.0847 0x3824 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
04:29:48.0909 0x3824 vds - ok
04:29:48.0941 0x3824 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
04:29:48.0956 0x3824 vga - ok
04:29:48.0987 0x3824 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
04:29:49.0019 0x3824 VgaSave - ok
04:29:49.0034 0x3824 VGPU - ok
04:29:49.0065 0x3824 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
04:29:49.0081 0x3824 vhdmp - ok
04:29:49.0097 0x3824 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
04:29:49.0112 0x3824 viaagp - ok
04:29:49.0128 0x3824 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
04:29:49.0175 0x3824 ViaC7 - ok
04:29:49.0190 0x3824 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
04:29:49.0206 0x3824 viaide - ok
04:29:49.0237 0x3824 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
04:29:49.0253 0x3824 vmbus - ok
04:29:49.0268 0x3824 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
04:29:49.0299 0x3824 VMBusHID - ok
04:29:49.0315 0x3824 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
04:29:49.0331 0x3824 volmgr - ok
04:29:49.0377 0x3824 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
04:29:49.0393 0x3824 volmgrx - ok
04:29:49.0424 0x3824 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
04:29:49.0440 0x3824 volsnap - ok
04:29:49.0471 0x3824 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
04:29:49.0487 0x3824 vsmraid - ok
04:29:49.0565 0x3824 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
04:29:49.0643 0x3824 VSS - ok
04:29:49.0643 0x3824 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
04:29:49.0689 0x3824 vwifibus - ok
04:29:49.0736 0x3824 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
04:29:49.0799 0x3824 W32Time - ok
04:29:49.0814 0x3824 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
04:29:49.0830 0x3824 WacomPen - ok
04:29:49.0861 0x3824 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
04:29:49.0892 0x3824 WANARP - ok
04:29:49.0908 0x3824 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
04:29:49.0939 0x3824 Wanarpv6 - ok
04:29:50.0001 0x3824 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
04:29:50.0095 0x3824 wbengine - ok
04:29:50.0142 0x3824 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
04:29:50.0173 0x3824 WbioSrvc - ok
04:29:50.0204 0x3824 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
04:29:50.0235 0x1b54 Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
04:29:50.0298 0x3824 wcncsvc - ok
04:29:50.0313 0x3824 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:29:50.0423 0x3824 WcsPlugInService - ok
04:29:50.0485 0x3824 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
04:29:50.0501 0x3824 Wd - ok
04:29:50.0563 0x3824 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
04:29:50.0610 0x3824 Wdf01000 - ok
04:29:50.0672 0x3824 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
04:29:50.0735 0x3824 WdiServiceHost - ok
04:29:50.0750 0x3824 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
04:29:50.0766 0x3824 WdiSystemHost - ok
04:29:50.0813 0x3824 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
04:29:50.0859 0x3824 WebClient - ok
04:29:50.0922 0x3824 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
04:29:50.0969 0x3824 Wecsvc - ok
04:29:51.0000 0x3824 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
04:29:51.0031 0x3824 wercplsupport - ok
04:29:51.0062 0x3824 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
04:29:51.0109 0x3824 WerSvc - ok
04:29:51.0156 0x3824 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
04:29:51.0203 0x3824 WfpLwf - ok
04:29:51.0218 0x3824 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
04:29:51.0234 0x3824 WIMMount - ok
04:29:51.0327 0x3824 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
04:29:51.0452 0x3824 WinDefend - ok
04:29:51.0499 0x3824 WinHttpAutoProxySvc - ok
04:29:51.0561 0x3824 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
04:29:51.0608 0x3824 Winmgmt - ok
04:29:51.0686 0x3824 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
04:29:51.0795 0x3824 WinRM - ok
04:29:51.0858 0x3824 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
04:29:51.0889 0x3824 WinUSB - ok
04:29:51.0967 0x3824 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
04:29:52.0045 0x3824 Wlansvc - ok
04:29:52.0092 0x3824 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
04:29:52.0107 0x3824 WmiAcpi - ok
04:29:52.0185 0x3824 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
04:29:52.0217 0x3824 wmiApSrv - ok
04:29:52.0326 0x3824 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
04:29:52.0435 0x3824 WMPNetworkSvc - ok
04:29:52.0700 0x3824 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
04:29:52.0763 0x3824 WPCSvc - ok
04:29:52.0950 0x3824 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
04:29:53.0012 0x3824 WPDBusEnum - ok
04:29:53.0043 0x3824 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
04:29:53.0075 0x1b54 Object send P2P result: true
04:29:53.0090 0x1b54 Object required for P2P: [ 51053B3D3CF8DB997C850D21E73A3983 ] RTSUER
04:29:53.0106 0x3824 ws2ifsl - ok
04:29:53.0246 0x3824 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
04:29:53.0340 0x3824 wscsvc - ok
04:29:53.0480 0x3824 WSearch - ok
04:29:53.0636 0x3824 [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv C:\Windows\system32\wuaueng.dll
04:29:53.0823 0x3824 wuauserv - ok
04:29:53.0870 0x3824 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
04:29:53.0901 0x3824 WudfPf - ok
04:29:53.0948 0x3824 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
04:29:53.0964 0x3824 WUDFRd - ok
04:29:54.0026 0x3824 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
04:29:54.0042 0x3824 wudfsvc - ok
04:29:54.0104 0x3824 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
04:29:54.0135 0x3824 WwanSvc - ok
04:29:54.0151 0x3824 ================ Scan global ===============================
04:29:54.0213 0x3824 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
04:29:54.0260 0x3824 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
04:29:54.0276 0x3824 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
04:29:54.0307 0x3824 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
04:29:54.0354 0x3824 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
04:29:54.0354 0x3824 [ Global ] - ok
04:29:54.0354 0x3824 ================ Scan MBR ==================================
04:29:54.0385 0x3824 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:29:55.0056 0x3824 \Device\Harddisk0\DR0 - ok
04:29:55.0056 0x3824 ================ Scan VBR ==================================
04:29:55.0056 0x3824 [ 101D51509FB7CD44747AF7670D25BED7 ] \Device\Harddisk0\DR0\Partition1
04:29:55.0056 0x3824 \Device\Harddisk0\DR0\Partition1 - ok
04:29:55.0071 0x3824 [ 3AC3CC82A6BB6A7D8663BCD1C54D1C87 ] \Device\Harddisk0\DR0\Partition2
04:29:55.0071 0x3824 \Device\Harddisk0\DR0\Partition2 - ok
04:29:55.0071 0x3824 [ 8FB2E8ED60BCECAA2D6F949305062018 ] \Device\Harddisk0\DR0\Partition3
04:29:55.0071 0x3824 \Device\Harddisk0\DR0\Partition3 - ok
04:29:55.0071 0x3824 ================ Scan generic autorun ======================
04:29:55.0149 0x3824 [ DFC2F8E34E5D4C9C8EF88353B8457A45, 49C25AEBF09B13D7BE218332129E50A1DFF01F40D04FE36256E82926C93E8078 ] C:\Program Files\PDF24\pdf24.exe
04:29:55.0165 0x3824 PDFPrint - ok
04:29:55.0196 0x3824 [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
04:29:55.0212 0x3824 IgfxTray - ok
04:29:55.0243 0x3824 [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
04:29:55.0259 0x3824 HotKeysCmds - ok
04:29:55.0305 0x3824 [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files\ControlCenter4\BrCcBoot.exe
04:29:55.0321 0x3824 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
04:29:55.0914 0x1b54 Object send P2P result: true
04:29:58.0004 0x3824 Detect skipped due to KSN trusted
04:29:58.0004 0x3824 ControlCenter4 - ok
04:29:58.0285 0x3824 [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files\Browny02\Brother\BrStMonW.exe
04:29:58.0503 0x3824 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
04:30:01.0233 0x3824 Detect skipped due to KSN trusted
04:30:01.0233 0x3824 BrStsMon00 - ok
04:30:01.0374 0x3824 [ CCD7E282045AB48CEA58AA2E2A715362, 87952B5BD23F451DB5A17B280B4047E41AEF37DEB0B8FECDA48D6F1F9C7DE866 ] C:\Program Files\Brother\Brother Help\BrotherHelp.exe
04:30:01.0499 0x3824 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
04:30:04.0166 0x3824 Detect skipped due to KSN trusted
04:30:04.0166 0x3824 BrHelp - ok
04:30:04.0307 0x3824 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
04:30:04.0385 0x3824 Sidebar - ok
04:30:04.0416 0x3824 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
04:30:04.0463 0x3824 mctadmin - ok
04:30:04.0509 0x3824 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
04:30:04.0556 0x3824 Sidebar - ok
04:30:04.0572 0x3824 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
04:30:04.0603 0x3824 mctadmin - ok
04:30:04.0759 0x3824 [ 88B052F686DA7B7E1423F0879E68CF41, 97FDFEF5A2E393642BC0136C64C0570668E58A49CA2EAD8ACFF61EF25383B3CB ] C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
04:30:04.0868 0x3824 Advanced SystemCare 9 - ok
04:30:04.0884 0x3824 Waiting for KSN requests completion. In queue: 5
04:30:05.0898 0x3824 Waiting for KSN requests completion. In queue: 5
04:30:06.0912 0x3824 Waiting for KSN requests completion. In queue: 5
04:30:08.0004 0x3824 AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41000 ( enabled : updated )
04:30:08.0004 0x3824 FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
04:30:10.0765 0x3824 ============================================================
04:30:10.0765 0x3824 Scan finished
04:30:10.0765 0x3824 ============================================================
04:30:10.0765 0x0a04 Detected object count: 0
04:30:10.0765 0x0a04 Actual detected object count: 0
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Ultimate x86
Ran by LaptopSeb (Administrator) on 19.04.2016 at 4:16:11,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 13
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\LaptopSeb\AppData\Local\ysearchutil (Folder)
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\extensions\anttoolbar@ant.com (Folder)
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\user.js (File)
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\System32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\System32\Tasks\Driver Booster SkipUAC (LaptopSeb) (Task)
Successfully deleted: C:\Windows\System32\Tasks\Uninstaller_SkipUac_LaptopSeb (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files\iobit\driver booster (Folder)
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-85146E71.pf (File)
Registry: 1
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.04.2016 at 4:19:31,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.04.19.01
rootkit: v2016.04.17.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18163
LaptopSeb :: SEBBO [administrator]
19.04.2016 04:12:36
mbar-log-2016-04-19 (04-12-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 286638
Time elapsed: 3 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter # AdwCleaner v5.112 - Bericht erstellt am 19/04/2016 um 04:44:48
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-17.1 [Lokal]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X86)
# Benutzername : LaptopSeb - SEBBO
# Gestartet von : C:\Users\LaptopSeb\Desktop\AdwCleaner_5.112.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner gefunden : C:\Windows\system32\config\systemprofile\AppData\Local\YSearchUtil
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Schlüssel gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
***** [ Internetbrowser ] *****
[C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\prefs.js] gefunden : user_pref("network.hxxp.request.max-start-delay", 0);
*************************
C:\AdwCleaner\AdwCleaner[S2].txt - [1285 Bytes] - [19/04/2016 04:36:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1206 Bytes] - [19/04/2016 04:44:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1279 Bytes] ##########
|
|
19.04.2016, 04:50
| #2 |
| | Beitragweiterführung LOGS 5.FRST
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016 durchgeführt von LaptopSeb (Administrator) auf SEBBO (19-04-2016 04:39:11) Gestartet von C:\Users\LaptopSeb\Desktop Geladene Profile: LaptopSeb (Verfügbare Profile: LaptopSeb) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmi32.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH) HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) HKLM\...\Run: [BrHelp] => C:\Program Files\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\MountPoints2: {fe5dfe72-6ec7-11e5-bfc1-0016d38dd97d} - H:\SETUP.EXE HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{9AB1E05F-EDA4-4FB0-81D4-23CFB5A3C509}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.Fujitsu.com HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.Fujitsu.com SearchScopes: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000 -> {49791F18-74DD-447A-8D29-ABAB515D8DB6} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO) BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG) Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.) FireFox: ======== FF ProfilePath: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336 FF DefaultSearchEngine: Google FF SelectedSearchEngine: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-18] () FF Plugin: @kaspersky.com/content_blocker_663BE8 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-04-11] () FF Plugin: @kaspersky.com/online_banking_08806E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-04-11] () FF Plugin: @kaspersky.com/virtual_keyboard_074028 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-04-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\searchplugins\yahoo-ysp.xml [2015-11-24] FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-04-11] FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-04-11] FF Extension: NoScript - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-18] FF Extension: Adblock Converter - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{195327b1-7b71-40c1-81c8-8dc19c4777df}.xpi [2016-02-24] [ist nicht signiert] FF Extension: Video DownloadHelper - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-28] FF Extension: Adblock Plus - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-31] FF HKLM\...\Firefox\Extensions: [content_blocker_663BE8@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-04-11] FF HKLM\...\Firefox\Extensions: [virtual_keyboard_074028@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF HKLM\...\Firefox\Extensions: [online_banking_08806E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com FF HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension FF Extension: Free Download Manager extension - C:\Program Files\Free Download Manager\Firefox\Extension [2016-04-19] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit) R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO) R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert] S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-07-09] (Kaspersky Lab UK Ltd) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-10-10] (Disc Soft Ltd) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-02-04] (REALiX(tm)) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [155304 2016-04-11] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-07-09] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-07-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44728 2016-04-11] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [704416 2016-04-11] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-07-09] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [44920 2016-04-11] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [44408 2016-04-11] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-07-09] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-07-09] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [76472 2016-04-11] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-10-09] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-19] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) S3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2016-02-05] (Intel Corporation) R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [302808 2016-04-18] (Realsil Semiconductor Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-19 04:39 - 2016-04-19 04:39 - 00013507 _____ C:\Users\LaptopSeb\Desktop\FRST.txt 2016-04-19 04:38 - 2016-04-19 04:38 - 00001288 _____ C:\Users\LaptopSeb\Desktop\AdwCleaner[S2].txt 2016-04-19 04:32 - 2016-04-19 04:36 - 00000000 ____D C:\AdwCleaner 2016-04-19 04:31 - 2016-04-19 04:32 - 00102572 _____ C:\Users\LaptopSeb\Desktop\Tdsskiller report 19.04.2016 0431.txt 2016-04-19 04:25 - 2016-04-19 04:25 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\ProductData 2016-04-19 04:25 - 2016-04-19 04:25 - 00000000 ____D C:\ProgramData\ProductData 2016-04-19 04:23 - 2016-04-19 04:32 - 00205234 _____ C:\TDSSKiller.3.1.0.9_19.04.2016_04.23.24_log.txt 2016-04-19 04:23 - 2016-04-19 04:15 - 00002116 _____ C:\Users\LaptopSeb\Desktop\mbar-log-2016-04-19 (04-12-36).txt 2016-04-19 04:19 - 2016-04-19 04:19 - 00001835 _____ C:\Users\LaptopSeb\Desktop\JRT.exe report.txt 2016-04-19 04:12 - 2016-04-19 04:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-04-19 04:11 - 2016-04-19 04:15 - 00000000 ____D C:\Users\LaptopSeb\Desktop\mbar 2016-04-19 04:09 - 2016-04-19 04:09 - 03683904 _____ C:\Users\LaptopSeb\Desktop\AdwCleaner_5.112.exe 2016-04-19 04:08 - 2016-04-19 04:09 - 01610352 _____ (Malwarebytes) C:\Users\LaptopSeb\Desktop\JRT.exe 2016-04-19 04:07 - 2016-04-19 04:07 - 16563352 _____ (Malwarebytes Corp.) C:\Users\LaptopSeb\Desktop\mbar-1.09.3.1001.exe 2016-04-19 03:15 - 2016-04-19 03:16 - 00002206 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk 2016-04-19 02:53 - 2016-04-19 04:39 - 00000000 ____D C:\FRST 2016-04-19 02:51 - 2016-04-19 02:51 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\LaptopSeb\Desktop\tdsskiller.exe 2016-04-19 02:48 - 2016-04-19 02:48 - 01726464 _____ (Farbar) C:\Users\LaptopSeb\Desktop\FRST.exe 2016-04-18 17:51 - 2016-04-19 04:10 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Free Download Manager 2016-04-18 17:51 - 2016-04-19 01:31 - 00001029 _____ C:\Users\LaptopSeb\Desktop\Free Download Manager.lnk 2016-04-18 17:51 - 2016-04-19 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2016-04-18 17:51 - 2016-04-19 01:31 - 00000000 ____D C:\Program Files\Free Download Manager 2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\FreeDownloadManager.ORG 2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\ProgramData\FreeDownloadManager.ORG 2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\ProgramData\Free Download Manager 2016-04-18 17:49 - 2016-04-18 17:49 - 10796688 _____ (FreeDownloadManager.ORG ) C:\Users\LaptopSeb\Downloads\fdminst397.exe 2016-04-18 17:18 - 2016-04-18 17:18 - 00242344 _____ C:\Users\LaptopSeb\Downloads\Firefox Setup Stub 45.0.2.exe 2016-04-18 10:18 - 2016-04-18 10:18 - 03567320 _____ (TODO: <Company name>) C:\Windows\RtCRU32.exe 2016-04-18 10:18 - 2016-04-18 10:18 - 00302808 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys 2016-04-18 10:16 - 2016-04-18 10:18 - 00000000 ____D C:\Windows\LastGood 2016-04-18 10:14 - 2016-04-18 10:14 - 00770304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2016-04-18 10:14 - 2016-04-18 10:14 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2016-04-17 22:18 - 2016-04-17 22:18 - 00142657 _____ C:\Users\LaptopSeb\Downloads\vorsorgeuntersuchung(1).pdf 2016-04-17 22:18 - 2016-04-17 22:18 - 00115783 _____ C:\Users\LaptopSeb\Downloads\Ablauf-Praktikum-Berufsfelderkundung.pdf 2016-04-16 23:09 - 2016-04-17 14:19 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\3CB06E41.sys 2016-04-15 22:59 - 2016-04-15 22:59 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\559718CC.sys 2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\calibre-cache 2016-04-14 02:29 - 2016-04-14 04:09 - 00000000 ____D C:\Users\LaptopSeb\Documents\Calibre-Bibliothek 2016-04-14 02:29 - 2016-04-14 04:07 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\calibre 2016-04-14 02:29 - 2016-04-14 04:05 - 00000000 ____D C:\Program Files\Calibre2 2016-04-14 02:29 - 2016-04-14 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2016-04-14 02:24 - 2016-04-14 02:25 - 67674112 _____ C:\Users\LaptopSeb\Downloads\calibre-2.54.0.msi 2016-04-14 02:08 - 2016-04-14 03:04 - 00000000 ____D C:\Users\LaptopSeb\Documents\My Kindle Content 2016-04-14 02:08 - 2016-04-14 02:08 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2016-04-14 02:07 - 2016-04-14 02:08 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\Amazon 2016-04-14 02:03 - 2016-04-14 02:03 - 45580176 _____ (Amazon.com) C:\Users\LaptopSeb\Downloads\KindleForPC-installer-1.15.43061.exe 2016-04-13 19:49 - 2016-04-13 19:49 - 00097239 _____ C:\Users\LaptopSeb\Downloads\PrüfTermine-HM_Vorklinik-SoSe2016.pdf 2016-04-13 19:49 - 2016-04-13 19:49 - 00047396 _____ C:\Users\LaptopSeb\Downloads\Prüfungsrichtlinien.pdf 2016-04-12 15:53 - 2016-04-12 15:53 - 00228447 _____ C:\Users\LaptopSeb\Downloads\preisliste.pdf 2016-04-12 01:10 - 2016-04-12 01:24 - 204186672 _____ C:\Users\LaptopSeb\Downloads\BangPOV.16.04.09.Goldie.mp4 2016-04-12 01:08 - 2016-04-12 01:20 - 137106754 _____ C:\Users\LaptopSeb\Downloads\BlowMeInPOV.13.06.18.Lea.Queen.Teen.Mouthful.FRENCH.mp4 2016-04-12 01:07 - 2016-04-12 01:19 - 153532522 _____ C:\Users\LaptopSeb\Downloads\BlowMeInPOV.13.01.15.Sunny.Spark.Succulent.Suck.FRENCH.mp4 2016-04-11 13:41 - 2016-04-11 13:41 - 00423239 _____ C:\Users\LaptopSeb\Downloads\poster non-presenting participants.pdf 2016-04-11 05:19 - 2016-04-11 05:19 - 45161313 _____ C:\Users\LaptopSeb\Downloads\Biologie Gesamtzusammenfassung_PDF.pdf 2016-04-11 04:58 - 2016-04-18 04:08 - 00000000 ____D C:\Users\LaptopSeb\Desktop\2tes Semster 2016-04-11 04:58 - 2016-04-11 04:58 - 00109404 _____ C:\Users\LaptopSeb\Downloads\Semesterplan_SoSe_2016_03_07-2-Semester.pdf 2016-04-11 04:57 - 2016-04-11 04:58 - 00000000 ____D C:\Users\LaptopSeb\Desktop\1. sem 2016-04-11 01:59 - 2016-04-11 01:59 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-19 04:39 - 2015-10-19 20:05 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\NetSpeedMonitor 2016-04-19 04:39 - 2015-10-09 22:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-04-19 04:22 - 2016-02-03 17:33 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-19 04:17 - 2016-01-31 23:53 - 00000000 ____D C:\ProgramData\IObit 2016-04-19 04:17 - 2016-01-31 23:52 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\IObit 2016-04-19 04:17 - 2016-01-31 23:52 - 00000000 ____D C:\Program Files\IObit 2016-04-19 04:11 - 2016-02-03 17:32 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-19 04:01 - 2015-10-10 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-04-19 03:34 - 2015-10-14 17:00 - 00000000 ____D C:\Users\LaptopSeb\Desktop\BetriebsProgramme 2016-04-19 03:29 - 2016-02-03 22:39 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\vlc 2016-04-19 03:21 - 2016-02-12 16:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-04-19 03:16 - 2016-01-31 23:53 - 00002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2016-04-19 03:16 - 2016-01-31 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2016-04-19 03:15 - 2016-01-31 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2016-04-19 03:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-04-19 02:54 - 2009-07-14 06:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-19 02:54 - 2009-07-14 06:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-19 02:01 - 2016-02-07 19:04 - 00000000 ____D C:\Users\LaptopSeb\Downloads\Ant Videos 2016-04-18 17:24 - 2015-10-09 23:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-04-18 17:24 - 2015-05-16 22:50 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-18 17:24 - 2015-05-16 22:50 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieUserList 2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieSiteList 2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieBrowserModeList 2016-04-18 10:14 - 2016-02-05 00:15 - 00109640 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2016-04-18 10:14 - 2011-04-12 03:30 - 00699626 _____ C:\Windows\system32\perfh007.dat 2016-04-18 10:14 - 2011-04-12 03:30 - 00149734 _____ C:\Windows\system32\perfc007.dat 2016-04-18 10:14 - 2010-11-20 23:01 - 01620444 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-18 10:06 - 2016-02-01 00:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-18 10:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-18 08:21 - 2016-02-01 00:16 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-04-18 08:21 - 2016-02-01 00:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-04-18 04:25 - 2016-02-03 14:23 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\Spotify 2016-04-18 04:13 - 2016-02-17 14:23 - 00000000 ____D C:\Users\LaptopSeb\Desktop\musik 2016-04-18 02:55 - 2016-02-03 14:21 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Spotify 2016-04-17 14:20 - 2016-02-03 15:33 - 00000000 ____D C:\Users\LaptopSeb\Desktop\handypics 2016-04-14 17:41 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-04-13 02:42 - 2015-10-14 14:24 - 00013405 _____ C:\Windows\BRRBCOM.INI 2016-04-11 04:01 - 2015-10-09 22:58 - 00704416 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2016-04-11 04:01 - 2015-07-09 19:11 - 00155304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2016-04-11 04:01 - 2015-07-09 19:11 - 00076472 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys 2016-04-11 01:35 - 2016-01-31 23:54 - 00000000 ____D C:\Program Files\Common Files\IObit 2016-04-11 01:34 - 2016-02-03 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-04-11 01:34 - 2016-02-03 17:32 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2016-04-11 01:31 - 2015-07-09 19:11 - 00044920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2016-04-11 01:31 - 2015-07-09 19:11 - 00044728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2016-04-11 01:31 - 2015-07-09 19:11 - 00044408 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys 2016-04-11 01:27 - 2016-03-04 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-02-03 22:26 - 2016-02-03 22:26 - 0000017 _____ () C:\Users\LaptopSeb\AppData\Local\resmon.resmoncfg Einige Dateien in TEMP: ==================== C:\Users\LaptopSeb\AppData\Local\Temp\fdm_videomon_inst2.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-18 05:04 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:18-04-2016
durchgeführt von LaptopSeb (2016-04-19 04:39:51)
Gestartet von C:\Users\LaptopSeb\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-05-11 10:22:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3241619114-2459310091-2925659403-500 - Administrator - Disabled)
Gast (S-1-5-21-3241619114-2459310091-2925659403-501 - Limited - Enabled)
LaptopSeb (S-1-5-21-3241619114-2459310091-2925659403-1000 - Administrator - Enabled) => C:\Users\LaptopSeb
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.08 beta (HKLM\...\7-Zip) (Version: 15.08 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
Amazon Kindle (HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Belarc Advisor 8.5c (HKLM\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Brother MFL-Pro Suite MFC-J4420DW (HKLM\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
calibre (HKLM\...\{50179884-9D17-4BC1-A685-3E99E55CE918}) (Version: 2.54.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Driver Booster 3.2 (HKLM\...\Driver Booster_is1) (Version: 3.2 - IObit)
Free Download Manager 3.9.7 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
Kaspersky Internet Security (HKLM\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.2.361 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles)
Nuance PaperPort 12 (HKLM\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF24 Creator 7.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Scansoft PDF Professional (Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spotify (HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Trojan Remover 6.9.3.2942 (HKLM\...\Trojan Remover_is1) (Version: 6.9.3.2942 - Simply Super Software)
TrojanHunter 6.0 (HKLM\...\TrojanHunter_is1) (Version: 6.0 - Bytelayer AB)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wise Program Uninstaller 1.91 (HKLM\...\Wise Program Uninstaller_is1) (Version: 1.91 - WiseCleaner.com, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {089464E0-2A3D-403A-B352-4BEAB0EBA66A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {143EBF5D-7D0F-4C14-8DB0-78EC929C837E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {1635FB2B-7412-4F15-AADC-539C7A0E3EFC} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-03-15] (IObit)
Task: {78AE8478-5DDC-4F94-990B-96AB9D8CA941} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {79591706-ED6C-4EB9-B253-1D99988D0BE6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {80172715-22E4-42B2-9A27-442E531FA840} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {811432A4-0C5D-4797-ACA8-0FC7E4A4A696} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {9715AE0A-4D22-41C4-A585-25A90E50ADC6} - System32\Tasks\ASC9_SkipUac_LaptopSeb => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-03-18] (IObit)
Task: {C3F4C555-152A-403E-A549-D40530CFBAFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C6ACF88A-667C-4AFE-82F1-166BD336F44B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-18] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2015-12-19 21:51 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-15 22:44 - 2016-01-15 22:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [286]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7871 mehr Seiten.
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-se.com -> 1-se.com
Da befinden sich 11410 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2016-02-03 17:13 - 00450954 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15470 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LaptopSeb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2FABB586-B791-41D6-B678-9C5460620D04}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E5831843-44D3-4CA7-BAD9-99218F0BCFA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E55C5D53-8D03-496C-A2A0-1C16FBB69F17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE977500-A9EA-4FAF-A60F-F67B63A09111}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{59855A30-E9B9-419F-BEFA-7A6930FF14FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9C5424FA-0842-4F38-A5F0-4064F4CD7F3A}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{0A466766-478D-48AA-BF2F-CE3CC28E72E6}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{066F7270-ECB7-4C25-8318-DEA039A54F77}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{67DB7E84-6766-4D5D-B80C-8CE77752B086}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{64DD41C9-B613-47DB-B5FD-3851AAC13BAB}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{AD40200A-D6DB-4F7F-BBDE-00E65C28DDEA}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
==================== Wiederherstellungspunkte =========================
19-04-2016 04:16:13 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Intel(R) Wireless WiFi Link 4965AGN
Description: Intel(R) Wireless WiFi Link 4965AGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwLv32
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Systemfehler:
=============
Error: (04/19/2016 03:54:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-10-14 17:46:21.236
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 17:46:21.236
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 17:46:21.236
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 17:46:18.631
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 17:46:18.631
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 17:46:18.631
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-09 23:07:34.939
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-09 23:07:34.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-09 23:07:34.933
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-09 23:07:34.930
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3062.43 MB
Verfügbarer physikalischer RAM: 1534.57 MB
Summe virtueller Speicher: 6123.18 MB
Verfügbarer virtueller Speicher: 3984.03 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:78.49 GB) (Free:14.83 GB) NTFS
Drive d: (Media/data/downloads) (Fixed) (Total:154.3 GB) (Free:3.16 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 5DB4F36C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.3 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
19.04.2016, 14:57
| #3 | |||||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7 Laptop, infiziert, gehackt, verlangsamt moin
__________________ Zitat:
Aktuelle Software ist nicht wirklich darauf ausgelegt auf uralter Hardware zu laufen. Zitat:
Zitat:
Zitat:
Zitat:
Außerdem: Microsoft Office Professional Plus 2010 Microsoft Windows 7 Ultimate Service Pack 1 Ist das ein gewerblich genutztes System?
__________________ |
|
19.04.2016, 17:03
| #4 |
| | Danke für die schnelle Antwort cosinus Jup. Ist lange Zeit mein Arbeitslaptop gewesen und hab ihn durchs Geschäft bekommen. Ich vermute das ich wahrscheinlich schon vor einiger Zeit gehackt worden bin, denn es gab mal eine Phase ,da haben sich ständig willkürlich Windowsfenster ohne mein zutun blitzschnell geöffnet und auch wieder geschlossen. Prozesse haben sich Grundlos geöffnet oder geschlossen z.b sind die Securityprogramme ständig ausgegangen oder die Firewall stellte sich ab,ständig musste ich manuell die Ports in der Firewall nachstellen, da sie sich wie von Geisterhand öffneten. Außerdem wurden öfters seltsamerweise Benutzerrechte von Programmen und Ordnern verändert. Solange bis es mir zu blöd wurde und ich ihn ratlos in die Ecke pfefferte  .Ich habe dann für eine halbes Jahr einen anderen Laptop benutz. Vor ungefähr einem Monat habe ich ihn reaktiviert und stellte fest das mit den neuen Updates das Phänomen aufgehört hat, vielleicht hat er auch gemerkt das bei mir nichts zu holen ist und deswegen das Interesse verloren. Ich weiß es nicht...DA sich jetzt aber wieder das System schlagartig, viel verschlechtert hat(was ich nun dank Dir weiß, vermutlich die schlechten neuen Updates und Treiber sind) und das Problem mit Drucker und Bios auftauchten, hatte ich Paranoia das ich wieder unter Fremdeinfluss stehen könnte und wollte auf Nummer sicher gehen und diesmal einen Profi fragen. Das mit den Updates ist wirklich Schade, weil so ist er nicht mehr richtig benutzbar. Denn ich würde den Laptop gerne meinen Neffen für die Schulaufgaben und Filme gucken schenken.  Ich hab die Idee, das der Laptop vielleicht wieder als Arbeitsmaschine funktionieren könnte, wenn ich das neue Linux Mint draufmache(das ja sehr benutzerfreundlich, ressurcensparend und im vergleich zu XP up-to-date ist). Zusätzlich hätte es einen größeren Lernfaktor! Was hälst du von der Idee? Kannst du mir bitte einen einfachen Tipp geben wie ich wieder an den Bios rankomme oder an wen ich mich da wenden muss? |
|
19.04.2016, 19:09
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 Laptop, infiziert, gehackt, verlangsamt Bei normalen Desktop-PCs kann man das BIOS und damit auch ein Passwort, das es absichert, durch einen CMOS Reset oder ganz einfach durch Entfernen der CR2032 Knopfzelle zurücksetzen. Wie das beim Notebook ist keine Ahnung. Das musst du hier mal im Hardwarebereich erfragen. Linux auf diese betagte Hardware einzusetzen ist deutlich sinnvoller als es mit einem moppeligen Windows zu versuchen. Ich empfehle aber kein Linux Mint, das Updatewirrwarr sollte man sich als Anfänger nicht antun. Nimm besser Ubuntu MATE, Xubuntu oder für ältere System Lubuntu.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.04.2016, 04:13
| #6 |
| | Win 7 Laptop, infiziert, gehackt, verlangsamt vielen Dank |
|
| Themen zu Win 7 Laptop, infiziert, gehackt, verlangsamt |
| .com, administrator, auslastung, autorun, avp, browser, computer, cpu, defender, desktop, driver booster, dxgkrnl, explorer, firefox, gehackt, help, helper, hilfe, infiziert, kaspersky, monitor, object, problem, rootkit, scan, security, server, sigcheck, starten, tunnel, verlangsamt, windows |
Linear-Darstellung
