| |
| |||||||
Log-Analyse und Auswertung: Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.10.2016, 15:49
| #1 |
 |  Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Beim versuch mein System zu Scannen stürzt der Eset Online Scanner ständig ab, er zeigt vor dem Absturz zwishen 11 und 15 Infizierungen an, gibt es eine Alternaitve die ich durchlaufen lassen kann? Malware Antibyte findet keine Infizierungen! FRST LOg: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2016 durchgeführt von Sven (Administrator) auf SVEN-PC (28-10-2016 16:55:36) Gestartet von C:\Users\Sven\Desktop Geladene Profile: Sven (Verfügbare Profile: Sven) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 8 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Spotify Ltd) C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Curse) C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\w32tm.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Blizzard Entertainment) C:\Program Files\Battle.net\Battle.net.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5220\Agent.exe (Blizzard Entertainment) C:\Program Files\Battle.net\Battle.net.8098\Battle.net.exe () C:\Program Files\Battle.net\Battle.net.8098\Battle.net Helper.exe () C:\Program Files\Battle.net\Battle.net.8098\Battle.net Helper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [Steam] => D:\Steam\Steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [29642368 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-30] (Disc Soft Ltd) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [maintains-medicine] => C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe [224256 2016-04-19] () <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [maintainprofile] => C:\Users\Sven\AppData\Local\Temp\Maintain-reception\maintain-astrology.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [gainpiece] => C:\Users\Sven\AppData\Local\Temp\Gain_associations\gain-characteristics.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [companycopy] => C:\Users\Sven\AppData\Local\Temp\Company-mother\companycameroon.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [laughingload] => C:\Users\Sven\AppData\Local\Temp\Laughing-bumper\laughingbbs.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [megabaud-70] => C:\ProgramData\megabaud-1\megabaud-6.exe -ss HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [makes_attempts] => C:\Users\Sven\AppData\Local\Temp\Makes_boxed\makes-bandwidth.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [naturalboyfriend] => C:\Users\Sven\AppData\Local\Temp\Natural_bouquet\natural-ave.exe <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [Spotify Web Helper] => C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-14] (Spotify Ltd) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [Spotify] => C:\Users\Sven\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-14] (Spotify Ltd) HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Run: [transfer-6] => C:\ProgramData\transfer-9\transfer-2.exe -58 HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\RunOnce: [maintains-medicine] => C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe [224256 2016-04-19] () <===== ACHTUNG HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\RunOnce: [scart-66] => C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe [577536 2016-09-25] () Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\algae-6194.lnk [2016-04-11] ShortcutTarget: algae-6194.lnk -> C:\ProgramData\algae-0191\algae-880.exe (IvoSoft) Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-01-21] () Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taper-2.lnk [2016-09-26] ShortcutTarget: taper-2.lnk -> C:\Users\Sven\AppData\Roaming\taper-9\taper-45.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{DDA297AA-DA20-4EA0-8665-11E397129215}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-13] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-13] (Oracle Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-13] (Oracle Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.justblizard.eu/ CHR StartupUrls: Default -> "hxxp://www.justnetwork.eu/" CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default [2016-10-28] CHR Extension: (Google Präsentationen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-20] CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-20] CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Tabellen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-20] CHR Extension: (Google Docs Offline) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20] CHR Extension: (Skype) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Google Mail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-20] CHR Extension: (Chrome Media Router) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25] CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-11-30] (Disc Soft Ltd) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1958408 2016-09-13] (LogMeIn Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-08-31] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-01-11] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-01-11] (Disc Soft Ltd) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-28] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [856928 2010-05-26] (Ralink Technology Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] S1 wnxmoiie; \??\C:\Windows\system32\drivers\wnxmoiie.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-28 16:55 - 2016-10-28 16:55 - 00013350 _____ C:\Users\Sven\Desktop\FRST.txt 2016-10-28 16:55 - 2016-10-28 16:55 - 00000000 ____D C:\FRST 2016-10-28 16:53 - 2016-10-28 16:53 - 01757184 _____ (Farbar) C:\Users\Sven\Desktop\FRST.exe 2016-10-28 11:38 - 2016-10-28 11:38 - 00000000 ____D C:\Users\Sven\AppData\Local\ESET 2016-10-28 11:37 - 2016-10-28 11:37 - 06766720 _____ (ESET spol. s r.o.) C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe 2016-10-13 19:07 - 2016-10-13 19:07 - 00000000 ____D C:\Users\Sven\AppData\Local\YSearchUtil 2016-10-13 19:07 - 2016-10-13 19:07 - 00000000 ____D C:\Program Files\Yahoo! 2016-10-13 19:05 - 2016-10-13 19:05 - 00000000 ____D C:\Program Files\Common Files\Java 2016-10-12 16:27 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-10-12 16:26 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-10-12 16:26 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-10-12 16:26 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-10-12 16:26 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-10-12 16:26 - 2016-09-12 22:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-10-12 16:26 - 2016-09-12 22:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-10-12 16:26 - 2016-09-12 22:49 - 01081856 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-10-12 16:26 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-10-12 16:26 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-10-12 16:26 - 2016-09-12 22:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-10-12 16:26 - 2016-09-12 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-10-12 16:26 - 2016-09-12 22:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-10-12 16:26 - 2016-09-12 22:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-10-12 16:26 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-10-12 16:26 - 2016-09-12 22:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-10-12 16:26 - 2016-09-12 22:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-10-12 16:26 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-10-12 16:26 - 2016-09-09 20:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-10-12 16:26 - 2016-09-09 20:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-10-12 16:26 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-10-12 16:26 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-10-12 16:26 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-10-12 16:26 - 2016-09-09 19:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-10-12 16:26 - 2016-09-09 19:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-10-12 16:26 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-10-12 16:26 - 2016-09-09 19:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-10-12 16:26 - 2016-09-09 19:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-10-12 16:26 - 2016-09-09 19:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-10-12 16:26 - 2016-09-09 19:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-10-12 16:26 - 2016-09-09 19:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-10-12 16:26 - 2016-09-09 19:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-10-12 16:26 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-10-12 16:26 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-10-12 16:26 - 2016-09-08 16:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-10-12 16:26 - 2016-09-08 16:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-10-12 16:26 - 2016-08-16 20:47 - 00419640 _____ C:\Windows\system32\locale.nls 2016-10-12 16:26 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-10-12 16:26 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-10-12 16:26 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-10-12 16:26 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-10-12 16:26 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-10-12 16:26 - 2016-08-12 18:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-10-12 16:26 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-10-12 16:26 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-10-12 16:26 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-10-12 16:26 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-10-12 16:26 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2016-10-12 16:26 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-10-12 16:26 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-10-12 16:26 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2016-10-12 16:26 - 2016-06-14 17:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-10-12 16:26 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-10-12 16:26 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-10-12 16:26 - 2016-06-14 17:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-10-12 16:26 - 2016-06-14 17:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-10-12 16:26 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-10-12 16:26 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-10-12 16:26 - 2016-06-14 17:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-10-12 16:26 - 2016-06-14 16:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-10-12 16:26 - 2016-06-14 16:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-10-12 16:26 - 2016-06-14 16:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-10-12 14:43 - 2016-10-12 14:43 - 00000000 ____D C:\Program Files\Common Files\Skype ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-28 16:55 - 2015-08-20 16:28 - 00000000 ____D C:\Users\Sven\AppData\Local\Battle.net 2016-10-28 16:42 - 2015-08-20 16:06 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-28 16:41 - 2015-08-20 15:41 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-28 16:34 - 2015-08-20 15:40 - 00000000 ____D C:\Users\Sven\AppData\Local\Deployment 2016-10-28 15:41 - 2015-08-20 15:41 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-28 15:39 - 2015-08-20 15:34 - 00000340 ____H C:\Windows\Tasks\TIGCAHFWJLOBIPNT.job 2016-10-27 18:08 - 2015-08-20 16:20 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi 2016-10-27 18:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-10-27 16:16 - 2009-07-14 06:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-10-27 16:16 - 2009-07-14 06:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-10-26 21:16 - 2015-08-20 16:28 - 00000000 ____D C:\Program Files\Battle.net 2016-10-26 21:16 - 2015-08-20 16:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Skype 2016-10-26 21:15 - 2016-09-10 14:42 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Spotify 2016-10-26 21:13 - 2016-09-10 14:43 - 00000000 ____D C:\Users\Sven\AppData\Local\Spotify 2016-10-26 21:12 - 2015-12-01 01:12 - 00000316 _____ C:\Windows\Tasks\HPCeeScheduleForSven.job 2016-10-26 21:12 - 2015-08-20 16:45 - 00000000 ____D C:\ProgramData\NVIDIA 2016-10-26 21:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-26 17:29 - 2015-08-20 17:56 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-10-25 01:43 - 2015-08-20 15:57 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-25 01:43 - 2015-08-20 15:57 - 00002121 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-20 17:38 - 2016-01-02 18:35 - 00000000 ___RD C:\Program Files\Skype 2016-10-13 20:47 - 2015-08-20 17:01 - 00000000 ____D C:\ProgramData\Oracle 2016-10-13 19:05 - 2015-08-20 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-10-13 19:05 - 2015-08-20 15:37 - 00000000 ____D C:\Program Files\Java 2016-10-13 19:04 - 2016-02-10 21:01 - 00000000 ____D C:\Users\Sven\.oracle_jre_usage 2016-10-13 19:03 - 2015-08-20 15:37 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2016-10-13 18:15 - 2016-09-01 12:32 - 00000000 ____D C:\Windows\system32\MRT 2016-10-13 04:08 - 2016-09-24 03:09 - 00000000 ____D C:\Windows\rescache 2016-10-13 03:29 - 2009-07-14 06:33 - 00270824 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-13 03:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Dism 2016-10-13 03:01 - 2016-09-01 12:31 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-10-12 14:43 - 2015-08-20 16:20 - 00000000 ____D C:\ProgramData\Skype 2016-10-12 14:40 - 2016-09-26 00:40 - 00000000 ____D C:\ProgramData\transfer-9 2016-10-04 00:10 - 2015-08-20 17:03 - 00000000 ____D C:\Program Files\Diablo III Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-10-25 00:50 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-10-2016
durchgeführt von Sven (28-10-2016 16:56:06)
Gestartet von C:\Users\Sven\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-08-20 13:13:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3812470548-86516784-2802545936-500 - Administrator - Disabled)
Gast (S-1-5-21-3812470548-86516784-2802545936-501 - Limited - Disabled)
Sven (S-1-5-21-3812470548-86516784-2802545936-1000 - Administrator - Enabled) => C:\Users\Sven
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Curse Client (HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Game Royale Version 1.1 (HKLM\...\{BED1C00F-3FC6-4380-AA86-7AF2D570C9EE}_is1) (Version: 1.1 - btf GmbH)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Guns of Icarus Online (HKLM\...\Steam App 209080) (Version: - Muse Games)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Support Assistant (HKLM\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.5.32.37 - Hewlett-Packard Company)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Patch 4.21 (HKLM\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version: - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version: - RUNEFORGE Games Studios)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Geändert von Hardos (28.10.2016 um 16:02 Uhr) |
|
29.10.2016, 11:28
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab addition.txt Logfile ist unvollständig. Bitte vollständig nachreichen.
__________________
__________________ |
|
29.10.2016, 17:21
| #3 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Oh Entschuldgung! Hier das vollständige Log:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-10-2016
durchgeführt von Sven (28-10-2016 16:56:06)
Gestartet von C:\Users\Sven\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-08-20 13:13:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3812470548-86516784-2802545936-500 - Administrator - Disabled)
Gast (S-1-5-21-3812470548-86516784-2802545936-501 - Limited - Disabled)
Sven (S-1-5-21-3812470548-86516784-2802545936-1000 - Administrator - Enabled) => C:\Users\Sven
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Curse Client (HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Game Royale Version 1.1 (HKLM\...\{BED1C00F-3FC6-4380-AA86-7AF2D570C9EE}_is1) (Version: 1.1 - btf GmbH)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Guns of Icarus Online (HKLM\...\Steam App 209080) (Version: - Muse Games)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Support Assistant (HKLM\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.5.32.37 - Hewlett-Packard Company)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Patch 4.21 (HKLM\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version: - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version: - RUNEFORGE Games Studios)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3812470548-86516784-2802545936-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Starbound (HKLM\...\Steam App 211820) (Version: - )
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
WildStar (HKLM\...\WildStar) (Version: - NCSOFT)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
WUA-0606 (HKLM\...\{27F117DA-D255-4E4F-A3B6-922C8365B9CC}) (Version: 1.5.8.5 - LevelOne)
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5206F78F-CD3B-4ECC-932A-E502ACAC860A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.)
Task: {7878DCED-147F-4D8B-910A-2B9FC7F20F86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {85DCDB3C-2537-45C6-8B6A-CE0CD8579B87} - System32\Tasks\HPCeeScheduleForSven => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {88869E11-31B2-4E95-962F-9AFB28039208} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {8BCB041F-268A-4D54-BB73-3402DBEBC0DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {91AC5D98-3AC4-4F12-BB3B-B14C4363FAB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {B0807C35-7191-4DDA-901B-0DD62405AB63} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {D2A97AED-381D-4EE7-BD8D-31A07E00188E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {D4FBB1D4-FE1D-4ECB-A889-088DAD782EB6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {D985897B-0CFF-4126-B967-88F1F6F60066} - System32\Tasks\TIGCAHFWJLOBIPNT => C:\ProgramData\Service8119\Service8119.exe <==== ACHTUNG
Task: {EE2A614F-EAD5-4308-B905-96524CD45078} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {F07B4DEC-A835-4470-BA4F-5B72B377B19E} - System32\Tasks\{C9C3BABF-3BC7-45E1-B743-B7A2EFAC416B} => pcalua.exe -a C:\Users\Sven\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {F2CB8636-44E4-4FEF-8404-EDAFCBA127AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSven.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\TIGCAHFWJLOBIPNT.job => C:\ProgramData\Service8119\Service8119.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.mystartsearch.com/?type=sc&ts=1440078305&z=7c2a1c574ed44e66d3006e2gbz2zde9ebm6bcoce7c&from=cmi&uid=SAMSUNGXHD501LJ_S0MUJ1DP841331
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-20 16:44 - 2015-02-04 04:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-21 17:33 - 2016-01-21 17:33 - 00035840 _____ () C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2016-01-21 17:33 - 2016-01-21 17:33 - 00016384 _____ () C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2016-01-21 17:33 - 2016-01-21 17:33 - 00099840 _____ () C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-07-03 08:12 - 2016-08-04 22:56 - 49825056 _____ () D:\Steam\bin\libcef.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 00540336 _____ () C:\Program Files\Battle.net\Battle.net.8098\ortp.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 37247976 _____ () C:\Program Files\Battle.net\Battle.net.8098\libcef.dll
2016-10-20 20:09 - 2016-10-20 20:09 - 06402560 _____ () C:\Program Files\Battle.net\Battle.net.8098\battle.net.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 00133632 _____ () C:\Program Files\Battle.net\Battle.net.8098\libEGL.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 03384832 _____ () C:\Program Files\Battle.net\Battle.net.8098\libGLESv2.dll
2016-10-20 20:09 - 2016-10-20 20:09 - 01484776 _____ () C:\Program Files\Battle.net\Battle.net.8098\Battle.net Helper.exe
2016-10-20 20:10 - 2016-10-20 20:10 - 03384832 _____ () C:\Program Files\Battle.net\Battle.net.8098\libglesv2.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 00133632 _____ () C:\Program Files\Battle.net\Battle.net.8098\libegl.dll
2016-10-20 20:10 - 2016-10-20 20:10 - 00990696 _____ () C:\Program Files\Battle.net\Battle.net.8098\ffmpegsumo.dll
2016-10-25 01:43 - 2016-10-20 10:47 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-25 01:43 - 2016-10-20 10:47 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.71\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3812470548-86516784-2802545936-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{BED77B20-CA4C-4748-A708-1EA958942B56}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B4204253-1069-4BD9-97D9-757D95DCA685}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{1A2BE233-4AB2-458F-8338-1F17BD4DB75C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{30FB629D-6C29-4C5F-BC90-5A665A3CF6EF}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{E59C15E1-C3F1-4A1A-832B-0E0C7FFE34C3}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{B3BD25F5-D04B-4B23-98CD-C7E2470477AD}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{63DB416C-46A0-4DB9-80F8-931F338C1F06}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{5007A69D-E07F-4603-B559-92E0BEBEFB03}] => (Allow) D:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{97AA6A5B-976E-4597-B033-79AA0CC2D7C3}] => (Allow) D:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{02AB5838-919C-4DB3-84A3-20C46E1958FC}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{EEC41AFD-6C18-4269-BCFE-A7E08574C856}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{9CE6AE40-E114-4EDE-9421-1A68EF019BD2}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{110916CA-C94F-457F-9460-650587A7ED06}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [TCP Query User{9072BF01-6863-4B98-BBDF-E4784D3E3877}C:\program files\diablo iii\diablo iii.exe] => (Allow) C:\program files\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B2AD6E14-3EF3-4D30-83CA-D98D92F20DC8}C:\program files\diablo iii\diablo iii.exe] => (Allow) C:\program files\diablo iii\diablo iii.exe
FirewallRules: [{B428F2AD-6DB4-4B67-B5D2-9F455982C68E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{64DA7EFE-B46E-43B6-9CCF-06751A5FF7DC}] => (Allow) D:\Heroes of the Storm\Versions\Base38500\HeroesOfTheStorm.exe
FirewallRules: [{81055DED-198D-4B74-9B07-AB1BA1474DCC}] => (Allow) D:\Heroes of the Storm\Versions\Base38500\HeroesOfTheStorm.exe
FirewallRules: [{672707E2-FB60-46FA-AD9D-E7F89E3B2F1C}] => (Allow) D:\Heroes of the Storm\Versions\Base39271\HeroesOfTheStorm.exe
FirewallRules: [{D5918D15-59BF-42B4-8094-6A4825C20FBE}] => (Allow) D:\Heroes of the Storm\Versions\Base39271\HeroesOfTheStorm.exe
FirewallRules: [{6D17B257-910B-4F8A-A805-206E2F95D36D}] => (Allow) D:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{9BCB670F-885B-465E-BA92-82A3E380804D}] => (Allow) D:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [TCP Query User{9A82976D-63EA-4294-837E-AAC6419B7794}C:\program files\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files\the guild 2 - renaissance\guildii.exe
FirewallRules: [UDP Query User{954E2B9D-066A-4C04-95EE-2068E0D99D72}C:\program files\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files\the guild 2 - renaissance\guildii.exe
FirewallRules: [{8A10FD1D-22B0-4E56-9EE6-DA513F0F3325}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{CB65B3D2-2EBD-4DDE-AD0E-8366BD1D18B3}] => (Allow) D:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{D00D661F-9F5F-4543-A23A-B068D180218D}] => (Allow) D:\Heroes of the Storm\Versions\Base40697\HeroesOfTheStorm.exe
FirewallRules: [{441352AF-77AA-4774-B705-5133B708EB8E}] => (Allow) D:\Heroes of the Storm\Versions\Base40697\HeroesOfTheStorm.exe
FirewallRules: [TCP Query User{25E6F8FE-8863-4FAA-9A60-B998DEC8603B}C:\program files\ccleaner\ccleaner.exe] => (Block) C:\program files\ccleaner\ccleaner.exe
FirewallRules: [UDP Query User{93A06FC4-7D20-4EA5-B8F6-18E854EA68D6}C:\program files\ccleaner\ccleaner.exe] => (Block) C:\program files\ccleaner\ccleaner.exe
FirewallRules: [TCP Query User{ADCD4460-860F-4406-97C3-1DA3B66CC3B5}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{25CEF2B4-9979-447D-BB08-A5D504E645F1}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{0FA9EB94-09C6-42E2-8618-845648D5BC5E}C:\windows\system32\rundll32.exe] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{B3832689-8EF3-41AA-AD81-74C8FDCF9B5A}C:\windows\system32\rundll32.exe] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [{2B1013F1-29DA-4CCE-B2E8-28A88FE2EA70}] => (Allow) C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{386E758C-C1B6-4BC1-8C2B-6FCDD2000BD5}] => (Allow) C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{20913F7F-4EA7-4CF3-8765-9D9EF6B95DAC}] => (Allow) C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{FA91E70B-59D7-438A-A56B-BA84E9CA62A8}] => (Allow) C:\Users\Sven\AppData\Local\Apps\2.0\3MDXJQNM.MCB\ELW531MB.PYB\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [TCP Query User{A871A5FC-2837-4CAA-BC51-62C9A8F7A914}C:\users\sven\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sven\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D267D257-BECE-400B-81E0-BA535AD0CBAA}C:\users\sven\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sven\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9A35EF3B-94F4-464F-850F-68258FF30C40}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{009CD394-70D5-4946-A9B5-60E70E85C797}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{640BBFCF-7865-4340-ADEB-2462C35E5F51}C:\program files\logmein hamachi\hamachi-2-ui.exe] => (Block) C:\program files\logmein hamachi\hamachi-2-ui.exe
FirewallRules: [UDP Query User{2AD09B13-3656-432A-8CFF-47EA988FB108}C:\program files\logmein hamachi\hamachi-2-ui.exe] => (Block) C:\program files\logmein hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{2A0E35BD-B262-468F-8C2D-5C3E53517F63}C:\program files\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{B407B506-36DA-44FA-A66A-A62CF67D2A0B}C:\program files\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [{BD7A0E42-902C-453B-BC26-FB8395D81C67}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9D19E2F2-4D58-4EBB-A2BF-8EA4152AD6D1}D:\heroes of the storm\versions\base47479\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base47479\heroesofthestorm.exe
FirewallRules: [UDP Query User{00333E2D-7219-443B-ADD8-4F9AB724A029}D:\heroes of the storm\versions\base47479\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base47479\heroesofthestorm.exe
==================== Wiederherstellungspunkte =========================
13-10-2016 03:00:19 Windows Update
13-10-2016 20:51:09 Windows Update
18-10-2016 21:49:49 Windows Update
25-10-2016 17:44:41 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Diskettenlaufwerk
Description: Diskettenlaufwerk
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standarddiskettenlaufwerke)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/28/2016 03:11:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Name des fehlerhaften Moduls: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00055ea6
ID des fehlerhaften Prozesses: 0xa0c
Startzeit der fehlerhaften Anwendung: 0x01d2311184c2dbbc
Pfad der fehlerhaften Anwendung: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Pfad des fehlerhaften Moduls: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Berichtskennung: 170c950f-9d10-11e6-a5f3-001e8c18e1f6
Error: (10/28/2016 01:48:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Name des fehlerhaften Moduls: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00055ea6
ID des fehlerhaften Prozesses: 0x13f8
Startzeit der fehlerhaften Anwendung: 0x01d2310a301a317e
Pfad der fehlerhaften Anwendung: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Pfad des fehlerhaften Moduls: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Berichtskennung: 758c7b60-9d04-11e6-a5f3-001e8c18e1f6
Error: (10/28/2016 12:34:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Name des fehlerhaften Moduls: ESETOnlineScanner_DEU.exe, Version: 2.0.12.0, Zeitstempel: 0x57ac3e02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00055ea6
ID des fehlerhaften Prozesses: 0x1050
Startzeit der fehlerhaften Anwendung: 0x01d230fefe3e10fa
Pfad der fehlerhaften Anwendung: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Pfad des fehlerhaften Moduls: C:\Users\Sven\Downloads\ESETOnlineScanner_DEU.exe
Berichtskennung: 15b41c76-9cfa-11e6-a5f3-001e8c18e1f6
Error: (10/27/2016 06:07:51 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3812470548-86516784-2802545936-1000}/">.
Error: (10/26/2016 09:14:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/26/2016 09:10:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HeroesOfTheStorm.exe, Version 0.21.1.47479 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 26d0
Startzeit: 01d22fbc55783c38
Endzeit: 903
Anwendungspfad: D:\Heroes of the Storm\Versions\Base47479\HeroesOfTheStorm.exe
Berichts-ID: d34a8626-9baf-11e6-9276-001e8c18e1f6
Error: (10/26/2016 08:47:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist ":<�<ꯧⴤ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (10/26/2016 01:09:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist ":R컈R埀㝶". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (10/26/2016 12:42:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "B9Ꙁ8䲉㪢". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (10/26/2016 12:42:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "B+ꇀ*Уᱫ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Systemfehler:
=============
Error: (10/28/2016 03:10:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (10/26/2016 09:14:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde nicht richtig gestartet.
Error: (10/26/2016 12:42:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:42:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:42:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:42:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:42:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:41:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:41:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (10/26/2016 12:41:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3071.12 MB
Verfügbarer physikalischer RAM: 1274.27 MB
Summe virtueller Speicher: 6140.56 MB
Verfügbarer virtueller Speicher: 3022.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:244.14 GB) (Free:21.08 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:221.62 GB) (Free:80 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5829F41F)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
29.10.2016, 17:58
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Du hast Malwarebytes installiert. Gab es da mal irgendwelche Funde?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.10.2016, 18:08
| #5 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Leider nein! Es findet keine Infizierungen. Hier das dazugehörige Log: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.10.2016 Suchlaufzeit: 19:01 Protokolldatei: malware.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.10.29.06 Rootkit-Datenbank: v2016.09.26.02 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Sven Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 261772 Abgelaufene Zeit: 5 Min., 49 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
29.10.2016, 18:26
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Die Frage war nicht ob es JETZT welche findet, sondern ob es schonmal welche gefunden hat.
__________________ --> Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab |
|
29.10.2016, 18:53
| #7 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Ok, Ok . Also generell hat es natürlich schonmal was gefunden, seit der aktuellen Problematik mit dem Eset scanner allerdings nicht. Grund für den Scan mit Eset ist der verdacht eines Keyloggers/ Phishingware auf dem System. |
|
29.10.2016, 19:04
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Dann sei auch bitte so gut und poste die Log mit den Funden 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2016, 19:12
| #9 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf abCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 20.08.2015 Suchlaufzeit: 16:08 Protokolldatei: m1.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.20.04 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Sven Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 287029 Abgelaufene Zeit: 4 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 7 PUP.Optional.WProtectManager.A, C:\ProgramData\6WinManPro6\ProtectWindowsManager.exe, 1356, Löschen bei Neustart, [8a8ac645a7e4b680157591f9f114a957] Adware.ConvertAd, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\jnsyECF.tmp, 1700, Löschen bei Neustart, [ab6917f4682335014d2e1aade021ae52] PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\Kikblaster.exe, 3328, Löschen bei Neustart, [45cf759690fbf54130d8742bd32eb848] PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\Kikblaster.exe, 4040, Löschen bei Neustart, [45cf759690fbf54130d8742bd32eb848] PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\jnsyECF.tmp, 1700, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0] PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\hnss24A1.tmp, 1736, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0] PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\knsdF466.tmpfs, 1916, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0] Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 39 PUP.Optional.WProtectManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [8a8ac645a7e4b680157591f9f114a957], Adware.ConvertAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu, In Quarantäne, [ab6917f4682335014d2e1aade021ae52], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab, In Quarantäne, [d83c10fb42490a2c0bc7223330d052ae], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\zz.1536.ssp, In Quarantäne, [46ce848747443ef8c420ebc4e024a858], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\kefowydy, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\towojucu, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, In Quarantäne, [b95b4cbfc8c30d299c5a180752b16f91], PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\Crossbrowse, In Quarantäne, [20f4d13ab6d5ef4746af889b54afcb35], PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\istartsurfSoftware, In Quarantäne, [021259b27e0dc6708508bf86c24129d7], PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\mystartsearchSoftware, In Quarantäne, [47cdf714b4d781b560fb320647bc50b0], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\SpaceSondPro, In Quarantäne, [5bb964a76d1e2a0c4e9ab4fb15ef9b65], PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, In Quarantäne, [c153c546e1aa41f54a4e197a7d8708f8], PUP.Optional.WordShark.A, HKLM\SOFTWARE\WordShark_1.10.0.20, In Quarantäne, [d63e8b806b2064d2f91a05a70ff554ac], PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE8119.EXE, In Quarantäne, [1cf869a23457b3830714fe1cb15203fd], PUP.Optional.FastSearch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cfr3011, Löschen bei Neustart, [6ba937d4b9d272c4407901181ee554ac], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab, Löschen bei Neustart, [b85cd932ec9f11255b686c4a9f65639d], PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SmartWeb Upgrade Trigger Task, Löschen bei Neustart, [93819a716e1d62d4cbd334e70ff44eb2], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [a371ce3d602b4fe72d366dbe3bc8f907], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [52c24cbf1a719e98d29052d9976c6799], PUP.Optional.Vosteran, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [73a17b903853ed499f26fc3ce0239d63], PUP.Optional.Wajam.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [51c3a06b6a21ba7cfb666cbfd132d42c], PUP.Optional.Somoto.A, HKLM\SOFTWARE\SEARCHULT, In Quarantäne, [f71da46726655dd9764a9a1a6f95c937], PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\TUTORIALS, In Quarantäne, [46ceee1d8803ee486590b7feb45029d7], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [18fcef1c335878bef60d1b2002016799], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\AskPartnerNetwork, In Quarantäne, [888cbf4c216a300647aeb06fc3404bb5], PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\Crossbrowse, In Quarantäne, [0e06fb105932e84e0de7fb2837ccfb05], PUP.Optional.TNT.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\TNT2, In Quarantäne, [f71d98731d6ea393e621bf6e44bf09f7], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\TutoTag, In Quarantäne, [060ebc4f2269c3736c8bade8986c9e62], PUP.Optional.Iminent.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [5fb569a2bfccd6608a862008788b41bf], PUP.Optional.Iminent.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [01135fac3e4d9b9b9a7758d0d2317090], PUP.Optional.Linkey.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, In Quarantäne, [db395bb04546c0761bf7a880bf448878], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [a470f417692270c62758505425dfff01], PUP.Optional.Vosteran.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [8f8532d9a9e22313c053b870cd368f71], PUP.Optional.Wajam.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [e0344fbcf893f64072a265c3ec172dd3], PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB, In Quarantäne, [050fc14a3358e74fe28a6154bd47b54b], PUP.Optional.HomeTab.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\SIMPLYTECH\HomeTab, In Quarantäne, [c84cdd2e7f0c6dc92dac0d568281b050], PUP.Optional.KikBlaster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Kikblaster, In Quarantäne, [71a3a269fc8f9b9bba5315008c77cc34], PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mystartsearch uninstall, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], Registrierungswerte: 13 PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service8119.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130845512747383625, In Quarantäne, [1cf869a23457b3830714fe1cb15203fd] PUP.Optional.Somoto.A, HKLM\SOFTWARE\SEARCHULT|Somo, , In Quarantäne, [f71da46726655dd9764a9a1a6f95c937] PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\TUTORIALS|HostGUID, A3A3362E-36E8-4A3C-9AAB-390789DBE931, In Quarantäne, [46ceee1d8803ee486590b7feb45029d7] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu|ImagePath, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\jnsyECF.tmp, In Quarantäne, [7d97ad5ee1aa0333a0b09f01c93b2ed2] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\kefowydy|ImagePath, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\hnss24A1.tmp, In Quarantäne, [d93b9972e8a3bb7b09480e922fd5fb05] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\towojucu|ImagePath, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\knsdF466.tmpfs, In Quarantäne, [36deb556d2b951e53c15039d33d11fe1] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype20, 8/20/15 15:34:29, In Quarantäne, [050fc14a3358e74fe28a6154bd47b54b] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype24, 8/20/15 15:34:29, In Quarantäne, [6ba9917a7516e15564089a1b867e10f0] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype27, 8/20/15 15:34:29, In Quarantäne, [3adaaf5cf5969b9b323a4e678e76f808] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype41, 8/20/15 15:34:29, In Quarantäne, [54c0d3381a714cea115b4570ac58857b] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype42, 8/20/15 15:34:29, In Quarantäne, [5fb57794ed9e92a4e28aa1143dc739c7] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype26, 8/20/15 15:34:35, In Quarantäne, [d63e9774276458de05677540e91b8878] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3812470548-86516784-2802545936-1000\SOFTWARE\OB|monitype43, 8/20/15 15:34:35, In Quarantäne, [c2527c8f95f645f1a7c5e9cc18ece61a] Registrierungsdaten: 1 PUP.Optional.KikBlaster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Kikblaster\Kikblaster32.dll , Gut: (), Schlecht: (C:\ProgramData\Kikblaster\Kikblaster32.dll),Ersetzt,[090bcd3ee2a9f145e820e8b72dd4dc24] Ordner: 16 PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro, In Quarantäne, [46ce848747443ef8c420ebc4e024a858], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.WombatService.A, C:\ProgramData\Service8119, In Quarantäne, [9480ec1ff29972c49c8d941c39cb54ac], PUP.Optional.DailyPCClean.A, C:\Users\Sven\Documents\DailyPCClean, In Quarantäne, [967e18f3612af73fb6003a785ba96a96], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster, Löschen bei Neustart, [71a3a269fc8f9b9bba5315008c77cc34], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro_v53.1536, In Quarantäne, [6ea62fdca7e4f046182d80973cc7e51b], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\6WinManPro6, Löschen bei Neustart, [1202b457216abf77464746d22dd62fd1], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\6WinManPro6\update, In Quarantäne, [1202b457216abf77464746d22dd62fd1], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\MWinManProM, In Quarantäne, [53c13ad1d7b43afc8ffea37523e0b24e], Dateien: 121 PUP.Optional.WProtectManager.A, C:\ProgramData\6WinManPro6\ProtectWindowsManager.exe, Löschen bei Neustart, [8a8ac645a7e4b680157591f9f114a957], Adware.ConvertAd, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\jnsyECF.tmp, Löschen bei Neustart, [ab6917f4682335014d2e1aade021ae52], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\Kikblaster.exe, Löschen bei Neustart, [45cf759690fbf54130d8742bd32eb848], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\Kikblaster32.dll, In Quarantäne, [090bcd3ee2a9f145e820e8b72dd4dc24], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\NSISHelper.dll, In Quarantäne, [4fc5c5469eed88ae9870bfe081809769], PUP.Optional.WProtectManager.A, C:\ProgramData\MWinManProM\ProtectWindowsManager.exe, In Quarantäne, [f321e12acfbcf4426f1bf694ec19e41c], PUP.Optional.ELEX, C:\Users\Sven\AppData\Roaming\mystartsearch\key.dll, In Quarantäne, [4bc91fec0a81d75f64af9937659c50b0], PUP.Optional.Tuto4PC, C:\Program Files\DailyPcClean Support\DailyPCClean.exe, In Quarantäne, [db39b05bdead8babb09b7af3050004fc], PUP.Optional.Tuto4PC.A, C:\Program Files\DailyPcClean Support\predm.exe, In Quarantäne, [33e108035d2ed6602c4a8dfc42c3ae52], Trojan.Agent, C:\Program Files\Windows 7 Loader\Windows7Loader.exe, In Quarantäne, [30e454b72f5c290dafd80a2b13f217e9], PUP.Optional.Installcore, C:\Program Files\Windows 7 Loader\Windows7Loader__11517_il289523.exe, In Quarantäne, [2de7ab602665989ecb379af11bea12ee], PUP.Optional.RocketTab.PrxySvrRST, C:\Program Files\Search Extensions\uninstall.exe, In Quarantäne, [d83c10fb42490a2c0bc7223330d052ae], Trojan.MSIL.Dropper, C:\Program Files\SpaceSondPro_v53.1536\SpaceSondPro_Service.exe, In Quarantäne, [6fa51cef830872c4752d0ab8887939c7], PUP.Optional.Crossrider.C, C:\Users\Sven\AppData\Local\Temp\2945.exe, In Quarantäne, [a074a66509824aec8ca8404b17ee20e0], PUP.Optional.Crossbrowse.C, C:\Users\Sven\AppData\Local\Temp\956C.tmp, In Quarantäne, [30e417f4b6d55dd9f30bd7b0c73eb44c], Trojan.Agent, C:\Users\Sven\AppData\Local\Temp\nsd57CB.tmp, In Quarantäne, [1400fc0fabe01d19794f4200f90cd729], PUP.Optional.IBryte, C:\Users\Sven\AppData\Local\Temp\installer.exe, In Quarantäne, [6fa5b853246779bd79da3c7b81807987], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Local\Temp\nsr40EB.tmp, In Quarantäne, [a66ef01b414a122464a483040df8fd03], Trojan.MSIL.Dropper, C:\Users\Sven\AppData\Local\Temp\nsrCD10.tmp, In Quarantäne, [cc482edd47441f179909c4fe4cb55aa6], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Local\Temp\nswEF04.tmp, In Quarantäne, [1202bf4ccbc040f6226fdaad5da831cf], PUP.Optional.Amonentize.A, C:\Users\Sven\AppData\Local\Temp\nswFC1B.tmp, In Quarantäne, [2aea21ea800bf73fd5ddfea505fca759], PUP.Optional.Tuto4PC.A, C:\Users\Sven\AppData\Local\Temp\nswFE9.tmp, In Quarantäne, [a76dc04bed9e46f0b4aa800bd431c739], PUP.Optional.OutBrowse, C:\Users\Sven\AppData\Local\Temp\oo2.exe, In Quarantäne, [5aba3ecde9a23cfaee86535521e035cb], PUP.Optional.Crossbrowse.C, C:\Users\Sven\AppData\Local\Temp\4343\setup.exe, In Quarantäne, [ed27c348bbd077bf0bf3b7d0de278e72], PUP.Optional.OurSeaching.A, C:\Users\Sven\AppData\Local\Temp\81440077625\0PlJATVNQ2.exe, In Quarantäne, [9084bd4eb7d462d48b2e7b0c8283d22e], PUP.Optional.EORezo, C:\Users\Sven\AppData\Local\Temp\81440077625\1PlJATVNQ0.exe, In Quarantäne, [789cc3487d0e72c4cabc6b1e0ff69868], PUP.Optional.CinemaPlus.A, C:\Users\Sven\AppData\Local\Temp\81440077625\1PlJATVNQ1.exe, In Quarantäne, [35df7299325932043fdbfe841aebb848], PUP.Optional.IBryte, C:\Users\Sven\AppData\Local\Temp\81440077625\1PlJATVNQ150.exe, In Quarantäne, [66ae000bd6b571c5d1826156cb362dd3], PUP.Optional.WProtectManager.A, C:\Users\Sven\AppData\Local\Temp\ms-tmp3535934\tmp\wpm_v20.0.0.2294.exe, In Quarantäne, [ad67c843bdce5adc404a96f4798c867a], Trojan.Agent, C:\Users\Sven\AppData\Local\Temp\nsn4126.tmp\frghw.dll, In Quarantäne, [24f07299d6b5082e4c3b7db8f2130ef2], PUP.Optional.WordShark.A, C:\Users\Sven\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_151.exe, In Quarantäne, [27ed7497c5c6b77f2f42b1ff7b869967], PUP.Optional.WordShark.A, C:\Users\Sven\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [ca4a749799f29d99333e783839c87987], Trojan.Agent, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\pnsi9561.exe, In Quarantäne, [0e06f318ec9f53e34484c979e124a15f], Trojan.Agent, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\snsi955E.tmp, In Quarantäne, [bb59ca415a312511aadbd7f013ee8a76], PUP.Optional.SmartWeb.A, C:\Users\Sven\AppData\Local\SmartWeb\__u.exe, In Quarantäne, [7f95a6656427ba7c3b72e66b837e857b], PUP.Optional.FastSearch.A, C:\Windows\System32\Tasks\cfr3011, In Quarantäne, [37dd33d87c0f9d991e99e13807fcc739], PUP.Optional.WombatUpdater.A, C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, In Quarantäne, [17fd2fdc3d4e9f970b0f8f8b35cef60a], PUP.Optional.PastaLeads.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, In Quarantäne, [00147596880384b2130a31f7c53edf21], PUP.Optional.PastaLeads.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, In Quarantäne, [1afa42c9abe0072f62bbe444cf343dc3], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, In Quarantäne, [f12375968b00d85e857279b78182ab55], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, In Quarantäne, [30e4c744f992d660817633fd897ab848], PUP.Optional.SmartWeb.A, C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task, In Quarantäne, [84903ccfa0ebd06616eeb97e02013cc4], PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab, In Quarantäne, [51c37794d2b970c68da73a0815ee619f], PUP.Optional.Vitruvian.A, C:\Users\Sven\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [48cc9a713a518aac6295dcbef3114eb2], PUP.Optional.Vitruvian.A, C:\Users\Sven\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, In Quarantäne, [b262e02b6526e0569562a0faf90b956b], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\onsi9560.tmp, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\427C.tmp, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\9932.tmp, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\pnsi9561.exe, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\rnsi955F.exe, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\snsi955E.tmp, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.MultiPlug.A, C:\Users\Sven\AppData\Local\B5E2EFE0-1440084912-11DC-8ACC-001E8C18E1F6\Uninstall.exe, In Quarantäne, [0c080308c1cae74f94276c3550b48c74], PUP.Optional.Abengine.A, C:\Users\Sven\AppData\Local\Temp\lengine.ini.log, In Quarantäne, [1bf97f8c9af1ef479286a800b94b629e], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro\uninstall.exe, In Quarantäne, [46ce848747443ef8c420ebc4e024a858], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro\Spacesoundpro.exe, In Quarantäne, [46ce848747443ef8c420ebc4e024a858], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\jnsyECF.tmp, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\hnss24A1.tmp, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\knsdF466.tmpfs, Löschen bei Neustart, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\rnsy8B3.exe, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\Uninstall.exe, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.MultiPlug.A, C:\Program Files\B5E2EFE0-1440077669-11DC-8ACC-001E8C18E1F6\vnsyECBF.tmp, In Quarantäne, [40d40803a7e443f3ef1c258bd92b10f0], PUP.Optional.WombatService.A, C:\ProgramData\Service8119\Service8119.dll, In Quarantäne, [9480ec1ff29972c49c8d941c39cb54ac], PUP.Optional.WombatService.A, C:\ProgramData\Service8119\Service8119.exe, In Quarantäne, [9480ec1ff29972c49c8d941c39cb54ac], PUP.Optional.Acengine.A, C:\Users\Sven\AppData\Local\Temp\acengine.log, In Quarantäne, [c74d5caf701b2313ea63f7b98b790ff1], PUP.Optional.Acengine.A, C:\Windows\Temp\acengine.log, In Quarantäne, [e3312be0e6a52d09f855f9b715efa25e], PUP.Optional.DailyPCClean.A, C:\Users\Sven\Documents\DailyPCClean\CookieExclusions.txt, In Quarantäne, [967e18f3612af73fb6003a785ba96a96], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\478.json, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\MessageBox.xml, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\uninstallDlg2.xml, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\bg.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\bg1.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\bk_shadow.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\button.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\button1.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\checkbox.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\checkbox_select.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\checked.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\close.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\loading_bg.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\loading_light.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\min.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\scrollbar.bmp, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\Thumbs.db, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\unchecked.png, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code1.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code2.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code3.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code4.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code5.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\code6.jpg, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.IStartSurf.ShrtCln, C:\Users\Sven\AppData\Roaming\istartsurf\images\code\Thumbs.db, In Quarantäne, [1004ae5d711a261069177b81867c817f], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\install.log, In Quarantäne, [71a3a269fc8f9b9bba5315008c77cc34], PUP.Optional.KikBlaster.A, C:\ProgramData\Kikblaster\SoftConfigTest.exe, In Quarantäne, [71a3a269fc8f9b9bba5315008c77cc34], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro_v53.1536\SpaceSondPro_Service.exe, In Quarantäne, [6ea62fdca7e4f046182d80973cc7e51b], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\402.json, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\MessageBox.xml, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\uninstallDlg2.xml, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\UninstallManager.exe, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\bg.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\bg1.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\bk_shadow.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\button.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\button1.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\checkbox.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\checkbox_select.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\checked.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\close.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\loading_bg.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\loading_light.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\min.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\scrollbar.bmp, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\Thumbs.db, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\unchecked.png, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code1.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code2.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code3.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code4.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code5.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\code6.jpg, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sven\AppData\Roaming\mystartsearch\images\code\Thumbs.db, In Quarantäne, [5cb810fb008b4de9caafd246e71cec14], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\6WinManPro6\updateconf, In Quarantäne, [1202b457216abf77464746d22dd62fd1], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
29.10.2016, 19:20
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.10.2016, 12:30
| #11 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Mbar hat nichts gefunden und vor dem Clean Up abgebbrochen. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.10.30.06
rootkit: v2016.09.26.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Sven :: SVEN-PC [administrator]
30.10.2016 12:17:53
mbar-log-2016-10-30 (12-17-53).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 33495
Time elapsed: 7 minute(s), 17 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:31:33.0434 0x01b0 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
12:31:38.0985 0x01b0 ============================================================
12:31:38.0985 0x01b0 Current date / time: 2016/10/30 12:31:38.0985
12:31:38.0985 0x01b0 SystemInfo:
12:31:38.0985 0x01b0
12:31:38.0985 0x01b0 OS Version: 6.1.7601 ServicePack: 1.0
12:31:38.0985 0x01b0 Product type: Workstation
12:31:38.0985 0x01b0 ComputerName: SVEN-PC
12:31:38.0985 0x01b0 UserName: Sven
12:31:38.0985 0x01b0 Windows directory: C:\Windows
12:31:38.0985 0x01b0 System windows directory: C:\Windows
12:31:38.0985 0x01b0 Processor architecture: Intel x86
12:31:38.0985 0x01b0 Number of processors: 2
12:31:38.0985 0x01b0 Page size: 0x1000
12:31:38.0985 0x01b0 Boot type: Normal boot
12:31:38.0985 0x01b0 CodeIntegrityOptions = 0x00000000
12:31:38.0985 0x01b0 ============================================================
12:31:40.0426 0x01b0 KLMD registered as C:\Windows\system32\drivers\40955087.sys
12:31:40.0426 0x01b0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x0
12:31:40.0736 0x01b0 System UUID: {094BED57-2AAD-ECA1-015D-93AF387B54C7}
12:31:41.0591 0x01b0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:31:41.0593 0x01b0 ============================================================
12:31:41.0593 0x01b0 \Device\Harddisk0\DR0:
12:31:41.0594 0x01b0 MBR partitions:
12:31:41.0594 0x01b0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E848000
12:31:41.0594 0x01b0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x1BB3D000
12:31:41.0594 0x01b0 ============================================================
12:31:41.0624 0x01b0 C: <-> \Device\Harddisk0\DR0\Partition1
12:31:41.0660 0x01b0 D: <-> \Device\Harddisk0\DR0\Partition2
12:31:41.0660 0x01b0 ============================================================
12:31:41.0660 0x01b0 Initialize success
12:31:41.0660 0x01b0 ============================================================
12:32:37.0327 0x1030 ============================================================
12:32:37.0327 0x1030 Scan started
12:32:37.0327 0x1030 Mode: Manual; SigCheck; TDLFS;
12:32:37.0327 0x1030 ============================================================
12:32:37.0327 0x1030 KSN ping started
12:32:48.0827 0x1030 KSN ping finished: true
12:32:49.0729 0x1030 ================ Scan system memory ========================
12:32:49.0729 0x1030 System memory - ok
12:32:49.0730 0x1030 ================ Scan services =============================
12:32:49.0929 0x1030 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:32:50.0326 0x1030 1394ohci - ok
12:32:50.0357 0x1030 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:32:50.0373 0x1030 ACPI - ok
12:32:50.0391 0x1030 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:32:50.0465 0x1030 AcpiPmi - ok
12:32:50.0499 0x1030 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:32:50.0521 0x1030 adp94xx - ok
12:32:50.0548 0x1030 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:32:50.0565 0x1030 adpahci - ok
12:32:50.0589 0x1030 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:32:50.0602 0x1030 adpu320 - ok
12:32:50.0640 0x1030 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:32:50.0799 0x1030 AeLookupSvc - ok
12:32:50.0869 0x1030 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
12:32:50.0937 0x1030 AFD - ok
12:32:50.0957 0x1030 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:32:50.0969 0x1030 agp440 - ok
12:32:51.0020 0x1030 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:32:51.0031 0x1030 aic78xx - ok
12:32:51.0067 0x1030 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
12:32:51.0107 0x1030 ALG - ok
12:32:51.0123 0x1030 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
12:32:51.0132 0x1030 aliide - ok
12:32:51.0148 0x1030 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:32:51.0159 0x1030 amdagp - ok
12:32:51.0170 0x1030 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
12:32:51.0180 0x1030 amdide - ok
12:32:51.0201 0x1030 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:32:51.0213 0x1030 AmdK8 - ok
12:32:51.0233 0x1030 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:32:51.0271 0x1030 AmdPPM - ok
12:32:51.0290 0x1030 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:32:51.0302 0x1030 amdsata - ok
12:32:51.0334 0x1030 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:32:51.0347 0x1030 amdsbs - ok
12:32:51.0371 0x1030 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:32:51.0381 0x1030 amdxata - ok
12:32:51.0413 0x1030 [ 34A44AF3D786BB28B445821461331E19, 1E7B64AE5BDEE2530EDD1822AF5CB013113C5146FB7669BD413820FCC0D70E69 ] AppID C:\Windows\system32\drivers\appid.sys
12:32:51.0492 0x1030 AppID - ok
12:32:51.0521 0x1030 [ 1C9127BAD6E198C241E731EF90800A3B, AFB1709DF4A962ABBCE9DBE67E61B7FDE4B2202BF5FEE6BCB76D6779CC0795EC ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:32:51.0567 0x1030 AppIDSvc - ok
12:32:51.0604 0x1030 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo C:\Windows\System32\appinfo.dll
12:32:51.0680 0x1030 Appinfo - ok
12:32:51.0739 0x1030 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:32:51.0811 0x1030 AppMgmt - ok
12:32:51.0819 0x1030 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
12:32:51.0831 0x1030 arc - ok
12:32:51.0866 0x1030 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:32:51.0878 0x1030 arcsas - ok
12:32:52.0005 0x1030 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:32:52.0018 0x1030 aspnet_state - ok
12:32:52.0051 0x1030 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:32:52.0148 0x1030 AsyncMac - ok
12:32:52.0173 0x1030 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
12:32:52.0183 0x1030 atapi - ok
12:32:52.0230 0x1030 [ 3D8880A2CF21DCC057C8D9A194C41F10, BBD167294E98B09D92F6B71A59853896EF5221370824889BDB6E5D7C7F2644A6 ] AtcL001 C:\Windows\system32\DRIVERS\l160x86.sys
12:32:52.0263 0x1030 AtcL001 - ok
12:32:52.0301 0x1030 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:32:52.0338 0x1030 AudioEndpointBuilder - ok
12:32:52.0354 0x1030 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:32:52.0375 0x1030 Audiosrv - ok
12:32:52.0434 0x1030 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:32:52.0486 0x1030 AxInstSV - ok
12:32:52.0532 0x1030 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
12:32:52.0564 0x1030 b06bdrv - ok
12:32:52.0594 0x1030 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:32:52.0618 0x1030 b57nd60x - ok
12:32:52.0655 0x1030 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
12:32:52.0677 0x1030 BDESVC - ok
12:32:52.0691 0x1030 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
12:32:52.0721 0x1030 Beep - ok
12:32:52.0755 0x1030 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
12:32:52.0826 0x1030 BFE - ok
12:32:52.0879 0x1030 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
12:32:52.0915 0x1030 BITS - ok
12:32:52.0926 0x1030 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:32:52.0937 0x1030 blbdrive - ok
12:32:52.0976 0x1030 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:32:53.0024 0x1030 bowser - ok
12:32:53.0043 0x1030 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:32:53.0080 0x1030 BrFiltLo - ok
12:32:53.0093 0x1030 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:32:53.0134 0x1030 BrFiltUp - ok
12:32:53.0176 0x1030 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
12:32:53.0214 0x1030 Browser - ok
12:32:53.0257 0x1030 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:32:53.0308 0x1030 Brserid - ok
12:32:53.0327 0x1030 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:32:53.0340 0x1030 BrSerWdm - ok
12:32:53.0359 0x1030 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:32:53.0386 0x1030 BrUsbMdm - ok
12:32:53.0400 0x1030 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:32:53.0429 0x1030 BrUsbSer - ok
12:32:53.0446 0x1030 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:32:53.0493 0x1030 BTHMODEM - ok
12:32:53.0550 0x1030 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
12:32:53.0597 0x1030 bthserv - ok
12:32:53.0615 0x1030 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:32:53.0641 0x1030 cdfs - ok
12:32:53.0677 0x1030 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:32:53.0690 0x1030 cdrom - ok
12:32:53.0742 0x1030 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
12:32:53.0776 0x1030 CertPropSvc - ok
12:32:53.0795 0x1030 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
12:32:53.0818 0x1030 circlass - ok
12:32:53.0863 0x1030 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
12:32:53.0881 0x1030 CLFS - ok
12:32:53.0957 0x1030 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:32:53.0967 0x1030 clr_optimization_v2.0.50727_32 - ok
12:32:54.0025 0x1030 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:32:54.0039 0x1030 clr_optimization_v4.0.30319_32 - ok
12:32:54.0058 0x1030 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:32:54.0084 0x1030 CmBatt - ok
12:32:54.0101 0x1030 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:32:54.0112 0x1030 cmdide - ok
12:32:54.0156 0x1030 [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG C:\Windows\system32\Drivers\cng.sys
12:32:54.0178 0x1030 CNG - ok
12:32:54.0197 0x1030 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:32:54.0207 0x1030 Compbatt - ok
12:32:54.0232 0x1030 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:32:54.0252 0x1030 CompositeBus - ok
12:32:54.0257 0x1030 COMSysApp - ok
12:32:54.0284 0x1030 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:32:54.0293 0x1030 crcdisk - ok
12:32:54.0349 0x1030 [ 6F8E0D147E53D4CE2F4D975AB976E80A, F357380C46EB7C886CE0A7DB6AB1403AFB221E3D8B8D4BD4A826EC5D9EB1C80B ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:32:54.0374 0x1030 CryptSvc - ok
12:32:54.0421 0x1030 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
12:32:54.0467 0x1030 CSC - ok
12:32:54.0496 0x1030 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
12:32:54.0532 0x1030 CscService - ok
12:32:54.0576 0x1030 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
12:32:54.0619 0x1030 DcomLaunch - ok
12:32:54.0663 0x1030 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
12:32:54.0703 0x1030 defragsvc - ok
12:32:54.0726 0x1030 [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:32:54.0738 0x1030 DfsC - ok
12:32:54.0756 0x1030 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:32:54.0789 0x1030 Dhcp - ok
12:32:54.0916 0x1030 [ B8196C1FBDDE773028CBCE9D09B741FC, 8D19B91B1AE38D6C3A4724A48E75982DC9197CBD5319036C4EDDAA433A635DDB ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
12:32:54.0962 0x1030 Disc Soft Lite Bus Service - ok
12:32:54.0977 0x1030 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
12:32:55.0014 0x1030 discache - ok
12:32:55.0069 0x1030 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
12:32:55.0080 0x1030 Disk - ok
12:32:55.0123 0x1030 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:32:55.0148 0x1030 dmvsc - ok
12:32:55.0190 0x1030 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:32:55.0241 0x1030 Dnscache - ok
12:32:55.0280 0x1030 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
12:32:55.0320 0x1030 dot3svc - ok
12:32:55.0359 0x1030 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
12:32:55.0393 0x1030 DPS - ok
12:32:55.0432 0x1030 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:32:55.0483 0x1030 drmkaud - ok
12:32:55.0521 0x1030 [ 8A32FF671D452D36CC7421171B78F939, E06CB58E561FA4B8E76763EE3D4443298906D661C4E63BAFA33103BAAB22AB9B ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
12:32:55.0546 0x1030 dtlitescsibus - ok
12:32:55.0595 0x1030 [ 1B75DAF28EA50DC38E988EBE0DAA6632, 27ED3FFF5B4F5075BB4ABCE20C6A3F2B7558669B002771457561CCBA4103F2B6 ] dtliteusbbus C:\Windows\system32\DRIVERS\dtliteusbbus.sys
12:32:55.0603 0x1030 dtliteusbbus - ok
12:32:55.0660 0x1030 [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:32:55.0686 0x1030 DXGKrnl - ok
12:32:55.0732 0x1030 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
12:32:55.0773 0x1030 EapHost - ok
12:32:55.0903 0x1030 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
12:32:56.0011 0x1030 ebdrv - ok
12:32:56.0041 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] EFS C:\Windows\System32\lsass.exe
12:32:56.0164 0x1030 EFS - ok
12:32:56.0263 0x1030 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:32:56.0310 0x1030 ehRecvr - ok
12:32:56.0322 0x1030 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
12:32:56.0334 0x1030 ehSched - ok
12:32:56.0402 0x1030 [ 72753D5CC94A90F5CFC6C00ECC47163F, 824EEDCB94334912D8C44BC9626723F142DA95E9494C4B7D2F6EC7899CFF1DD2 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
12:32:56.0412 0x1030 ElbyCDIO - ok
12:32:56.0448 0x1030 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:32:56.0469 0x1030 elxstor - ok
12:32:56.0490 0x1030 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:32:56.0519 0x1030 ErrDev - ok
12:32:56.0546 0x1030 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
12:32:56.0584 0x1030 EventSystem - ok
12:32:56.0608 0x1030 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
12:32:56.0636 0x1030 exfat - ok
12:32:56.0663 0x1030 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:32:56.0689 0x1030 fastfat - ok
12:32:56.0758 0x1030 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
12:32:56.0806 0x1030 Fax - ok
12:32:56.0821 0x1030 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:32:56.0833 0x1030 fdc - ok
12:32:56.0870 0x1030 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
12:32:56.0908 0x1030 fdPHost - ok
12:32:56.0926 0x1030 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
12:32:56.0951 0x1030 FDResPub - ok
12:32:56.0961 0x1030 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:32:56.0971 0x1030 FileInfo - ok
12:32:57.0010 0x1030 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:32:57.0042 0x1030 Filetrace - ok
12:32:57.0054 0x1030 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:32:57.0071 0x1030 flpydisk - ok
12:32:57.0092 0x1030 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:32:57.0107 0x1030 FltMgr - ok
12:32:57.0161 0x1030 [ 56E99402849C39809791FF4CDE08C204, EF92C29B98FABA144443EE82B525E40A2EA9B68B7FAA7434F4F138F87E5704F1 ] FontCache C:\Windows\system32\FntCache.dll
12:32:57.0198 0x1030 FontCache - ok
12:32:57.0275 0x1030 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:32:57.0284 0x1030 FontCache3.0.0.0 - ok
12:32:57.0301 0x1030 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:32:57.0312 0x1030 FsDepends - ok
12:32:57.0353 0x1030 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:32:57.0364 0x1030 Fs_Rec - ok
12:32:57.0391 0x1030 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:32:57.0407 0x1030 fvevol - ok
12:32:57.0442 0x1030 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:32:57.0453 0x1030 gagp30kx - ok
12:32:57.0505 0x1030 [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
12:32:57.0601 0x1030 gpsvc - ok
12:32:57.0688 0x1030 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:32:57.0699 0x1030 gupdate - ok
12:32:57.0707 0x1030 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:32:57.0717 0x1030 gupdatem - ok
12:32:57.0736 0x1030 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:32:57.0745 0x1030 hamachi - ok
12:32:57.0915 0x1030 [ 1BC9EB9435DF7FB44F6E0FA1ECABC48B, 34F3931E5D1B1BBD0C0D4D65D04FB8DC9A1C328E146A998BDECF07A25D89072A ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
12:32:57.0967 0x1030 Hamachi2Svc - ok
12:32:58.0001 0x1030 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:32:58.0074 0x1030 hcw85cir - ok
12:32:58.0123 0x1030 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:32:58.0149 0x1030 HdAudAddService - ok
12:32:58.0175 0x1030 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:32:58.0199 0x1030 HDAudBus - ok
12:32:58.0218 0x1030 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:32:58.0248 0x1030 HidBatt - ok
12:32:58.0282 0x1030 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:32:58.0306 0x1030 HidBth - ok
12:32:58.0344 0x1030 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
12:32:58.0370 0x1030 HidIr - ok
12:32:58.0404 0x1030 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
12:32:58.0444 0x1030 hidserv - ok
12:32:58.0499 0x1030 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:32:58.0598 0x1030 HidUsb - ok
12:32:58.0639 0x1030 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
12:32:58.0663 0x1030 hkmsvc - ok
12:32:58.0679 0x1030 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:32:58.0719 0x1030 HomeGroupListener - ok
12:32:58.0756 0x1030 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:32:58.0784 0x1030 HomeGroupProvider - ok
12:32:58.0807 0x1030 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:32:58.0818 0x1030 HpSAMD - ok
12:32:58.0907 0x1030 [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
12:32:58.0916 0x1030 HPSupportSolutionsFrameworkService - ok
12:32:58.0965 0x1030 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:32:59.0032 0x1030 HTTP - ok
12:32:59.0044 0x1030 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:32:59.0054 0x1030 hwpolicy - ok
12:32:59.0070 0x1030 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:32:59.0096 0x1030 i8042prt - ok
12:32:59.0144 0x1030 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:32:59.0161 0x1030 iaStorV - ok
12:32:59.0236 0x1030 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:32:59.0265 0x1030 idsvc - ok
12:32:59.0294 0x1030 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:32:59.0304 0x1030 iirsp - ok
12:32:59.0371 0x1030 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
12:32:59.0401 0x1030 IKEEXT - ok
12:32:59.0423 0x1030 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
12:32:59.0433 0x1030 intelide - ok
12:32:59.0452 0x1030 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:32:59.0465 0x1030 intelppm - ok
12:32:59.0519 0x1030 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:32:59.0556 0x1030 IPBusEnum - ok
12:32:59.0577 0x1030 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:32:59.0620 0x1030 IpFilterDriver - ok
12:32:59.0647 0x1030 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:32:59.0684 0x1030 iphlpsvc - ok
12:32:59.0701 0x1030 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:32:59.0725 0x1030 IPMIDRV - ok
12:32:59.0749 0x1030 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:32:59.0792 0x1030 IPNAT - ok
12:32:59.0816 0x1030 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:32:59.0832 0x1030 IRENUM - ok
12:32:59.0849 0x1030 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:32:59.0861 0x1030 isapnp - ok
12:32:59.0878 0x1030 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:32:59.0893 0x1030 iScsiPrt - ok
12:32:59.0922 0x1030 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:32:59.0932 0x1030 kbdclass - ok
12:32:59.0955 0x1030 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:32:59.0983 0x1030 kbdhid - ok
12:32:59.0997 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] KeyIso C:\Windows\system32\lsass.exe
12:33:00.0008 0x1030 KeyIso - ok
12:33:00.0034 0x1030 [ 58975F4DBB4A40D58FD1B913B6C912DA, 28FC71ABF07776073101CC886359FE7B0A9FB2B1135797AD6BB6CEEFC233F72C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:33:00.0045 0x1030 KSecDD - ok
12:33:00.0062 0x1030 [ EF8C60DD465C56837E1CC53D996A65C2, D932FA8A4A9073C8661B7EC6C598CF543B9D728DD866379C384DE60BCB35F82E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:33:00.0074 0x1030 KSecPkg - ok
12:33:00.0134 0x1030 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:33:00.0186 0x1030 KtmRm - ok
12:33:00.0230 0x1030 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:33:00.0268 0x1030 LanmanServer - ok
12:33:00.0304 0x1030 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:33:00.0343 0x1030 LanmanWorkstation - ok
12:33:00.0370 0x1030 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:33:00.0399 0x1030 lltdio - ok
12:33:00.0440 0x1030 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:33:00.0479 0x1030 lltdsvc - ok
12:33:00.0494 0x1030 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:33:00.0517 0x1030 lmhosts - ok
12:33:00.0586 0x1030 [ 93A4E2B886E2815B6B732A2380B0F068, 26C855264896DB95ED46E502F2D318E5F2AD25B59BDC47BD7FFE92646102AE0D ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
12:33:00.0602 0x1030 LMIGuardianSvc - ok
12:33:00.0633 0x1030 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:33:00.0646 0x1030 LSI_FC - ok
12:33:00.0663 0x1030 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:33:00.0674 0x1030 LSI_SAS - ok
12:33:00.0688 0x1030 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:33:00.0699 0x1030 LSI_SAS2 - ok
12:33:00.0721 0x1030 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:33:00.0734 0x1030 LSI_SCSI - ok
12:33:00.0750 0x1030 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
12:33:00.0775 0x1030 luafv - ok
12:33:00.0824 0x1030 [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:33:00.0833 0x1030 MBAMProtector - ok
12:33:00.0943 0x1030 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:33:00.0987 0x1030 MBAMScheduler - ok
12:33:01.0064 0x1030 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
12:33:01.0098 0x1030 MBAMService - ok
12:33:01.0143 0x1030 [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:33:01.0155 0x1030 MBAMSwissArmy - ok
12:33:01.0209 0x1030 [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:33:01.0218 0x1030 MBAMWebAccessControl - ok
12:33:01.0248 0x1030 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:33:01.0261 0x1030 Mcx2Svc - ok
12:33:01.0284 0x1030 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
12:33:01.0295 0x1030 megasas - ok
12:33:01.0316 0x1030 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:33:01.0333 0x1030 MegaSR - ok
12:33:01.0365 0x1030 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
12:33:01.0401 0x1030 MMCSS - ok
12:33:01.0415 0x1030 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
12:33:01.0439 0x1030 Modem - ok
12:33:01.0467 0x1030 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:33:01.0491 0x1030 monitor - ok
12:33:01.0511 0x1030 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:33:01.0523 0x1030 mouclass - ok
12:33:01.0541 0x1030 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:33:01.0560 0x1030 mouhid - ok
12:33:01.0582 0x1030 [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:33:01.0594 0x1030 mountmgr - ok
12:33:01.0622 0x1030 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
12:33:01.0634 0x1030 mpio - ok
12:33:01.0669 0x1030 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:33:01.0705 0x1030 mpsdrv - ok
12:33:01.0733 0x1030 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:33:01.0778 0x1030 MpsSvc - ok
12:33:01.0811 0x1030 [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:33:01.0845 0x1030 MRxDAV - ok
12:33:01.0872 0x1030 [ DFF7080C28D25B9629406FBC53F0AC24, EC87D28756997E36CD7808916863E9EDF6E04984595D468C55A389EB896EFBC2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:33:01.0895 0x1030 mrxsmb - ok
12:33:01.0918 0x1030 [ B63F11492664EA49F07BB0E50938F746, 6493968CC6C2B35988521C7C0F5EF9C69C9EC5AED44ED317164ABF73AD302DF9 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:33:01.0934 0x1030 mrxsmb10 - ok
12:33:01.0957 0x1030 [ 0E55102EA96B20FA945102A223D69DA5, 0A7C40CAF47C953CE60669BCAA519A4323CA36637D30E349575D0224C4ED7C19 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:33:01.0977 0x1030 mrxsmb20 - ok
12:33:01.0997 0x1030 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
12:33:02.0008 0x1030 msahci - ok
12:33:02.0025 0x1030 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:33:02.0039 0x1030 msdsm - ok
12:33:02.0068 0x1030 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
12:33:02.0103 0x1030 MSDTC - ok
12:33:02.0121 0x1030 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:33:02.0157 0x1030 Msfs - ok
12:33:02.0173 0x1030 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:33:02.0195 0x1030 mshidkmdf - ok
12:33:02.0206 0x1030 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:33:02.0216 0x1030 msisadrv - ok
12:33:02.0260 0x1030 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:33:02.0285 0x1030 MSiSCSI - ok
12:33:02.0290 0x1030 msiserver - ok
12:33:02.0314 0x1030 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:33:02.0337 0x1030 MSKSSRV - ok
12:33:02.0363 0x1030 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:33:02.0386 0x1030 MSPCLOCK - ok
12:33:02.0390 0x1030 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:33:02.0426 0x1030 MSPQM - ok
12:33:02.0441 0x1030 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:33:02.0454 0x1030 MsRPC - ok
12:33:02.0470 0x1030 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:33:02.0480 0x1030 mssmbios - ok
12:33:02.0494 0x1030 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:33:02.0530 0x1030 MSTEE - ok
12:33:02.0564 0x1030 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:33:02.0575 0x1030 MTConfig - ok
12:33:02.0596 0x1030 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
12:33:02.0606 0x1030 Mup - ok
12:33:02.0650 0x1030 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
12:33:02.0680 0x1030 napagent - ok
12:33:02.0716 0x1030 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:33:02.0737 0x1030 NativeWifiP - ok
12:33:02.0809 0x1030 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:33:02.0837 0x1030 NDIS - ok
12:33:02.0867 0x1030 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:33:02.0894 0x1030 NdisCap - ok
12:33:02.0910 0x1030 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:33:02.0939 0x1030 NdisTapi - ok
12:33:02.0961 0x1030 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:33:02.0983 0x1030 Ndisuio - ok
12:33:03.0000 0x1030 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:33:03.0024 0x1030 NdisWan - ok
12:33:03.0033 0x1030 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:33:03.0058 0x1030 NDProxy - ok
12:33:03.0075 0x1030 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:33:03.0110 0x1030 NetBIOS - ok
12:33:03.0156 0x1030 [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:33:03.0218 0x1030 NetBT - ok
12:33:03.0223 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] Netlogon C:\Windows\system32\lsass.exe
12:33:03.0234 0x1030 Netlogon - ok
12:33:03.0278 0x1030 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
12:33:03.0325 0x1030 Netman - ok
12:33:03.0365 0x1030 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:33:03.0378 0x1030 NetMsmqActivator - ok
12:33:03.0401 0x1030 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:33:03.0414 0x1030 NetPipeActivator - ok
12:33:03.0437 0x1030 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
12:33:03.0473 0x1030 netprofm - ok
12:33:03.0552 0x1030 [ EFD7C94281882CBBA8EC1B967E9F73D8, C838F31432427BDE6F6B4DA02B69B2BF25573CF665011125E2BA2F6E3C75A504 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
12:33:03.0578 0x1030 netr28u - ok
12:33:03.0588 0x1030 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:33:03.0602 0x1030 NetTcpActivator - ok
12:33:03.0609 0x1030 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:33:03.0622 0x1030 NetTcpPortSharing - ok
12:33:03.0652 0x1030 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:33:03.0663 0x1030 nfrd960 - ok
12:33:03.0729 0x1030 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:33:03.0787 0x1030 NlaSvc - ok
12:33:03.0799 0x1030 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:33:03.0826 0x1030 Npfs - ok
12:33:03.0849 0x1030 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
12:33:03.0873 0x1030 nsi - ok
12:33:03.0878 0x1030 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:33:03.0925 0x1030 nsiproxy - ok
12:33:03.0990 0x1030 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:33:04.0029 0x1030 Ntfs - ok
12:33:04.0044 0x1030 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
12:33:04.0068 0x1030 Null - ok
12:33:04.0126 0x1030 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
12:33:04.0138 0x1030 NVHDA - ok
12:33:04.0552 0x1030 [ 1A7AE487E2AAA86089EC8BDD6A104538, 4BCF9E718198DE25ECA6F290510CD438CCDF92DF30C3ACA15F59634FC11D2864 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:33:04.0890 0x1030 nvlddmkm - ok
12:33:04.0955 0x1030 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:33:04.0971 0x1030 nvraid - ok
12:33:04.0987 0x1030 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:33:05.0001 0x1030 nvstor - ok
12:33:05.0079 0x1030 [ 9AF133F51F7832ABAD3EEA362C84FE43, B4AFFC869725321026DF3B7606D014BACAD739862A779D349123A7E4E9B7E026 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:33:05.0117 0x1030 nvsvc - ok
12:33:05.0145 0x1030 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:33:05.0158 0x1030 nv_agp - ok
12:33:05.0179 0x1030 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:33:05.0192 0x1030 ohci1394 - ok
12:33:05.0237 0x1030 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:33:05.0271 0x1030 p2pimsvc - ok
12:33:05.0323 0x1030 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
12:33:05.0350 0x1030 p2psvc - ok
12:33:05.0377 0x1030 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
12:33:05.0390 0x1030 Parport - ok
12:33:05.0428 0x1030 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:33:05.0439 0x1030 partmgr - ok
12:33:05.0453 0x1030 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:33:05.0464 0x1030 Parvdm - ok
12:33:05.0486 0x1030 [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:33:05.0512 0x1030 PcaSvc - ok
12:33:05.0527 0x1030 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
12:33:05.0541 0x1030 pci - ok
12:33:05.0553 0x1030 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
12:33:05.0564 0x1030 pciide - ok
12:33:05.0586 0x1030 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:33:05.0600 0x1030 pcmcia - ok
12:33:05.0622 0x1030 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
12:33:05.0633 0x1030 pcw - ok
12:33:05.0678 0x1030 [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:33:05.0705 0x1030 PEAUTH - ok
12:33:05.0772 0x1030 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:33:05.0827 0x1030 PeerDistSvc - ok
12:33:05.0919 0x1030 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
12:33:05.0985 0x1030 pla - ok
12:33:06.0054 0x1030 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:33:06.0109 0x1030 PlugPlay - ok
12:33:06.0121 0x1030 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:33:06.0160 0x1030 PNRPAutoReg - ok
12:33:06.0182 0x1030 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:33:06.0201 0x1030 PNRPsvc - ok
12:33:06.0243 0x1030 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:33:06.0303 0x1030 PolicyAgent - ok
12:33:06.0346 0x1030 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
12:33:06.0382 0x1030 Power - ok
12:33:06.0401 0x1030 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:33:06.0434 0x1030 PptpMiniport - ok
12:33:06.0456 0x1030 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
12:33:06.0495 0x1030 Processor - ok
12:33:06.0545 0x1030 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
12:33:06.0565 0x1030 ProfSvc - ok
12:33:06.0574 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:33:06.0586 0x1030 ProtectedStorage - ok
12:33:06.0610 0x1030 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:33:06.0644 0x1030 Psched - ok
12:33:06.0712 0x1030 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:33:06.0757 0x1030 ql2300 - ok
12:33:06.0777 0x1030 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:33:06.0791 0x1030 ql40xx - ok
12:33:06.0833 0x1030 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
12:33:06.0863 0x1030 QWAVE - ok
12:33:06.0878 0x1030 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:33:06.0914 0x1030 QWAVEdrv - ok
12:33:06.0929 0x1030 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:33:06.0962 0x1030 RasAcd - ok
12:33:06.0984 0x1030 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:33:07.0008 0x1030 RasAgileVpn - ok
12:33:07.0022 0x1030 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
12:33:07.0051 0x1030 RasAuto - ok
12:33:07.0060 0x1030 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:33:07.0097 0x1030 Rasl2tp - ok
12:33:07.0124 0x1030 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
12:33:07.0160 0x1030 RasMan - ok
12:33:07.0179 0x1030 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:33:07.0205 0x1030 RasPppoe - ok
12:33:07.0227 0x1030 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:33:07.0251 0x1030 RasSstp - ok
12:33:07.0271 0x1030 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:33:07.0311 0x1030 rdbss - ok
12:33:07.0324 0x1030 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:33:07.0336 0x1030 rdpbus - ok
12:33:07.0347 0x1030 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:33:07.0381 0x1030 RDPCDD - ok
12:33:07.0426 0x1030 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:33:07.0483 0x1030 RDPDR - ok
12:33:07.0503 0x1030 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:33:07.0525 0x1030 RDPENCDD - ok
12:33:07.0541 0x1030 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:33:07.0576 0x1030 RDPREFMP - ok
12:33:07.0622 0x1030 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:33:07.0671 0x1030 RdpVideoMiniport - ok
12:33:07.0711 0x1030 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:33:07.0768 0x1030 RDPWD - ok
12:33:07.0784 0x1030 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:33:07.0799 0x1030 rdyboost - ok
12:33:07.0833 0x1030 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:33:07.0857 0x1030 RemoteAccess - ok
12:33:07.0899 0x1030 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:33:07.0926 0x1030 RemoteRegistry - ok
12:33:07.0967 0x1030 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:33:08.0002 0x1030 RpcEptMapper - ok
12:33:08.0044 0x1030 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
12:33:08.0057 0x1030 RpcLocator - ok
12:33:08.0078 0x1030 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
12:33:08.0110 0x1030 RpcSs - ok
12:33:08.0125 0x1030 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:33:08.0162 0x1030 rspndr - ok
12:33:08.0197 0x1030 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:33:08.0224 0x1030 s3cap - ok
12:33:08.0240 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] SamSs C:\Windows\system32\lsass.exe
12:33:08.0252 0x1030 SamSs - ok
12:33:08.0278 0x1030 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:33:08.0290 0x1030 sbp2port - ok
12:33:08.0339 0x1030 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:33:08.0384 0x1030 SCardSvr - ok
12:33:08.0399 0x1030 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:33:08.0425 0x1030 scfilter - ok
12:33:08.0485 0x1030 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
12:33:08.0527 0x1030 Schedule - ok
12:33:08.0545 0x1030 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:33:08.0570 0x1030 SCPolicySvc - ok
12:33:08.0603 0x1030 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:33:08.0648 0x1030 SDRSVC - ok
12:33:08.0668 0x1030 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:33:08.0701 0x1030 secdrv - ok
12:33:08.0740 0x1030 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
12:33:08.0791 0x1030 seclogon - ok
12:33:08.0806 0x1030 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
12:33:08.0845 0x1030 SENS - ok
12:33:08.0885 0x1030 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:33:08.0932 0x1030 SensrSvc - ok
12:33:08.0946 0x1030 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:33:08.0957 0x1030 Serenum - ok
12:33:08.0972 0x1030 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:33:08.0998 0x1030 Serial - ok
12:33:09.0023 0x1030 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:33:09.0046 0x1030 sermouse - ok
12:33:09.0073 0x1030 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
12:33:09.0100 0x1030 SessionEnv - ok
12:33:09.0119 0x1030 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:33:09.0132 0x1030 sffdisk - ok
12:33:09.0147 0x1030 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:33:09.0161 0x1030 sffp_mmc - ok
12:33:09.0172 0x1030 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:33:09.0186 0x1030 sffp_sd - ok
12:33:09.0197 0x1030 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:33:09.0210 0x1030 sfloppy - ok
12:33:09.0238 0x1030 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:33:09.0285 0x1030 SharedAccess - ok
12:33:09.0332 0x1030 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:33:09.0365 0x1030 ShellHWDetection - ok
12:33:09.0385 0x1030 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:33:09.0397 0x1030 sisagp - ok
12:33:09.0427 0x1030 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:33:09.0437 0x1030 SiSRaid2 - ok
12:33:09.0461 0x1030 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:33:09.0473 0x1030 SiSRaid4 - ok
12:33:09.0564 0x1030 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:33:09.0583 0x1030 SkypeUpdate - ok
12:33:09.0604 0x1030 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:33:09.0637 0x1030 Smb - ok
12:33:09.0668 0x1030 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:33:09.0681 0x1030 SNMPTRAP - ok
12:33:09.0694 0x1030 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
12:33:09.0706 0x1030 spldr - ok
12:33:09.0729 0x1030 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
12:33:09.0764 0x1030 Spooler - ok
12:33:09.0874 0x1030 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
12:33:10.0001 0x1030 sppsvc - ok
12:33:10.0028 0x1030 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:33:10.0062 0x1030 sppuinotify - ok
12:33:10.0108 0x1030 [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:33:10.0150 0x1030 srv - ok
12:33:10.0196 0x1030 [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:33:10.0220 0x1030 srv2 - ok
12:33:10.0261 0x1030 [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:33:10.0274 0x1030 srvnet - ok
12:33:10.0314 0x1030 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:33:10.0353 0x1030 SSDPSRV - ok
12:33:10.0375 0x1030 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:33:10.0403 0x1030 SstpSvc - ok
12:33:10.0526 0x1030 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
12:33:10.0577 0x1030 Steam Client Service - ok
12:33:10.0721 0x1030 [ A0BF3234CFFFBD1439757931B9BC57AA, 9CDBD8CDA2C3F0FD82E35CEC99B1ABDECBD74A01143B4B0D044A98E170A7707E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:33:10.0740 0x1030 Stereo Service - ok
12:33:10.0776 0x1030 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:33:10.0787 0x1030 stexstor - ok
12:33:10.0859 0x1030 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
12:33:10.0902 0x1030 StiSvc - ok
12:33:10.0938 0x1030 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:33:10.0951 0x1030 storflt - ok
12:33:10.0973 0x1030 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:33:10.0984 0x1030 storvsc - ok
12:33:11.0003 0x1030 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:33:11.0014 0x1030 swenum - ok
12:33:11.0037 0x1030 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
12:33:11.0078 0x1030 swprv - ok
12:33:11.0117 0x1030 [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:33:11.0128 0x1030 Synth3dVsc - ok
12:33:11.0200 0x1030 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
12:33:11.0297 0x1030 SysMain - ok
12:33:11.0341 0x1030 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
12:33:11.0358 0x1030 TabletInputService - ok
12:33:11.0381 0x1030 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
12:33:11.0410 0x1030 TapiSrv - ok
12:33:11.0421 0x1030 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
12:33:11.0448 0x1030 TBS - ok
12:33:11.0527 0x1030 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:33:11.0567 0x1030 Tcpip - ok
12:33:11.0614 0x1030 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:33:11.0655 0x1030 TCPIP6 - ok
12:33:11.0696 0x1030 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:33:11.0722 0x1030 tcpipreg - ok
12:33:11.0743 0x1030 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:33:11.0807 0x1030 TDPIPE - ok
12:33:11.0845 0x1030 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:33:11.0857 0x1030 TDTCP - ok
12:33:11.0896 0x1030 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:33:11.0909 0x1030 tdx - ok
12:33:11.0920 0x1030 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:33:11.0931 0x1030 TermDD - ok
12:33:11.0952 0x1030 [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:33:11.0987 0x1030 terminpt - ok
12:33:12.0040 0x1030 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
12:33:12.0095 0x1030 TermService - ok
12:33:12.0107 0x1030 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
12:33:12.0122 0x1030 Themes - ok
12:33:12.0137 0x1030 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
12:33:12.0162 0x1030 THREADORDER - ok
12:33:12.0214 0x1030 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
12:33:12.0253 0x1030 TrkWks - ok
12:33:12.0322 0x1030 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:33:12.0350 0x1030 TrustedInstaller - ok
12:33:12.0390 0x1030 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:33:12.0409 0x1030 tssecsrv - ok
12:33:12.0421 0x1030 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:33:12.0450 0x1030 TsUsbFlt - ok
12:33:12.0474 0x1030 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:33:12.0485 0x1030 TsUsbGD - ok
12:33:12.0504 0x1030 [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:33:12.0518 0x1030 tsusbhub - ok
12:33:12.0545 0x1030 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:33:12.0570 0x1030 tunnel - ok
12:33:12.0593 0x1030 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:33:12.0604 0x1030 uagp35 - ok
12:33:12.0633 0x1030 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:33:12.0708 0x1030 udfs - ok
12:33:12.0729 0x1030 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:33:12.0750 0x1030 UI0Detect - ok
12:33:12.0772 0x1030 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:33:12.0784 0x1030 uliagpkx - ok
12:33:12.0815 0x1030 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:33:12.0836 0x1030 umbus - ok
12:33:12.0855 0x1030 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:33:12.0874 0x1030 UmPass - ok
12:33:12.0903 0x1030 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
12:33:12.0927 0x1030 UmRdpService - ok
12:33:12.0961 0x1030 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
12:33:13.0011 0x1030 upnphost - ok
12:33:13.0047 0x1030 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:33:13.0086 0x1030 usbccgp - ok
12:33:13.0101 0x1030 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:33:13.0138 0x1030 usbcir - ok
12:33:13.0183 0x1030 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:33:13.0195 0x1030 usbehci - ok
12:33:13.0226 0x1030 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:33:13.0258 0x1030 usbhub - ok
12:33:13.0290 0x1030 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:33:13.0315 0x1030 usbohci - ok
12:33:13.0330 0x1030 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:33:13.0344 0x1030 usbprint - ok
12:33:13.0383 0x1030 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:33:13.0444 0x1030 USBSTOR - ok
12:33:13.0477 0x1030 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:33:13.0501 0x1030 usbuhci - ok
12:33:13.0524 0x1030 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
12:33:13.0549 0x1030 UxSms - ok
12:33:13.0564 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] VaultSvc C:\Windows\system32\lsass.exe
12:33:13.0575 0x1030 VaultSvc - ok
12:33:13.0634 0x1030 [ C2D1B1671F9C1C66E0DF1B5D2DC87616, 577E0EC66E6D751B6521E7E35D8102CE0EC1A9B006B64BEFB75A5D0A15DC5370 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
12:33:13.0647 0x1030 VClone - ok
12:33:13.0659 0x1030 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:33:13.0672 0x1030 vdrvroot - ok
12:33:13.0695 0x1030 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
12:33:13.0731 0x1030 vds - ok
12:33:13.0747 0x1030 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:33:13.0762 0x1030 vga - ok
12:33:13.0777 0x1030 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:33:13.0809 0x1030 VgaSave - ok
12:33:13.0812 0x1030 VGPU - ok
12:33:13.0828 0x1030 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:33:13.0842 0x1030 vhdmp - ok
12:33:13.0869 0x1030 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:33:13.0880 0x1030 viaagp - ok
12:33:13.0907 0x1030 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:33:13.0964 0x1030 ViaC7 - ok
12:33:13.0985 0x1030 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
12:33:13.0998 0x1030 viaide - ok
12:33:14.0032 0x1030 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:33:14.0063 0x1030 vmbus - ok
12:33:14.0078 0x1030 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:33:14.0090 0x1030 VMBusHID - ok
12:33:14.0114 0x1030 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:33:14.0125 0x1030 volmgr - ok
12:33:14.0142 0x1030 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:33:14.0161 0x1030 volmgrx - ok
12:33:14.0199 0x1030 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:33:14.0213 0x1030 volsnap - ok
12:33:14.0248 0x1030 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:33:14.0263 0x1030 vsmraid - ok
12:33:14.0328 0x1030 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
12:33:14.0394 0x1030 VSS - ok
12:33:14.0413 0x1030 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:33:14.0427 0x1030 vwifibus - ok
12:33:14.0453 0x1030 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:33:14.0480 0x1030 vwififlt - ok
12:33:14.0509 0x1030 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:33:14.0523 0x1030 vwifimp - ok
12:33:14.0540 0x1030 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
12:33:14.0574 0x1030 W32Time - ok
12:33:14.0596 0x1030 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:33:14.0608 0x1030 WacomPen - ok
12:33:14.0637 0x1030 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:33:14.0665 0x1030 WANARP - ok
12:33:14.0670 0x1030 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:33:14.0698 0x1030 Wanarpv6 - ok
12:33:14.0751 0x1030 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
12:33:14.0813 0x1030 wbengine - ok
12:33:14.0836 0x1030 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:33:14.0856 0x1030 WbioSrvc - ok
12:33:14.0877 0x1030 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:33:14.0922 0x1030 wcncsvc - ok
12:33:14.0935 0x1030 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:33:15.0013 0x1030 WcsPlugInService - ok
12:33:15.0031 0x1030 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
12:33:15.0042 0x1030 Wd - ok
12:33:15.0098 0x1030 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:33:15.0126 0x1030 Wdf01000 - ok
12:33:15.0140 0x1030 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:33:15.0183 0x1030 WdiServiceHost - ok
12:33:15.0191 0x1030 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:33:15.0207 0x1030 WdiSystemHost - ok
12:33:15.0239 0x1030 [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
12:33:15.0256 0x1030 WebClient - ok
12:33:15.0268 0x1030 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:33:15.0307 0x1030 Wecsvc - ok
12:33:15.0323 0x1030 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:33:15.0348 0x1030 wercplsupport - ok
12:33:15.0373 0x1030 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
12:33:15.0410 0x1030 WerSvc - ok
12:33:15.0446 0x1030 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:33:15.0469 0x1030 WfpLwf - ok
12:33:15.0489 0x1030 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:33:15.0499 0x1030 WIMMount - ok
12:33:15.0577 0x1030 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:33:15.0644 0x1030 WinDefend - ok
12:33:15.0654 0x1030 WinHttpAutoProxySvc - ok
12:33:15.0731 0x1030 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:33:15.0761 0x1030 Winmgmt - ok
12:33:15.0805 0x1030 [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
12:33:15.0850 0x1030 WinRM - ok
12:33:15.0908 0x1030 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:33:15.0923 0x1030 WinUsb - ok
12:33:15.0991 0x1030 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:33:16.0047 0x1030 Wlansvc - ok
12:33:16.0066 0x1030 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:33:16.0081 0x1030 WmiAcpi - ok
12:33:16.0121 0x1030 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:33:16.0135 0x1030 wmiApSrv - ok
12:33:16.0239 0x1030 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:33:16.0318 0x1030 WMPNetworkSvc - ok
12:33:16.0340 0x1030 wnxmoiie - ok
12:33:16.0355 0x1030 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:33:16.0386 0x1030 WPCSvc - ok
12:33:16.0397 0x1030 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:33:16.0438 0x1030 WPDBusEnum - ok
12:33:16.0454 0x1030 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:33:16.0479 0x1030 ws2ifsl - ok
12:33:16.0499 0x1030 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
12:33:16.0531 0x1030 wscsvc - ok
12:33:16.0575 0x1030 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:33:16.0601 0x1030 WSDPrintDevice - ok
12:33:16.0605 0x1030 WSearch - ok
12:33:16.0698 0x1030 [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv C:\Windows\system32\wuaueng.dll
12:33:16.0816 0x1030 wuauserv - ok
12:33:16.0833 0x1030 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:33:16.0857 0x1030 WudfPf - ok
12:33:16.0880 0x1030 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:33:16.0906 0x1030 WUDFRd - ok
12:33:16.0953 0x1030 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:33:16.0990 0x1030 wudfsvc - ok
12:33:17.0031 0x1030 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:33:17.0052 0x1030 WwanSvc - ok
12:33:17.0083 0x1030 ================ Scan global ===============================
12:33:17.0119 0x1030 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
12:33:17.0155 0x1030 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
12:33:17.0168 0x1030 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
12:33:17.0207 0x1030 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
12:33:17.0251 0x1030 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
12:33:17.0258 0x1030 [ Global ] - ok
12:33:17.0259 0x1030 ================ Scan MBR ==================================
12:33:17.0270 0x1030 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:33:18.0631 0x1030 \Device\Harddisk0\DR0 - ok
12:33:18.0633 0x1030 ================ Scan VBR ==================================
12:33:18.0642 0x1030 [ 3ED24718A7EE57F51496A9BD2B9B8179 ] \Device\Harddisk0\DR0\Partition1
12:33:18.0643 0x1030 \Device\Harddisk0\DR0\Partition1 - ok
12:33:18.0646 0x1030 [ CBFD88CB136C66E5C323F45DA86B43F4 ] \Device\Harddisk0\DR0\Partition2
12:33:18.0647 0x1030 \Device\Harddisk0\DR0\Partition2 - ok
12:33:18.0648 0x1030 ================ Scan generic autorun ======================
12:33:18.0719 0x1030 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
12:33:18.0728 0x1030 VirtualCloneDrive - ok
12:33:18.0931 0x1030 [ 5D81658C759830CC8E3912901FDE22CE, 68EC5A60D4931695FCAEAE0FCA46A15482ADB22F9FFC6F6E6497653DFCEE0D78 ] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
12:33:19.0141 0x1030 LogMeIn Hamachi Ui - ok
12:33:19.0209 0x1030 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:33:19.0231 0x1030 SunJavaUpdateSched - ok
12:33:19.0315 0x1030 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
12:33:19.0417 0x1030 Sidebar - ok
12:33:19.0463 0x1030 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
12:33:19.0487 0x1030 mctadmin - ok
12:33:19.0518 0x1030 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
12:33:19.0554 0x1030 Sidebar - ok
12:33:19.0563 0x1030 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
12:33:19.0579 0x1030 mctadmin - ok
12:33:19.0815 0x1030 [ 3D01BD151A423F6B7D89970E42E31E46, CA1B7619A387E94A033D3143B782DEEC30C9F9E528B52822E7CB35D1C617F349 ] C:\Program Files\CCleaner\CCleaner.exe
12:33:19.0977 0x1030 CCleaner Monitoring - ok
12:33:20.0176 0x1030 [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] D:\Steam\Steam.exe
12:33:20.0262 0x1030 Steam - ok
12:33:20.0314 0x1030 Skype - ok
12:33:20.0464 0x1030 [ FE955DB74551BFF18F89FD4D6B2D64DF, EDBBF71448A6CAEC1AE41DF73F3F9495A6AEEC64C6CCA8E4161C821B9B2247CB ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
12:33:20.0564 0x1030 DAEMON Tools Lite Automount - ok
12:33:20.0757 0x1030 [ C576F71D836E0A964BBD58E139F6B24F, 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1 ] C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
12:33:20.0757 0x1030 Suspicious file ( NoAccess ): C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe. md5: C576F71D836E0A964BBD58E139F6B24F, sha256: 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1
12:33:20.0781 0x1030 maintains-medicine - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:33:21.0314 0x1030 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:33:21.0314 0x1030 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
12:33:21.0700 0x1030 Object send P2P result: true
12:33:21.0956 0x1030 maintainprofile - ok
12:33:21.0956 0x1030 gainpiece - ok
12:33:21.0959 0x1030 companycopy - ok
12:33:21.0963 0x1030 laughingload - ok
12:33:22.0071 0x1030 megabaud-70 - ok
12:33:22.0072 0x1030 makes_attempts - ok
12:33:22.0075 0x1030 naturalboyfriend - ok
12:33:22.0220 0x1030 [ 5B3A76C2067DD01F7E42613F1FC59BFA, 2EE1B0A7C1FEE54A2F433CBD47DFC0E829361A759A5EB983F2FD12F5A6EACE92 ] C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe
12:33:22.0260 0x1030 Spotify Web Helper - ok
12:33:22.0523 0x1030 [ A4CE33181F373EE47184FDB7FD76ACB8, 074EEC2FD5600729A749FB19A9890EAE95B74276950E05D5A0876BE107564120 ] C:\Users\Sven\AppData\Roaming\Spotify\Spotify.exe
12:33:22.0729 0x1030 Spotify - ok
12:33:22.0760 0x1030 transfer-6 - ok
12:33:22.0770 0x1030 [ C576F71D836E0A964BBD58E139F6B24F, 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1 ] C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
12:33:22.0770 0x1030 Suspicious file ( NoAccess ): C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe. md5: C576F71D836E0A964BBD58E139F6B24F, sha256: 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1
12:33:22.0774 0x1030 maintains-medicine - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:33:22.0774 0x1030 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:33:22.0774 0x1030 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
12:33:23.0059 0x1030 Object send P2P result: true
12:33:23.0378 0x1030 [ 7F4A6AB90E8F1CEF49E48D2E8917BD04, D242A9BE7015AC1E43C4724196FAB991A269D04409D40C819EAFCA7F6795050C ] C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe
12:33:23.0398 0x1030 scart-66 - detected UnsignedFile.Multi.Generic ( 1 )
12:33:23.0843 0x1030 Detect turned to UDS exact due to KSN untrusted
12:33:23.0843 0x1030 scart-66 ( UDS:DangerousObject.Multi.Generic ) - infected
12:33:23.0843 0x1030 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe
12:33:24.0107 0x1030 Object send P2P result: true
12:33:24.0337 0x1030 Waiting for KSN requests completion. In queue: 87
12:33:25.0463 0x1030 Win FW state via NFP2: enabled ( trusted )
12:33:25.0848 0x1030 ============================================================
12:33:25.0848 0x1030 Scan finished
12:33:25.0848 0x1030 ============================================================
12:33:25.0860 0x14b0 Detected object count: 3
12:33:25.0861 0x14b0 Actual detected object count: 3
12:34:06.0844 0x14b0 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:34:06.0844 0x14b0 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
12:34:06.0846 0x14b0 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:34:06.0846 0x14b0 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
12:34:06.0846 0x14b0 scart-66 ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:34:06.0846 0x14b0 scart-66 ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
Geändert von Hardos (30.10.2016 um 12:36 Uhr) |
|
31.10.2016, 09:57
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Der TDSS Killer wurde fündig. Mach einen neuen Lauf mit diesem Tool, aber diesmal die Funde maintains-medicine und scart-66 entfernen lassen. Log von TDSS dann wieder posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2016, 10:35
| #13 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Habe die EIntäge glöscht und neugestartet LOG: Code:
ATTFilter 10:28:15.0181 0x0798 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
10:28:21.0942 0x0798 ============================================================
10:28:21.0942 0x0798 Current date / time: 2016/10/31 10:28:21.0942
10:28:21.0943 0x0798 SystemInfo:
10:28:21.0943 0x0798
10:28:21.0943 0x0798 OS Version: 6.1.7601 ServicePack: 1.0
10:28:21.0943 0x0798 Product type: Workstation
10:28:21.0943 0x0798 ComputerName: SVEN-PC
10:28:21.0943 0x0798 UserName: Sven
10:28:21.0943 0x0798 Windows directory: C:\Windows
10:28:21.0943 0x0798 System windows directory: C:\Windows
10:28:21.0943 0x0798 Processor architecture: Intel x86
10:28:21.0943 0x0798 Number of processors: 2
10:28:21.0943 0x0798 Page size: 0x1000
10:28:21.0943 0x0798 Boot type: Normal boot
10:28:21.0943 0x0798 CodeIntegrityOptions = 0x00000000
10:28:21.0943 0x0798 ============================================================
10:28:23.0601 0x0798 KLMD registered as C:\Windows\system32\drivers\28602996.sys
10:28:23.0601 0x0798 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x0
10:28:23.0872 0x0798 System UUID: {094BED57-2AAD-ECA1-015D-93AF387B54C7}
10:28:24.0451 0x0798 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:28:24.0453 0x0798 ============================================================
10:28:24.0453 0x0798 \Device\Harddisk0\DR0:
10:28:24.0453 0x0798 MBR partitions:
10:28:24.0453 0x0798 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E848000
10:28:24.0453 0x0798 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x1BB3D000
10:28:24.0453 0x0798 ============================================================
10:28:24.0483 0x0798 C: <-> \Device\Harddisk0\DR0\Partition1
10:28:24.0519 0x0798 D: <-> \Device\Harddisk0\DR0\Partition2
10:28:24.0519 0x0798 ============================================================
10:28:24.0520 0x0798 Initialize success
10:28:24.0520 0x0798 ============================================================
10:29:51.0639 0x17e4 ============================================================
10:29:51.0639 0x17e4 Scan started
10:29:51.0639 0x17e4 Mode: Manual; SigCheck; TDLFS;
10:29:51.0639 0x17e4 ============================================================
10:29:51.0639 0x17e4 KSN ping started
10:30:02.0952 0x17e4 KSN ping finished: true
10:30:04.0915 0x17e4 ================ Scan system memory ========================
10:30:04.0915 0x17e4 System memory - ok
10:30:04.0915 0x17e4 ================ Scan services =============================
10:30:05.0123 0x17e4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:30:05.0217 0x17e4 1394ohci - ok
10:30:05.0253 0x17e4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:30:05.0269 0x17e4 ACPI - ok
10:30:05.0295 0x17e4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:30:05.0328 0x17e4 AcpiPmi - ok
10:30:05.0362 0x17e4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:30:05.0388 0x17e4 adp94xx - ok
10:30:05.0409 0x17e4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:30:05.0430 0x17e4 adpahci - ok
10:30:05.0444 0x17e4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:30:05.0457 0x17e4 adpu320 - ok
10:30:05.0511 0x17e4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:30:05.0664 0x17e4 AeLookupSvc - ok
10:30:05.0754 0x17e4 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
10:30:05.0805 0x17e4 AFD - ok
10:30:05.0826 0x17e4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:30:05.0839 0x17e4 agp440 - ok
10:30:05.0891 0x17e4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:30:05.0902 0x17e4 aic78xx - ok
10:30:05.0930 0x17e4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
10:30:05.0952 0x17e4 ALG - ok
10:30:05.0961 0x17e4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
10:30:05.0971 0x17e4 aliide - ok
10:30:05.0982 0x17e4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:30:05.0993 0x17e4 amdagp - ok
10:30:06.0009 0x17e4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
10:30:06.0018 0x17e4 amdide - ok
10:30:06.0031 0x17e4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:30:06.0046 0x17e4 AmdK8 - ok
10:30:06.0069 0x17e4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:30:06.0091 0x17e4 AmdPPM - ok
10:30:06.0115 0x17e4 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:30:06.0126 0x17e4 amdsata - ok
10:30:06.0154 0x17e4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:30:06.0168 0x17e4 amdsbs - ok
10:30:06.0176 0x17e4 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:30:06.0185 0x17e4 amdxata - ok
10:30:06.0216 0x17e4 [ 34A44AF3D786BB28B445821461331E19, 1E7B64AE5BDEE2530EDD1822AF5CB013113C5146FB7669BD413820FCC0D70E69 ] AppID C:\Windows\system32\drivers\appid.sys
10:30:06.0273 0x17e4 AppID - ok
10:30:06.0293 0x17e4 [ 1C9127BAD6E198C241E731EF90800A3B, AFB1709DF4A962ABBCE9DBE67E61B7FDE4B2202BF5FEE6BCB76D6779CC0795EC ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:30:06.0314 0x17e4 AppIDSvc - ok
10:30:06.0351 0x17e4 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo C:\Windows\System32\appinfo.dll
10:30:06.0387 0x17e4 Appinfo - ok
10:30:06.0437 0x17e4 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:30:06.0483 0x17e4 AppMgmt - ok
10:30:06.0500 0x17e4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
10:30:06.0516 0x17e4 arc - ok
10:30:06.0538 0x17e4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:30:06.0549 0x17e4 arcsas - ok
10:30:06.0687 0x17e4 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:30:06.0703 0x17e4 aspnet_state - ok
10:30:06.0732 0x17e4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:06.0827 0x17e4 AsyncMac - ok
10:30:06.0838 0x17e4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
10:30:06.0847 0x17e4 atapi - ok
10:30:06.0894 0x17e4 [ 3D8880A2CF21DCC057C8D9A194C41F10, BBD167294E98B09D92F6B71A59853896EF5221370824889BDB6E5D7C7F2644A6 ] AtcL001 C:\Windows\system32\DRIVERS\l160x86.sys
10:30:06.0919 0x17e4 AtcL001 - ok
10:30:06.0949 0x17e4 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:06.0977 0x17e4 AudioEndpointBuilder - ok
10:30:06.0992 0x17e4 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:30:07.0012 0x17e4 Audiosrv - ok
10:30:07.0066 0x17e4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:30:07.0114 0x17e4 AxInstSV - ok
10:30:07.0165 0x17e4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
10:30:07.0204 0x17e4 b06bdrv - ok
10:30:07.0234 0x17e4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:30:07.0259 0x17e4 b57nd60x - ok
10:30:07.0278 0x17e4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
10:30:07.0301 0x17e4 BDESVC - ok
10:30:07.0322 0x17e4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
10:30:07.0355 0x17e4 Beep - ok
10:30:07.0404 0x17e4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
10:30:07.0455 0x17e4 BFE - ok
10:30:07.0549 0x17e4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
10:30:07.0604 0x17e4 BITS - ok
10:30:07.0624 0x17e4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:07.0635 0x17e4 blbdrive - ok
10:30:07.0674 0x17e4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:30:07.0703 0x17e4 bowser - ok
10:30:07.0744 0x17e4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:30:07.0771 0x17e4 BrFiltLo - ok
10:30:07.0785 0x17e4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:30:07.0809 0x17e4 BrFiltUp - ok
10:30:07.0849 0x17e4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
10:30:07.0902 0x17e4 Browser - ok
10:30:07.0926 0x17e4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:30:07.0956 0x17e4 Brserid - ok
10:30:07.0975 0x17e4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:08.0011 0x17e4 BrSerWdm - ok
10:30:08.0032 0x17e4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:08.0074 0x17e4 BrUsbMdm - ok
10:30:08.0114 0x17e4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:08.0133 0x17e4 BrUsbSer - ok
10:30:08.0149 0x17e4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:30:08.0173 0x17e4 BTHMODEM - ok
10:30:08.0222 0x17e4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
10:30:08.0264 0x17e4 bthserv - ok
10:30:08.0281 0x17e4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:30:08.0311 0x17e4 cdfs - ok
10:30:08.0342 0x17e4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:30:08.0355 0x17e4 cdrom - ok
10:30:08.0406 0x17e4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
10:30:08.0448 0x17e4 CertPropSvc - ok
10:30:08.0476 0x17e4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
10:30:08.0493 0x17e4 circlass - ok
10:30:08.0548 0x17e4 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
10:30:08.0574 0x17e4 CLFS - ok
10:30:08.0655 0x17e4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:08.0665 0x17e4 clr_optimization_v2.0.50727_32 - ok
10:30:08.0723 0x17e4 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:08.0739 0x17e4 clr_optimization_v4.0.30319_32 - ok
10:30:08.0758 0x17e4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:30:08.0783 0x17e4 CmBatt - ok
10:30:08.0788 0x17e4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:30:08.0801 0x17e4 cmdide - ok
10:30:08.0855 0x17e4 [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG C:\Windows\system32\Drivers\cng.sys
10:30:08.0887 0x17e4 CNG - ok
10:30:08.0903 0x17e4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:30:08.0914 0x17e4 Compbatt - ok
10:30:08.0938 0x17e4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:30:08.0969 0x17e4 CompositeBus - ok
10:30:08.0978 0x17e4 COMSysApp - ok
10:30:08.0993 0x17e4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:30:09.0004 0x17e4 crcdisk - ok
10:30:09.0054 0x17e4 [ 6F8E0D147E53D4CE2F4D975AB976E80A, F357380C46EB7C886CE0A7DB6AB1403AFB221E3D8B8D4BD4A826EC5D9EB1C80B ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:30:09.0081 0x17e4 CryptSvc - ok
10:30:09.0135 0x17e4 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
10:30:09.0174 0x17e4 CSC - ok
10:30:09.0203 0x17e4 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
10:30:09.0237 0x17e4 CscService - ok
10:30:09.0281 0x17e4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
10:30:09.0337 0x17e4 DcomLaunch - ok
10:30:09.0385 0x17e4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
10:30:09.0444 0x17e4 defragsvc - ok
10:30:09.0473 0x17e4 [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:30:09.0491 0x17e4 DfsC - ok
10:30:09.0511 0x17e4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:30:09.0536 0x17e4 Dhcp - ok
10:30:09.0657 0x17e4 [ B8196C1FBDDE773028CBCE9D09B741FC, 8D19B91B1AE38D6C3A4724A48E75982DC9197CBD5319036C4EDDAA433A635DDB ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
10:30:09.0726 0x17e4 Disc Soft Lite Bus Service - ok
10:30:09.0749 0x17e4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
10:30:09.0798 0x17e4 discache - ok
10:30:09.0849 0x17e4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
10:30:09.0861 0x17e4 Disk - ok
10:30:09.0903 0x17e4 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:30:09.0920 0x17e4 dmvsc - ok
10:30:09.0962 0x17e4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:30:09.0982 0x17e4 Dnscache - ok
10:30:10.0036 0x17e4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
10:30:10.0079 0x17e4 dot3svc - ok
10:30:10.0123 0x17e4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
10:30:10.0168 0x17e4 DPS - ok
10:30:10.0210 0x17e4 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:30:10.0248 0x17e4 drmkaud - ok
10:30:10.0285 0x17e4 [ 8A32FF671D452D36CC7421171B78F939, E06CB58E561FA4B8E76763EE3D4443298906D661C4E63BAFA33103BAAB22AB9B ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
10:30:10.0305 0x17e4 dtlitescsibus - ok
10:30:10.0342 0x17e4 [ 1B75DAF28EA50DC38E988EBE0DAA6632, 27ED3FFF5B4F5075BB4ABCE20C6A3F2B7558669B002771457561CCBA4103F2B6 ] dtliteusbbus C:\Windows\system32\DRIVERS\dtliteusbbus.sys
10:30:10.0354 0x17e4 dtliteusbbus - ok
10:30:10.0414 0x17e4 [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:30:10.0443 0x17e4 DXGKrnl - ok
10:30:10.0495 0x17e4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
10:30:10.0528 0x17e4 EapHost - ok
10:30:10.0653 0x17e4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
10:30:10.0781 0x17e4 ebdrv - ok
10:30:10.0813 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] EFS C:\Windows\System32\lsass.exe
10:30:10.0853 0x17e4 EFS - ok
10:30:10.0937 0x17e4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:30:10.0975 0x17e4 ehRecvr - ok
10:30:10.0987 0x17e4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
10:30:11.0000 0x17e4 ehSched - ok
10:30:11.0068 0x17e4 [ 72753D5CC94A90F5CFC6C00ECC47163F, 824EEDCB94334912D8C44BC9626723F142DA95E9494C4B7D2F6EC7899CFF1DD2 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:30:11.0078 0x17e4 ElbyCDIO - ok
10:30:11.0109 0x17e4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:30:11.0133 0x17e4 elxstor - ok
10:30:11.0146 0x17e4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:30:11.0167 0x17e4 ErrDev - ok
10:30:11.0192 0x17e4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
10:30:11.0246 0x17e4 EventSystem - ok
10:30:11.0272 0x17e4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
10:30:11.0298 0x17e4 exfat - ok
10:30:11.0319 0x17e4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:30:11.0344 0x17e4 fastfat - ok
10:30:11.0408 0x17e4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
10:30:11.0444 0x17e4 Fax - ok
10:30:11.0452 0x17e4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:30:11.0463 0x17e4 fdc - ok
10:30:11.0501 0x17e4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
10:30:11.0537 0x17e4 fdPHost - ok
10:30:11.0548 0x17e4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
10:30:11.0571 0x17e4 FDResPub - ok
10:30:11.0584 0x17e4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:30:11.0594 0x17e4 FileInfo - ok
10:30:11.0633 0x17e4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:30:11.0669 0x17e4 Filetrace - ok
10:30:11.0684 0x17e4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:11.0702 0x17e4 flpydisk - ok
10:30:11.0731 0x17e4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:30:11.0745 0x17e4 FltMgr - ok
10:30:11.0810 0x17e4 [ 56E99402849C39809791FF4CDE08C204, EF92C29B98FABA144443EE82B525E40A2EA9B68B7FAA7434F4F138F87E5704F1 ] FontCache C:\Windows\system32\FntCache.dll
10:30:11.0840 0x17e4 FontCache - ok
10:30:11.0914 0x17e4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:30:11.0924 0x17e4 FontCache3.0.0.0 - ok
10:30:11.0940 0x17e4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:30:11.0951 0x17e4 FsDepends - ok
10:30:11.0993 0x17e4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:30:12.0009 0x17e4 Fs_Rec - ok
10:30:12.0039 0x17e4 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:30:12.0057 0x17e4 fvevol - ok
10:30:12.0080 0x17e4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:30:12.0092 0x17e4 gagp30kx - ok
10:30:12.0143 0x17e4 [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
10:30:12.0194 0x17e4 gpsvc - ok
10:30:12.0286 0x17e4 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:30:12.0301 0x17e4 gupdate - ok
10:30:12.0307 0x17e4 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:30:12.0318 0x17e4 gupdatem - ok
10:30:12.0342 0x17e4 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:30:12.0351 0x17e4 hamachi - ok
10:30:12.0527 0x17e4 [ 1BC9EB9435DF7FB44F6E0FA1ECABC48B, 34F3931E5D1B1BBD0C0D4D65D04FB8DC9A1C328E146A998BDECF07A25D89072A ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
10:30:12.0587 0x17e4 Hamachi2Svc - ok
10:30:12.0615 0x17e4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:30:12.0639 0x17e4 hcw85cir - ok
10:30:12.0704 0x17e4 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:30:12.0748 0x17e4 HdAudAddService - ok
10:30:12.0781 0x17e4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:30:12.0821 0x17e4 HDAudBus - ok
10:30:12.0836 0x17e4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:30:12.0856 0x17e4 HidBatt - ok
10:30:12.0871 0x17e4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:30:12.0898 0x17e4 HidBth - ok
10:30:12.0928 0x17e4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
10:30:12.0960 0x17e4 HidIr - ok
10:30:12.0994 0x17e4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
10:30:13.0035 0x17e4 hidserv - ok
10:30:13.0089 0x17e4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:30:13.0122 0x17e4 HidUsb - ok
10:30:13.0163 0x17e4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
10:30:13.0191 0x17e4 hkmsvc - ok
10:30:13.0236 0x17e4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:30:13.0260 0x17e4 HomeGroupListener - ok
10:30:13.0304 0x17e4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:30:13.0332 0x17e4 HomeGroupProvider - ok
10:30:13.0376 0x17e4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:30:13.0390 0x17e4 HpSAMD - ok
10:30:13.0472 0x17e4 [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
10:30:13.0484 0x17e4 HPSupportSolutionsFrameworkService - ok
10:30:13.0540 0x17e4 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:30:13.0586 0x17e4 HTTP - ok
10:30:13.0609 0x17e4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:30:13.0622 0x17e4 hwpolicy - ok
10:30:13.0635 0x17e4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:30:13.0660 0x17e4 i8042prt - ok
10:30:13.0702 0x17e4 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:30:13.0725 0x17e4 iaStorV - ok
10:30:13.0796 0x17e4 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:30:13.0828 0x17e4 idsvc - ok
10:30:13.0836 0x17e4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:30:13.0847 0x17e4 iirsp - ok
10:30:13.0914 0x17e4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
10:30:13.0941 0x17e4 IKEEXT - ok
10:30:13.0954 0x17e4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
10:30:13.0964 0x17e4 intelide - ok
10:30:13.0984 0x17e4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:30:13.0996 0x17e4 intelppm - ok
10:30:14.0051 0x17e4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:30:14.0090 0x17e4 IPBusEnum - ok
10:30:14.0108 0x17e4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:14.0141 0x17e4 IpFilterDriver - ok
10:30:14.0171 0x17e4 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:30:14.0202 0x17e4 iphlpsvc - ok
10:30:14.0217 0x17e4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:30:14.0240 0x17e4 IPMIDRV - ok
10:30:14.0256 0x17e4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:30:14.0289 0x17e4 IPNAT - ok
10:30:14.0315 0x17e4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:30:14.0328 0x17e4 IRENUM - ok
10:30:14.0340 0x17e4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:30:14.0350 0x17e4 isapnp - ok
10:30:14.0390 0x17e4 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:30:14.0406 0x17e4 iScsiPrt - ok
10:30:14.0429 0x17e4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:30:14.0439 0x17e4 kbdclass - ok
10:30:14.0462 0x17e4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:30:14.0480 0x17e4 kbdhid - ok
10:30:14.0495 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] KeyIso C:\Windows\system32\lsass.exe
10:30:14.0506 0x17e4 KeyIso - ok
10:30:14.0532 0x17e4 [ 58975F4DBB4A40D58FD1B913B6C912DA, 28FC71ABF07776073101CC886359FE7B0A9FB2B1135797AD6BB6CEEFC233F72C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:30:14.0543 0x17e4 KSecDD - ok
10:30:14.0560 0x17e4 [ EF8C60DD465C56837E1CC53D996A65C2, D932FA8A4A9073C8661B7EC6C598CF543B9D728DD866379C384DE60BCB35F82E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:30:14.0573 0x17e4 KSecPkg - ok
10:30:14.0625 0x17e4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:30:14.0681 0x17e4 KtmRm - ok
10:30:14.0728 0x17e4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:30:14.0763 0x17e4 LanmanServer - ok
10:30:14.0802 0x17e4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:30:14.0840 0x17e4 LanmanWorkstation - ok
10:30:14.0867 0x17e4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:30:14.0890 0x17e4 lltdio - ok
10:30:14.0929 0x17e4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:30:14.0967 0x17e4 lltdsvc - ok
10:30:14.0983 0x17e4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:30:15.0004 0x17e4 lmhosts - ok
10:30:15.0068 0x17e4 [ 93A4E2B886E2815B6B732A2380B0F068, 26C855264896DB95ED46E502F2D318E5F2AD25B59BDC47BD7FFE92646102AE0D ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
10:30:15.0090 0x17e4 LMIGuardianSvc - ok
10:30:15.0113 0x17e4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:30:15.0125 0x17e4 LSI_FC - ok
10:30:15.0163 0x17e4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:30:15.0178 0x17e4 LSI_SAS - ok
10:30:15.0191 0x17e4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:30:15.0202 0x17e4 LSI_SAS2 - ok
10:30:15.0213 0x17e4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:30:15.0225 0x17e4 LSI_SCSI - ok
10:30:15.0239 0x17e4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
10:30:15.0262 0x17e4 luafv - ok
10:30:15.0306 0x17e4 [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:30:15.0318 0x17e4 MBAMProtector - ok
10:30:15.0420 0x17e4 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
10:30:15.0464 0x17e4 MBAMScheduler - ok
10:30:15.0533 0x17e4 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
10:30:15.0571 0x17e4 MBAMService - ok
10:30:15.0618 0x17e4 [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:30:15.0630 0x17e4 MBAMSwissArmy - ok
10:30:15.0695 0x17e4 [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:30:15.0715 0x17e4 MBAMWebAccessControl - ok
10:30:15.0745 0x17e4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:30:15.0762 0x17e4 Mcx2Svc - ok
10:30:15.0781 0x17e4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
10:30:15.0793 0x17e4 megasas - ok
10:30:15.0813 0x17e4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:30:15.0830 0x17e4 MegaSR - ok
10:30:15.0862 0x17e4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
10:30:15.0896 0x17e4 MMCSS - ok
10:30:15.0909 0x17e4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
10:30:15.0933 0x17e4 Modem - ok
10:30:15.0956 0x17e4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:30:15.0979 0x17e4 monitor - ok
10:30:16.0000 0x17e4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:30:16.0011 0x17e4 mouclass - ok
10:30:16.0030 0x17e4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:30:16.0057 0x17e4 mouhid - ok
10:30:16.0080 0x17e4 [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:30:16.0091 0x17e4 mountmgr - ok
10:30:16.0102 0x17e4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
10:30:16.0115 0x17e4 mpio - ok
10:30:16.0141 0x17e4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:30:16.0171 0x17e4 mpsdrv - ok
10:30:16.0197 0x17e4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:30:16.0241 0x17e4 MpsSvc - ok
10:30:16.0269 0x17e4 [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:30:16.0310 0x17e4 MRxDAV - ok
10:30:16.0336 0x17e4 [ DFF7080C28D25B9629406FBC53F0AC24, EC87D28756997E36CD7808916863E9EDF6E04984595D468C55A389EB896EFBC2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:16.0363 0x17e4 mrxsmb - ok
10:30:16.0391 0x17e4 [ B63F11492664EA49F07BB0E50938F746, 6493968CC6C2B35988521C7C0F5EF9C69C9EC5AED44ED317164ABF73AD302DF9 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:16.0415 0x17e4 mrxsmb10 - ok
10:30:16.0438 0x17e4 [ 0E55102EA96B20FA945102A223D69DA5, 0A7C40CAF47C953CE60669BCAA519A4323CA36637D30E349575D0224C4ED7C19 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:16.0459 0x17e4 mrxsmb20 - ok
10:30:16.0471 0x17e4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
10:30:16.0481 0x17e4 msahci - ok
10:30:16.0492 0x17e4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:30:16.0505 0x17e4 msdsm - ok
10:30:16.0541 0x17e4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
10:30:16.0568 0x17e4 MSDTC - ok
10:30:16.0584 0x17e4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:30:16.0619 0x17e4 Msfs - ok
10:30:16.0654 0x17e4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:30:16.0683 0x17e4 mshidkmdf - ok
10:30:16.0695 0x17e4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:30:16.0705 0x17e4 msisadrv - ok
10:30:16.0750 0x17e4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:30:16.0780 0x17e4 MSiSCSI - ok
10:30:16.0784 0x17e4 msiserver - ok
10:30:16.0808 0x17e4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:30:16.0831 0x17e4 MSKSSRV - ok
10:30:16.0857 0x17e4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:16.0879 0x17e4 MSPCLOCK - ok
10:30:16.0895 0x17e4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:30:16.0933 0x17e4 MSPQM - ok
10:30:16.0955 0x17e4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:30:16.0968 0x17e4 MsRPC - ok
10:30:16.0984 0x17e4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:30:16.0995 0x17e4 mssmbios - ok
10:30:17.0008 0x17e4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:30:17.0042 0x17e4 MSTEE - ok
10:30:17.0054 0x17e4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:30:17.0065 0x17e4 MTConfig - ok
10:30:17.0085 0x17e4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
10:30:17.0095 0x17e4 Mup - ok
10:30:17.0141 0x17e4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
10:30:17.0174 0x17e4 napagent - ok
10:30:17.0205 0x17e4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:30:17.0222 0x17e4 NativeWifiP - ok
10:30:17.0280 0x17e4 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:30:17.0309 0x17e4 NDIS - ok
10:30:17.0330 0x17e4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:17.0352 0x17e4 NdisCap - ok
10:30:17.0377 0x17e4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:17.0410 0x17e4 NdisTapi - ok
10:30:17.0434 0x17e4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:17.0455 0x17e4 Ndisuio - ok
10:30:17.0472 0x17e4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:17.0496 0x17e4 NdisWan - ok
10:30:17.0506 0x17e4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:30:17.0528 0x17e4 NDProxy - ok
10:30:17.0556 0x17e4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:30:17.0578 0x17e4 NetBIOS - ok
10:30:17.0620 0x17e4 [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:30:17.0659 0x17e4 NetBT - ok
10:30:17.0664 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] Netlogon C:\Windows\system32\lsass.exe
10:30:17.0678 0x17e4 Netlogon - ok
10:30:17.0717 0x17e4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
10:30:17.0748 0x17e4 Netman - ok
10:30:17.0788 0x17e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:30:17.0802 0x17e4 NetMsmqActivator - ok
10:30:17.0823 0x17e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:30:17.0835 0x17e4 NetPipeActivator - ok
10:30:17.0875 0x17e4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
10:30:17.0905 0x17e4 netprofm - ok
10:30:17.0985 0x17e4 [ EFD7C94281882CBBA8EC1B967E9F73D8, C838F31432427BDE6F6B4DA02B69B2BF25573CF665011125E2BA2F6E3C75A504 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
10:30:18.0017 0x17e4 netr28u - ok
10:30:18.0026 0x17e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:30:18.0039 0x17e4 NetTcpActivator - ok
10:30:18.0045 0x17e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:30:18.0057 0x17e4 NetTcpPortSharing - ok
10:30:18.0075 0x17e4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:30:18.0086 0x17e4 nfrd960 - ok
10:30:18.0154 0x17e4 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:30:18.0187 0x17e4 NlaSvc - ok
10:30:18.0197 0x17e4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:30:18.0222 0x17e4 Npfs - ok
10:30:18.0239 0x17e4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
10:30:18.0263 0x17e4 nsi - ok
10:30:18.0269 0x17e4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:30:18.0305 0x17e4 nsiproxy - ok
10:30:18.0372 0x17e4 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:30:18.0418 0x17e4 Ntfs - ok
10:30:18.0434 0x17e4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
10:30:18.0457 0x17e4 Null - ok
10:30:18.0508 0x17e4 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
10:30:18.0521 0x17e4 NVHDA - ok
10:30:18.0917 0x17e4 [ 1A7AE487E2AAA86089EC8BDD6A104538, 4BCF9E718198DE25ECA6F290510CD438CCDF92DF30C3ACA15F59634FC11D2864 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:30:19.0226 0x17e4 nvlddmkm - ok
10:30:19.0273 0x17e4 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:30:19.0286 0x17e4 nvraid - ok
10:30:19.0304 0x17e4 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:30:19.0317 0x17e4 nvstor - ok
10:30:19.0389 0x17e4 [ 9AF133F51F7832ABAD3EEA362C84FE43, B4AFFC869725321026DF3B7606D014BACAD739862A779D349123A7E4E9B7E026 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:30:19.0420 0x17e4 nvsvc - ok
10:30:19.0435 0x17e4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:30:19.0447 0x17e4 nv_agp - ok
10:30:19.0462 0x17e4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:30:19.0476 0x17e4 ohci1394 - ok
10:30:19.0527 0x17e4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:30:19.0555 0x17e4 p2pimsvc - ok
10:30:19.0596 0x17e4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
10:30:19.0634 0x17e4 p2psvc - ok
10:30:19.0651 0x17e4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
10:30:19.0663 0x17e4 Parport - ok
10:30:19.0701 0x17e4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:30:19.0711 0x17e4 partmgr - ok
10:30:19.0727 0x17e4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:30:19.0738 0x17e4 Parvdm - ok
10:30:19.0759 0x17e4 [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:30:19.0785 0x17e4 PcaSvc - ok
10:30:19.0800 0x17e4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
10:30:19.0813 0x17e4 pci - ok
10:30:19.0827 0x17e4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
10:30:19.0836 0x17e4 pciide - ok
10:30:19.0848 0x17e4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:30:19.0862 0x17e4 pcmcia - ok
10:30:19.0871 0x17e4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
10:30:19.0881 0x17e4 pcw - ok
10:30:19.0918 0x17e4 [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:30:19.0944 0x17e4 PEAUTH - ok
10:30:20.0008 0x17e4 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:30:20.0059 0x17e4 PeerDistSvc - ok
10:30:20.0152 0x17e4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
10:30:20.0215 0x17e4 pla - ok
10:30:20.0270 0x17e4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:30:20.0300 0x17e4 PlugPlay - ok
10:30:20.0311 0x17e4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:30:20.0330 0x17e4 PNRPAutoReg - ok
10:30:20.0347 0x17e4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:30:20.0363 0x17e4 PNRPsvc - ok
10:30:20.0392 0x17e4 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:30:20.0478 0x17e4 PolicyAgent - ok
10:30:20.0520 0x17e4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
10:30:20.0558 0x17e4 Power - ok
10:30:20.0575 0x17e4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:30:20.0607 0x17e4 PptpMiniport - ok
10:30:20.0624 0x17e4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
10:30:20.0643 0x17e4 Processor - ok
10:30:20.0685 0x17e4 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
10:30:20.0706 0x17e4 ProfSvc - ok
10:30:20.0714 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:30:20.0726 0x17e4 ProtectedStorage - ok
10:30:20.0751 0x17e4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:30:20.0786 0x17e4 Psched - ok
10:30:20.0844 0x17e4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:30:20.0892 0x17e4 ql2300 - ok
10:30:20.0910 0x17e4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:30:20.0923 0x17e4 ql40xx - ok
10:30:20.0965 0x17e4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
10:30:20.0994 0x17e4 QWAVE - ok
10:30:21.0010 0x17e4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:30:21.0037 0x17e4 QWAVEdrv - ok
10:30:21.0054 0x17e4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:30:21.0091 0x17e4 RasAcd - ok
10:30:21.0117 0x17e4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:21.0139 0x17e4 RasAgileVpn - ok
10:30:21.0155 0x17e4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
10:30:21.0181 0x17e4 RasAuto - ok
10:30:21.0192 0x17e4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:21.0224 0x17e4 Rasl2tp - ok
10:30:21.0247 0x17e4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
10:30:21.0284 0x17e4 RasMan - ok
10:30:21.0295 0x17e4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:21.0319 0x17e4 RasPppoe - ok
10:30:21.0343 0x17e4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:30:21.0385 0x17e4 RasSstp - ok
10:30:21.0403 0x17e4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:30:21.0442 0x17e4 rdbss - ok
10:30:21.0456 0x17e4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:21.0468 0x17e4 rdpbus - ok
10:30:21.0480 0x17e4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:21.0500 0x17e4 RDPCDD - ok
10:30:21.0543 0x17e4 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:30:21.0568 0x17e4 RDPDR - ok
10:30:21.0586 0x17e4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:30:21.0607 0x17e4 RDPENCDD - ok
10:30:21.0616 0x17e4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:30:21.0651 0x17e4 RDPREFMP - ok
10:30:21.0696 0x17e4 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:30:21.0714 0x17e4 RdpVideoMiniport - ok
10:30:21.0752 0x17e4 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:30:21.0785 0x17e4 RDPWD - ok
10:30:21.0800 0x17e4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:30:21.0815 0x17e4 rdyboost - ok
10:30:21.0849 0x17e4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:30:21.0872 0x17e4 RemoteAccess - ok
10:30:21.0916 0x17e4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:30:21.0943 0x17e4 RemoteRegistry - ok
10:30:21.0984 0x17e4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:30:22.0024 0x17e4 RpcEptMapper - ok
10:30:22.0060 0x17e4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
10:30:22.0075 0x17e4 RpcLocator - ok
10:30:22.0093 0x17e4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
10:30:22.0124 0x17e4 RpcSs - ok
10:30:22.0133 0x17e4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:30:22.0165 0x17e4 rspndr - ok
10:30:22.0206 0x17e4 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:30:22.0239 0x17e4 s3cap - ok
10:30:22.0249 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] SamSs C:\Windows\system32\lsass.exe
10:30:22.0259 0x17e4 SamSs - ok
10:30:22.0287 0x17e4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:30:22.0299 0x17e4 sbp2port - ok
10:30:22.0339 0x17e4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:30:22.0376 0x17e4 SCardSvr - ok
10:30:22.0391 0x17e4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:30:22.0411 0x17e4 scfilter - ok
10:30:22.0467 0x17e4 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
10:30:22.0500 0x17e4 Schedule - ok
10:30:22.0520 0x17e4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:30:22.0542 0x17e4 SCPolicySvc - ok
10:30:22.0579 0x17e4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:30:22.0632 0x17e4 SDRSVC - ok
10:30:22.0659 0x17e4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:30:22.0693 0x17e4 secdrv - ok
10:30:22.0732 0x17e4 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
10:30:22.0758 0x17e4 seclogon - ok
10:30:22.0773 0x17e4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
10:30:22.0817 0x17e4 SENS - ok
10:30:22.0860 0x17e4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:30:22.0883 0x17e4 SensrSvc - ok
10:30:22.0896 0x17e4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:30:22.0910 0x17e4 Serenum - ok
10:30:22.0923 0x17e4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:30:22.0948 0x17e4 Serial - ok
10:30:22.0986 0x17e4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:30:23.0006 0x17e4 sermouse - ok
10:30:23.0056 0x17e4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
10:30:23.0080 0x17e4 SessionEnv - ok
10:30:23.0094 0x17e4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:30:23.0106 0x17e4 sffdisk - ok
10:30:23.0111 0x17e4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:30:23.0123 0x17e4 sffp_mmc - ok
10:30:23.0137 0x17e4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:30:23.0149 0x17e4 sffp_sd - ok
10:30:23.0164 0x17e4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:30:23.0175 0x17e4 sfloppy - ok
10:30:23.0205 0x17e4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:30:23.0241 0x17e4 SharedAccess - ok
10:30:23.0282 0x17e4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:30:23.0310 0x17e4 ShellHWDetection - ok
10:30:23.0327 0x17e4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:30:23.0339 0x17e4 sisagp - ok
10:30:23.0366 0x17e4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:30:23.0376 0x17e4 SiSRaid2 - ok
10:30:23.0391 0x17e4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:30:23.0403 0x17e4 SiSRaid4 - ok
10:30:23.0491 0x17e4 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:30:23.0515 0x17e4 SkypeUpdate - ok
10:30:23.0536 0x17e4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:30:23.0575 0x17e4 Smb - ok
10:30:23.0603 0x17e4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:30:23.0614 0x17e4 SNMPTRAP - ok
10:30:23.0629 0x17e4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
10:30:23.0638 0x17e4 spldr - ok
10:30:23.0655 0x17e4 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
10:30:23.0683 0x17e4 Spooler - ok
10:30:23.0814 0x17e4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
10:30:23.0920 0x17e4 sppsvc - ok
10:30:23.0938 0x17e4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:30:23.0970 0x17e4 sppuinotify - ok
10:30:24.0019 0x17e4 [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:30:24.0061 0x17e4 srv - ok
10:30:24.0124 0x17e4 [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:30:24.0156 0x17e4 srv2 - ok
10:30:24.0196 0x17e4 [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:30:24.0211 0x17e4 srvnet - ok
10:30:24.0257 0x17e4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:30:24.0298 0x17e4 SSDPSRV - ok
10:30:24.0324 0x17e4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:30:24.0347 0x17e4 SstpSvc - ok
10:30:24.0475 0x17e4 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
10:30:24.0521 0x17e4 Steam Client Service - ok
10:30:24.0650 0x17e4 [ A0BF3234CFFFBD1439757931B9BC57AA, 9CDBD8CDA2C3F0FD82E35CEC99B1ABDECBD74A01143B4B0D044A98E170A7707E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:30:24.0669 0x17e4 Stereo Service - ok
10:30:24.0702 0x17e4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:30:24.0712 0x17e4 stexstor - ok
10:30:24.0786 0x17e4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
10:30:24.0826 0x17e4 StiSvc - ok
10:30:24.0864 0x17e4 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:30:24.0875 0x17e4 storflt - ok
10:30:24.0902 0x17e4 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:30:24.0912 0x17e4 storvsc - ok
10:30:24.0929 0x17e4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:30:24.0940 0x17e4 swenum - ok
10:30:24.0963 0x17e4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
10:30:25.0003 0x17e4 swprv - ok
10:30:25.0035 0x17e4 [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
10:30:25.0046 0x17e4 Synth3dVsc - ok
10:30:25.0131 0x17e4 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
10:30:25.0206 0x17e4 SysMain - ok
10:30:25.0250 0x17e4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
10:30:25.0266 0x17e4 TabletInputService - ok
10:30:25.0282 0x17e4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
10:30:25.0310 0x17e4 TapiSrv - ok
10:30:25.0323 0x17e4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
10:30:25.0347 0x17e4 TBS - ok
10:30:25.0423 0x17e4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:30:25.0466 0x17e4 Tcpip - ok
10:30:25.0512 0x17e4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:30:25.0548 0x17e4 TCPIP6 - ok
10:30:25.0589 0x17e4 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:30:25.0615 0x17e4 tcpipreg - ok
10:30:25.0629 0x17e4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:30:25.0641 0x17e4 TDPIPE - ok
10:30:25.0680 0x17e4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:30:25.0693 0x17e4 TDTCP - ok
10:30:25.0731 0x17e4 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:30:25.0743 0x17e4 tdx - ok
10:30:25.0763 0x17e4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:30:25.0774 0x17e4 TermDD - ok
10:30:25.0829 0x17e4 [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt C:\Windows\system32\drivers\terminpt.sys
10:30:25.0848 0x17e4 terminpt - ok
10:30:25.0902 0x17e4 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
10:30:25.0936 0x17e4 TermService - ok
10:30:25.0975 0x17e4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
10:30:25.0989 0x17e4 Themes - ok
10:30:25.0996 0x17e4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
10:30:26.0020 0x17e4 THREADORDER - ok
10:30:26.0032 0x17e4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
10:30:26.0068 0x17e4 TrkWks - ok
10:30:26.0142 0x17e4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:30:26.0174 0x17e4 TrustedInstaller - ok
10:30:26.0217 0x17e4 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:26.0237 0x17e4 tssecsrv - ok
10:30:26.0248 0x17e4 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:30:26.0278 0x17e4 TsUsbFlt - ok
10:30:26.0289 0x17e4 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:30:26.0303 0x17e4 TsUsbGD - ok
10:30:26.0314 0x17e4 [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
10:30:26.0327 0x17e4 tsusbhub - ok
10:30:26.0347 0x17e4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:30:26.0370 0x17e4 tunnel - ok
10:30:26.0385 0x17e4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:30:26.0395 0x17e4 uagp35 - ok
10:30:26.0411 0x17e4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:30:26.0450 0x17e4 udfs - ok
10:30:26.0489 0x17e4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:30:26.0513 0x17e4 UI0Detect - ok
10:30:26.0541 0x17e4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:30:26.0552 0x17e4 uliagpkx - ok
10:30:26.0576 0x17e4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:30:26.0587 0x17e4 umbus - ok
10:30:26.0598 0x17e4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:30:26.0616 0x17e4 UmPass - ok
10:30:26.0642 0x17e4 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
10:30:26.0657 0x17e4 UmRdpService - ok
10:30:26.0688 0x17e4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
10:30:26.0723 0x17e4 upnphost - ok
10:30:26.0761 0x17e4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:26.0774 0x17e4 usbccgp - ok
10:30:26.0789 0x17e4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:30:26.0823 0x17e4 usbcir - ok
10:30:26.0869 0x17e4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:30:26.0879 0x17e4 usbehci - ok
10:30:26.0911 0x17e4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:30:26.0934 0x17e4 usbhub - ok
10:30:26.0971 0x17e4 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:30:26.0992 0x17e4 usbohci - ok
10:30:26.0996 0x17e4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:30:27.0009 0x17e4 usbprint - ok
10:30:27.0043 0x17e4 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:30:27.0079 0x17e4 USBSTOR - ok
10:30:27.0113 0x17e4 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:30:27.0124 0x17e4 usbuhci - ok
10:30:27.0168 0x17e4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
10:30:27.0191 0x17e4 UxSms - ok
10:30:27.0200 0x17e4 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] VaultSvc C:\Windows\system32\lsass.exe
10:30:27.0211 0x17e4 VaultSvc - ok
10:30:27.0270 0x17e4 [ C2D1B1671F9C1C66E0DF1B5D2DC87616, 577E0EC66E6D751B6521E7E35D8102CE0EC1A9B006B64BEFB75A5D0A15DC5370 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
10:30:27.0285 0x17e4 VClone - ok
10:30:27.0295 0x17e4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:30:27.0307 0x17e4 vdrvroot - ok
10:30:27.0331 0x17e4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
10:30:27.0365 0x17e4 vds - ok
10:30:27.0388 0x17e4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:30:27.0400 0x17e4 vga - ok
10:30:27.0413 0x17e4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:30:27.0451 0x17e4 VgaSave - ok
10:30:27.0454 0x17e4 VGPU - ok
10:30:27.0475 0x17e4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:30:27.0489 0x17e4 vhdmp - ok
10:30:27.0511 0x17e4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:30:27.0522 0x17e4 viaagp - ok
10:30:27.0530 0x17e4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:30:27.0550 0x17e4 ViaC7 - ok
10:30:27.0566 0x17e4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
10:30:27.0576 0x17e4 viaide - ok
10:30:27.0622 0x17e4 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:30:27.0636 0x17e4 vmbus - ok
10:30:27.0645 0x17e4 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:30:27.0655 0x17e4 VMBusHID - ok
10:30:27.0667 0x17e4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:30:27.0677 0x17e4 volmgr - ok
10:30:27.0695 0x17e4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:30:27.0711 0x17e4 volmgrx - ok
10:30:27.0770 0x17e4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:30:27.0787 0x17e4 volsnap - ok
10:30:27.0901 0x17e4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:30:27.0935 0x17e4 vsmraid - ok
10:30:28.0043 0x17e4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
10:30:28.0119 0x17e4 VSS - ok
10:30:28.0140 0x17e4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:30:28.0153 0x17e4 vwifibus - ok
10:30:28.0188 0x17e4 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:30:28.0215 0x17e4 vwififlt - ok
10:30:28.0270 0x17e4 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:30:28.0282 0x17e4 vwifimp - ok
10:30:28.0299 0x17e4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
10:30:28.0329 0x17e4 W32Time - ok
10:30:28.0342 0x17e4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:30:28.0353 0x17e4 WacomPen - ok
10:30:28.0364 0x17e4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:30:28.0387 0x17e4 WANARP - ok
10:30:28.0391 0x17e4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:30:28.0413 0x17e4 Wanarpv6 - ok
10:30:28.0459 0x17e4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
10:30:28.0505 0x17e4 wbengine - ok
10:30:28.0521 0x17e4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:30:28.0539 0x17e4 WbioSrvc - ok
10:30:28.0563 0x17e4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:30:28.0590 0x17e4 wcncsvc - ok
10:30:28.0604 0x17e4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:30:28.0640 0x17e4 WcsPlugInService - ok
10:30:28.0649 0x17e4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
10:30:28.0659 0x17e4 Wd - ok
10:30:28.0709 0x17e4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:30:28.0734 0x17e4 Wdf01000 - ok
10:30:28.0751 0x17e4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:30:28.0813 0x17e4 WdiServiceHost - ok
10:30:28.0818 0x17e4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:30:28.0836 0x17e4 WdiSystemHost - ok
10:30:28.0866 0x17e4 [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
10:30:28.0883 0x17e4 WebClient - ok
10:30:28.0895 0x17e4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:30:28.0923 0x17e4 Wecsvc - ok
10:30:28.0934 0x17e4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:30:28.0958 0x17e4 wercplsupport - ok
10:30:28.0975 0x17e4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
10:30:29.0013 0x17e4 WerSvc - ok
10:30:29.0048 0x17e4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:29.0071 0x17e4 WfpLwf - ok
10:30:29.0092 0x17e4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:30:29.0102 0x17e4 WIMMount - ok
10:30:29.0183 0x17e4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:30:29.0219 0x17e4 WinDefend - ok
10:30:29.0226 0x17e4 WinHttpAutoProxySvc - ok
10:30:29.0302 0x17e4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:30:29.0336 0x17e4 Winmgmt - ok
10:30:29.0381 0x17e4 [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
10:30:29.0417 0x17e4 WinRM - ok
10:30:29.0478 0x17e4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:29.0491 0x17e4 WinUsb - ok
10:30:29.0559 0x17e4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:30:29.0594 0x17e4 Wlansvc - ok
10:30:29.0609 0x17e4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:30:29.0620 0x17e4 WmiAcpi - ok
10:30:29.0658 0x17e4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:30:29.0671 0x17e4 wmiApSrv - ok
10:30:29.0775 0x17e4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:30:29.0821 0x17e4 WMPNetworkSvc - ok
10:30:29.0843 0x17e4 wnxmoiie - ok
10:30:29.0859 0x17e4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:30:29.0879 0x17e4 WPCSvc - ok
10:30:29.0892 0x17e4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:30:29.0914 0x17e4 WPDBusEnum - ok
10:30:29.0926 0x17e4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:30:29.0948 0x17e4 ws2ifsl - ok
10:30:29.0986 0x17e4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
10:30:30.0008 0x17e4 wscsvc - ok
10:30:30.0053 0x17e4 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:30:30.0079 0x17e4 WSDPrintDevice - ok
10:30:30.0083 0x17e4 WSearch - ok
10:30:30.0178 0x17e4 [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv C:\Windows\system32\wuaueng.dll
10:30:30.0253 0x17e4 wuauserv - ok
10:30:30.0270 0x17e4 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:30:30.0292 0x17e4 WudfPf - ok
10:30:30.0311 0x17e4 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:30.0333 0x17e4 WUDFRd - ok
10:30:30.0372 0x17e4 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:30:30.0409 0x17e4 wudfsvc - ok
10:30:30.0451 0x17e4 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:30:30.0471 0x17e4 WwanSvc - ok
10:30:30.0501 0x17e4 ================ Scan global ===============================
10:30:30.0540 0x17e4 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
10:30:30.0576 0x17e4 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
10:30:30.0589 0x17e4 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
10:30:30.0628 0x17e4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
10:30:30.0673 0x17e4 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
10:30:30.0681 0x17e4 [ Global ] - ok
10:30:30.0681 0x17e4 ================ Scan MBR ==================================
10:30:30.0690 0x17e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:30:31.0909 0x17e4 \Device\Harddisk0\DR0 - ok
10:30:31.0909 0x17e4 ================ Scan VBR ==================================
10:30:31.0920 0x17e4 [ 3ED24718A7EE57F51496A9BD2B9B8179 ] \Device\Harddisk0\DR0\Partition1
10:30:31.0922 0x17e4 \Device\Harddisk0\DR0\Partition1 - ok
10:30:31.0924 0x17e4 [ CBFD88CB136C66E5C323F45DA86B43F4 ] \Device\Harddisk0\DR0\Partition2
10:30:31.0926 0x17e4 \Device\Harddisk0\DR0\Partition2 - ok
10:30:31.0926 0x17e4 ================ Scan generic autorun ======================
10:30:31.0989 0x17e4 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
10:30:32.0001 0x17e4 VirtualCloneDrive - ok
10:30:32.0198 0x17e4 [ 5D81658C759830CC8E3912901FDE22CE, 68EC5A60D4931695FCAEAE0FCA46A15482ADB22F9FFC6F6E6497653DFCEE0D78 ] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
10:30:32.0317 0x17e4 LogMeIn Hamachi Ui - ok
10:30:32.0448 0x17e4 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
10:30:32.0473 0x17e4 SunJavaUpdateSched - ok
10:30:32.0556 0x17e4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:30:32.0631 0x17e4 Sidebar - ok
10:30:32.0667 0x17e4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
10:30:32.0693 0x17e4 mctadmin - ok
10:30:32.0721 0x17e4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:30:32.0756 0x17e4 Sidebar - ok
10:30:32.0763 0x17e4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
10:30:32.0777 0x17e4 mctadmin - ok
10:30:33.0008 0x17e4 [ 3D01BD151A423F6B7D89970E42E31E46, CA1B7619A387E94A033D3143B782DEEC30C9F9E528B52822E7CB35D1C617F349 ] C:\Program Files\CCleaner\CCleaner.exe
10:30:33.0173 0x17e4 CCleaner Monitoring - ok
10:30:33.0379 0x17e4 [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] D:\Steam\Steam.exe
10:30:33.0444 0x17e4 Steam - ok
10:30:33.0492 0x17e4 Skype - ok
10:30:33.0643 0x17e4 [ FE955DB74551BFF18F89FD4D6B2D64DF, EDBBF71448A6CAEC1AE41DF73F3F9495A6AEEC64C6CCA8E4161C821B9B2247CB ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
10:30:33.0732 0x17e4 DAEMON Tools Lite Automount - ok
10:30:33.0903 0x17e4 [ C576F71D836E0A964BBD58E139F6B24F, 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1 ] C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
10:30:33.0903 0x17e4 Suspicious file ( NoAccess ): C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe. md5: C576F71D836E0A964BBD58E139F6B24F, sha256: 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1
10:30:33.0919 0x17e4 maintains-medicine - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
10:30:34.0247 0x17e4 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - infected
10:30:34.0247 0x17e4 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
10:30:34.0544 0x17e4 Object send P2P result: true
10:30:34.0788 0x17e4 maintainprofile - ok
10:30:34.0791 0x17e4 gainpiece - ok
10:30:34.0793 0x17e4 companycopy - ok
10:30:34.0795 0x17e4 laughingload - ok
10:30:34.0868 0x17e4 megabaud-70 - ok
10:30:34.0869 0x17e4 makes_attempts - ok
10:30:34.0871 0x17e4 naturalboyfriend - ok
10:30:35.0014 0x17e4 [ 5B3A76C2067DD01F7E42613F1FC59BFA, 2EE1B0A7C1FEE54A2F433CBD47DFC0E829361A759A5EB983F2FD12F5A6EACE92 ] C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:30:35.0052 0x17e4 Spotify Web Helper - ok
10:30:35.0305 0x17e4 [ A4CE33181F373EE47184FDB7FD76ACB8, 074EEC2FD5600729A749FB19A9890EAE95B74276950E05D5A0876BE107564120 ] C:\Users\Sven\AppData\Roaming\Spotify\Spotify.exe
10:30:35.0493 0x17e4 Spotify - ok
10:30:35.0524 0x17e4 transfer-6 - ok
10:30:35.0532 0x17e4 [ C576F71D836E0A964BBD58E139F6B24F, 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1 ] C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
10:30:35.0533 0x17e4 Suspicious file ( NoAccess ): C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe. md5: C576F71D836E0A964BBD58E139F6B24F, sha256: 17CF63B1036B3A4BDE65516B48081F887A5FE18188311601ADCCBB4DEB16D1C1
10:30:35.0536 0x17e4 maintains-medicine - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
10:30:35.0536 0x17e4 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - infected
10:30:35.0536 0x17e4 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe
10:30:35.0794 0x17e4 Object send P2P result: true
10:30:36.0070 0x17e4 [ 7F4A6AB90E8F1CEF49E48D2E8917BD04, D242A9BE7015AC1E43C4724196FAB991A269D04409D40C819EAFCA7F6795050C ] C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe
10:30:36.0093 0x17e4 scart-66 - detected UnsignedFile.Multi.Generic ( 1 )
10:30:36.0344 0x17e4 Detect turned to UDS exact due to KSN untrusted
10:30:36.0345 0x17e4 scart-66 ( UDS:DangerousObject.Multi.Generic ) - infected
10:30:36.0345 0x17e4 Force sending object to P2P due to detect: C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe
10:30:36.0611 0x17e4 Object send P2P result: true
10:30:36.0849 0x17e4 Waiting for KSN requests completion. In queue: 87
10:30:37.0887 0x17e4 Win FW state via NFP2: enabled ( trusted )
10:30:38.0099 0x17e4 ============================================================
10:30:38.0099 0x17e4 Scan finished
10:30:38.0099 0x17e4 ============================================================
10:30:38.0109 0x1228 Detected object count: 3
10:30:38.0109 0x1228 Actual detected object count: 3
10:31:11.0572 0x1228 C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe - copied to quarantine
10:31:11.0573 0x1228 HKU\S-1-5-21-3812470548-86516784-2802545936-1000\Software\Microsoft\Windows\CurrentVersion\Run:maintains-medicine - will be deleted on reboot
10:31:11.0573 0x1228 C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe - will be deleted on reboot
10:31:11.0573 0x1228 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
10:31:11.0585 0x1228 C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe - copied to quarantine
10:31:11.0585 0x1228 HKU\S-1-5-21-3812470548-86516784-2802545936-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:maintains-medicine - will be deleted on reboot
10:31:11.0585 0x1228 C:\Users\Sven\AppData\Local\Temp\Maintains_banana\maintains_pack.exe - will be deleted on reboot
10:31:11.0585 0x1228 maintains-medicine ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
10:31:11.0612 0x1228 C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe - copied to quarantine
10:31:11.0613 0x1228 HKU\S-1-5-21-3812470548-86516784-2802545936-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:scart-66 - will be deleted on reboot
10:31:11.0614 0x1228 C:\Users\Sven\AppData\Roaming\scart-8\scart-01.exe - will be deleted on reboot
10:31:11.0614 0x1228 scart-66 ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
10:31:11.0983 0x1228 KLMD registered as C:\Windows\system32\drivers\02749747.sys
|
|
31.10.2016, 10:44
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Dann bitte ein Log mit Combofix machen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2016, 11:17
| #15 |
| | Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab Combofixlog Code:
ATTFilter ComboFix 16-10-23.01 - Sven 31.10.2016 11:01:35.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3071.1992 [GMT 1:00]
ausgeführt von:: c:\users\Sven\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
C:\END
c:\users\Sven\AppData\Local\SmartWeb
c:\users\Sven\AppData\Roaming\taper-9\taper-45.exe
c:\windows\TEMP\HP Support Framework\HPSF_Config1.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-09-28 bis 2016-10-31 ))))))))))))))))))))))))))))))
.
.
2016-10-31 10:08 . 2016-10-31 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-31 09:31 . 2016-10-31 09:31 -------- d-----w- C:\TDSSKiller_Quarantine
2016-10-30 11:17 . 2016-10-30 11:26 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-10-28 14:55 . 2016-10-28 14:56 -------- d-----w- C:\FRST
2016-10-28 11:50 . 2016-10-06 21:30 9727984 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EEC72C0B-CF35-405D-909A-3751247678D4}\mpengine.dll
2016-10-28 09:38 . 2016-10-28 09:38 -------- d-----w- c:\users\Sven\AppData\Local\ESET
2016-10-13 17:07 . 2016-10-13 17:07 -------- d-----w- c:\users\Sven\AppData\Local\YSearchUtil
2016-10-13 17:07 . 2016-10-13 17:07 -------- d-----w- c:\program files\Yahoo!
2016-10-13 17:05 . 2016-10-13 17:05 -------- d-----w- c:\program files\Common Files\Java
2016-10-12 14:27 . 2016-07-22 14:51 123904 ----a-w- c:\windows\system32\poqexec.exe
2016-10-12 12:43 . 2016-10-12 12:43 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-31 09:39 . 2015-08-20 14:06 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-10-30 11:16 . 2015-08-20 14:06 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-10-26 15:29 . 2015-08-20 15:56 407720 ------w- c:\windows\system32\MpSigStub.exe
2016-10-13 17:03 . 2015-08-20 13:37 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-09-13 16:53 . 2015-08-20 14:21 27040 ---ha-w- c:\windows\system32\hamachi.sys
2016-08-16 02:48 . 2016-09-14 17:24 811520 ----a-w- c:\windows\system32\user32.dll
2016-08-12 16:46 . 2016-10-12 14:26 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:21 . 2016-09-14 17:24 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:21 . 2016-09-14 17:24 313856 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:21 . 2016-09-14 17:24 116224 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-06 15:15 . 2016-09-14 17:24 581632 ----a-w- c:\windows\system32\oleaut32.dll
2016-08-05 15:13 . 2016-09-21 09:46 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-07-17 6453528]
"Steam"="d:\steam\Steam.exe" [2016-08-23 2857248]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-09-12 29642368]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-11-30 3280728]
"Spotify Web Helper"="c:\users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-10-14 1483888]
"Spotify"="c:\users\Sven\AppData\Roaming\Spotify\Spotify.exe" [2016-10-14 6884976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2016-09-13 5565960]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
algae-6194.lnk - c:\programdata\algae-0191\algae-880.exe [2016-4-11 635392]
CurseClientStartup.ccip [2016-1-21 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R1 wnxmoiie;wnxmoiie;c:\windows\system32\drivers\wnxmoiie.sys [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2016-03-10 1514464]
R2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2016-03-10 1136608]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-07-25 324224]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2016-03-10 24448]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2016-03-10 53120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2016-09-13 1958408]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-15 29728]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-08-31 405424]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-03 409800]
S3 AtcL001;NDIS-Miniporttreiber für L1-Gigabit-Ethernet-Controller von Atheros;c:\windows\system32\DRIVERS\l160x86.sys [2009-07-13 47104]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1082200]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-10 26168]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-10 40504]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-05-26 856928]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 46778460
*Deregistered* - 46778460
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-10-24 23:43 1363560 ----a-w- c:\program files\Google\Chrome\Application\54.0.2840.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-08-20 13:41]
.
2016-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-08-20 13:41]
.
2016-10-29 c:\windows\Tasks\HPCeeScheduleForSven.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16 07:51]
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-megabaud-70 - c:\programdata\megabaud-1\megabaud-6.exe
HKCU-Run-transfer-6 - c:\programdata\transfer-9\transfer-2.exe
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taper-2.lnk - c:\users\Sven\AppData\Roaming\taper-9\taper-45.exe
SafeBoot-46778460.sys
AddRemove-{61EB474B-67A6-47F4-B1B7-386851BAB3D0} - c:\program files\InstallShield Installation Information\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3812470548-86516784-2802545936-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-10-31 11:10:52
ComboFix-quarantined-files.txt 2016-10-31 10:10
.
Vor Suchlauf: 19 Verzeichnis(se), 21.395.939.328 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 21.971.165.184 Bytes frei
.
- - End Of File - - 41D017A0A5A3ABC1D514627B31D51A7E
A36C5E4F47E84449FF07ED3517B43A31
|
|
| Themen zu Eset Online Scanner zeigt 15 Infizierungen und stürzt vor Ablauf ab |
| ablauf, absturz, alter, eset, eset online scanner, gen, infizierungen, malware, online, scan, scanne, scannen, scanner, stürzt, system, versuch |
Linear-Darstellung
