| |
| |||||||
Log-Analyse und Auswertung: kernel_data_inpage_error und RootkitverdachtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.04.2016, 13:50
| #1 |
 |  kernel_data_inpage_error und Rootkitverdacht Hallo Leute :-) ich hatte heut morgen nen Bluescreen mit der Meldung: kernel_data_inpage_error (fastfat.sys), darauf hat das System versucht neu zu starten es aber nicht geschafft. Nach manuellem Ausschalten des Laptops und Neustart lief alles wieder wie normal. Das selbe Problem hatte ich allerdings schon mal vor 2 Wochen mit der selben Meldung. Beim googlen hab ich dann gelesen dass u.a. auch ein Virus oder Rootkit dafür verantworlich sein könnte. Außer den beiden Bluescreens soweit keine Probleme. Hab übrigens nen Lenovo Laptop mit Windows 8.1. Virenscanner (Windows Defender, Spybot) haben nichts gefunden. Bei Rootkit-Scannern wurden zwar Einträge gezeigt, aber keine definitiven Rootkitfunde, also keine Alarme oder Löschvorschläge. Ich poste mal die Logs und FRST Scans, bei GMER kommt übrigens jedes Mal was anderes dabei raus. Dabei wird die csrss.exe angezeigt, die auch laut Taskmanager zwei mal läuft was ja komisch ist, beide Instanzen gehen auf die selbe Datei im System32 Ordner zurück. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Home (Administrator) auf LENOVO-PC (22-04-2016 14:15:09)
Gestartet von C:\Users\Home\Desktop\Logs
Geladene Profile: Home (Verfügbare Profile: Home)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] xxxxxxxx
Tcpip\..\Interfaces\{62EBEEB6-5A18-4299-B478-F88B8FF96FA4}: [DhcpNameServer] xxxxxxxx
Tcpip\..\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}: [DhcpNameServer] xxxxxxxx
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1z5kqp9j.default-1408892543986
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1z5kqp9j.default-1408892543986\searchplugins\imdb.xml [2014-08-25]
FF Extension: FireGestures - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1z5kqp9j.default-1408892543986\extensions\firegestures@xuldev.org.xpi [2016-04-10]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1z5kqp9j.default-1408892543986\Extensions\elemhidehelper@adblockplus.org.xpi [2016-02-17]
FF Extension: Adblock Plus - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1z5kqp9j.default-1408892543986\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-25] (Broadcom Corporation.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [42192 2015-09-03] (Razer Inc)
S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [44224 2015-09-03] (Razer Inc)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 aswMBR; \??\C:\Users\Home\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Home\AppData\Local\Temp\aswVmm.sys [X]
U3 fxlyrpog; \??\C:\Users\Home\AppData\Local\Temp\fxlyrpog.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-22 13:23 - 2016-04-22 13:25 - 00225362 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_13.23.35_log.txt
2016-04-22 10:12 - 2016-04-22 10:14 - 00225956 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_10.12.51_log.txt
2016-04-22 09:55 - 2016-04-22 09:56 - 00024015 _____ C:\Users\Home\Desktop\Addition.txt
2016-04-22 09:54 - 2016-04-22 14:15 - 00000000 ____D C:\FRST
2016-04-22 09:54 - 2016-04-22 09:56 - 00030236 _____ C:\Users\Home\Desktop\FRST.txt
2016-04-22 08:45 - 2016-04-22 08:45 - 00000000 ____D C:\AdwCleaner
2016-04-20 21:13 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 21:13 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 21:13 - 2016-03-14 18:50 - 00316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-20 21:13 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 21:13 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2016-04-20 21:13 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2016-04-20 21:13 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2016-04-20 21:13 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-04-20 21:13 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-04-20 21:13 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll
2016-04-20 21:13 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-04-20 21:13 - 2016-03-08 16:44 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 21:13 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-04-20 21:13 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-04-20 21:13 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-04-20 21:13 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-04-20 21:13 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-04-20 21:13 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-04-20 21:13 - 2016-02-23 22:50 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-04-20 21:13 - 2016-02-23 22:48 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-04-16 15:51 - 2016-04-16 15:51 - 00000000 ____D C:\Users\Home\AppData\Roaming\Sun
2016-04-15 16:15 - 2016-04-15 16:15 - 00000000 ____D C:\Users\Home\AppData\Roaming\LolClient
2016-04-13 09:28 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 09:27 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 09:27 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 09:27 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 09:27 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 09:27 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 09:27 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 09:27 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 09:27 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 09:27 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 09:27 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 09:27 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 09:27 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 09:27 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 09:27 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 09:27 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 09:27 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 09:27 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 09:27 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 09:27 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 09:27 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 09:27 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 09:27 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 09:27 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 09:27 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 09:27 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 09:27 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 09:27 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 09:27 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 09:27 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 09:27 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 09:27 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 09:27 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 09:27 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 09:26 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 09:26 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 09:26 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 09:26 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 09:26 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 09:26 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 09:26 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 09:26 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 09:26 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 09:26 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 09:26 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 09:26 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 09:26 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 09:26 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 09:26 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 09:26 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 09:26 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 09:25 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 09:25 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 09:25 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 09:25 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 09:25 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 09:25 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 09:25 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 09:25 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 09:25 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-10 20:49 - 2016-04-10 20:49 - 00000000 ____D C:\Users\Home\AppData\Local\CEF
2016-04-10 18:42 - 2016-04-10 18:42 - 00000000 ____D C:\Users\Home\AppData\Roaming\java
2016-04-10 15:39 - 2016-04-10 15:39 - 00000000 ____D C:\Users\Home\.oracle_jre_usage
2016-04-10 13:44 - 2016-04-10 13:44 - 00000000 ____D C:\Users\Home\AppData\Roaming\.mono
2016-04-10 13:44 - 2016-04-10 13:44 - 00000000 ____D C:\ProgramData\.mono
2016-04-10 12:34 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-10 12:34 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-10 12:34 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-10 12:34 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-10 12:34 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-10 12:34 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-10 12:34 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-10 12:34 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-08 16:30 - 2016-04-08 16:30 - 05934784 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-03-29 23:48 - 2016-03-29 23:48 - 00049384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WirelessKeyboardFilter.sys
2016-03-29 09:58 - 2016-03-29 09:58 - 02160912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01009.dll
2016-03-28 13:09 - 2016-03-28 13:09 - 00000000 ____D C:\WINDOWS\Minidump
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-22 13:47 - 2014-04-29 19:20 - 00000000 ____D C:\Users\Home\AppData\Local\Battle.net
2016-04-22 13:47 - 2014-04-29 19:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-04-22 13:29 - 2014-07-07 22:54 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-22 13:28 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-22 13:19 - 2015-02-14 13:49 - 00000000 ____D C:\Users\Home\AppData\Local\JDownloader 2.0
2016-04-22 11:37 - 2014-02-19 15:20 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-22 11:37 - 2014-02-19 15:20 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-22 11:37 - 2013-10-07 20:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-22 11:37 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-04-22 11:06 - 2014-04-30 14:36 - 00000000 ____D C:\Users\Home\AppData\Roaming\vlc
2016-04-22 07:00 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-21 21:08 - 2014-04-29 19:23 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-04-21 11:25 - 2015-02-20 18:00 - 00000000 ____D C:\Program Files (x86)\World of Tanks
2016-04-20 21:15 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-16 21:27 - 2014-10-10 12:29 - 00000000 ____D C:\Users\Home\AppData\Local\PokerStars.NET
2016-04-14 01:45 - 2014-04-30 15:43 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-13 23:18 - 2014-04-29 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 12:48 - 2014-04-29 14:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 12:45 - 2014-04-29 14:23 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 09:23 - 2016-01-13 11:32 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 09:21 - 2016-03-02 12:28 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-13 09:21 - 2016-03-02 12:28 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 09:21 - 2016-03-02 12:28 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-12 10:20 - 2014-07-31 18:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-10 15:39 - 2014-04-29 19:08 - 00000000 ____D C:\Users\Home
2016-04-10 14:28 - 2014-04-29 19:14 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4228906309-3005005469-1149960139-1001
2016-04-10 12:35 - 2015-04-09 21:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-08 16:30 - 2014-07-07 22:54 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-06 23:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-05 23:53 - 2014-08-14 09:02 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2014-08-14 09:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 16:11 - 2014-10-09 14:33 - 00000000 ____D C:\Users\Home\AppData\Roaming\Mp3tag
2016-03-31 10:54 - 2014-02-19 06:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-28 00:31 - 2014-08-19 16:28 - 00000000 ____D C:\ProgramData\Oracle
2016-03-28 00:30 - 2015-04-02 10:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-28 00:30 - 2014-10-18 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-28 00:30 - 2014-08-19 16:28 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-24 11:01 - 2015-07-15 23:27 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-24 11:01 - 2015-07-15 23:27 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-10 10:49 - 2014-12-18 12:43 - 0007605 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
2014-02-19 06:50 - 2014-02-19 06:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-17 14:51
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Home (2016-04-22 14:16:36)
Gestartet von C:\Users\Home\Desktop\Logs
Windows 8.1 (X64) (2014-04-29 17:08:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4228906309-3005005469-1149960139-500 - Administrator - Disabled)
Gast (S-1-5-21-4228906309-3005005469-1149960139-501 - Limited - Disabled)
Home (S-1-5-21-4228906309-3005005469-1149960139-1001 - Administrator - Enabled) => C:\Users\Home
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{EE19B92D-1F52-D7C1-81BF-326A3405A422}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
World of Tanks (HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06B8A2F0-5531-4320-8378-3694919C3E6F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {2F37FA9A-BD63-4BFF-98C2-2BBD1E2B7439} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)
Task: {4A883EFB-3122-43FB-823C-8972D50E7EBB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {7F89117E-25FB-440C-AA59-7258D368F818} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)
Task: {ADA11046-28AA-4429-A55C-52AC2E6E34F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {C56D0677-E75F-466B-8A08-0A1DE57794BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB82CC20-A37F-497D-BFA8-F9F1A1DA4B57} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A3E38F22-7179-4B2D-A502-AB0C25ACA583}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8479067C-D246-4607-A3F7-5C2C4B48E284}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0284AC1C-72DA-4AAD-9E4C-1736AC468DC2}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C63C26F5-BAEE-473C-A4C3-7C4BBB9EBC2E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{3B357093-D347-4FEC-B525-0F6079C4831C}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{E2F953AD-E0A7-49A2-9436-B1C9D0546960}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{1B675FF5-BCEC-40E5-BECF-89DB6F57A536}] => (Block) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{21FBAD9D-9CA8-46A7-8A73-B7200BF5295A}] => (Block) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{D5A7BA63-A1AC-43A1-8056-756852E28948}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{70D2CE96-82A6-440B-8543-A98BFA09FFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8661F19B-E1C7-42B6-9262-2B4D7518AD36}C:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) C:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8090E37F-B7F6-4BD7-86ED-852F52D3FAD5}C:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) C:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{54C061AF-5699-465F-98F2-EDBE6E274B75}C:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) C:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{335FB34E-EAB2-4E48-B4DF-905E8A59BEFD}C:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) C:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [TCP Query User{67955F7F-8D4F-4BEE-B51A-3C5538F0226F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3729B319-AAA1-475D-9D82-3AFBE49F9905}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9CD6BF27-E03A-4AA0-9C2D-0786B08634CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B33F520-15F9-4140-AE96-C0C352ECCD91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{50B6935A-3254-4C34-9F64-D9658C596610}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EEEA681B-0F41-474E-A5AA-004A113D9609}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D183D61D-74D1-4EE2-8A7A-D1C8A226C5E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4CEDC94-5DB3-4C71-87AA-C0DA404D6B52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6BC05C83-B608-4ED5-8229-9F2FA33F87CE}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1D44BE5A-DA4B-4D5A-A8D0-59C28A333E4F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C4A9BC75-5301-48FF-A5B5-D503CBDB5F3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
08-04-2016 18:31:15 Geplanter Prüfpunkt
13-04-2016 12:40:25 Windows Update
20-04-2016 21:13:23 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Wireless Device
Description: Wireless Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Systemfehler:
=============
Error: (04/22/2016 01:13:20 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/22/2016 01:12:50 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/22/2016 11:24:52 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/22/2016 11:24:22 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
CodeIntegrity:
===================================
Date: 2016-04-22 07:25:18.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-21 10:02:38.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-17 15:07:24.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-16 08:17:43.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-14 09:03:58.834
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-12 08:24:47.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-11 08:28:27.803
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-10 09:04:58.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-07 11:49:18.842
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-06 08:52:19.350
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5694.04 MB
Summe virtueller Speicher: 16296.27 MB
Verfügbarer virtueller Speicher: 13710.64 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.78 GB) (Free:223.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.73 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B6F5D6EB)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-04-22 12:36:09
-----------------------------
12:36:09.658 OS Version: Windows x64 6.2.9200
12:36:09.658 Number of processors: 8 586 0x3C03
12:36:09.674 ComputerName: LENOVO-PC UserName: Home
12:36:44.252 Initialize success
12:36:44.283 VM: initialized successfully
12:36:44.408 VM: Intel CPU BiosDisabled
12:36:44.518 write error "aswEngin.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
12:40:37.185 AVAST engine defs: 16033102
12:40:43.431 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000001e
12:40:43.431 Disk 0 Vendor: ST500LM000-SSHD-8GB LVD3 Size: 476940MB BusType: 11
12:40:43.946 Disk 0 MBR read successfully
12:40:43.961 Disk 0 MBR scan
12:40:43.961 Disk 0 unknown MBR code
12:40:43.977 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
12:40:44.711 Disk 0 scanning C:\WINDOWS\system32\drivers
12:41:36.775 Service scanning
12:42:10.750 Modules scanning
12:42:10.750 Disk 0 trace - called modules:
12:42:10.797 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
12:42:10.797 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000d09fa060]
12:42:10.797 3 CLASSPNP.SYS[fffff801df802f40] -> nt!IofCallDriver -> \Device\0000001e[0xffffe000d0892380]
12:42:28.028 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
12:42:28.028 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"
TDSkiller hat keine Funde angezeigt. AdwCleaner.txt: Code:
ATTFilter # AdwCleaner v5.112 - Bericht erstellt am 22/04/2016 um 08:45:50
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-19.5 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Home - LENOVO-PC
# Gestartet von : C:\Users\Home\Desktop\AdwCleaner_5.112.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Wert gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Schlüssel gefunden : HKCU\Software\OCS
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net
Schlüssel gefunden : HKU\S-1-5-21-4228906309-3005005469-1149960139-1001\Software\OCS
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [991 Bytes] - [22/04/2016 08:45:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1063 Bytes] ##########
Und nun verschiedene GMER Scans, die komischerweise alle verschiedenes zeigen, aber keine definitiven Rootkitfunde. 1: Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-04-22 08:04:11
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001e ST500LM000-SSHD-8GB rev.LVD3 465,76GB
Running: 6orxbtw2.exe; Driver: C:\Users\Home\AppData\Local\Temp\fxlyrpog.sys
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\csrss.exe [624:640] fffff960008812d0
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x6F 0x37 0x2B 0xAF ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0x03 0x88 0x4F 0xE3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE 305
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\CMO15A70_1F_07DA_95^E31A9EA2CA573A9B957AE374289AD020@Timestamp 0xE3 0x91 0x28 0x8C ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 724
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 1884874392
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID d0a858af-0ba0-4819-8e69-b51b50c
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 2
Reg HKLM\SYSTEM\CurrentControlSet\Control\WDI\Config@ServerName \BaseNamedObjects\WDI_{1407f282-4947-40d0-ad0c-9142559516d9}
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\342387faebac
Reg HKLM\SYSTEM\CurrentControlSet\Services\cdrom\Parameters\Wdf@TimeOfLastSqmLog 0x31 0x7C 0xC6 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\CompositeBus\Parameters\Wdf@TimeOfLastSqmLog 0x41 0x96 0x78 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\dc3d\Parameters\Wdf@TimeOfLastSqmLog 0x41 0x41 0xD1 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{796b8351-5832-4161-9ecd-93ac6cb2f195}@LastProbeTime 1461228494
Reg HKLM\SYSTEM\CurrentControlSet\Services\HDAudBus\Parameters\Wdf@TimeOfLastSqmLog 0x13 0xA9 0x8B 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\ialm\Device0@ProfilingToolValues 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\intelppm\Parameters\Wdf@TimeOfLastSqmLog 0x31 0x7C 0xC6 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iwdbus\Parameters\Wdf@TimeOfLastSqmLog 0xF1 0x79 0xCC 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\MEIx64\Parameters\Wdf@TimeOfLastSqmLog 0xB2 0x1F 0x82 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\monitor\Parameters\Wdf@TimeOfLastSqmLog 0x5E 0x7E 0x28 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\NdisVirtualBus\Parameters\Wdf@TimeOfLastSqmLog 0x6A 0x66 0xCC 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\PEAUTH\Parameters\Wdf@TimeOfLastSqmLog 0x5F 0x06 0x60 0xF7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@ReadyBootPlanAge 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?Do?, ?Apr ?21 ?16, 10:54:51???????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 4400
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 5771
Reg HKLM\SYSTEM\CurrentControlSet\Services\SmbDrvI\Parameters\Wdf@TimeOfLastSqmLog 0xDF 0x52 0xCC 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 314
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS 1957
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters\Wdf@TimeOfLastSqmLog 0x4E 0x7F 0xC2 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@LeaseObtainedTime 1461221280
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@T1 1462128480
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@T2 1462808880
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@LeaseTerminatesTime 1463035680
Reg HKLM\SYSTEM\CurrentControlSet\Services\umbus\Parameters\Wdf@TimeOfLastSqmLog 0x41 0x96 0x78 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\USBHUB3\Parameters\Wdf@TimeOfLastSqmLog 0x58 0xCA 0x2B 0xE1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\USBXHCI\Parameters\Wdf@TimeOfLastSqmLog 0x16 0x82 0x84 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\vwifibus\Parameters\Wdf@TimeOfLastSqmLog 0xCA 0xCE 0xB1 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WirelessKeyboardFilter\Parameters\Wdf@TimeOfLastSqmLog 0x48 0x3D 0xEA 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WpdUpFltr\Parameters\Wdf@TimeOfLastSqmLog 0x69 0x2C 0xA8 0x86 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop@TaskbarWinXP 0x0C 0x00 0x00 0x00 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0xD8 0x26 0xC8 0x31 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422@CachePrefix :2016042120160422:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016042120160422
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016042120160422@CacheLimit 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh 0xC6 0x9B 0xDC 0x2F ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified 0x00 0x90 0x48 0xE6 ...
Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@FirstLevelConsentDialog 0xE0 0x02 0x1E 0x00 ...
---- Disk sectors - GMER 2.2 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.2 ----
2: Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-04-22 09:41:26
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001e ST500LM000-SSHD-8GB rev.LVD3 465,76GB
Running: 6orxbtw2.exe; Driver: C:\Users\Home\AppData\Local\Temp\fxlyrpog.sys
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\csrss.exe [624:640] fffff960008812d0
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 88506605
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\342387faebac
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0xD8 0x03 0x36 0x32 ...
---- Disk sectors - GMER 2.2 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.2 ----
3: Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-04-22 11:34:02
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001e ST500LM000-SSHD-8GB rev.LVD3 465,76GB
Running: 6orxbtw2.exe; Driver: C:\Users\Home\AppData\Local\Temp\fxlyrpog.sys
---- Kernel code sections - GMER 2.2 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff9600021b100 15 bytes [80, BB, F0, 01, 00, 98, 6B, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff9600021b110 11 bytes [00, 4B, FC, FF, 40, 90, BA, ...]
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\csrss.exe [624:640] fffff960008812d0
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 88506605
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\342387faebac
---- Disk sectors - GMER 2.2 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.2 ----
Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-04-22 12:34:39
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001e ST500LM000-SSHD-8GB rev.LVD3 465,76GB
Running: 6orxbtw2.exe; Driver: C:\Users\Home\AppData\Local\Temp\fxlyrpog.sys
---- User IAT/EAT - GMER 2.2 ----
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_CxxThrowException] [23004400570053]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__CxxFrameHandler3] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!memcpy] [69006c006e004f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!setlocale] [65006e]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_lock] [6c00660066004f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_unlock] [65006e0069]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!___lc_collate_cp_func] [650065006c0053]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!memcmp] [67006e00690070]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!memset] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_ismbblead] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__pctype_func] [64006e00690057]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!calloc] [5f00730077006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_callnewh] [6900640065004d]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__uncaught_exception] [650073005f0061]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_wcsdup] [6c006100690072]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??8type_info@@QEBAHAEBV0@@Z] [640065007a0069]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__crtCompareStringW] [6f00740073005f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!___lc_codepage_func] [65006700610072]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!___lc_handle_func] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!___mb_cur_max_func] [61006600650044]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!wcstod] [420074006c0075]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__crtLCMapStringW] [730077006f0072]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_get_current_locale] [4e005f00720065]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!modff] [4200550050004f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_free_locale] [4800530049004c]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!abort] [44004900520045]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!modf] [64006900000000]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0exception@@QEAA@XZ] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_ecvt_s] [1700000011]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0exception@@QEAA@AEBQEBDH@Z] [250000001d]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??3@YAXPEAX@Z] [3500000029]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!log10] [5300000043]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!fmod] [8300000067]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!floorf] [d3000000a3]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!floor] [14b00000101]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!ceilf] [20900000199]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!ceil] [33500000287]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??1type_info@@UEAA@XZ] [50b00000407]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_onexit] [8050000065b]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!__dllonexit] [cb300000a1f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_initterm] [201100001979]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_amsg_exit] [32cf0000285b]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_XcptFilter] [50b70000401b]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!wcstol] [8003000065a1]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_errno] [cb350000a153]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!wcscpy_s] [1428b00010001]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!realloc] [2001d00019661]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0exception@@QEAA@AEBV0@@Z] [32cc300028529]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0exception@@QEAA@AEBQEBD@Z] [50a2f00040003]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??1exception@@UEAA@XZ] [8001500065993]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!?what@exception@@UEBAPEBDXZ] [cb323000a1453]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!_purecall] [1428b300100007]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0bad_cast@@QEAA@AEBV0@@Z] [2000110019661f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??0bad_cast@@QEAA@PEBD@Z] [32cbff00285151]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??1bad_cast@@UEAA@XZ] [50a28d0040000f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!??_V@YAXPEAX@Z] [80000900659801]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!strchr] [cb2ff900a14521]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!malloc] [ffffffff]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!free] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!memmove] [64006e00690057]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!memmove_s] [2e00730077006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[msvcrt.dll!log10f] [6e0075006f0046]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_CountRefs] [3e003e]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrOleAllocate] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrStubForwardingFunction] [64006e00690057]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrOleFree] [2e00730077006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!IUnknown_QueryInterface_Proxy] [6e0075006f0046]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_Disconnect] [69007400610064]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!IUnknown_Release_Proxy] [43002e006e006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_DebugServerQueryInterface] [65006c006c006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_QueryInterface] [6f006900740063]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!IUnknown_AddRef_Proxy] [49002e0073006e]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrStubCall3] [74006300650056]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_DebugServerRelease] [6900560072006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_IsIIDSupported] [31006000770065]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_Invoke] [6e00690057003c]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrCStdStubBuffer_Release] [730077006f0064]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrDllCanUnloadNow] [640065004d002e]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrCStdStubBuffer2_Release] [53002e00610069]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!NdrDllGetClassObject] [61006500720074]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_Connect] [67006e0069006d]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[RPCRT4.dll!CStdStubBuffer_AddRef] [6500440049002e]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[ntdll.dll!RtlQueryWnfStateData] [3e006e006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[ntdll.dll!RtlNtStatusToDosError] [64006e00690057]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[ntdll.dll!RtlSubscribeWnfStateChangeNotification] [2e00730077006f]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[ntdll.dll!RtlUnsubscribeWnfStateChangeNotification] [6e0075006f0046]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!GetApplicationManifestLanguages] [6c9d81ac66d60eab]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!Bcp47Normalize] [5a0b3bfce2fcc7c1]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!Bcp47GetExtensionSubstring] [7ecbd169e772b0b2]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!Bcp47GetIsoScriptCode] [49f388b3415a984a]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!GetUserLanguages] [6c0ddfbe0805af92]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!Bcp47GetDistance] [532e4b5698b9acc1]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!ResolveLanguages] [90ca1c29d50373ac]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!ClearApplicationLanguageOverride] [49dcaf72d322b163]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!SetApplicationLanguageOverride] [22679008a57d228b]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!Bcp47IsWellFormed] [0]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!GetApplicationLanguageOverride] [3800300025007b]
IAT C:\WINDOWS\Explorer.EXE[4384] @ C:\Windows\System32\Windows.Globalization.dll[Bcp47Langs.dll!GetApplicationLanguages] [300025002d0058]
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\csrss.exe [1636:4076] fffff9600092f2d0
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Diagnostics\Performance@ActiveShutdownDCL C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl.003
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\CMO15A70_1F_07DA_95^E31A9EA2CA573A9B957AE374289AD020@Timestamp 0x23 0x55 0x9F 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{0D6B0640-BB35-45E9-8185-348E11209EBD}\Connection@Name isatap.Speedport_W_504V_Typ_A
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager\Defrag@LastRun 04:21:2016
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager\Defrag@TotalBytesSaved 0x00 0x30 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 88506605
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 1804
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 1785
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 11577
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 227
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 1329
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 4068
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 112
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 459
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 729
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 4640
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 240
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAllocateTime 2
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 5398
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 5431
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 9837
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 5418
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 11484
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 4837
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 275
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 10941
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 4399
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 187
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 11
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 1623
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 52
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 361488
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0x60 0xCB 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 35244
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0xC4 0x44 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 109
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 112
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 82
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 3548
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 902
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime 4426
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0x8F 0xDB 0xE8 0x10 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\342387faebac
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{0D6B0640-BB35-45E9-8185-348E11209EBD}@DefunctTimestamp 0x83 0xE8 0x17 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 4403
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 5778
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS 1959
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@LeaseObtainedTime 1461310379
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@T1 1462217579
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@T2 1462897979
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A09BF16-0E40-4B27-9B00-2C75CAB58CC1}@LeaseTerminatesTime 1463124779
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0x37 0x58 0xBF 0x32 ...
---- Disk sectors - GMER 2.2 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.2 ----
|
|
23.04.2016, 14:39
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | kernel_data_inpage_error und Rootkitverdacht Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Warum hast denn die Einträge editiert: Code:
ATTFilter Tcpip\Parameters: [DhcpNameServer] xxxxxxxx
Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
23.04.2016, 16:58
| #3 |
| | kernel_data_inpage_error und Rootkitverdacht Hallo Jürgen, danke für deine Antwort. Ich hab DhcpNameServer geändert weil ich dachte das wäre mein IP.
__________________Hier der log vom TDSSkiller: Code:
ATTFilter 17:48:52.0142 0x1158 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:48:52.0142 0x1158 UEFI system
17:48:54.0426 0x1158 ============================================================
17:48:54.0426 0x1158 Current date / time: 2016/04/23 17:48:54.0426
17:48:54.0427 0x1158 SystemInfo:
17:48:54.0427 0x1158
17:48:54.0427 0x1158 OS Version: 6.3.9600 ServicePack: 0.0
17:48:54.0427 0x1158 Product type: Workstation
17:48:54.0427 0x1158 ComputerName: LENOVO-PC
17:48:54.0427 0x1158 UserName: Home
17:48:54.0427 0x1158 Windows directory: C:\WINDOWS
17:48:54.0427 0x1158 System windows directory: C:\WINDOWS
17:48:54.0427 0x1158 Running under WOW64
17:48:54.0427 0x1158 Processor architecture: Intel x64
17:48:54.0427 0x1158 Number of processors: 8
17:48:54.0427 0x1158 Page size: 0x1000
17:48:54.0427 0x1158 Boot type: Normal boot
17:48:54.0427 0x1158 ============================================================
17:48:54.0474 0x1158 KLMD registered as C:\WINDOWS\system32\drivers\84146715.sys
17:48:54.0893 0x1158 System UUID: {30988EBA-989C-9381-6E98-53616B21A277}
17:48:55.0227 0x1158 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:55.0229 0x1158 ============================================================
17:48:55.0229 0x1158 \Device\Harddisk0\DR0:
17:48:55.0229 0x1158 GPT partitions:
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B47E7EA9-2C45-4A4D-AF85-9C68FF6ECDC7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F5C20180-57C7-4BA2-8BFF-B86A11E1C059}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {4371BE72-2AB3-4D8C-9595-E4716A432E04}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1C39D309-1607-40B8-8063-271FABC8F746}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {45A1A94F-D055-4168-BD0F-BE5C0158C270}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x3538D000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {118A6426-B358-4FEE-9F81-EE478CDA4638}, Name: Basic data partition, StartLBA 0x35837800, BlocksNum 0x3200000
17:48:55.0229 0x1158 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0D5F9A60-5026-4B8A-99E2-CA77879E2BDB}, Name: Basic data partition, StartLBA 0x38A37800, BlocksNum 0x194E800
17:48:55.0229 0x1158 MBR partitions:
17:48:55.0229 0x1158 ============================================================
17:48:55.0302 0x1158 C: <-> \Device\Harddisk0\DR0\Partition5
17:48:55.0306 0x1158 D: <-> \Device\Harddisk0\DR0\Partition6
17:48:55.0306 0x1158 ============================================================
17:48:55.0306 0x1158 Initialize success
17:48:55.0306 0x1158 ============================================================
17:49:02.0201 0x152c ============================================================
17:49:02.0201 0x152c Scan started
17:49:02.0201 0x152c Mode: Manual; SigCheck; TDLFS;
17:49:02.0201 0x152c ============================================================
17:49:02.0201 0x152c KSN ping started
17:49:04.0601 0x152c KSN ping finished: true
17:49:05.0470 0x152c ================ Scan system memory ========================
17:49:05.0470 0x152c System memory - ok
17:49:05.0470 0x152c ================ Scan services =============================
17:49:05.0554 0x152c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:49:05.0614 0x152c 1394ohci - ok
17:49:05.0628 0x152c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:49:05.0636 0x152c 3ware - ok
17:49:05.0694 0x152c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:49:05.0717 0x152c ACPI - ok
17:49:05.0745 0x152c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:49:05.0753 0x152c acpiex - ok
17:49:05.0757 0x152c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:49:05.0779 0x152c acpipagr - ok
17:49:05.0782 0x152c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:49:05.0795 0x152c AcpiPmi - ok
17:49:05.0799 0x152c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:49:05.0823 0x152c acpitime - ok
17:49:05.0847 0x152c [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
17:49:05.0856 0x152c ACPIVPC - ok
17:49:05.0890 0x152c [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:49:05.0896 0x152c AdobeARMservice - ok
17:49:06.0001 0x152c [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:49:06.0008 0x152c AdobeFlashPlayerUpdateSvc - ok
17:49:06.0038 0x152c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:49:06.0060 0x152c ADP80XX - ok
17:49:06.0105 0x152c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:49:06.0134 0x152c AeLookupSvc - ok
17:49:06.0185 0x152c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:49:06.0221 0x152c AFD - ok
17:49:06.0246 0x152c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:49:06.0253 0x152c agp440 - ok
17:49:06.0300 0x152c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:49:06.0350 0x152c ahcache - ok
17:49:06.0395 0x152c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
17:49:06.0420 0x152c ALG - ok
17:49:06.0447 0x152c [ BAEB14025E23CB568DF127631252822F, 23686C2B9DDA8B877F24C3FDBDC9C57F31B44129102160A3CC1CDC7DC44DDECF ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
17:49:06.0510 0x152c AMD External Events Utility - ok
17:49:06.0527 0x152c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:49:06.0576 0x152c AmdK8 - ok
17:49:06.0878 0x152c [ 9E9AE678BBA7E4B80E28F99CE23BC2D2, C10AE63D8D7B4B836B3D0118C25E1D9283DE1800CF1031F19FA5E11431FBF932 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:49:07.0232 0x152c amdkmdag - ok
17:49:07.0281 0x152c [ 7A75C6913E3AD123C06D753B5642468E, AFB153A61DE0AB1C80246ED89D351A242863CCD379FA87465B3B6878B5119368 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:49:07.0314 0x152c amdkmdap - ok
17:49:07.0331 0x152c [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
17:49:07.0336 0x152c amdkmpfd - ok
17:49:07.0341 0x152c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:49:07.0370 0x152c AmdPPM - ok
17:49:07.0400 0x152c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:49:07.0408 0x152c amdsata - ok
17:49:07.0424 0x152c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:49:07.0437 0x152c amdsbs - ok
17:49:07.0446 0x152c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:49:07.0453 0x152c amdxata - ok
17:49:07.0505 0x152c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:49:07.0546 0x152c AppID - ok
17:49:07.0588 0x152c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:49:07.0632 0x152c AppIDSvc - ok
17:49:07.0670 0x152c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:49:07.0679 0x152c Appinfo - ok
17:49:07.0764 0x152c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:49:07.0771 0x152c Apple Mobile Device Service - ok
17:49:07.0815 0x152c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:49:07.0853 0x152c AppReadiness - ok
17:49:07.0904 0x152c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:49:07.0935 0x152c AppXSvc - ok
17:49:07.0956 0x152c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:49:07.0964 0x152c arcsas - ok
17:49:07.0981 0x152c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:49:07.0987 0x152c atapi - ok
17:49:08.0025 0x152c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:49:08.0061 0x152c AudioEndpointBuilder - ok
17:49:08.0098 0x152c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:49:08.0142 0x152c Audiosrv - ok
17:49:08.0191 0x152c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:49:08.0227 0x152c AxInstSV - ok
17:49:08.0257 0x152c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:49:08.0274 0x152c b06bdrv - ok
17:49:08.0278 0x152c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:49:08.0322 0x152c BasicDisplay - ok
17:49:08.0380 0x152c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:49:08.0386 0x152c BasicRender - ok
17:49:08.0405 0x152c [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
17:49:08.0413 0x152c bcbtums - ok
17:49:08.0587 0x152c [ 626993CA204D0DE1C3023F635C013F2B, 264CF2883EBD7A005AA1D17BAEF367E489F11B93ABDFD0BDF87F50748A82A883 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
17:49:08.0785 0x152c BCM43XX - ok
17:49:08.0869 0x152c [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
17:49:08.0942 0x152c BcmBtRSupport - ok
17:49:08.0957 0x152c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:49:08.0962 0x152c bcmfn2 - ok
17:49:08.0994 0x152c [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:49:09.0032 0x152c BDESVC - ok
17:49:09.0054 0x152c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:49:09.0080 0x152c Beep - ok
17:49:09.0138 0x152c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
17:49:09.0171 0x152c BFE - ok
17:49:09.0210 0x152c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
17:49:09.0246 0x152c BITS - ok
17:49:09.0293 0x152c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:49:09.0304 0x152c Bonjour Service - ok
17:49:09.0323 0x152c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:49:09.0375 0x152c bowser - ok
17:49:09.0426 0x152c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:49:09.0469 0x152c BrokerInfrastructure - ok
17:49:09.0503 0x152c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
17:49:09.0524 0x152c Browser - ok
17:49:09.0549 0x152c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:49:09.0568 0x152c BthAvrcpTg - ok
17:49:09.0571 0x152c [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
17:49:09.0608 0x152c BthEnum - ok
17:49:09.0625 0x152c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:49:09.0658 0x152c BthHFEnum - ok
17:49:09.0662 0x152c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:49:09.0678 0x152c bthhfhid - ok
17:49:09.0718 0x152c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
17:49:09.0750 0x152c BthHFSrv - ok
17:49:09.0770 0x152c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:49:09.0781 0x152c BthLEEnum - ok
17:49:09.0786 0x152c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:49:09.0793 0x152c BTHMODEM - ok
17:49:09.0812 0x152c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
17:49:09.0836 0x152c BthPan - ok
17:49:09.0881 0x152c [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:49:09.0929 0x152c BTHPORT - ok
17:49:09.0962 0x152c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
17:49:09.0972 0x152c bthserv - ok
17:49:10.0004 0x152c [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:49:10.0033 0x152c BTHUSB - ok
17:49:10.0052 0x152c [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys
17:49:10.0059 0x152c btwampfl - ok
17:49:10.0074 0x152c [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio C:\WINDOWS\system32\drivers\btwaudio.sys
17:49:10.0081 0x152c btwaudio - ok
17:49:10.0098 0x152c [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt C:\WINDOWS\System32\drivers\btwavdt.sys
17:49:10.0103 0x0820 Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
17:49:10.0108 0x152c btwavdt - ok
17:49:10.0185 0x152c [ D90264CCC8D627F5ADD89C8565331A19, A9597DA9B6C89F8CE2CF7C3F69365074045B9D9422F29BBB7A4AF7EA93DECFE3 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
17:49:10.0209 0x152c btwdins - ok
17:49:10.0220 0x152c [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
17:49:10.0226 0x152c btwl2cap - ok
17:49:10.0235 0x152c [ BF79442906F4BB3DC4A81EA6B82EAD60, 2B67731D1C43C83A19CDC4ACE9605C9F3DA7347CC64C420DD00F8828227E939F ] btwrchid C:\WINDOWS\System32\drivers\btwrchid.sys
17:49:10.0239 0x152c btwrchid - ok
17:49:10.0252 0x152c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:49:10.0281 0x152c cdfs - ok
17:49:10.0288 0x152c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:49:10.0298 0x152c cdrom - ok
17:49:10.0327 0x152c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:49:10.0362 0x152c CertPropSvc - ok
17:49:10.0366 0x152c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:49:10.0384 0x152c circlass - ok
17:49:10.0424 0x152c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:49:10.0438 0x152c CLFS - ok
17:49:10.0446 0x152c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:49:10.0484 0x152c CmBatt - ok
17:49:10.0514 0x152c [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:49:10.0533 0x152c CNG - ok
17:49:10.0573 0x152c [ BEC6AB207F23DC700EF6E70BE8879D4C, 25D75550945DAE39D7C4A29929969C4D6FC91DB00C226B45FFBC6A293DAD00CF ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
17:49:10.0604 0x152c CnxtHdAudService - ok
17:49:10.0611 0x152c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:49:10.0635 0x152c CompositeBus - ok
17:49:10.0637 0x152c COMSysApp - ok
17:49:10.0655 0x152c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:49:10.0684 0x152c condrv - ok
17:49:10.0762 0x152c [ 13F58B5E986E6495D268593FD2CCCB5C, CE008423386B298CFFD1C8DD61AAE5DB78656D49A15CC99BA47BC273D08C9D74 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:49:10.0770 0x152c cphs - ok
17:49:10.0805 0x152c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:49:10.0830 0x152c CryptSvc - ok
17:49:10.0855 0x152c [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
17:49:10.0862 0x152c CxAudMsg - ok
17:49:10.0896 0x152c [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\WINDOWS\system32\drivers\dam.sys
17:49:10.0904 0x152c dam - ok
17:49:10.0921 0x152c [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
17:49:10.0975 0x152c dc3d - ok
17:49:11.0030 0x152c [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:49:11.0073 0x152c DcomLaunch - ok
17:49:11.0104 0x152c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:49:11.0134 0x152c defragsvc - ok
17:49:11.0161 0x152c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:49:11.0177 0x152c DeviceAssociationService - ok
17:49:11.0195 0x152c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:49:11.0220 0x152c DeviceInstall - ok
17:49:11.0252 0x152c [ FDE50F8CBFC986086FE47D3D582F80BE, 4D0D5C6F9B1B7EF76F89F78B79AF8D7BBFF05127F512A14701012EB01599B898 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:49:11.0274 0x152c Dfsc - ok
17:49:11.0314 0x152c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:49:11.0340 0x152c Dhcp - ok
17:49:11.0410 0x152c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
17:49:11.0478 0x152c DiagTrack - ok
17:49:11.0513 0x152c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
17:49:11.0522 0x152c disk - ok
17:49:11.0526 0x152c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:49:11.0557 0x152c dmvsc - ok
17:49:11.0577 0x152c [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:49:11.0608 0x152c Dnscache - ok
17:49:11.0638 0x152c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:49:11.0650 0x152c dot3svc - ok
17:49:11.0706 0x152c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
17:49:11.0717 0x152c DPS - ok
17:49:11.0720 0x152c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:49:11.0726 0x152c drmkaud - ok
17:49:11.0740 0x152c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:49:11.0768 0x152c DsmSvc - ok
17:49:11.0820 0x152c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:49:11.0870 0x152c DXGKrnl - ok
17:49:11.0894 0x152c [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
17:49:11.0909 0x152c e1iexpress - ok
17:49:11.0952 0x152c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:49:11.0983 0x152c Eaphost - ok
17:49:12.0082 0x152c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:49:12.0198 0x152c ebdrv - ok
17:49:12.0244 0x152c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
17:49:12.0251 0x152c EFS - ok
17:49:12.0256 0x152c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:49:12.0263 0x152c EhStorClass - ok
17:49:12.0294 0x152c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:49:12.0303 0x152c EhStorTcgDrv - ok
17:49:12.0312 0x152c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:49:12.0332 0x152c ErrDev - ok
17:49:12.0404 0x152c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
17:49:12.0440 0x152c EventSystem - ok
17:49:12.0463 0x152c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:49:12.0477 0x152c exfat - ok
17:49:12.0511 0x152c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:49:12.0522 0x152c fastfat - ok
17:49:12.0550 0x152c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
17:49:12.0597 0x152c Fax - ok
17:49:12.0618 0x152c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:49:12.0644 0x152c fdc - ok
17:49:12.0677 0x152c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:49:12.0702 0x152c fdPHost - ok
17:49:12.0750 0x152c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:49:12.0771 0x152c FDResPub - ok
17:49:12.0804 0x152c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:49:12.0815 0x152c fhsvc - ok
17:49:12.0856 0x152c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:49:12.0863 0x152c FileInfo - ok
17:49:12.0872 0x152c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:49:12.0906 0x152c Filetrace - ok
17:49:12.0910 0x152c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:49:12.0924 0x152c flpydisk - ok
17:49:12.0968 0x152c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:49:12.0981 0x152c FltMgr - ok
17:49:13.0049 0x152c [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
17:49:13.0098 0x152c FontCache - ok
17:49:13.0147 0x0820 Object send P2P result: true
17:49:13.0179 0x152c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:49:13.0185 0x152c FontCache3.0.0.0 - ok
17:49:13.0239 0x152c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:49:13.0246 0x152c FsDepends - ok
17:49:13.0249 0x152c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:49:13.0255 0x152c Fs_Rec - ok
17:49:13.0322 0x152c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:49:13.0342 0x152c fvevol - ok
17:49:13.0354 0x152c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:49:13.0374 0x152c FxPPM - ok
17:49:13.0399 0x152c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:49:13.0407 0x152c gagp30kx - ok
17:49:13.0430 0x152c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:49:13.0434 0x152c GEARAspiWDM - ok
17:49:13.0446 0x152c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:49:13.0465 0x152c gencounter - ok
17:49:13.0521 0x152c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:49:13.0530 0x152c GPIOClx0101 - ok
17:49:13.0598 0x152c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:49:13.0630 0x152c gpsvc - ok
17:49:13.0654 0x152c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:49:13.0682 0x152c HdAudAddService - ok
17:49:13.0749 0x152c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:49:13.0799 0x152c HDAudBus - ok
17:49:13.0818 0x152c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:49:13.0865 0x152c HidBatt - ok
17:49:13.0902 0x152c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:49:13.0934 0x152c HidBth - ok
17:49:13.0938 0x152c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:49:13.0954 0x152c hidi2c - ok
17:49:13.0971 0x152c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:49:13.0978 0x152c HidIr - ok
17:49:13.0997 0x152c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:49:14.0026 0x152c hidserv - ok
17:49:14.0040 0x152c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:49:14.0062 0x152c HidUsb - ok
17:49:14.0079 0x152c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:49:14.0121 0x152c hkmsvc - ok
17:49:14.0175 0x152c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:49:14.0199 0x152c HomeGroupListener - ok
17:49:14.0237 0x152c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:49:14.0253 0x152c HomeGroupProvider - ok
17:49:14.0281 0x152c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:49:14.0288 0x152c HpSAMD - ok
17:49:14.0344 0x152c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:49:14.0372 0x152c HTTP - ok
17:49:14.0385 0x152c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:49:14.0392 0x152c hwpolicy - ok
17:49:14.0403 0x152c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:49:14.0409 0x152c hyperkbd - ok
17:49:14.0421 0x152c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:49:14.0446 0x152c HyperVideo - ok
17:49:14.0490 0x152c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:49:14.0514 0x152c i8042prt - ok
17:49:14.0525 0x152c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:49:14.0530 0x152c iaLPSSi_GPIO - ok
17:49:14.0542 0x152c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:49:14.0548 0x152c iaLPSSi_I2C - ok
17:49:14.0571 0x152c [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
17:49:14.0587 0x152c iaStorA - ok
17:49:14.0600 0x152c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:49:14.0617 0x152c iaStorAV - ok
17:49:14.0664 0x152c [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:49:14.0668 0x152c IAStorDataMgrSvc - ok
17:49:14.0677 0x152c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:49:14.0691 0x152c iaStorV - ok
17:49:14.0695 0x152c IEEtwCollectorService - ok
17:49:14.0816 0x152c [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:49:14.0965 0x152c igfx - ok
17:49:15.0036 0x152c [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:49:15.0061 0x152c IKEEXT - ok
17:49:15.0068 0x152c [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:49:15.0072 0x152c intaud_WaveExtensible - ok
17:49:15.0105 0x152c [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:49:15.0117 0x152c IntcDAud - ok
17:49:15.0156 0x152c [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:49:15.0194 0x152c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
17:49:17.0638 0x152c Detect skipped due to KSN trusted
17:49:17.0638 0x152c Intel(R) Capability Licensing Service Interface - ok
17:49:17.0676 0x152c [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:49:17.0693 0x152c Intel(R) Capability Licensing Service TCP IP Interface - ok
17:49:17.0707 0x152c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:49:17.0713 0x152c intelide - ok
17:49:17.0752 0x152c [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:49:17.0758 0x152c intelpep - ok
17:49:17.0770 0x152c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:49:17.0796 0x152c intelppm - ok
17:49:17.0818 0x152c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:49:17.0871 0x152c IpFilterDriver - ok
17:49:17.0933 0x152c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:49:17.0972 0x152c iphlpsvc - ok
17:49:17.0992 0x152c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:49:18.0008 0x152c IPMIDRV - ok
17:49:18.0031 0x152c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:49:18.0040 0x152c IPNAT - ok
17:49:18.0084 0x152c [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:49:18.0102 0x152c iPod Service - ok
17:49:18.0121 0x152c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:49:18.0149 0x152c IRENUM - ok
17:49:18.0173 0x152c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:49:18.0180 0x152c isapnp - ok
17:49:18.0237 0x152c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:49:18.0250 0x152c iScsiPrt - ok
17:49:18.0254 0x152c [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:49:18.0258 0x152c iwdbus - ok
17:49:18.0324 0x152c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:49:18.0331 0x152c jhi_service - ok
17:49:18.0346 0x152c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:49:18.0353 0x152c kbdclass - ok
17:49:18.0373 0x152c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:49:18.0379 0x152c kbdhid - ok
17:49:18.0395 0x152c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:49:18.0401 0x152c kdnic - ok
17:49:18.0413 0x152c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
17:49:18.0420 0x152c KeyIso - ok
17:49:18.0457 0x152c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:49:18.0465 0x152c KSecDD - ok
17:49:18.0505 0x152c [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:49:18.0515 0x152c KSecPkg - ok
17:49:18.0526 0x152c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:49:18.0534 0x152c ksthunk - ok
17:49:18.0552 0x152c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:49:18.0579 0x152c KtmRm - ok
17:49:18.0598 0x152c [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
17:49:18.0605 0x152c L1C - ok
17:49:18.0648 0x152c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:49:18.0685 0x152c LanmanServer - ok
17:49:18.0719 0x152c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:49:18.0744 0x152c LanmanWorkstation - ok
17:49:18.0786 0x152c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:49:18.0802 0x152c lfsvc - ok
17:49:18.0819 0x152c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:49:18.0848 0x152c lltdio - ok
17:49:18.0891 0x152c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:49:18.0902 0x152c lltdsvc - ok
17:49:18.0939 0x152c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:49:18.0962 0x152c lmhosts - ok
17:49:19.0034 0x152c [ 073BD65B67B001A722469BF7C7D4EEC4, 72102FDF2CD3182C20298418A0115ADB3E14093BF96B6297990F96CEEBEF8CAA ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
17:49:19.0042 0x152c LSCWinService - ok
17:49:19.0058 0x152c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:49:19.0066 0x152c LSI_SAS - ok
17:49:19.0082 0x152c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:49:19.0089 0x152c LSI_SAS2 - ok
17:49:19.0132 0x152c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:49:19.0139 0x152c LSI_SAS3 - ok
17:49:19.0158 0x152c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:49:19.0166 0x152c LSI_SSS - ok
17:49:19.0214 0x152c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
17:49:19.0234 0x152c LSM - ok
17:49:19.0274 0x152c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:49:19.0309 0x152c luafv - ok
17:49:19.0322 0x152c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:49:19.0329 0x152c megasas - ok
17:49:19.0355 0x152c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:49:19.0374 0x152c megasr - ok
17:49:19.0392 0x152c [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:49:19.0398 0x152c MEIx64 - ok
17:49:19.0433 0x152c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:49:19.0463 0x152c MMCSS - ok
17:49:19.0486 0x152c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:49:19.0512 0x152c Modem - ok
17:49:19.0516 0x152c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:49:19.0550 0x152c monitor - ok
17:49:19.0578 0x152c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:49:19.0586 0x152c mouclass - ok
17:49:19.0641 0x152c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:49:19.0687 0x152c mouhid - ok
17:49:19.0724 0x152c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:49:19.0732 0x152c mountmgr - ok
17:49:19.0775 0x152c [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:49:19.0783 0x152c MozillaMaintenance - ok
17:49:19.0799 0x152c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:49:19.0817 0x152c mpsdrv - ok
17:49:19.0864 0x152c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:49:19.0901 0x152c MpsSvc - ok
17:49:19.0941 0x152c [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:49:19.0979 0x152c MRxDAV - ok
17:49:20.0016 0x152c [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:49:20.0029 0x152c mrxsmb - ok
17:49:20.0073 0x152c [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:49:20.0121 0x152c mrxsmb10 - ok
17:49:20.0150 0x152c [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:49:20.0159 0x152c mrxsmb20 - ok
17:49:20.0178 0x152c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:49:20.0186 0x152c MsBridge - ok
17:49:20.0226 0x152c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:49:20.0236 0x152c MSDTC - ok
17:49:20.0269 0x152c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:49:20.0277 0x152c Msfs - ok
17:49:20.0288 0x152c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:49:20.0296 0x152c msgpiowin32 - ok
17:49:20.0299 0x152c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:49:20.0321 0x152c mshidkmdf - ok
17:49:20.0344 0x152c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:49:20.0371 0x152c mshidumdf - ok
17:49:20.0389 0x152c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:49:20.0395 0x152c msisadrv - ok
17:49:20.0431 0x152c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:49:20.0458 0x152c MSiSCSI - ok
17:49:20.0461 0x152c msiserver - ok
17:49:20.0477 0x152c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:49:20.0504 0x152c MSKSSRV - ok
17:49:20.0534 0x152c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:49:20.0541 0x152c MsLldp - ok
17:49:20.0558 0x152c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:49:20.0582 0x152c MSPCLOCK - ok
17:49:20.0603 0x152c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:49:20.0625 0x152c MSPQM - ok
17:49:20.0655 0x152c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:49:20.0668 0x152c MsRPC - ok
17:49:20.0673 0x152c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:49:20.0680 0x152c mssmbios - ok
17:49:20.0693 0x152c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:49:20.0718 0x152c MSTEE - ok
17:49:20.0742 0x152c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:49:20.0768 0x152c MTConfig - ok
17:49:20.0788 0x152c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:49:20.0796 0x152c Mup - ok
17:49:20.0810 0x152c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:49:20.0818 0x152c mvumis - ok
17:49:20.0872 0x152c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:49:20.0887 0x152c napagent - ok
17:49:20.0934 0x152c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:49:20.0996 0x152c NativeWifiP - ok
17:49:21.0057 0x152c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:49:21.0079 0x152c NcaSvc - ok
17:49:21.0098 0x152c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:49:21.0108 0x152c NcbService - ok
17:49:21.0148 0x152c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:49:21.0169 0x152c NcdAutoSetup - ok
17:49:21.0209 0x152c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:49:21.0239 0x152c NDIS - ok
17:49:21.0253 0x152c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:49:21.0259 0x152c NdisCap - ok
17:49:21.0277 0x152c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:49:21.0300 0x152c NdisImPlatform - ok
17:49:21.0316 0x152c [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:49:21.0338 0x152c NdisTapi - ok
17:49:21.0353 0x152c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:49:21.0386 0x152c Ndisuio - ok
17:49:21.0413 0x152c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:49:21.0442 0x152c NdisVirtualBus - ok
17:49:21.0481 0x152c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:21.0505 0x152c NdisWan - ok
17:49:21.0510 0x152c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:21.0521 0x152c NdisWanLegacy - ok
17:49:21.0574 0x152c [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:49:21.0580 0x152c NDProxy - ok
17:49:21.0606 0x152c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:49:21.0649 0x152c Ndu - ok
17:49:21.0667 0x152c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:49:21.0688 0x152c NetBIOS - ok
17:49:21.0712 0x152c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:49:21.0738 0x152c NetBT - ok
17:49:21.0763 0x152c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
17:49:21.0770 0x152c Netlogon - ok
17:49:21.0808 0x152c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
17:49:21.0820 0x152c Netman - ok
17:49:21.0865 0x152c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:49:21.0898 0x152c netprofm - ok
17:49:21.0974 0x152c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:21.0983 0x152c NetTcpPortSharing - ok
17:49:22.0022 0x152c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
17:49:22.0062 0x152c netvsc - ok
17:49:22.0147 0x152c [ 3483D44E1B24F17E622870801403AD13, EF9C5290777A4E277D47C87A174FF9441BE23CAD2F456D35B808463041F4675C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew00.sys
17:49:22.0230 0x152c NETwNe64 - ok
17:49:22.0266 0x152c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:49:22.0324 0x152c NlaSvc - ok
17:49:22.0327 0x152c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:49:22.0347 0x152c Npfs - ok
17:49:22.0351 0x152c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:49:22.0392 0x152c npsvctrig - ok
17:49:22.0422 0x152c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:49:22.0482 0x152c nsi - ok
17:49:22.0503 0x152c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:49:22.0510 0x152c nsiproxy - ok
17:49:22.0568 0x152c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:49:22.0615 0x152c Ntfs - ok
17:49:22.0625 0x152c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
17:49:22.0631 0x152c Null - ok
17:49:22.0663 0x152c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:49:22.0672 0x152c nvraid - ok
17:49:22.0701 0x152c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:49:22.0710 0x152c nvstor - ok
17:49:22.0740 0x152c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:49:22.0750 0x152c nv_agp - ok
17:49:22.0785 0x152c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:49:22.0796 0x152c odserv - ok
17:49:22.0816 0x152c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:49:22.0824 0x152c ose - ok
17:49:22.0880 0x152c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:49:22.0907 0x152c p2pimsvc - ok
17:49:22.0957 0x152c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:49:22.0993 0x152c p2psvc - ok
17:49:23.0011 0x152c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:49:23.0018 0x152c Parport - ok
17:49:23.0058 0x152c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:49:23.0065 0x152c partmgr - ok
17:49:23.0109 0x152c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:49:23.0125 0x152c PcaSvc - ok
17:49:23.0166 0x152c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
17:49:23.0178 0x152c pci - ok
17:49:23.0196 0x152c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:49:23.0203 0x152c pciide - ok
17:49:23.0216 0x152c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:49:23.0225 0x152c pcmcia - ok
17:49:23.0236 0x152c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:49:23.0243 0x152c pcw - ok
17:49:23.0279 0x152c [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:49:23.0286 0x152c pdc - ok
17:49:23.0330 0x152c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:49:23.0361 0x152c PEAUTH - ok
17:49:23.0457 0x152c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:49:23.0480 0x152c PerfHost - ok
17:49:23.0534 0x152c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
17:49:23.0583 0x152c pla - ok
17:49:23.0610 0x152c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:49:23.0618 0x152c PlugPlay - ok
17:49:23.0655 0x152c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:49:23.0675 0x152c PNRPAutoReg - ok
17:49:23.0683 0x152c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:49:23.0694 0x152c PNRPsvc - ok
17:49:23.0728 0x152c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:49:23.0756 0x152c PolicyAgent - ok
17:49:23.0778 0x152c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
17:49:23.0803 0x152c Power - ok
17:49:23.0895 0x152c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:49:23.0975 0x152c PrintNotify - ok
17:49:24.0006 0x152c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:49:24.0034 0x152c Processor - ok
17:49:24.0072 0x152c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:49:24.0100 0x152c ProfSvc - ok
17:49:24.0122 0x152c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:49:24.0149 0x152c Psched - ok
17:49:24.0179 0x152c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:49:24.0192 0x152c QWAVE - ok
17:49:24.0227 0x152c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:49:24.0233 0x152c QWAVEdrv - ok
17:49:24.0237 0x152c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:49:24.0244 0x152c RasAcd - ok
17:49:24.0283 0x152c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:49:24.0311 0x152c RasAuto - ok
17:49:24.0347 0x152c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:49:24.0363 0x152c RasMan - ok
17:49:24.0394 0x152c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:49:24.0417 0x152c RasPppoe - ok
17:49:24.0439 0x152c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:49:24.0494 0x152c rdbss - ok
17:49:24.0500 0x152c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:49:24.0516 0x152c rdpbus - ok
17:49:24.0540 0x152c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:49:24.0549 0x152c RDPDR - ok
17:49:24.0587 0x152c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:49:24.0594 0x152c RdpVideoMiniport - ok
17:49:24.0638 0x152c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:49:24.0649 0x152c rdyboost - ok
17:49:24.0685 0x152c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:49:24.0711 0x152c ReFS - ok
17:49:24.0755 0x152c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:49:24.0766 0x152c RemoteAccess - ok
17:49:24.0810 0x152c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:49:24.0840 0x152c RemoteRegistry - ok
17:49:24.0879 0x152c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
17:49:24.0888 0x152c RFCOMM - ok
17:49:24.0903 0x152c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:49:24.0926 0x152c RpcEptMapper - ok
17:49:24.0958 0x152c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
17:49:24.0965 0x152c RpcLocator - ok
17:49:24.0998 0x152c [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:49:25.0018 0x152c RpcSs - ok
17:49:25.0029 0x152c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:49:25.0054 0x152c rspndr - ok
17:49:25.0078 0x152c [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
17:49:25.0088 0x152c RSUSBVSTOR - ok
17:49:25.0282 0x152c [ 993E6A15FD3EAFC280B8EBB396FA31B2, F268BEE5FFA81A42314DEA4E209FA9D737E50EBE49F76C64B23554F90499A334 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
17:49:25.0494 0x152c rtsuvc - ok
17:49:25.0540 0x152c [ F01BB445A1FD17CB7219E8B12862310A, C085069B6EE4FF5512F0DA64F501543FAB5EE5410156A72CA640B29B630EE2D4 ] rzdaendpt C:\WINDOWS\System32\drivers\rzdaendpt.sys
17:49:25.0545 0x152c rzdaendpt - ok
17:49:25.0595 0x152c [ 02B05959794D013B4B004DBDB69F0708, 0CCBF44B6F2430F1B890AFB43D2534ECAAD5766FCBE89FA39C05264B67E5400A ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
17:49:25.0603 0x152c rzudd - ok
17:49:25.0610 0x152c [ 772986014D21689455246F79FEFB19BA, E0CF7ACB6FB9158441DC73E8C5CF1138791A2081D3985C0C4F157CCDA9916127 ] rzvkeyboard C:\WINDOWS\System32\drivers\rzvkeyboard.sys
17:49:25.0615 0x152c rzvkeyboard - ok
17:49:25.0626 0x152c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:49:25.0652 0x152c s3cap - ok
17:49:25.0691 0x152c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
17:49:25.0698 0x152c SamSs - ok
17:49:25.0700 0x152c SAService - ok
17:49:25.0714 0x152c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:49:25.0722 0x152c sbp2port - ok
17:49:25.0769 0x152c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:49:25.0803 0x152c SCardSvr - ok
17:49:25.0828 0x152c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:49:25.0839 0x152c ScDeviceEnum - ok
17:49:25.0854 0x152c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:49:25.0873 0x152c scfilter - ok
17:49:25.0925 0x152c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:49:25.0967 0x152c Schedule - ok
17:49:26.0014 0x152c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:49:26.0023 0x152c SCPolicySvc - ok
17:49:26.0068 0x152c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:49:26.0080 0x152c sdbus - ok
17:49:26.0113 0x152c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:49:26.0121 0x152c sdstor - ok
17:49:26.0139 0x152c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:49:26.0160 0x152c secdrv - ok
17:49:26.0186 0x152c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:49:26.0194 0x152c seclogon - ok
17:49:26.0210 0x152c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
17:49:26.0231 0x152c SENS - ok
17:49:26.0265 0x152c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:49:26.0297 0x152c SensrSvc - ok
17:49:26.0315 0x152c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:49:26.0322 0x152c SerCx - ok
17:49:26.0343 0x152c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:49:26.0352 0x152c SerCx2 - ok
17:49:26.0356 0x152c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:49:26.0390 0x152c Serenum - ok
17:49:26.0395 0x152c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:49:26.0413 0x152c Serial - ok
17:49:26.0417 0x152c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:49:26.0424 0x152c sermouse - ok
17:49:26.0457 0x152c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:49:26.0524 0x152c SessionEnv - ok
17:49:26.0528 0x152c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:49:26.0535 0x152c sfloppy - ok
17:49:26.0599 0x152c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:49:26.0634 0x152c SharedAccess - ok
17:49:26.0721 0x152c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:49:26.0761 0x152c ShellHWDetection - ok
17:49:26.0786 0x152c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:49:26.0794 0x152c SiSRaid2 - ok
17:49:26.0804 0x152c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:49:26.0812 0x152c SiSRaid4 - ok
17:49:26.0816 0x152c [ D116D01C316D007149B4B529137AC19B, 7EF40B2385790E7924827F7376E74028B2DEAF6A94674E060E20BCDCE07AD293 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
17:49:26.0820 0x152c SmbDrvI - ok
17:49:26.0854 0x152c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
17:49:26.0861 0x152c smphost - ok
17:49:26.0906 0x152c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:49:26.0913 0x152c SNMPTRAP - ok
17:49:26.0935 0x152c [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:49:26.0950 0x152c spaceport - ok
17:49:26.0970 0x152c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:49:26.0978 0x152c SpbCx - ok
17:49:27.0031 0x152c [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:49:27.0070 0x152c Spooler - ok
17:49:27.0227 0x152c [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:49:27.0411 0x152c sppsvc - ok
17:49:27.0447 0x152c [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:49:27.0485 0x152c srv - ok
17:49:27.0500 0x152c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:49:27.0519 0x152c srv2 - ok
17:49:27.0560 0x152c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:49:27.0570 0x152c srvnet - ok
17:49:27.0609 0x152c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:49:27.0620 0x152c SSDPSRV - ok
17:49:27.0655 0x152c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:49:27.0676 0x152c SstpSvc - ok
17:49:27.0695 0x152c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:49:27.0701 0x152c stexstor - ok
17:49:27.0746 0x152c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:49:27.0782 0x152c stisvc - ok
17:49:27.0804 0x152c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:49:27.0812 0x152c storahci - ok
17:49:27.0842 0x152c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
17:49:27.0850 0x152c storflt - ok
17:49:27.0866 0x152c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:49:27.0876 0x152c stornvme - ok
17:49:27.0888 0x152c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:49:27.0909 0x152c StorSvc - ok
17:49:27.0926 0x152c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:49:27.0933 0x152c storvsc - ok
17:49:27.0966 0x152c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
17:49:27.0974 0x152c svsvc - ok
17:49:28.0016 0x152c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:49:28.0023 0x152c swenum - ok
17:49:28.0079 0x152c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
17:49:28.0118 0x152c swprv - ok
17:49:28.0145 0x152c [ 1BF4A65B841F946F2ECE806F3CCC4958, C31B791BD552F1E09D00209A1FB2F96959AB80E5C713EDE5C5615FF8AC2D8BEB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:49:28.0159 0x152c SynTP - ok
17:49:28.0230 0x152c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
17:49:28.0280 0x152c SysMain - ok
17:49:28.0320 0x152c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:49:28.0331 0x152c SystemEventsBroker - ok
17:49:28.0375 0x152c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:49:28.0396 0x152c TabletInputService - ok
17:49:28.0437 0x152c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:49:28.0465 0x152c TapiSrv - ok
17:49:28.0537 0x152c [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:49:28.0600 0x152c Tcpip - ok
17:49:28.0668 0x152c [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:49:28.0719 0x152c TCPIP6 - ok
17:49:28.0753 0x152c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:49:28.0760 0x152c tcpipreg - ok
17:49:28.0786 0x152c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:49:28.0794 0x152c tdx - ok
17:49:28.0818 0x152c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:49:28.0825 0x152c terminpt - ok
17:49:28.0882 0x152c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
17:49:28.0907 0x152c TermService - ok
17:49:28.0930 0x152c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
17:49:28.0938 0x152c Themes - ok
17:49:28.0974 0x152c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:49:28.0981 0x152c THREADORDER - ok
17:49:29.0022 0x152c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:49:29.0046 0x152c TimeBroker - ok
17:49:29.0082 0x152c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:49:29.0093 0x152c TPM - ok
17:49:29.0140 0x152c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:49:29.0169 0x152c TrkWks - ok
17:49:29.0205 0x152c [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
17:49:29.0214 0x152c truecrypt - ok
17:49:29.0259 0x152c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:49:29.0282 0x152c TrustedInstaller - ok
17:49:29.0305 0x152c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:49:29.0313 0x152c TsUsbFlt - ok
17:49:29.0325 0x152c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:49:29.0331 0x152c TsUsbGD - ok
17:49:29.0354 0x152c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:49:29.0387 0x152c tunnel - ok
17:49:29.0396 0x152c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:49:29.0405 0x152c uagp35 - ok
17:49:29.0416 0x152c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:49:29.0423 0x152c UASPStor - ok
17:49:29.0473 0x152c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:49:29.0483 0x152c UCX01000 - ok
17:49:29.0521 0x152c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:49:29.0532 0x152c udfs - ok
17:49:29.0544 0x152c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:49:29.0550 0x152c UEFI - ok
17:49:29.0582 0x152c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:49:29.0590 0x152c UI0Detect - ok
17:49:29.0594 0x152c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:49:29.0601 0x152c uliagpkx - ok
17:49:29.0605 0x152c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:49:29.0612 0x152c umbus - ok
17:49:29.0614 0x152c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:49:29.0632 0x152c UmPass - ok
17:49:29.0652 0x152c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:49:29.0684 0x152c UmRdpService - ok
17:49:29.0726 0x152c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:49:29.0761 0x152c upnphost - ok
17:49:29.0765 0x152c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:49:29.0791 0x152c USBAAPL64 - ok
17:49:29.0841 0x152c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:49:29.0850 0x152c usbccgp - ok
17:49:29.0855 0x152c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:49:29.0878 0x152c usbcir - ok
17:49:29.0900 0x152c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:49:29.0908 0x152c usbehci - ok
17:49:29.0933 0x152c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:49:29.0950 0x152c usbhub - ok
17:49:29.0972 0x152c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:49:29.0989 0x152c USBHUB3 - ok
17:49:29.0993 0x152c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:49:30.0000 0x152c usbohci - ok
17:49:30.0003 0x152c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:49:30.0009 0x152c usbprint - ok
17:49:30.0041 0x152c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:49:30.0050 0x152c USBSTOR - ok
17:49:30.0054 0x152c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:49:30.0074 0x152c usbuhci - ok
17:49:30.0096 0x152c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:49:30.0139 0x152c usbvideo - ok
17:49:30.0202 0x152c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:49:30.0216 0x152c USBXHCI - ok
17:49:30.0228 0x152c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:49:30.0235 0x152c VaultSvc - ok
17:49:30.0245 0x152c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:49:30.0251 0x152c vdrvroot - ok
17:49:30.0299 0x152c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
17:49:30.0350 0x152c vds - ok
17:49:30.0371 0x152c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:49:30.0381 0x152c VerifierExt - ok
17:49:30.0406 0x152c [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:49:30.0426 0x152c vhdmp - ok
17:49:30.0440 0x152c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
17:49:30.0448 0x152c viaide - ok
17:49:30.0503 0x152c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:49:30.0510 0x152c vmbus - ok
17:49:30.0523 0x152c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:49:30.0529 0x152c VMBusHID - ok
17:49:30.0586 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:49:30.0619 0x152c vmicguestinterface - ok
17:49:30.0630 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
17:49:30.0643 0x152c vmicheartbeat - ok
17:49:30.0654 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:49:30.0668 0x152c vmickvpexchange - ok
17:49:30.0678 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
17:49:30.0692 0x152c vmicrdv - ok
17:49:30.0703 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
17:49:30.0717 0x152c vmicshutdown - ok
17:49:30.0726 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
17:49:30.0741 0x152c vmictimesync - ok
17:49:30.0752 0x152c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
17:49:30.0765 0x152c vmicvss - ok
17:49:30.0788 0x152c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:49:30.0794 0x152c volmgr - ok
17:49:30.0811 0x152c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:49:30.0824 0x152c volmgrx - ok
17:49:30.0842 0x152c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:49:30.0853 0x152c volsnap - ok
17:49:30.0905 0x152c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:49:30.0913 0x152c vpci - ok
17:49:30.0931 0x152c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:49:30.0941 0x152c vsmraid - ok
17:49:31.0010 0x152c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
17:49:31.0053 0x152c VSS - ok
17:49:31.0080 0x152c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:49:31.0092 0x152c VSTXRAID - ok
17:49:31.0115 0x152c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:49:31.0121 0x152c vwifibus - ok
17:49:31.0127 0x152c [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:49:31.0166 0x152c vwififlt - ok
17:49:31.0170 0x152c [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:49:31.0191 0x152c vwifimp - ok
17:49:31.0224 0x152c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
17:49:31.0253 0x152c W32Time - ok
17:49:31.0256 0x152c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:49:31.0276 0x152c WacomPen - ok
17:49:31.0340 0x152c [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine C:\WINDOWS\system32\wbengine.exe
17:49:31.0386 0x152c wbengine - ok
17:49:31.0426 0x152c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:49:31.0441 0x152c WbioSrvc - ok
17:49:31.0481 0x152c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:49:31.0513 0x152c Wcmsvc - ok
17:49:31.0538 0x152c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:49:31.0553 0x152c wcncsvc - ok
17:49:31.0596 0x152c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:49:31.0625 0x152c WcsPlugInService - ok
17:49:31.0668 0x152c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:49:31.0675 0x152c WdBoot - ok
17:49:31.0720 0x152c [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
17:49:31.0727 0x152c WDC_SAM - ok
17:49:31.0746 0x152c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:49:31.0767 0x152c Wdf01000 - ok
17:49:31.0785 0x152c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:49:31.0796 0x152c WdFilter - ok
17:49:31.0838 0x152c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:49:31.0866 0x152c WdiServiceHost - ok
17:49:31.0870 0x152c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:49:31.0878 0x152c WdiSystemHost - ok
17:49:31.0913 0x152c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:49:31.0921 0x152c WdNisDrv - ok
17:49:31.0935 0x152c WdNisSvc - ok
17:49:31.0966 0x152c [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
17:49:32.0007 0x152c WebClient - ok
17:49:32.0041 0x152c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:49:32.0066 0x152c Wecsvc - ok
17:49:32.0099 0x152c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
17:49:32.0107 0x152c WEPHOSTSVC - ok
17:49:32.0124 0x152c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:49:32.0135 0x152c wercplsupport - ok
17:49:32.0140 0x152c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:49:32.0150 0x152c WerSvc - ok
17:49:32.0187 0x152c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:49:32.0195 0x152c WFPLWFS - ok
17:49:32.0243 0x152c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:49:32.0285 0x152c WiaRpc - ok
17:49:32.0320 0x152c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:49:32.0327 0x152c WIMMount - ok
17:49:32.0329 0x152c WinDefend - ok
17:49:32.0384 0x152c [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:49:32.0405 0x152c WinHttpAutoProxySvc - ok
17:49:32.0466 0x152c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:49:32.0476 0x152c Winmgmt - ok
17:49:32.0564 0x152c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:49:32.0674 0x152c WinRM - ok
17:49:32.0696 0x152c [ 0CE1584F302C28FC38565B3822A94513, 51DFD80B749A1786AF7712A4FE7BB2368C72767C26A8EC2B56BF2A96E8D11A05 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
17:49:32.0705 0x152c WirelessKeyboardFilter - ok
17:49:32.0746 0x152c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:49:32.0796 0x152c WlanSvc - ok
17:49:32.0852 0x152c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:49:32.0887 0x152c wlidsvc - ok
17:49:32.0892 0x152c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:49:32.0897 0x152c WmiAcpi - ok
17:49:32.0941 0x152c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:49:32.0960 0x152c wmiApSrv - ok
17:49:32.0982 0x152c WMPNetworkSvc - ok
17:49:33.0002 0x152c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
17:49:33.0012 0x152c Wof - ok
17:49:33.0079 0x152c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
17:49:33.0142 0x152c workfolderssvc - ok
17:49:33.0172 0x152c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:49:33.0180 0x152c wpcfltr - ok
17:49:33.0221 0x152c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
17:49:33.0250 0x152c WPCSvc - ok
17:49:33.0276 0x152c [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:49:33.0299 0x152c WPDBusEnum - ok
17:49:33.0322 0x152c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:49:33.0329 0x152c WpdUpFltr - ok
17:49:33.0337 0x152c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:49:33.0345 0x152c ws2ifsl - ok
17:49:33.0361 0x152c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:49:33.0371 0x152c wscsvc - ok
17:49:33.0373 0x152c WSearch - ok
17:49:33.0493 0x152c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
17:49:33.0610 0x152c WSService - ok
17:49:33.0645 0x152c [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
17:49:33.0651 0x152c wsvd - ok
17:49:33.0751 0x152c [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:49:33.0834 0x152c wuauserv - ok
17:49:33.0864 0x152c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:49:33.0889 0x152c WudfPf - ok
17:49:33.0894 0x152c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
17:49:33.0904 0x152c WUDFRd - ok
17:49:33.0946 0x152c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:49:33.0955 0x152c wudfsvc - ok
17:49:33.0961 0x152c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
17:49:33.0970 0x152c WUDFWpdFs - ok
17:49:34.0019 0x152c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:49:34.0050 0x152c WwanSvc - ok
17:49:34.0054 0x152c ================ Scan global ===============================
17:49:34.0118 0x152c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
17:49:34.0161 0x152c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
17:49:34.0203 0x152c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
17:49:34.0232 0x152c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
17:49:34.0238 0x152c [ Global ] - ok
17:49:34.0239 0x152c ================ Scan MBR ==================================
17:49:34.0270 0x152c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:49:34.0918 0x152c \Device\Harddisk0\DR0 - ok
17:49:34.0918 0x152c ================ Scan VBR ==================================
17:49:34.0919 0x152c [ 64B6B22DD1033234EEFB9C98E75ED446 ] \Device\Harddisk0\DR0\Partition1
17:49:34.0942 0x152c \Device\Harddisk0\DR0\Partition1 - ok
17:49:34.0943 0x152c [ 564ACDBC686CF504DD7DDDCF2440C993 ] \Device\Harddisk0\DR0\Partition2
17:49:34.0955 0x152c \Device\Harddisk0\DR0\Partition2 - ok
17:49:34.0956 0x152c [ 09458C90E5992D4FF7582CA156EABC1B ] \Device\Harddisk0\DR0\Partition3
17:49:34.0968 0x152c \Device\Harddisk0\DR0\Partition3 - ok
17:49:34.0970 0x152c [ F5A529530EF5DB5350E971E33C81254D ] \Device\Harddisk0\DR0\Partition4
17:49:34.0970 0x152c \Device\Harddisk0\DR0\Partition4 - ok
17:49:34.0972 0x152c [ E9CA78A7C3E42D36A5169546BA2666CD ] \Device\Harddisk0\DR0\Partition5
17:49:34.0984 0x152c \Device\Harddisk0\DR0\Partition5 - ok
17:49:34.0986 0x152c [ 45F9BDAE0B79DA6C2892ED9E511FD702 ] \Device\Harddisk0\DR0\Partition6
17:49:35.0028 0x152c \Device\Harddisk0\DR0\Partition6 - ok
17:49:35.0029 0x152c [ A4DEC28FEF20E385C105E41903AA3C43 ] \Device\Harddisk0\DR0\Partition7
17:49:35.0031 0x152c \Device\Harddisk0\DR0\Partition7 - ok
17:49:35.0031 0x152c ================ Scan generic autorun ======================
17:49:35.0068 0x152c [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:49:35.0116 0x152c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:49:37.0539 0x152c Detect skipped due to KSN trusted
17:49:37.0539 0x152c IAStorIcon - ok
17:49:37.0564 0x152c [ BCA130800847C31A4E11A08116897C12, 497CE051C599CABD3D659D6622BDDD335B9C16537628EF86963212E01496A354 ] C:\WINDOWS\system32\igfxtray.exe
17:49:37.0574 0x152c IgfxTray - ok
17:49:37.0597 0x152c [ 53621F723CF91434F1278AEDB7BF35EE, 3864D025BFBB462A8A7E2A7E2F2060A34ABF5AB685290B8D7A8748A3412DFBB6 ] C:\WINDOWS\system32\hkcmd.exe
17:49:37.0614 0x152c HotKeysCmds - ok
17:49:37.0639 0x152c [ 0394C29A20DFD3692B7C7254F1CCC026, D3AB34B59571BE983730676ED2741B056D7E8169C4857550644BF089D34B0F81 ] C:\WINDOWS\system32\igfxpers.exe
17:49:37.0656 0x152c Persistence - ok
17:49:37.0806 0x152c [ 6546BB9B4B32BE17C66479EBCF6F34BF, 79FF9DD229C8218499FE10ECE258CCAFF3FF258790840769948E4D05B017E9B8 ] C:\WINDOWS\RTFTrack.exe
17:49:37.0960 0x152c RtsFT - ok
17:49:37.0965 0x152c SynTPEnh - ok
17:49:38.0029 0x152c [ 18A8ED924A58263AB9E80CE164612CCB, 347BB04D76DFF6AAA57039D3386A1942F9227B170C605F369A3382CC747F1A7D ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
17:49:38.0048 0x152c cAudioFilterAgent - ok
17:49:38.0100 0x152c [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
17:49:38.0240 0x152c SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
17:49:41.0691 0x1d94 Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
17:49:43.0187 0x152c Detect skipped due to KSN trusted
17:49:43.0187 0x152c SmartAudio - ok
17:49:43.0255 0x152c [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
17:49:43.0262 0x152c iTunesHelper - ok
17:49:43.0484 0x152c [ B541D17A34FB8E9FD7B5CF66FF2C6607, FD2D06A5DE142682267FB8ADFB5942C3D0D742C0404385DBF196AF0B2A1935B7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:49:43.0502 0x152c StartCCC - ok
17:49:43.0540 0x152c [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:49:43.0556 0x152c SunJavaUpdateSched - ok
17:49:43.0557 0x152c Waiting for KSN requests completion. In queue: 269
17:49:44.0558 0x152c Waiting for KSN requests completion. In queue: 268
17:49:44.0733 0x1d94 Object send P2P result: true
17:49:44.0734 0x1d94 Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
17:49:45.0558 0x152c Waiting for KSN requests completion. In queue: 252
17:49:46.0558 0x152c Waiting for KSN requests completion. In queue: 249
17:49:47.0559 0x152c Waiting for KSN requests completion. In queue: 249
17:49:47.0770 0x1d94 Object send P2P result: true
17:49:47.0782 0x1d94 Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
17:49:48.0559 0x152c Waiting for KSN requests completion. In queue: 100
17:49:49.0559 0x152c Waiting for KSN requests completion. In queue: 100
17:49:50.0560 0x152c Waiting for KSN requests completion. In queue: 100
17:49:50.0952 0x1d94 Object send P2P result: true
17:49:50.0960 0x1d94 Object required for P2P: [ 6546BB9B4B32BE17C66479EBCF6F34BF ] C:\WINDOWS\RTFTrack.exe
17:49:51.0561 0x152c Waiting for KSN requests completion. In queue: 1
17:49:52.0561 0x152c Waiting for KSN requests completion. In queue: 1
17:49:53.0562 0x152c Waiting for KSN requests completion. In queue: 1
17:49:54.0024 0x1d94 Object send P2P result: true
17:49:54.0570 0x152c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
17:49:54.0576 0x152c Win FW state via NFP2: enabled ( trusted )
17:49:57.0015 0x152c ============================================================
17:49:57.0015 0x152c Scan finished
17:49:57.0015 0x152c ============================================================
17:49:57.0020 0x1bc0 Detected object count: 0
17:49:57.0020 0x1bc0 Actual detected object count: 0
|
|
23.04.2016, 17:12
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | kernel_data_inpage_error und Rootkitverdacht Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
23.04.2016, 20:26
| #5 |
| | kernel_data_inpage_error und Rootkitverdacht Hat nichts gefunden: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f215c066af44d54280904098a0a964e1
# end=init
# utc_time=2016-04-23 04:29:11
# local_time=2016-04-23 06:29:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 29208
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f215c066af44d54280904098a0a964e1
# end=updated
# utc_time=2016-04-23 04:33:23
# local_time=2016-04-23 06:33:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f215c066af44d54280904098a0a964e1
# engine=29208
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-23 07:20:45
# local_time=2016-04-23 09:20:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 41315 25228815 0 0
# scanned=539381
# found=0
# cleaned=0
# scan_time=10041
|
|
24.04.2016, 13:46
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | kernel_data_inpage_error und Rootkitverdacht Malware ist da keine...
__________________ --> kernel_data_inpage_error und Rootkitverdacht |
|
12.07.2016, 09:09
| #7 |
| | kernel_data_inpage_error und Rootkitverdacht Hallo wieder mal, seit 4 Tagen hab ich wieder Probleme mir kernel_data_inpage_error. Erst kommt die "Keine Rückmeldung..." in einem Fenster dann friert das geöffnete Fenster ein, ca. 10 Sekunden später frieren alle geöffneten Fenster ein, ca. 30 Sekunden später friert der Mauszeiger ein und ca. 30 Sekunden später Bluescreen mit kernel_data_inpage_error und nichts geht mehr. Irgendwie hat das ganze System, das passiert die letzten 4 Tage jeden Morgen zwischen 9.30 und 10.30 Uhr, wenn ich die Netzverbindung kappe (lange Ausknopf drücken (Laptop)), funktioniert nach Neustart wieder alles einwandfrei bis 24 Stunden später. Hatte die letzten Monate seit Initialbeitrag keine Probleme mehr damit und erst jetzt wieder, Laptop läuft übrigens den ganzen Tag, also von ca. 7 bis 23 Uhr. Habt Ihr irgendwelche Tipps? |
|
12.07.2016, 12:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™  | kernel_data_inpage_error und Rootkitverdacht Bluescreens sind ein Treiber-/Hardwareproblem...und Jürgen hat dir bereits im April geschrieben, dass da keine Malware ist. Mein Rat: 1. auf Windows 10 upgraden, noch geht das kostenlos 2. wenn auch unter W10 BlueScreens sind, da einen neuen Thread eröffnen => Alles rund um Windows - Trojaner-Board
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu kernel_data_inpage_error und Rootkitverdacht |
| bluescreen, bonjour, computer, desktop, device driver, dnsapi.dll, entfernen, error, excel, failed, flash player, google, hal.dll, home, homepage, log file, mp3, problem, realtek, rootkit, scan, software, starten, svchost.exe, system, taskmanager, virus, windows |
Linear-Darstellung
