Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Immer wieder Musik im Hintergrund (https://www.trojaner-board.de/149480-immer-musik-hintergrund.html)

justblack 08.02.2014 22:39
Immer wieder Musik im Hintergrund
 
Hallo,
ich habe folgendes Problem. Immer wieder höre ich Ausländische Radiosender auch wenn ich die Verbindung zum Internet unterbreche. Das System habe ich bereits einmal neu aufgesetzt und auch mehrere Viren und Malware-Scanner ohne Erfolg rüber laufen lassen. Keine Befall erkannt.
Musste die Logs leider zippen da sie zum hochladen zu groß waren


Ich hoffe ihr könnt mir da weiter helfen:dankeschoen:

Larusso 08.02.2014 22:40
:hallo:

Versteh ich das richtig, dass du dein System neu aufgesetzt hast und immer noch die Musik da ist ?

justblack 08.02.2014 22:42
Ich habe einige Daten wieder rauf gespielt und denke mal das da irgendwo was drinne sitzt was sich nicht erkennen lässt.
Aber so blöd es auch klingt....ja es ist so

Larusso 08.02.2014 22:47
Schnellformatierung ?

Ich seh in der FRST Log zeichen von AVAST und Comodo. Hast du 2 AVPs installiert ;)


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

justblack 08.02.2014 23:00
so, der scan ist durch und nix gefunden....
hier ist der log:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
Malwarebytes : Free Anti-Malware

Database version: v2014.02.08.08

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
frank :: SCHULE [administrator]

08.02.2014 22:51:17
mbar-log-2014-02-08 (22-51-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 245580
Time elapsed: 7 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

leider wie alle anderen Scanner das gleiche Ergebnis.

Larusso 08.02.2014 23:28
Naja schon mal nicht schlecht
Wann kommen denn diese Radio Signale genau ?

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

justblack 09.02.2014 09:24
Guten Morgen,
die Musik kommt immer sehr unregelmässig und ist mal lauter und wird dann wieder leiser. anhand von Programmen kann man das eigentlich nicht so wirklich aus machen.
habe den tdsskiller zwei mal durch laufen lassen und poste mal die logs:

1.)Log:09:11:14.0731 3848 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:11:14.0731 3848 UEFI system
09:11:27.0971 3848 Perform update action was selected
09:11:27.0973 2436 Deinitialize success

2.)Log:09:12:01.0210 0x1788 TDSS rootkit removing tool 3.0.0.22 Feb 3 2014 16:45:35
09:12:01.0210 0x1788 UEFI system
09:12:04.0036 0x1788 ============================================================
09:12:04.0036 0x1788 Current date / time: 2014/02/09 09:12:04.0036
09:12:04.0036 0x1788 SystemInfo:
09:12:04.0036 0x1788
09:12:04.0036 0x1788 OS Version: 6.3.9600 ServicePack: 0.0
09:12:04.0036 0x1788 Product type: Workstation
09:12:04.0036 0x1788 ComputerName: SCHULE
09:12:04.0036 0x1788 UserName: frank
09:12:04.0036 0x1788 Windows directory: C:\Windows
09:12:04.0036 0x1788 System windows directory: C:\Windows
09:12:04.0036 0x1788 Running under WOW64
09:12:04.0036 0x1788 Processor architecture: Intel x64
09:12:04.0036 0x1788 Number of processors: 4
09:12:04.0036 0x1788 Page size: 0x1000
09:12:04.0036 0x1788 Boot type: Normal boot
09:12:04.0036 0x1788 ============================================================
09:12:04.0241 0x1788 KLMD registered as C:\Windows\system32\drivers\25275382.sys
09:12:04.0498 0x1788 System UUID: {ED09901E-9FCF-30D9-5BFD-986694E62CA7}
09:12:04.0879 0x1788 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:12:04.0904 0x1788 Drive \Device\Harddisk2\DR3 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:12:04.0905 0x1788 ============================================================
09:12:04.0905 0x1788 \Device\Harddisk0\DR0:
09:12:04.0905 0x1788 GPT partitions:
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8E67D432-86D9-4147-9A67-EB551EB0593C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A78C184B-2B6E-42A0-BFAE-4625DA14CE55}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A9FBEE68-1372-4657-904B-AB8C22D6C55E}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C20EC0AA-3E41-4193-85CA-142A97F1A1EE}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x7AF30000
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DF367375-EE9F-4B7B-9A3B-AED001127FE4}, Name: Basic data partition, StartLBA 0x7B038800, BlocksNum 0x3D08F800
09:12:04.0906 0x1788 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {256BE2A6-C69C-417A-9B3D-88AC34763F38}, Name: Basic data partition, StartLBA 0xB80C8000, BlocksNum 0x30D40000
09:12:04.0906 0x1788 MBR partitions:
09:12:04.0906 0x1788 \Device\Harddisk2\DR3:
09:12:04.0907 0x1788 MBR partitions:
09:12:04.0907 0x1788 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x9A8, BlocksNum 0xE8C658
09:12:04.0907 0x1788 ============================================================
09:12:04.0929 0x1788 C: <-> \Device\Harddisk0\DR0\Partition4
09:12:04.0967 0x1788 K: <-> \Device\Harddisk0\DR0\Partition5
09:12:05.0010 0x1788 M: <-> \Device\Harddisk0\DR0\Partition6
09:12:05.0010 0x1788 ============================================================
09:12:05.0010 0x1788 Initialize success
09:12:05.0010 0x1788 ============================================================
09:12:48.0334 0x16e8 ============================================================
09:12:48.0334 0x16e8 Scan started
09:12:48.0334 0x16e8 Mode: Manual; SigCheck; TDLFS;
09:12:48.0334 0x16e8 ============================================================
09:12:48.0334 0x16e8 KSN ping started
09:12:51.0380 0x16e8 KSN ping finished: true
09:12:51.0834 0x16e8 ================ Scan system memory ========================
09:12:51.0834 0x16e8 System memory - ok
09:12:51.0834 0x16e8 ================ Scan services =============================
09:12:51.0974 0x16e8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
09:12:52.0068 0x16e8 1394ohci - ok
09:12:52.0068 0x16e8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
09:12:52.0084 0x16e8 3ware - ok
09:12:52.0146 0x16e8 [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:12:52.0162 0x16e8 ACPI - ok
09:12:52.0162 0x16e8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
09:12:52.0177 0x16e8 acpiex - ok
09:12:52.0197 0x16e8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
09:12:52.0212 0x16e8 acpipagr - ok
09:12:52.0228 0x16e8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
09:12:52.0282 0x16e8 AcpiPmi - ok
09:12:52.0297 0x16e8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
09:12:52.0329 0x16e8 acpitime - ok
09:12:52.0391 0x16e8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:12:52.0423 0x16e8 AdobeARMservice - ok
09:12:52.0459 0x16e8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
09:12:52.0490 0x16e8 ADP80XX - ok
09:12:52.0522 0x16e8 [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:12:52.0553 0x16e8 AeLookupSvc - ok
09:12:52.0569 0x16e8 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\Windows\system32\drivers\afd.sys
09:12:52.0647 0x16e8 AFD - ok
09:12:52.0663 0x16e8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:12:52.0679 0x16e8 agp440 - ok
09:12:52.0694 0x16e8 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
09:12:52.0772 0x16e8 ahcache - ok
09:12:52.0788 0x16e8 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
09:12:52.0850 0x16e8 ALG - ok
09:12:52.0866 0x16e8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
09:12:52.0913 0x16e8 AmdK8 - ok
09:12:52.0929 0x16e8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
09:12:52.0960 0x16e8 AmdPPM - ok
09:12:52.0975 0x16e8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:12:52.0975 0x16e8 amdsata - ok
09:12:52.0991 0x16e8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:12:53.0022 0x16e8 amdsbs - ok
09:12:53.0022 0x16e8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:12:53.0022 0x16e8 amdxata - ok
09:12:53.0132 0x16e8 [ 330FE83760F95FC8BEA17F1BADE7AC6E, CB1AD4258E25B1942204DB0D6099AB1396819C09B876AE0C0A76161CBC5E5C89 ] Apache2.4 C:\xampp\apache\bin\httpd.exe
09:12:53.0147 0x16e8 Apache2.4 - detected UnsignedFile.Multi.Generic ( 1 )
09:12:53.0225 0x16e8 Apache2.4 ( UnsignedFile.Multi.Generic ) - warning
09:12:53.0225 0x16e8 Force sending object to P2P due to detect: C:\xampp\apache\bin\httpd.exe
09:12:56.0132 0x16e8 Object send P2P result: true
09:12:58.0835 0x16e8 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
09:12:58.0913 0x16e8 AppID - ok
09:12:58.0929 0x16e8 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:12:58.0976 0x16e8 AppIDSvc - ok
09:12:59.0007 0x16e8 [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo C:\Windows\System32\appinfo.dll
09:12:59.0069 0x16e8 Appinfo - ok
09:12:59.0116 0x16e8 [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness C:\Windows\system32\AppReadiness.dll
09:12:59.0163 0x16e8 AppReadiness - ok
09:12:59.0213 0x16e8 [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
09:12:59.0276 0x16e8 AppXSvc - ok
09:12:59.0293 0x16e8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:12:59.0308 0x16e8 arcsas - ok
09:12:59.0324 0x16e8 [ 79EB7B1733F0EA220C95335795C806EB, 93E22C48FE912D3B2ADB8C8AB01557E1EF6D628FD0BAFDB096AA9AFB8C0C8D1F ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:12:59.0355 0x16e8 aswFsBlk - ok
09:12:59.0371 0x16e8 [ 9FB1012D9EE3B9510FAA4C8D34DECD1C, FCBA544D2AD3DB2836E929A1AF9498F05D6A1DF250CFCD4061DACBB3408340C5 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:12:59.0387 0x16e8 aswMonFlt - ok
09:12:59.0402 0x16e8 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
09:12:59.0402 0x16e8 aswRdr - ok
09:12:59.0418 0x16e8 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:12:59.0418 0x16e8 aswRvrt - ok
09:12:59.0452 0x16e8 [ DF97409EBD35C5A40AF5594806724F75, 2496422E01FBB880FE60E611D462912C110697EBC8905777229E96E7569FF0B0 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:12:59.0468 0x16e8 aswSnx - ok
09:12:59.0484 0x16e8 [ 79ADA401A6E2054F110E7FBDFAC71942, 0E551FB9E5FE598900036E872E16EB407F7F63FD7A8A0AFAB5094D9DFA75CFCF ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:12:59.0499 0x16e8 aswSP - ok
09:12:59.0522 0x16e8 [ 59787B95DD9CA44CB139D96863438587, C36E1A812931BBEACE38BF1E621C950439144979E31961C016AD1AE323579058 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:12:59.0522 0x16e8 aswVmm - ok
09:12:59.0538 0x16e8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
09:12:59.0538 0x16e8 atapi - ok
09:12:59.0554 0x16e8 [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:12:59.0600 0x16e8 AudioEndpointBuilder - ok
09:12:59.0632 0x16e8 [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:12:59.0663 0x16e8 Audiosrv - ok
09:12:59.0710 0x16e8 [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:12:59.0725 0x16e8 avast! Antivirus - ok
09:12:59.0757 0x16e8 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:12:59.0804 0x16e8 AxInstSV - ok
09:12:59.0819 0x16e8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:12:59.0850 0x16e8 b06bdrv - ok
09:12:59.0866 0x16e8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
09:12:59.0929 0x16e8 BasicDisplay - ok
09:12:59.0944 0x16e8 [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
09:12:59.0991 0x16e8 BasicRender - ok
09:13:00.0022 0x16e8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
09:13:00.0038 0x16e8 bcmfn2 - ok
09:13:00.0069 0x16e8 [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC C:\Windows\System32\bdesvc.dll
09:13:00.0116 0x16e8 BDESVC - ok
09:13:00.0116 0x16e8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
09:13:00.0163 0x16e8 Beep - ok
09:13:00.0210 0x16e8 [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE C:\Windows\System32\bfe.dll
09:13:00.0248 0x16e8 BFE - ok
09:13:00.0279 0x16e8 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
09:13:00.0326 0x16e8 BITS - ok
09:13:00.0341 0x16e8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:13:00.0357 0x16e8 bowser - ok
09:13:00.0388 0x16e8 [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
09:13:00.0404 0x16e8 BrokerInfrastructure - ok
09:13:00.0419 0x16e8 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\Windows\System32\browser.dll
09:13:00.0451 0x16e8 Browser - ok
09:13:00.0466 0x16e8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
09:13:00.0513 0x16e8 BthAvrcpTg - ok
09:13:00.0545 0x16e8 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
09:13:00.0560 0x16e8 BthHFEnum - ok
09:13:00.0576 0x16e8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
09:13:00.0607 0x16e8 bthhfhid - ok
09:13:00.0623 0x16e8 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
09:13:00.0654 0x16e8 BTHMODEM - ok
09:13:00.0670 0x16e8 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
09:13:00.0701 0x16e8 bthserv - ok
09:13:00.0716 0x16e8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:13:00.0748 0x16e8 cdfs - ok
09:13:00.0763 0x16e8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
09:13:00.0779 0x16e8 cdrom - ok
09:13:00.0795 0x16e8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
09:13:00.0873 0x16e8 CertPropSvc - ok
09:13:00.0888 0x16e8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
09:13:00.0904 0x16e8 circlass - ok
09:13:00.0935 0x16e8 [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS C:\Windows\system32\drivers\CLFS.sys
09:13:00.0951 0x16e8 CLFS - ok
09:13:00.0982 0x16e8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
09:13:01.0029 0x16e8 CmBatt - ok
09:13:01.0248 0x16e8 [ 2D1E7E163AB1C927ACBA22CBE4A9F818, 81CAC4AC46573AE997FA98E4FFD5CE88A9BB8D3BE80CA075490EA3168414E649 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:13:01.0341 0x16e8 cmdAgent - ok
09:13:01.0357 0x16e8 [ AB7D3EF26D9B8001870814647189FDC1, 157391281863719175FCB72C96E62DEB322E8C434AA8AD993619F2DFE9FA651E ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
09:13:01.0373 0x16e8 cmderd - ok
09:13:01.0435 0x16e8 [ 31D0ED596299BD8BEB81C1020825CA58, 9C7F81573A33902AC36C66185914B2BE56ECE8240971AFC564ACE5FDBB90D270 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
09:13:01.0451 0x16e8 cmdGuard - ok
09:13:01.0466 0x16e8 [ 29925B820AD0FA43449785E24716CF64, 43017A395A0E4646038BE491EB387C817713DE5BB5AD6BCF74AC8D4D33DD45BC ] cmdhlp C:\Windows\system32\DRIVERS\cmdhlp.sys
09:13:01.0482 0x16e8 cmdhlp - ok
09:13:01.0498 0x16e8 [ A3574DCC6588D6E09E069D2BE61537EC, E9AA0DA9A6C6F22398C2555FA6AA24B2142791B7281E91973842A5E88A2815D4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
09:13:01.0513 0x16e8 cmdvirth - ok
09:13:01.0529 0x16e8 [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG C:\Windows\system32\Drivers\cng.sys
09:13:01.0560 0x16e8 CNG - ok
09:13:01.0560 0x16e8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
09:13:01.0576 0x16e8 CompositeBus - ok
09:13:01.0576 0x16e8 COMSysApp - ok
09:13:01.0576 0x16e8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
09:13:01.0607 0x16e8 condrv - ok
09:13:01.0638 0x16e8 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:13:01.0638 0x16e8 CryptSvc - ok
09:13:01.0654 0x16e8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
09:13:01.0670 0x16e8 dam - ok
09:13:01.0701 0x16e8 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:13:01.0748 0x16e8 DcomLaunch - ok
09:13:01.0779 0x16e8 [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc C:\Windows\System32\defragsvc.dll
09:13:01.0810 0x16e8 defragsvc - ok
09:13:01.0841 0x16e8 [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\Windows\system32\das.dll
09:13:01.0873 0x16e8 DeviceAssociationService - ok
09:13:01.0888 0x16e8 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
09:13:01.0920 0x16e8 DeviceInstall - ok
09:13:01.0920 0x16e8 [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
09:13:01.0951 0x16e8 Dfsc - ok
09:13:01.0966 0x16e8 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:13:01.0982 0x16e8 Dhcp - ok
09:13:02.0013 0x16e8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
09:13:02.0013 0x16e8 disk - ok
09:13:02.0029 0x16e8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
09:13:02.0045 0x16e8 dmvsc - ok
09:13:02.0076 0x16e8 [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:13:02.0123 0x16e8 Dnscache - ok
09:13:02.0154 0x16e8 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
09:13:02.0185 0x16e8 dot3svc - ok
09:13:02.0201 0x16e8 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
09:13:02.0216 0x16e8 DPS - ok
09:13:02.0326 0x16e8 [ 49B2C034D77F9F73C80AC55E795CCB6E, EC3B3AF80FA86222E63ABA646C3452C7AD1B9462A1A18D059F5F7EC18C37D97C ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
09:13:02.0373 0x16e8 DragonUpdater - ok
09:13:02.0388 0x16e8 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:13:02.0388 0x16e8 drmkaud - ok
09:13:02.0420 0x16e8 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
09:13:02.0451 0x16e8 DsmSvc - ok
09:13:02.0529 0x16e8 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
09:13:02.0545 0x16e8 dtsoftbus01 - ok
09:13:02.0608 0x16e8 [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:13:02.0639 0x16e8 DXGKrnl - ok
09:13:02.0655 0x16e8 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
09:13:02.0671 0x16e8 Eaphost - ok
09:13:02.0797 0x16e8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:13:02.0875 0x16e8 ebdrv - ok
09:13:02.0906 0x16e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
09:13:02.0906 0x16e8 EFS - ok
09:13:02.0922 0x16e8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
09:13:02.0937 0x16e8 EhStorClass - ok
09:13:02.0953 0x16e8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:13:02.0969 0x16e8 EhStorTcgDrv - ok
09:13:02.0984 0x16e8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
09:13:03.0016 0x16e8 ErrDev - ok
09:13:03.0045 0x16e8 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
09:13:03.0076 0x16e8 EventSystem - ok
09:13:03.0107 0x16e8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
09:13:03.0123 0x16e8 exfat - ok
09:13:03.0138 0x16e8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:13:03.0138 0x16e8 fastfat - ok
09:13:03.0170 0x16e8 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
09:13:03.0201 0x16e8 Fax - ok
09:13:03.0217 0x16e8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
09:13:03.0232 0x16e8 fdc - ok
09:13:03.0232 0x16e8 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
09:13:03.0248 0x16e8 fdPHost - ok
09:13:03.0263 0x16e8 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
09:13:03.0279 0x16e8 FDResPub - ok
09:13:03.0295 0x16e8 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
09:13:03.0310 0x16e8 fhsvc - ok
09:13:03.0326 0x16e8 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:13:03.0342 0x16e8 FileInfo - ok
09:13:03.0342 0x16e8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:13:03.0373 0x16e8 Filetrace - ok
09:13:03.0404 0x16e8 [ 7E76EED28B8B8696B7F7ED5F757AA304, 4D42711B63F90FF9AF3D6C8E4EDB3FF08CAB6FE5131D9A43F4D10D1CA51F7378 ] FileZilla Server C:\xampp\filezillaftp\filezillaserver.exe
09:13:03.0435 0x16e8 FileZilla Server - detected UnsignedFile.Multi.Generic ( 1 )
09:13:03.0435 0x16e8 FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
09:13:03.0435 0x16e8 Force sending object to P2P due to detect: C:\xampp\filezillaftp\filezillaserver.exe
09:13:07.0307 0x16e8 Object send P2P result: true
09:13:09.0780 0x16e8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
09:13:09.0811 0x16e8 flpydisk - ok
09:13:09.0874 0x16e8 [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:13:09.0905 0x16e8 FltMgr - ok
09:13:09.0936 0x16e8 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\Windows\system32\FntCache.dll
09:13:09.0983 0x16e8 FontCache - ok
09:13:10.0077 0x16e8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:13:10.0108 0x16e8 FontCache3.0.0.0 - ok
09:13:10.0124 0x16e8 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:13:10.0139 0x16e8 FsDepends - ok
09:13:10.0155 0x16e8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:13:10.0155 0x16e8 Fs_Rec - ok
09:13:10.0202 0x16e8 [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:13:10.0217 0x16e8 fvevol - ok
09:13:10.0233 0x16e8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
09:13:10.0264 0x16e8 FxPPM - ok
09:13:10.0280 0x16e8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:13:10.0311 0x16e8 gagp30kx - ok
09:13:10.0311 0x16e8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
09:13:10.0342 0x16e8 gencounter - ok
09:13:10.0358 0x16e8 [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
09:13:10.0374 0x16e8 GPIOClx0101 - ok
09:13:10.0420 0x16e8 [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc C:\Windows\System32\gpsvc.dll
09:13:10.0452 0x16e8 gpsvc - ok
09:13:10.0514 0x16e8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:10.0545 0x16e8 gupdate - ok
09:13:10.0545 0x16e8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:10.0545 0x16e8 gupdatem - ok
09:13:10.0577 0x16e8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:13:10.0624 0x16e8 HdAudAddService - ok
09:13:10.0655 0x16e8 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
09:13:10.0686 0x16e8 HDAudBus - ok
09:13:10.0702 0x16e8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
09:13:10.0749 0x16e8 HidBatt - ok
09:13:10.0764 0x16e8 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
09:13:10.0795 0x16e8 HidBth - ok
09:13:10.0795 0x16e8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
09:13:10.0811 0x16e8 hidi2c - ok
09:13:10.0827 0x16e8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
09:13:10.0858 0x16e8 HidIr - ok
09:13:10.0889 0x16e8 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
09:13:10.0905 0x16e8 hidserv - ok
09:13:10.0921 0x16e8 [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
09:13:10.0936 0x16e8 HidUsb - ok
09:13:10.0983 0x16e8 [ 760B03AE5E3244E22FFC3C1AE1F5264A, 1D926E28B95394C211CC29B898ECF3C3E19814EF4D09B04DBF9BDFB2596BD1AB ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
09:13:10.0999 0x16e8 HitmanProScheduler - ok
09:13:11.0030 0x16e8 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:13:11.0077 0x16e8 hkmsvc - ok
09:13:11.0108 0x16e8 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:13:11.0186 0x16e8 HomeGroupListener - ok
09:13:11.0233 0x16e8 [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:13:11.0295 0x16e8 HomeGroupProvider - ok
09:13:11.0311 0x16e8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:13:11.0327 0x16e8 HpSAMD - ok
09:13:11.0358 0x16e8 [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:13:11.0389 0x16e8 HTTP - ok
09:13:11.0405 0x16e8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:13:11.0405 0x16e8 hwpolicy - ok
09:13:11.0420 0x16e8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
09:13:11.0436 0x16e8 hyperkbd - ok
09:13:11.0452 0x16e8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
09:13:11.0467 0x16e8 HyperVideo - ok
09:13:11.0483 0x16e8 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
09:13:11.0499 0x16e8 i8042prt - ok
09:13:11.0499 0x16e8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
09:13:11.0514 0x16e8 iaLPSSi_GPIO - ok
09:13:11.0514 0x16e8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
09:13:11.0530 0x16e8 iaLPSSi_I2C - ok
09:13:11.0545 0x16e8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
09:13:11.0561 0x16e8 iaStorAV - ok
09:13:11.0577 0x16e8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:13:11.0592 0x16e8 iaStorV - ok
09:13:11.0592 0x16e8 IEEtwCollectorService - ok
09:13:11.0624 0x16e8 [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT C:\Windows\System32\ikeext.dll
09:13:11.0655 0x16e8 IKEEXT - ok
09:13:11.0702 0x16e8 [ 49E73AB19378230BBCD1209D44165EA7, 69CBEA08F18FC80F8CC1BAF0BE88BFEDF572489CE65EEBE8CEF023DA00DCFD5E ] inspect C:\Windows\system32\DRIVERS\inspect.sys
09:13:11.0702 0x16e8 inspect - ok
09:13:11.0702 0x16e8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
09:13:11.0717 0x16e8 intelide - ok
09:13:11.0749 0x16e8 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\Windows\system32\drivers\intelpep.sys
09:13:11.0780 0x16e8 intelpep - ok
09:13:11.0795 0x16e8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
09:13:11.0827 0x16e8 intelppm - ok
09:13:11.0842 0x16e8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:13:11.0889 0x16e8 IpFilterDriver - ok
09:13:11.0936 0x16e8 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:13:11.0983 0x16e8 iphlpsvc - ok
09:13:11.0983 0x16e8 [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
09:13:11.0999 0x16e8 IPMIDRV - ok
09:13:12.0030 0x16e8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:13:12.0077 0x16e8 IPNAT - ok
09:13:12.0092 0x16e8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:13:12.0155 0x16e8 IRENUM - ok
09:13:12.0170 0x16e8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:13:12.0186 0x16e8 isapnp - ok
09:13:12.0217 0x16e8 [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
09:13:12.0249 0x16e8 iScsiPrt - ok
09:13:12.0264 0x16e8 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
09:13:12.0264 0x16e8 kbdclass - ok
09:13:12.0264 0x16e8 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
09:13:12.0280 0x16e8 kbdhid - ok
09:13:12.0296 0x16e8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
09:13:12.0296 0x16e8 kdnic - ok
09:13:12.0311 0x16e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
09:13:12.0327 0x16e8 KeyIso - ok
09:13:12.0342 0x16e8 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:13:12.0342 0x16e8 KSecDD - ok
09:13:12.0358 0x16e8 [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:13:12.0374 0x16e8 KSecPkg - ok
09:13:12.0374 0x16e8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:13:12.0389 0x16e8 ksthunk - ok
09:13:12.0420 0x16e8 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:13:12.0436 0x16e8 KtmRm - ok
09:13:12.0467 0x16e8 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\Windows\system32\srvsvc.dll
09:13:12.0499 0x16e8 LanmanServer - ok
09:13:12.0530 0x16e8 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:13:12.0546 0x16e8 LanmanWorkstation - ok
09:13:12.0577 0x16e8 [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
09:13:12.0608 0x16e8 lfsvc - ok
09:13:12.0624 0x16e8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:13:12.0639 0x16e8 lltdio - ok
09:13:12.0655 0x16e8 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:13:12.0670 0x16e8 lltdsvc - ok
09:13:12.0686 0x16e8 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:13:12.0702 0x16e8 lmhosts - ok
09:13:12.0717 0x16e8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:13:12.0733 0x16e8 LSI_SAS - ok
09:13:12.0733 0x16e8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:13:12.0749 0x16e8 LSI_SAS2 - ok
09:13:12.0749 0x16e8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
09:13:12.0749 0x16e8 LSI_SAS3 - ok
09:13:12.0764 0x16e8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
09:13:12.0764 0x16e8 LSI_SSS - ok
09:13:12.0795 0x16e8 [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM C:\Windows\System32\lsm.dll
09:13:12.0827 0x16e8 LSM - ok
09:13:12.0842 0x16e8 [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv C:\Windows\system32\drivers\luafv.sys
09:13:12.0858 0x16e8 luafv - ok
09:13:12.0858 0x16e8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
09:13:12.0874 0x16e8 megasas - ok
09:13:12.0905 0x16e8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
09:13:12.0920 0x16e8 megasr - ok
09:13:12.0936 0x16e8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
09:13:12.0952 0x16e8 MMCSS - ok
09:13:12.0967 0x16e8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
09:13:12.0987 0x16e8 Modem - ok
09:13:13.0011 0x16e8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
09:13:13.0028 0x16e8 monitor - ok
09:13:13.0039 0x16e8 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
09:13:13.0047 0x16e8 mouclass - ok
09:13:13.0052 0x16e8 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
09:13:13.0062 0x16e8 mouhid - ok
09:13:13.0069 0x16e8 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:13:13.0078 0x16e8 mountmgr - ok
09:13:13.0086 0x16e8 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:13:13.0107 0x16e8 mpsdrv - ok
09:13:13.0152 0x16e8 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:13:13.0193 0x16e8 MpsSvc - ok
09:13:13.0217 0x16e8 [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:13:13.0234 0x16e8 MRxDAV - ok
09:13:13.0260 0x16e8 [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:13:13.0287 0x16e8 mrxsmb - ok
09:13:13.0300 0x16e8 [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:13:13.0337 0x16e8 mrxsmb10 - ok
09:13:13.0349 0x16e8 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:13:13.0373 0x16e8 mrxsmb20 - ok
09:13:13.0384 0x16e8 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
09:13:13.0410 0x16e8 MsBridge - ok
09:13:13.0421 0x16e8 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
09:13:13.0434 0x16e8 MSDTC - ok
09:13:13.0449 0x16e8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:13:13.0482 0x16e8 Msfs - ok
09:13:13.0502 0x16e8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
09:13:13.0517 0x16e8 msgpiowin32 - ok
09:13:13.0520 0x16e8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:13:13.0532 0x16e8 mshidkmdf - ok
09:13:13.0535 0x16e8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
09:13:13.0553 0x16e8 mshidumdf - ok
09:13:13.0569 0x16e8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:13:13.0579 0x16e8 msisadrv - ok
09:13:13.0598 0x16e8 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:13:13.0614 0x16e8 MSiSCSI - ok
09:13:13.0617 0x16e8 msiserver - ok
09:13:13.0636 0x16e8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:13:13.0662 0x16e8 MSKSSRV - ok
09:13:13.0677 0x16e8 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
09:13:13.0713 0x16e8 MsLldp - ok
09:13:13.0717 0x16e8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:13:13.0728 0x16e8 MSPCLOCK - ok
09:13:13.0745 0x16e8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:13:13.0765 0x16e8 MSPQM - ok
09:13:13.0790 0x16e8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:13:13.0809 0x16e8 MsRPC - ok
09:13:13.0814 0x16e8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
09:13:13.0822 0x16e8 mssmbios - ok
09:13:13.0825 0x16e8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:13:13.0847 0x16e8 MSTEE - ok
09:13:13.0869 0x16e8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
09:13:13.0885 0x16e8 MTConfig - ok
09:13:13.0898 0x16e8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
09:13:13.0907 0x16e8 Mup - ok
09:13:13.0910 0x16e8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
09:13:13.0920 0x16e8 mvumis - ok
09:13:13.0961 0x16e8 mysql - ok
09:13:13.0990 0x16e8 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
09:13:14.0008 0x16e8 napagent - ok
09:13:14.0041 0x16e8 [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:13:14.0070 0x16e8 NativeWifiP - ok
09:13:14.0093 0x16e8 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
09:13:14.0140 0x16e8 NcaSvc - ok
09:13:14.0166 0x16e8 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
09:13:14.0208 0x16e8 NcbService - ok
09:13:14.0221 0x16e8 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
09:13:14.0304 0x16e8 NcdAutoSetup - ok
09:13:14.0355 0x16e8 [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:13:14.0384 0x16e8 NDIS - ok
09:13:14.0398 0x16e8 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:13:14.0418 0x16e8 NdisCap - ok
09:13:14.0438 0x16e8 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
09:13:14.0462 0x16e8 NdisImPlatform - ok
09:13:14.0476 0x16e8 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:13:14.0504 0x16e8 NdisTapi - ok
09:13:14.0516 0x16e8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:13:14.0538 0x16e8 Ndisuio - ok
09:13:14.0552 0x16e8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
09:13:14.0566 0x16e8 NdisVirtualBus - ok
09:13:14.0581 0x16e8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:13:14.0614 0x16e8 NdisWan - ok
09:13:14.0620 0x16e8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
09:13:14.0633 0x16e8 NdisWanLegacy - ok
09:13:14.0636 0x16e8 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:13:14.0648 0x16e8 NDProxy - ok
09:13:14.0651 0x16e8 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
09:13:14.0663 0x16e8 Ndu - ok
09:13:14.0679 0x16e8 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:13:14.0700 0x16e8 NetBIOS - ok
09:13:14.0721 0x16e8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:13:14.0759 0x16e8 NetBT - ok
09:13:14.0770 0x16e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
09:13:14.0780 0x16e8 Netlogon - ok
09:13:14.0802 0x16e8 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
09:13:14.0831 0x16e8 Netman - ok
09:13:14.0856 0x16e8 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
09:13:14.0889 0x16e8 netprofm - ok
09:13:14.0912 0x16e8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:13:14.0922 0x16e8 NetTcpPortSharing - ok
09:13:14.0929 0x16e8 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
09:13:14.0947 0x16e8 netvsc - ok
09:13:14.0962 0x16e8 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:13:14.0977 0x16e8 NlaSvc - ok
09:13:15.0009 0x16e8 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
09:13:15.0024 0x16e8 NPF - ok
09:13:15.0040 0x16e8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:13:15.0056 0x16e8 Npfs - ok
09:13:15.0071 0x16e8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
09:13:15.0087 0x16e8 npsvctrig - ok
09:13:15.0102 0x16e8 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
09:13:15.0134 0x16e8 nsi - ok
09:13:15.0134 0x16e8 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:13:15.0149 0x16e8 nsiproxy - ok
09:13:15.0243 0x16e8 [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:13:15.0290 0x16e8 Ntfs - ok
09:13:15.0306 0x16e8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
09:13:15.0321 0x16e8 Null - ok
09:13:15.0602 0x16e8 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:13:15.0790 0x16e8 nvlddmkm - ok
09:13:15.0837 0x16e8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:13:15.0868 0x16e8 nvraid - ok
09:13:15.0868 0x16e8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:13:15.0884 0x16e8 nvstor - ok
09:13:15.0946 0x16e8 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\Windows\system32\nvvsvc.exe
09:13:16.0009 0x16e8 nvsvc - ok
09:13:16.0056 0x16e8 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:13:16.0087 0x16e8 nvUpdatusService - ok
09:13:16.0087 0x16e8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:13:16.0102 0x16e8 nv_agp - ok
09:13:16.0118 0x16e8 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:13:16.0134 0x16e8 ose - ok
09:13:16.0165 0x16e8 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:13:16.0196 0x16e8 p2pimsvc - ok
09:13:16.0212 0x16e8 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
09:13:16.0243 0x16e8 p2psvc - ok
09:13:16.0290 0x16e8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
09:13:16.0318 0x16e8 Parport - ok
09:13:16.0330 0x16e8 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:13:16.0340 0x16e8 partmgr - ok
09:13:16.0388 0x16e8 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:13:16.0406 0x16e8 PcaSvc - ok
09:13:16.0426 0x16e8 [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci C:\Windows\system32\drivers\pci.sys
09:13:16.0440 0x16e8 pci - ok
09:13:16.0445 0x16e8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
09:13:16.0453 0x16e8 pciide - ok
09:13:16.0468 0x16e8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:13:16.0477 0x16e8 pcmcia - ok
09:13:16.0493 0x16e8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
09:13:16.0502 0x16e8 pcw - ok
09:13:16.0526 0x16e8 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\Windows\system32\drivers\pdc.sys
09:13:16.0534 0x16e8 pdc - ok
09:13:16.0556 0x16e8 [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:13:16.0599 0x16e8 PEAUTH - ok
09:13:16.0656 0x16e8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:13:16.0676 0x16e8 PerfHost - ok
09:13:16.0732 0x16e8 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
09:13:16.0772 0x16e8 pla - ok
09:13:16.0785 0x16e8 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:13:16.0801 0x16e8 PlugPlay - ok
09:13:16.0813 0x16e8 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:13:16.0836 0x16e8 PNRPAutoReg - ok
09:13:16.0860 0x16e8 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:13:16.0875 0x16e8 PNRPsvc - ok
09:13:16.0896 0x16e8 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:13:16.0921 0x16e8 PolicyAgent - ok
09:13:16.0939 0x16e8 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
09:13:16.0963 0x16e8 Power - ok
09:13:17.0082 0x16e8 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:13:17.0199 0x16e8 PrintNotify - ok
09:13:17.0214 0x16e8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
09:13:17.0236 0x16e8 Processor - ok
09:13:17.0259 0x16e8 [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc C:\Windows\system32\profsvc.dll
09:13:17.0271 0x16e8 ProfSvc - ok
09:13:17.0281 0x16e8 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:13:17.0304 0x16e8 Psched - ok
09:13:17.0319 0x16e8 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
09:13:17.0344 0x16e8 QWAVE - ok
09:13:17.0368 0x16e8 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:13:17.0379 0x16e8 QWAVEdrv - ok
09:13:17.0390 0x16e8 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:13:17.0401 0x16e8 RasAcd - ok
09:13:17.0411 0x16e8 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
09:13:17.0437 0x16e8 RasAuto - ok
09:13:17.0460 0x16e8 [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan C:\Windows\System32\rasmans.dll
09:13:17.0493 0x16e8 RasMan - ok
09:13:17.0497 0x16e8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:13:17.0517 0x16e8 RasPppoe - ok
09:13:17.0532 0x16e8 [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:13:17.0548 0x16e8 rdbss - ok
09:13:17.0561 0x16e8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
09:13:17.0579 0x16e8 rdpbus - ok
09:13:17.0589 0x16e8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:13:17.0600 0x16e8 RDPDR - ok
09:13:17.0606 0x16e8 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:13:17.0615 0x16e8 RdpVideoMiniport - ok
09:13:17.0682 0x16e8 [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:13:17.0720 0x16e8 rdyboost - ok
09:13:17.0758 0x16e8 [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
09:13:17.0791 0x16e8 ReFS - ok
09:13:17.0816 0x16e8 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:13:17.0839 0x16e8 RemoteAccess - ok
09:13:17.0857 0x16e8 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:13:17.0875 0x16e8 RemoteRegistry - ok
09:13:17.0900 0x16e8 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
09:13:17.0907 0x16e8 rpcapd - ok
09:13:17.0918 0x16e8 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:13:17.0938 0x16e8 RpcEptMapper - ok
09:13:17.0949 0x16e8 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
09:13:17.0974 0x16e8 RpcLocator - ok
09:13:18.0005 0x16e8 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs C:\Windows\system32\rpcss.dll
09:13:18.0028 0x16e8 RpcSs - ok
09:13:18.0039 0x16e8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:13:18.0071 0x16e8 rspndr - ok
09:13:18.0109 0x16e8 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
09:13:18.0155 0x16e8 RTL8168 - ok
09:13:18.0166 0x16e8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
09:13:18.0193 0x16e8 s3cap - ok
09:13:18.0203 0x16e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
09:13:18.0212 0x16e8 SamSs - ok
09:13:18.0228 0x16e8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:13:18.0237 0x16e8 sbp2port - ok
09:13:18.0248 0x16e8 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:13:18.0264 0x16e8 SCardSvr - ok
09:13:18.0269 0x16e8 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
09:13:18.0295 0x16e8 ScDeviceEnum - ok
09:13:18.0304 0x16e8 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:13:18.0315 0x16e8 scfilter - ok
09:13:18.0350 0x16e8 [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule C:\Windows\system32\schedsvc.dll
09:13:18.0395 0x16e8 Schedule - ok
09:13:18.0413 0x16e8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:13:18.0426 0x16e8 SCPolicySvc - ok
09:13:18.0457 0x16e8 [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus C:\Windows\System32\drivers\sdbus.sys
09:13:18.0470 0x16e8 sdbus - ok
09:13:18.0482 0x16e8 [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor C:\Windows\System32\drivers\sdstor.sys
09:13:18.0490 0x16e8 sdstor - ok
09:13:18.0500 0x16e8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:13:18.0517 0x16e8 secdrv - ok
09:13:18.0534 0x16e8 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
09:13:18.0560 0x16e8 seclogon - ok
09:13:18.0577 0x16e8 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
09:13:18.0606 0x16e8 SENS - ok
09:13:18.0619 0x16e8 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:13:18.0634 0x16e8 SensrSvc - ok
09:13:18.0638 0x16e8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
09:13:18.0648 0x16e8 SerCx - ok
09:13:18.0680 0x16e8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
09:13:18.0690 0x16e8 SerCx2 - ok
09:13:18.0702 0x16e8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
09:13:18.0721 0x16e8 Serenum - ok
09:13:18.0741 0x16e8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
09:13:18.0763 0x16e8 Serial - ok
09:13:18.0778 0x16e8 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
09:13:18.0800 0x16e8 sermouse - ok
09:13:18.0828 0x16e8 [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv C:\Windows\system32\sessenv.dll
09:13:18.0855 0x16e8 SessionEnv - ok
09:13:18.0886 0x16e8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
09:13:18.0907 0x16e8 sfloppy - ok
09:13:18.0932 0x16e8 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:13:18.0972 0x16e8 SharedAccess - ok
09:13:19.0033 0x16e8 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:13:19.0080 0x16e8 ShellHWDetection - ok
09:13:19.0095 0x16e8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:13:19.0104 0x16e8 SiSRaid2 - ok
09:13:19.0122 0x16e8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:13:19.0132 0x16e8 SiSRaid4 - ok
09:13:19.0142 0x16e8 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
09:13:19.0158 0x16e8 smphost - ok
09:13:19.0173 0x16e8 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:13:19.0188 0x16e8 SNMPTRAP - ok
09:13:19.0221 0x16e8 [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport C:\Windows\system32\drivers\spaceport.sys
09:13:19.0235 0x16e8 spaceport - ok
09:13:19.0249 0x16e8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
09:13:19.0259 0x16e8 SpbCx - ok
09:13:19.0285 0x16e8 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\Windows\System32\spoolsv.exe
09:13:19.0307 0x16e8 Spooler - ok
09:13:19.0465 0x16e8 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc C:\Windows\system32\sppsvc.exe
09:13:19.0649 0x16e8 sppsvc - ok
09:13:19.0674 0x16e8 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:13:19.0702 0x16e8 srv - ok
09:13:19.0728 0x16e8 [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:13:19.0748 0x16e8 srv2 - ok
09:13:19.0764 0x16e8 [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:13:19.0789 0x16e8 srvnet - ok
09:13:19.0803 0x16e8 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:13:19.0837 0x16e8 SSDPSRV - ok
09:13:19.0852 0x16e8 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:13:19.0874 0x16e8 SstpSvc - ok
09:13:19.0923 0x16e8 [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:13:19.0935 0x16e8 Stereo Service - ok
09:13:19.0959 0x16e8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:13:19.0967 0x16e8 stexstor - ok
09:13:20.0013 0x16e8 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
09:13:20.0040 0x16e8 stisvc - ok
09:13:20.0049 0x16e8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
09:13:20.0058 0x16e8 storahci - ok
09:13:20.0070 0x16e8 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
09:13:20.0079 0x16e8 storflt - ok
09:13:20.0104 0x16e8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
09:13:20.0112 0x16e8 stornvme - ok
09:13:20.0125 0x16e8 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
09:13:20.0135 0x16e8 StorSvc - ok
09:13:20.0144 0x16e8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:13:20.0153 0x16e8 storvsc - ok
09:13:20.0163 0x16e8 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
09:13:20.0187 0x16e8 svsvc - ok
09:13:20.0198 0x16e8 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
09:13:20.0205 0x16e8 swenum - ok
09:13:20.0232 0x16e8 [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv C:\Windows\System32\swprv.dll
09:13:20.0259 0x16e8 swprv - ok
09:13:20.0336 0x16e8 [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain C:\Windows\system32\sysmain.dll
09:13:20.0388 0x16e8 SysMain - ok
09:13:20.0425 0x16e8 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:13:20.0466 0x16e8 SystemEventsBroker - ok
09:13:20.0479 0x16e8 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
09:13:20.0495 0x16e8 TabletInputService - ok
09:13:20.0510 0x16e8 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:13:20.0539 0x16e8 TapiSrv - ok
09:13:20.0619 0x16e8 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:13:20.0673 0x16e8 Tcpip - ok
09:13:20.0728 0x16e8 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:13:20.0782 0x16e8 TCPIP6 - ok
09:13:20.0802 0x16e8 [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:13:20.0834 0x16e8 tcpipreg - ok
09:13:20.0848 0x16e8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:13:20.0879 0x16e8 tdx - ok
09:13:21.0037 0x16e8 [ 5EA4CFD8443E2052055F5DD5B49DD071, F93D567BD6110830C36FD8A650F639D516FD20C88769A941FA4F4E4DB48C52A1 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
09:13:21.0121 0x16e8 TeamViewer9 - ok
09:13:21.0131 0x16e8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
09:13:21.0139 0x16e8 terminpt - ok
09:13:21.0178 0x16e8 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
09:13:21.0236 0x16e8 TermService - ok
09:13:21.0248 0x16e8 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
09:13:21.0274 0x16e8 Themes - ok
09:13:21.0305 0x16e8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
09:13:21.0321 0x16e8 THREADORDER - ok
09:13:21.0344 0x16e8 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
09:13:21.0392 0x16e8 TimeBroker - ok
09:13:21.0416 0x16e8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
09:13:21.0431 0x16e8 TPM - ok
09:13:21.0442 0x16e8 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
09:13:21.0455 0x16e8 TrkWks - ok
09:13:21.0496 0x16e8 [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:13:21.0515 0x16e8 TrustedInstaller - ok
09:13:21.0533 0x16e8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:13:21.0544 0x16e8 TsUsbFlt - ok
09:13:21.0554 0x16e8 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
09:13:21.0573 0x16e8 TsUsbGD - ok
09:13:21.0593 0x16e8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:13:21.0626 0x16e8 tunnel - ok
09:13:21.0638 0x16e8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:13:21.0650 0x16e8 uagp35 - ok
09:13:21.0660 0x16e8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
09:13:21.0673 0x16e8 UASPStor - ok
09:13:21.0696 0x16e8 [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
09:13:21.0707 0x16e8 UCX01000 - ok
09:13:21.0718 0x16e8 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:13:21.0742 0x16e8 udfs - ok
09:13:21.0753 0x16e8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
09:13:21.0761 0x16e8 UEFI - ok
09:13:21.0786 0x16e8 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:13:21.0817 0x16e8 UI0Detect - ok
09:13:21.0843 0x16e8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:13:21.0852 0x16e8 uliagpkx - ok
09:13:21.0888 0x16e8 [ 694BCF23662F97D987CF4C6739C35F8B, 6D7D57785C8F968514FAB383732F9E2FB15349369D17E3BD1C438B5E95EBD388 ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
09:13:21.0901 0x16e8 UltraMonUtility - ok
09:13:21.0919 0x16e8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
09:13:21.0960 0x16e8 umbus - ok
09:13:21.0980 0x16e8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
09:13:21.0998 0x16e8 UmPass - ok
09:13:22.0017 0x16e8 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
09:13:22.0055 0x16e8 UmRdpService - ok
09:13:22.0076 0x16e8 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
09:13:22.0107 0x16e8 upnphost - ok
09:13:22.0130 0x16e8 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
09:13:22.0155 0x16e8 usbccgp - ok
09:13:22.0170 0x16e8 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
09:13:22.0199 0x16e8 usbcir - ok
09:13:22.0214 0x16e8 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\Windows\System32\drivers\usbehci.sys
09:13:22.0223 0x16e8 usbehci - ok
09:13:22.0244 0x16e8 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\Windows\System32\drivers\usbhub.sys
09:13:22.0260 0x16e8 usbhub - ok
09:13:22.0282 0x16e8 [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
09:13:22.0299 0x16e8 USBHUB3 - ok
09:13:22.0309 0x16e8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
09:13:22.0319 0x16e8 usbohci - ok
09:13:22.0332 0x16e8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
09:13:22.0341 0x16e8 usbprint - ok
09:13:22.0378 0x16e8 [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
09:13:22.0388 0x16e8 USBSTOR - ok
09:13:22.0401 0x16e8 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
09:13:22.0410 0x16e8 usbuhci - ok
09:13:22.0439 0x16e8 [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
09:13:22.0451 0x16e8 USBXHCI - ok
09:13:22.0473 0x16e8 [ 102F170CF0F5304ACF7FB663B7ADB5E0, 9EBC79F56131FC030B013BA4913FDF0D31746E8DE07556F56F64D63407194518 ] V0330VID C:\Windows\system32\DRIVERS\V0330Vid.sys
09:13:22.0497 0x16e8 V0330VID - ok
09:13:22.0520 0x16e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
09:13:22.0529 0x16e8 VaultSvc - ok
09:13:22.0584 0x16e8 [ 8DB40EB504AE9C10558675035B4B4A4A, B998BF9E358B6E7603BA765F6C55A387CEFE94D52D29B31EC6AB01210D52A338 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
09:13:22.0607 0x16e8 VBoxDrv - ok
09:13:22.0623 0x16e8 [ 9C24F61B36E7305AC42DC41881A2C97C, 4800D9517D2AE7772784BC2E8A85F4516A1483B9A2F7C3FE96DFC65CD3089E06 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
09:13:22.0632 0x16e8 VBoxNetAdp - ok
09:13:22.0650 0x16e8 [ 4B3B9912BBA05473BE94E61334971858, D7AA4FF319310E15D93B4B32B050F42E3386F4ABF50DAC0FF9B8FA1C0BD3EDFE ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
09:13:22.0658 0x16e8 VBoxNetFlt - ok
09:13:22.0667 0x16e8 [ DD8F22BA8DD0F2A9A1D5D93023441FE0, 6A66FB19459955941559B4DFFC9CD93359EADDB5EA26DFEE5B4C8773FCA0A942 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
09:13:22.0674 0x16e8 VBoxUSBMon - ok
09:13:22.0685 0x16e8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:13:22.0693 0x16e8 vdrvroot - ok
09:13:22.0725 0x16e8 [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds C:\Windows\System32\vds.exe
09:13:22.0775 0x16e8 vds - ok
09:13:22.0807 0x16e8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
09:13:22.0835 0x16e8 VerifierExt - ok
09:13:22.0862 0x16e8 [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
09:13:22.0883 0x16e8 vhdmp - ok
09:13:22.0899 0x16e8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
09:13:22.0907 0x16e8 viaide - ok
09:13:22.0920 0x16e8 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:13:22.0930 0x16e8 vmbus - ok
09:13:22.0938 0x16e8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
09:13:22.0947 0x16e8 VMBusHID - ok
09:13:22.0977 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
09:13:22.0995 0x16e8 vmicguestinterface - ok
09:13:23.0005 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
09:13:23.0022 0x16e8 vmicheartbeat - ok
09:13:23.0032 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
09:13:23.0048 0x16e8 vmickvpexchange - ok
09:13:23.0058 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
09:13:23.0074 0x16e8 vmicrdv - ok
09:13:23.0083 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
09:13:23.0100 0x16e8 vmicshutdown - ok
09:13:23.0111 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
09:13:23.0127 0x16e8 vmictimesync - ok
09:13:23.0138 0x16e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
09:13:23.0154 0x16e8 vmicvss - ok
09:13:23.0166 0x16e8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:13:23.0175 0x16e8 volmgr - ok
09:13:23.0194 0x16e8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:13:23.0209 0x16e8 volmgrx - ok
09:13:23.0227 0x16e8 [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:13:23.0242 0x16e8 volsnap - ok
09:13:23.0251 0x16e8 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
09:13:23.0260 0x16e8 vpci - ok
09:13:23.0273 0x16e8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:13:23.0284 0x16e8 vsmraid - ok
09:13:23.0317 0x16e8 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS C:\Windows\system32\vssvc.exe
09:13:23.0366 0x16e8 VSS - ok
09:13:23.0374 0x16e8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
09:13:23.0388 0x16e8 VSTXRAID - ok
09:13:23.0401 0x16e8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:13:23.0425 0x16e8 vwifibus - ok
09:13:23.0458 0x16e8 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
09:13:23.0493 0x16e8 W32Time - ok
09:13:23.0505 0x16e8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
09:13:23.0527 0x16e8 WacomPen - ok
09:13:23.0563 0x16e8 [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine C:\Windows\system32\wbengine.exe
09:13:23.0601 0x16e8 wbengine - ok
09:13:23.0621 0x16e8 [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:13:23.0659 0x16e8 WbioSrvc - ok
09:13:23.0691 0x16e8 [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
09:13:23.0730 0x16e8 Wcmsvc - ok
09:13:23.0761 0x16e8 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:13:23.0781 0x16e8 wcncsvc - ok
09:13:23.0793 0x16e8 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:13:23.0822 0x16e8 WcsPlugInService - ok
09:13:23.0832 0x16e8 [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
09:13:23.0840 0x16e8 WdBoot - ok
09:13:23.0875 0x16e8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:13:23.0897 0x16e8 Wdf01000 - ok
09:13:23.0917 0x16e8 [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
09:13:23.0929 0x16e8 WdFilter - ok
09:13:23.0947 0x16e8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:13:23.0973 0x16e8 WdiServiceHost - ok
09:13:23.0976 0x16e8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:13:23.0991 0x16e8 WdiSystemHost - ok
09:13:24.0006 0x16e8 [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
09:13:24.0016 0x16e8 WdNisDrv - ok
09:13:24.0035 0x16e8 WdNisSvc - ok
09:13:24.0050 0x16e8 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\Windows\System32\webclnt.dll
09:13:24.0069 0x16e8 WebClient - ok
09:13:24.0080 0x16e8 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
09:13:24.0107 0x16e8 Wecsvc - ok
09:13:24.0118 0x16e8 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
09:13:24.0132 0x16e8 WEPHOSTSVC - ok
09:13:24.0146 0x16e8 [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:13:24.0164 0x16e8 wercplsupport - ok
09:13:24.0180 0x16e8 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc C:\Windows\System32\WerSvc.dll
09:13:24.0212 0x16e8 WerSvc - ok
09:13:24.0230 0x16e8 [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
09:13:24.0240 0x16e8 WFPLWFS - ok
09:13:24.0250 0x16e8 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
09:13:24.0273 0x16e8 WiaRpc - ok
09:13:24.0282 0x16e8 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:13:24.0291 0x16e8 WIMMount - ok
09:13:24.0293 0x16e8 WinDefend - ok
09:13:24.0326 0x16e8 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:13:24.0350 0x16e8 WinHttpAutoProxySvc - ok
09:13:24.0380 0x16e8 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:13:24.0394 0x16e8 Winmgmt - ok
09:13:24.0468 0x16e8 [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM C:\Windows\system32\WsmSvc.dll
09:13:24.0556 0x16e8 WinRM - ok
09:13:24.0582 0x16e8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:13:24.0593 0x16e8 WinUsb - ok
09:13:24.0653 0x16e8 [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc C:\Windows\System32\wlansvc.dll
09:13:24.0739 0x16e8 WlanSvc - ok
09:13:24.0795 0x16e8 [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc C:\Windows\system32\wlidsvc.dll
09:13:24.0832 0x16e8 wlidsvc - ok
09:13:24.0841 0x16e8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
09:13:24.0849 0x16e8 WmiAcpi - ok
09:13:24.0874 0x16e8 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:13:24.0886 0x16e8 wmiApSrv - ok
09:13:24.0901 0x16e8 WMPNetworkSvc - ok
09:13:24.0974 0x16e8 [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
09:13:25.0026 0x16e8 workfolderssvc - ok
09:13:25.0047 0x16e8 [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
09:13:25.0056 0x16e8 wpcfltr - ok
09:13:25.0079 0x16e8 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:13:25.0099 0x16e8 WPCSvc - ok
09:13:25.0116 0x16e8 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:13:25.0129 0x16e8 WPDBusEnum - ok
09:13:25.0136 0x16e8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
09:13:25.0144 0x16e8 WpdUpFltr - ok
09:13:25.0148 0x16e8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:13:25.0167 0x16e8 ws2ifsl - ok
09:13:25.0181 0x16e8 [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc C:\Windows\System32\wscsvc.dll
09:13:25.0196 0x16e8 wscsvc - ok
09:13:25.0199 0x16e8 WSearch - ok
09:13:25.0290 0x16e8 [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService C:\Windows\System32\WSService.dll
09:13:25.0363 0x16e8 WSService - ok
09:13:25.0439 0x16e8 [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv C:\Windows\system32\wuaueng.dll
09:13:25.0549 0x16e8 wuauserv - ok
09:13:25.0560 0x16e8 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:13:25.0583 0x16e8 WudfPf - ok
09:13:25.0604 0x16e8 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
09:13:25.0627 0x16e8 WUDFRd - ok
09:13:25.0633 0x16e8 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:25.0645 0x16e8 WUDFSensorLP - ok
09:13:25.0660 0x16e8 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:13:25.0683 0x16e8 wudfsvc - ok
09:13:25.0696 0x16e8 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:25.0708 0x16e8 WUDFWpdFs - ok
09:13:25.0714 0x16e8 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:25.0726 0x16e8 WUDFWpdMtp - ok
09:13:25.0741 0x16e8 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
09:13:25.0781 0x16e8 WwanSvc - ok
09:13:25.0788 0x16e8 ================ Scan global ===============================
09:13:25.0812 0x16e8 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
09:13:25.0830 0x16e8 [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\Windows\system32\winsrv.dll
09:13:25.0847 0x16e8 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
09:13:25.0866 0x16e8 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\system32\services.exe
09:13:25.0874 0x16e8 [ Global ] - ok
09:13:25.0875 0x16e8 ================ Scan MBR ==================================
09:13:25.0879 0x16e8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:13:25.0957 0x16e8 \Device\Harddisk0\DR0 - ok
09:13:25.0963 0x16e8 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR3
09:13:26.0107 0x16e8 \Device\Harddisk2\DR3 - ok
09:13:26.0107 0x16e8 ================ Scan VBR ==================================
09:13:26.0133 0x16e8 [ 14B984C89DA08C2F8C2D9BD86ED69376 ] \Device\Harddisk0\DR0\Partition1
09:13:26.0135 0x16e8 \Device\Harddisk0\DR0\Partition1 - ok
09:13:26.0147 0x16e8 [ 1C91CDFE7A4EF721C6816FD4863F2661 ] \Device\Harddisk0\DR0\Partition2
09:13:26.0148 0x16e8 \Device\Harddisk0\DR0\Partition2 - ok
09:13:26.0156 0x16e8 [ 6DF1CFDFF8B11C21510606B766A94BF3 ] \Device\Harddisk0\DR0\Partition3
09:13:26.0156 0x16e8 \Device\Harddisk0\DR0\Partition3 - ok
09:13:26.0167 0x16e8 [ E12FE0FF7A31BC0F407B7735F466F795 ] \Device\Harddisk0\DR0\Partition4
09:13:26.0171 0x16e8 \Device\Harddisk0\DR0\Partition4 - ok
09:13:26.0191 0x16e8 [ BC3E089144E7FF2E7F6B2BC5CE58EB99 ] \Device\Harddisk0\DR0\Partition5
09:13:26.0193 0x16e8 \Device\Harddisk0\DR0\Partition5 - ok
09:13:26.0211 0x16e8 [ BA20954FE95DDF079AB8DCA41BB071F2 ] \Device\Harddisk0\DR0\Partition6
09:13:26.0249 0x16e8 \Device\Harddisk0\DR0\Partition6 - ok
09:13:26.0254 0x16e8 [ 567632BE1C6AC046F47D40E2478C5EDA ] \Device\Harddisk2\DR3\Partition1
09:13:26.0259 0x16e8 \Device\Harddisk2\DR3\Partition1 - ok
09:13:26.0354 0x16e8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
09:13:26.0355 0x16e8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2006.159 ), 0x41000 ( enabled : updated )
09:13:26.0381 0x16e8 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 6.3.38526.2970 ), 0x61010 ( enabled )
09:13:28.0888 0x16e8 ============================================================
09:13:28.0888 0x16e8 Scan finished
09:13:28.0888 0x16e8 ============================================================
09:13:28.0909 0x0820 Detected object count: 2
09:13:28.0909 0x0820 Actual detected object count: 2
09:13:53.0916 0x0820 C:\xampp\apache\bin\httpd.exe - copied to quarantine
09:13:53.0947 0x0820 Apache2.4 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:13:54.0041 0x0820 C:\xampp\filezillaftp\filezillaserver.exe - copied to quarantine
09:13:54.0057 0x0820 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:14:22.0583 0x00ec Deinitialize success

justblack 09.02.2014 09:24
und der Dritte nach Neustart des Systems:
3.)Log:09:16:31.0619 0x1188 TDSS rootkit removing tool 3.0.0.22 Feb 3 2014 16:45:35
09:16:31.0619 0x1188 UEFI system
09:16:38.0636 0x1188 ============================================================
09:16:38.0636 0x1188 Current date / time: 2014/02/09 09:16:38.0636
09:16:38.0636 0x1188 SystemInfo:
09:16:38.0636 0x1188
09:16:38.0636 0x1188 OS Version: 6.3.9600 ServicePack: 0.0
09:16:38.0636 0x1188 Product type: Workstation
09:16:38.0636 0x1188 ComputerName: SCHULE
09:16:38.0636 0x1188 UserName: frank
09:16:38.0636 0x1188 Windows directory: C:\Windows
09:16:38.0636 0x1188 System windows directory: C:\Windows
09:16:38.0636 0x1188 Running under WOW64
09:16:38.0636 0x1188 Processor architecture: Intel x64
09:16:38.0636 0x1188 Number of processors: 4
09:16:38.0636 0x1188 Page size: 0x1000
09:16:38.0636 0x1188 Boot type: Normal boot
09:16:38.0636 0x1188 ============================================================
09:16:39.0214 0x1188 KLMD registered as C:\Windows\system32\drivers\08441403.sys
09:16:39.0386 0x1188 System UUID: {ED09901E-9FCF-30D9-5BFD-986694E62CA7}
09:16:39.0761 0x1188 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:16:39.0777 0x1188 Drive \Device\Harddisk1\DR1 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:16:39.0808 0x1188 ============================================================
09:16:39.0808 0x1188 \Device\Harddisk0\DR0:
09:16:39.0824 0x1188 GPT partitions:
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8E67D432-86D9-4147-9A67-EB551EB0593C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A78C184B-2B6E-42A0-BFAE-4625DA14CE55}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A9FBEE68-1372-4657-904B-AB8C22D6C55E}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C20EC0AA-3E41-4193-85CA-142A97F1A1EE}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x7AF30000
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DF367375-EE9F-4B7B-9A3B-AED001127FE4}, Name: Basic data partition, StartLBA 0x7B038800, BlocksNum 0x3D08F800
09:16:39.0824 0x1188 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {256BE2A6-C69C-417A-9B3D-88AC34763F38}, Name: Basic data partition, StartLBA 0xB80C8000, BlocksNum 0x30D40000
09:16:39.0824 0x1188 MBR partitions:
09:16:39.0824 0x1188 \Device\Harddisk1\DR1:
09:16:39.0824 0x1188 MBR partitions:
09:16:39.0824 0x1188 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x9A8, BlocksNum 0xE8C658
09:16:39.0824 0x1188 ============================================================
09:16:40.0011 0x1188 C: <-> \Device\Harddisk0\DR0\Partition4
09:16:40.0043 0x1188 K: <-> \Device\Harddisk0\DR0\Partition5
09:16:40.0136 0x1188 M: <-> \Device\Harddisk0\DR0\Partition6
09:16:40.0136 0x1188 ============================================================
09:16:40.0136 0x1188 Initialize success
09:16:40.0136 0x1188 ============================================================
09:16:52.0887 0x1620 ============================================================
09:16:52.0887 0x1620 Scan started
09:16:52.0887 0x1620 Mode: Manual; SigCheck; TDLFS;
09:16:52.0887 0x1620 ============================================================
09:16:52.0887 0x1620 KSN ping started
09:16:55.0362 0x1620 KSN ping finished: true
09:16:56.0103 0x1620 ================ Scan system memory ========================
09:16:56.0103 0x1620 System memory - ok
09:16:56.0103 0x1620 ================ Scan services =============================
09:16:56.0228 0x1620 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
09:16:56.0291 0x1620 1394ohci - ok
09:16:56.0322 0x1620 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
09:16:56.0353 0x1620 3ware - ok
09:16:56.0447 0x1620 [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:16:56.0478 0x1620 ACPI - ok
09:16:56.0494 0x1620 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
09:16:56.0510 0x1620 acpiex - ok
09:16:56.0510 0x1620 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
09:16:56.0541 0x1620 acpipagr - ok
09:16:56.0557 0x1620 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
09:16:56.0588 0x1620 AcpiPmi - ok
09:16:56.0588 0x1620 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
09:16:56.0619 0x1620 acpitime - ok
09:16:56.0713 0x1620 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:16:56.0729 0x1620 AdobeARMservice - ok
09:16:56.0775 0x1620 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
09:16:56.0791 0x1620 ADP80XX - ok
09:16:56.0822 0x1620 [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:16:56.0854 0x1620 AeLookupSvc - ok
09:16:56.0885 0x1620 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\Windows\system32\drivers\afd.sys
09:16:56.0916 0x1620 AFD - ok
09:16:56.0932 0x1620 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:16:56.0947 0x1620 agp440 - ok
09:16:56.0947 0x1620 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
09:16:56.0994 0x1620 ahcache - ok
09:16:57.0010 0x1620 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
09:16:57.0057 0x1620 ALG - ok
09:16:57.0072 0x1620 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
09:16:57.0104 0x1620 AmdK8 - ok
09:16:57.0119 0x1620 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
09:16:57.0135 0x1620 AmdPPM - ok
09:16:57.0151 0x1620 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:16:57.0166 0x1620 amdsata - ok
09:16:57.0166 0x1620 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:16:57.0182 0x1620 amdsbs - ok
09:16:57.0182 0x1620 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:16:57.0197 0x1620 amdxata - ok
09:16:57.0291 0x1620 [ 330FE83760F95FC8BEA17F1BADE7AC6E, CB1AD4258E25B1942204DB0D6099AB1396819C09B876AE0C0A76161CBC5E5C89 ] Apache2.4 C:\xampp\apache\bin\httpd.exe
09:16:57.0307 0x1620 Apache2.4 - detected UnsignedFile.Multi.Generic ( 1 )
09:16:59.0776 0x1620 Detect skipped due to KSN trusted
09:16:59.0776 0x1620 Apache2.4 - ok
09:16:59.0807 0x1620 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
09:16:59.0854 0x1620 AppID - ok
09:16:59.0886 0x1620 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:16:59.0948 0x1620 AppIDSvc - ok
09:16:59.0964 0x1620 [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo C:\Windows\System32\appinfo.dll
09:17:00.0011 0x1620 Appinfo - ok
09:17:00.0057 0x1620 [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness C:\Windows\system32\AppReadiness.dll
09:17:00.0089 0x1620 AppReadiness - ok
09:17:00.0167 0x1620 [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
09:17:00.0229 0x1620 AppXSvc - ok
09:17:00.0261 0x1620 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:17:00.0276 0x1620 arcsas - ok
09:17:00.0307 0x1620 [ 79EB7B1733F0EA220C95335795C806EB, 93E22C48FE912D3B2ADB8C8AB01557E1EF6D628FD0BAFDB096AA9AFB8C0C8D1F ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:17:00.0323 0x1620 aswFsBlk - ok
09:17:00.0339 0x1620 [ 9FB1012D9EE3B9510FAA4C8D34DECD1C, FCBA544D2AD3DB2836E929A1AF9498F05D6A1DF250CFCD4061DACBB3408340C5 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:17:00.0354 0x1620 aswMonFlt - ok
09:17:00.0370 0x1620 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
09:17:00.0370 0x1620 aswRdr - ok
09:17:00.0386 0x1620 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:17:00.0386 0x1620 aswRvrt - ok
09:17:00.0464 0x1620 [ DF97409EBD35C5A40AF5594806724F75, 2496422E01FBB880FE60E611D462912C110697EBC8905777229E96E7569FF0B0 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:17:00.0479 0x1620 aswSnx - ok
09:17:00.0526 0x1620 [ 79ADA401A6E2054F110E7FBDFAC71942, 0E551FB9E5FE598900036E872E16EB407F7F63FD7A8A0AFAB5094D9DFA75CFCF ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:17:00.0542 0x1620 aswSP - ok
09:17:00.0557 0x1620 [ 59787B95DD9CA44CB139D96863438587, C36E1A812931BBEACE38BF1E621C950439144979E31961C016AD1AE323579058 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:17:00.0573 0x1620 aswVmm - ok
09:17:00.0573 0x1620 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
09:17:00.0589 0x1620 atapi - ok
09:17:00.0622 0x1620 [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:17:00.0653 0x1620 AudioEndpointBuilder - ok
09:17:00.0731 0x1620 [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:17:00.0794 0x1620 Audiosrv - ok
09:17:00.0841 0x1620 [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:17:00.0841 0x1620 avast! Antivirus - ok
09:17:00.0872 0x1620 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:17:00.0887 0x1620 AxInstSV - ok
09:17:00.0919 0x1620 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:17:00.0934 0x1620 b06bdrv - ok
09:17:00.0966 0x1620 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
09:17:00.0981 0x1620 BasicDisplay - ok
09:17:01.0012 0x1620 [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
09:17:01.0028 0x1620 BasicRender - ok
09:17:01.0044 0x1620 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
09:17:01.0059 0x1620 bcmfn2 - ok
09:17:01.0091 0x1620 [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC C:\Windows\System32\bdesvc.dll
09:17:01.0106 0x1620 BDESVC - ok
09:17:01.0122 0x1620 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
09:17:01.0137 0x1620 Beep - ok
09:17:01.0216 0x1620 [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE C:\Windows\System32\bfe.dll
09:17:01.0247 0x1620 BFE - ok
09:17:01.0278 0x1620 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
09:17:01.0341 0x1620 BITS - ok
09:17:01.0341 0x1620 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:17:01.0356 0x1620 bowser - ok
09:17:01.0387 0x1620 [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
09:17:01.0403 0x1620 BrokerInfrastructure - ok
09:17:01.0434 0x1620 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\Windows\System32\browser.dll
09:17:01.0481 0x1620 Browser - ok
09:17:01.0497 0x1620 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
09:17:01.0512 0x1620 BthAvrcpTg - ok
09:17:01.0528 0x1620 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
09:17:01.0528 0x1620 BthHFEnum - ok
09:17:01.0544 0x1620 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
09:17:01.0559 0x1620 bthhfhid - ok
09:17:01.0575 0x1620 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
09:17:01.0606 0x1620 BTHMODEM - ok
09:17:01.0622 0x1620 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
09:17:01.0637 0x1620 bthserv - ok
09:17:01.0637 0x1620 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:17:01.0669 0x1620 cdfs - ok
09:17:01.0684 0x1620 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
09:17:01.0700 0x1620 cdrom - ok
09:17:01.0716 0x1620 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
09:17:01.0731 0x1620 CertPropSvc - ok
09:17:01.0747 0x1620 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
09:17:01.0778 0x1620 circlass - ok
09:17:01.0794 0x1620 [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS C:\Windows\system32\drivers\CLFS.sys
09:17:01.0809 0x1620 CLFS - ok
09:17:01.0856 0x1620 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
09:17:01.0887 0x1620 CmBatt - ok
09:17:02.0106 0x1620 [ 2D1E7E163AB1C927ACBA22CBE4A9F818, 81CAC4AC46573AE997FA98E4FFD5CE88A9BB8D3BE80CA075490EA3168414E649 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:17:02.0216 0x1620 cmdAgent - ok
09:17:02.0247 0x1620 [ AB7D3EF26D9B8001870814647189FDC1, 157391281863719175FCB72C96E62DEB322E8C434AA8AD993619F2DFE9FA651E ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
09:17:02.0247 0x1620 cmderd - ok
09:17:02.0278 0x1620 [ 31D0ED596299BD8BEB81C1020825CA58, 9C7F81573A33902AC36C66185914B2BE56ECE8240971AFC564ACE5FDBB90D270 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
09:17:02.0294 0x1620 cmdGuard - ok
09:17:02.0309 0x1620 [ 29925B820AD0FA43449785E24716CF64, 43017A395A0E4646038BE491EB387C817713DE5BB5AD6BCF74AC8D4D33DD45BC ] cmdhlp C:\Windows\system32\DRIVERS\cmdhlp.sys
09:17:02.0325 0x1620 cmdhlp - ok
09:17:02.0341 0x1620 [ A3574DCC6588D6E09E069D2BE61537EC, E9AA0DA9A6C6F22398C2555FA6AA24B2142791B7281E91973842A5E88A2815D4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
09:17:02.0356 0x1620 cmdvirth - ok
09:17:02.0372 0x1620 [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG C:\Windows\system32\Drivers\cng.sys
09:17:02.0387 0x1620 CNG - ok
09:17:02.0403 0x1620 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
09:17:02.0419 0x1620 CompositeBus - ok
09:17:02.0419 0x1620 COMSysApp - ok
09:17:02.0419 0x1620 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
09:17:02.0450 0x1620 condrv - ok
09:17:02.0497 0x1620 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:17:02.0528 0x1620 CryptSvc - ok
09:17:02.0544 0x1620 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
09:17:02.0559 0x1620 dam - ok
09:17:02.0591 0x1620 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:17:02.0653 0x1620 DcomLaunch - ok
09:17:02.0684 0x1620 [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc C:\Windows\System32\defragsvc.dll
09:17:02.0763 0x1620 defragsvc - ok
09:17:02.0778 0x1620 [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\Windows\system32\das.dll
09:17:02.0809 0x1620 DeviceAssociationService - ok
09:17:02.0841 0x1620 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
09:17:02.0872 0x1620 DeviceInstall - ok
09:17:02.0903 0x1620 [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
09:17:02.0950 0x1620 Dfsc - ok
09:17:03.0013 0x1620 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:17:03.0059 0x1620 Dhcp - ok
09:17:03.0059 0x1620 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
09:17:03.0075 0x1620 disk - ok
09:17:03.0091 0x1620 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
09:17:03.0138 0x1620 dmvsc - ok
09:17:03.0169 0x1620 [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:17:03.0216 0x1620 Dnscache - ok
09:17:03.0263 0x1620 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
09:17:03.0294 0x1620 dot3svc - ok
09:17:03.0309 0x1620 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
09:17:03.0325 0x1620 DPS - ok
09:17:03.0437 0x1620 [ 49B2C034D77F9F73C80AC55E795CCB6E, EC3B3AF80FA86222E63ABA646C3452C7AD1B9462A1A18D059F5F7EC18C37D97C ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
09:17:03.0484 0x1620 DragonUpdater - ok
09:17:03.0500 0x1620 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:17:03.0500 0x1620 drmkaud - ok
09:17:03.0531 0x1620 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
09:17:03.0594 0x1620 DsmSvc - ok
09:17:03.0641 0x1620 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
09:17:03.0656 0x1620 dtsoftbus01 - ok
09:17:03.0719 0x1620 [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:17:03.0750 0x1620 DXGKrnl - ok
09:17:03.0766 0x1620 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
09:17:03.0797 0x1620 Eaphost - ok
09:17:03.0875 0x1620 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:17:03.0970 0x1620 ebdrv - ok
09:17:03.0985 0x1620 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
09:17:04.0001 0x1620 EFS - ok
09:17:04.0001 0x1620 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
09:17:04.0017 0x1620 EhStorClass - ok
09:17:04.0038 0x1620 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:17:04.0053 0x1620 EhStorTcgDrv - ok
09:17:04.0069 0x1620 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
09:17:04.0100 0x1620 ErrDev - ok
09:17:04.0147 0x1620 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
09:17:04.0194 0x1620 EventSystem - ok
09:17:04.0225 0x1620 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
09:17:04.0272 0x1620 exfat - ok
09:17:04.0288 0x1620 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:17:04.0303 0x1620 fastfat - ok
09:17:04.0334 0x1620 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
09:17:04.0366 0x1620 Fax - ok
09:17:04.0366 0x1620 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
09:17:04.0381 0x1620 fdc - ok
09:17:04.0413 0x1620 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
09:17:04.0413 0x1620 fdPHost - ok
09:17:04.0428 0x1620 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
09:17:04.0459 0x1620 FDResPub - ok
09:17:04.0475 0x1620 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
09:17:04.0522 0x1620 fhsvc - ok
09:17:04.0538 0x1620 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:17:04.0553 0x1620 FileInfo - ok
09:17:04.0569 0x1620 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:17:04.0600 0x1620 Filetrace - ok
09:17:04.0663 0x1620 [ 7E76EED28B8B8696B7F7ED5F757AA304, 4D42711B63F90FF9AF3D6C8E4EDB3FF08CAB6FE5131D9A43F4D10D1CA51F7378 ] FileZilla Server C:\xampp\filezillaftp\filezillaserver.exe
09:17:04.0694 0x1620 FileZilla Server - detected UnsignedFile.Multi.Generic ( 1 )
09:17:08.0272 0x1620 Detect skipped due to KSN trusted
09:17:08.0272 0x1620 FileZilla Server - ok
09:17:08.0288 0x1620 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
09:17:08.0319 0x1620 flpydisk - ok
09:17:08.0335 0x1620 [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:17:08.0350 0x1620 FltMgr - ok
09:17:08.0397 0x1620 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\Windows\system32\FntCache.dll
09:17:08.0444 0x1620 FontCache - ok
09:17:08.0522 0x1620 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:17:08.0553 0x1620 FontCache3.0.0.0 - ok
09:17:08.0553 0x1620 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:17:08.0569 0x1620 FsDepends - ok
09:17:08.0600 0x1620 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:17:08.0600 0x1620 Fs_Rec - ok
09:17:08.0678 0x1620 [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:17:08.0710 0x1620 fvevol - ok
09:17:08.0725 0x1620 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
09:17:08.0756 0x1620 FxPPM - ok
09:17:08.0772 0x1620 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:17:08.0788 0x1620 gagp30kx - ok
09:17:08.0788 0x1620 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
09:17:08.0819 0x1620 gencounter - ok
09:17:08.0866 0x1620 [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
09:17:08.0913 0x1620 GPIOClx0101 - ok
09:17:08.0975 0x1620 [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc C:\Windows\System32\gpsvc.dll
09:17:09.0022 0x1620 gpsvc - ok
09:17:09.0118 0x1620 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:17:09.0149 0x1620 gupdate - ok
09:17:09.0149 0x1620 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:17:09.0164 0x1620 gupdatem - ok
09:17:09.0290 0x1620 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:17:09.0336 0x1620 HdAudAddService - ok
09:17:09.0352 0x1620 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
09:17:09.0383 0x1620 HDAudBus - ok
09:17:09.0383 0x1620 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
09:17:09.0430 0x1620 HidBatt - ok
09:17:09.0461 0x1620 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
09:17:09.0524 0x1620 HidBth - ok
09:17:09.0540 0x1620 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
09:17:09.0586 0x1620 hidi2c - ok
09:17:09.0586 0x1620 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
09:17:09.0618 0x1620 HidIr - ok
09:17:09.0649 0x1620 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
09:17:09.0664 0x1620 hidserv - ok
09:17:09.0680 0x1620 [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
09:17:09.0711 0x1620 HidUsb - ok
09:17:09.0743 0x1620 [ 760B03AE5E3244E22FFC3C1AE1F5264A, 1D926E28B95394C211CC29B898ECF3C3E19814EF4D09B04DBF9BDFB2596BD1AB ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
09:17:09.0758 0x1620 HitmanProScheduler - ok
09:17:09.0790 0x1620 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:17:09.0821 0x1620 hkmsvc - ok
09:17:09.0852 0x1620 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:17:09.0883 0x1620 HomeGroupListener - ok
09:17:09.0930 0x1620 [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:17:09.0961 0x1620 HomeGroupProvider - ok
09:17:09.0977 0x1620 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:17:09.0977 0x1620 HpSAMD - ok
09:17:10.0008 0x1620 [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:17:10.0055 0x1620 HTTP - ok
09:17:10.0071 0x1620 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:17:10.0071 0x1620 hwpolicy - ok
09:17:10.0086 0x1620 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
09:17:10.0102 0x1620 hyperkbd - ok
09:17:10.0102 0x1620 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
09:17:10.0118 0x1620 HyperVideo - ok
09:17:10.0133 0x1620 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
09:17:10.0165 0x1620 i8042prt - ok
09:17:10.0165 0x1620 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
09:17:10.0180 0x1620 iaLPSSi_GPIO - ok
09:17:10.0180 0x1620 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
09:17:10.0180 0x1620 iaLPSSi_I2C - ok
09:17:10.0211 0x1620 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
09:17:10.0227 0x1620 iaStorAV - ok
09:17:10.0243 0x1620 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:17:10.0258 0x1620 iaStorV - ok
09:17:10.0258 0x1620 IEEtwCollectorService - ok
09:17:10.0290 0x1620 [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT C:\Windows\System32\ikeext.dll
09:17:10.0321 0x1620 IKEEXT - ok
09:17:10.0352 0x1620 [ 49E73AB19378230BBCD1209D44165EA7, 69CBEA08F18FC80F8CC1BAF0BE88BFEDF572489CE65EEBE8CEF023DA00DCFD5E ] inspect C:\Windows\system32\DRIVERS\inspect.sys
09:17:10.0368 0x1620 inspect - ok
09:17:10.0368 0x1620 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
09:17:10.0368 0x1620 intelide - ok
09:17:10.0399 0x1620 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\Windows\system32\drivers\intelpep.sys
09:17:10.0415 0x1620 intelpep - ok
09:17:10.0430 0x1620 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
09:17:10.0446 0x1620 intelppm - ok
09:17:10.0461 0x1620 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:17:10.0493 0x1620 IpFilterDriver - ok
09:17:10.0540 0x1620 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:17:10.0602 0x1620 iphlpsvc - ok
09:17:10.0618 0x1620 [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
09:17:10.0618 0x1620 IPMIDRV - ok
09:17:10.0649 0x1620 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:17:10.0680 0x1620 IPNAT - ok
09:17:10.0680 0x1620 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:17:10.0696 0x1620 IRENUM - ok
09:17:10.0696 0x1620 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:17:10.0711 0x1620 isapnp - ok
09:17:10.0727 0x1620 [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
09:17:10.0743 0x1620 iScsiPrt - ok
09:17:10.0743 0x1620 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
09:17:10.0758 0x1620 kbdclass - ok
09:17:10.0758 0x1620 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
09:17:10.0790 0x1620 kbdhid - ok
09:17:10.0790 0x1620 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
09:17:10.0821 0x1620 kdnic - ok
09:17:10.0836 0x1620 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
09:17:10.0852 0x1620 KeyIso - ok
09:17:10.0915 0x1620 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:17:10.0915 0x1620 KSecDD - ok
09:17:10.0930 0x1620 [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:17:10.0946 0x1620 KSecPkg - ok
09:17:10.0961 0x1620 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:17:10.0961 0x1620 ksthunk - ok
09:17:10.0993 0x1620 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:17:11.0008 0x1620 KtmRm - ok
09:17:11.0040 0x1620 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\Windows\system32\srvsvc.dll
09:17:11.0086 0x1620 LanmanServer - ok
09:17:11.0102 0x1620 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:17:11.0133 0x1620 LanmanWorkstation - ok
09:17:11.0180 0x1620 [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
09:17:11.0227 0x1620 lfsvc - ok
09:17:11.0227 0x1620 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:17:11.0243 0x1620 lltdio - ok
09:17:11.0258 0x1620 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:17:11.0274 0x1620 lltdsvc - ok
09:17:11.0290 0x1620 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:17:11.0305 0x1620 lmhosts - ok
09:17:11.0321 0x1620 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:17:11.0336 0x1620 LSI_SAS - ok
09:17:11.0336 0x1620 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:17:11.0336 0x1620 LSI_SAS2 - ok
09:17:11.0352 0x1620 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
09:17:11.0352 0x1620 LSI_SAS3 - ok
09:17:11.0368 0x1620 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
09:17:11.0368 0x1620 LSI_SSS - ok
09:17:11.0399 0x1620 [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM C:\Windows\System32\lsm.dll
09:17:11.0415 0x1620 LSM - ok
09:17:11.0430 0x1620 [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv C:\Windows\system32\drivers\luafv.sys
09:17:11.0446 0x1620 luafv - ok
09:17:11.0461 0x1620 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
09:17:11.0461 0x1620 megasas - ok
09:17:11.0493 0x1620 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
09:17:11.0508 0x1620 megasr - ok
09:17:11.0524 0x1620 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
09:17:11.0540 0x1620 MMCSS - ok
09:17:11.0540 0x1620 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
09:17:11.0555 0x1620 Modem - ok
09:17:11.0586 0x1620 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
09:17:11.0586 0x1620 monitor - ok
09:17:11.0602 0x1620 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
09:17:11.0602 0x1620 mouclass - ok
09:17:11.0618 0x1620 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
09:17:11.0618 0x1620 mouhid - ok
09:17:11.0633 0x1620 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:17:11.0649 0x1620 mountmgr - ok
09:17:11.0649 0x1620 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:17:11.0680 0x1620 mpsdrv - ok
09:17:11.0711 0x1620 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:17:11.0743 0x1620 MpsSvc - ok
09:17:11.0758 0x1620 [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:17:11.0774 0x1620 MRxDAV - ok
09:17:11.0805 0x1620 [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:17:11.0821 0x1620 mrxsmb - ok
09:17:11.0836 0x1620 [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:17:11.0852 0x1620 mrxsmb10 - ok
09:17:11.0868 0x1620 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:17:11.0883 0x1620 mrxsmb20 - ok
09:17:11.0899 0x1620 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
09:17:11.0915 0x1620 MsBridge - ok
09:17:11.0930 0x1620 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
09:17:11.0946 0x1620 MSDTC - ok
09:17:11.0961 0x1620 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:17:11.0977 0x1620 Msfs - ok
09:17:12.0102 0x1620 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
09:17:12.0133 0x1620 msgpiowin32 - ok
09:17:12.0149 0x1620 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:17:12.0180 0x1620 mshidkmdf - ok
09:17:12.0180 0x1620 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
09:17:12.0196 0x1620 mshidumdf - ok
09:17:12.0211 0x1620 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:17:12.0227 0x1620 msisadrv - ok
09:17:12.0243 0x1620 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:17:12.0258 0x1620 MSiSCSI - ok
09:17:12.0258 0x1620 msiserver - ok
09:17:12.0274 0x1620 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:17:12.0290 0x1620 MSKSSRV - ok
09:17:12.0305 0x1620 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
09:17:12.0336 0x1620 MsLldp - ok
09:17:12.0336 0x1620 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:17:12.0336 0x1620 MSPCLOCK - ok
09:17:12.0336 0x1620 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:17:12.0352 0x1620 MSPQM - ok
09:17:12.0368 0x1620 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:17:12.0383 0x1620 MsRPC - ok
09:17:12.0399 0x1620 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
09:17:12.0399 0x1620 mssmbios - ok
09:17:12.0415 0x1620 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:17:12.0430 0x1620 MSTEE - ok
09:17:12.0446 0x1620 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
09:17:12.0461 0x1620 MTConfig - ok
09:17:12.0477 0x1620 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
09:17:12.0477 0x1620 Mup - ok
09:17:12.0493 0x1620 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
09:17:12.0508 0x1620 mvumis - ok
09:17:12.0540 0x1620 mysql - ok
09:17:12.0586 0x1620 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
09:17:12.0633 0x1620 napagent - ok
09:17:12.0711 0x1620 [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:17:12.0774 0x1620 NativeWifiP - ok
09:17:12.0790 0x1620 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
09:17:12.0821 0x1620 NcaSvc - ok
09:17:12.0836 0x1620 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
09:17:12.0883 0x1620 NcbService - ok
09:17:12.0899 0x1620 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
09:17:12.0961 0x1620 NcdAutoSetup - ok
09:17:13.0008 0x1620 [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:17:13.0040 0x1620 NDIS - ok
09:17:13.0055 0x1620 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:17:13.0071 0x1620 NdisCap - ok
09:17:13.0102 0x1620 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
09:17:13.0149 0x1620 NdisImPlatform - ok
09:17:13.0149 0x1620 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:17:13.0165 0x1620 NdisTapi - ok
09:17:13.0180 0x1620 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:17:13.0196 0x1620 Ndisuio - ok
09:17:13.0227 0x1620 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
09:17:13.0243 0x1620 NdisVirtualBus - ok
09:17:13.0258 0x1620 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:17:13.0290 0x1620 NdisWan - ok
09:17:13.0305 0x1620 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
09:17:13.0305 0x1620 NdisWanLegacy - ok
09:17:13.0321 0x1620 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:17:13.0336 0x1620 NDProxy - ok
09:17:13.0352 0x1620 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
09:17:13.0352 0x1620 Ndu - ok
09:17:13.0368 0x1620 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:17:13.0383 0x1620 NetBIOS - ok
09:17:13.0399 0x1620 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:17:13.0430 0x1620 NetBT - ok
09:17:13.0430 0x1620 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
09:17:13.0446 0x1620 Netlogon - ok
09:17:13.0477 0x1620 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
09:17:13.0493 0x1620 Netman - ok
09:17:13.0524 0x1620 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
09:17:13.0555 0x1620 netprofm - ok
09:17:13.0586 0x1620 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:17:13.0602 0x1620 NetTcpPortSharing - ok
09:17:13.0618 0x1620 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
09:17:13.0633 0x1620 netvsc - ok
09:17:13.0649 0x1620 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:17:13.0680 0x1620 NlaSvc - ok
09:17:13.0712 0x1620 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
09:17:13.0727 0x1620 NPF - ok
09:17:13.0743 0x1620 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:17:13.0743 0x1620 Npfs - ok
09:17:13.0758 0x1620 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
09:17:13.0774 0x1620 npsvctrig - ok
09:17:13.0774 0x1620 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
09:17:13.0790 0x1620 nsi - ok
09:17:13.0805 0x1620 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:17:13.0821 0x1620 nsiproxy - ok
09:17:13.0899 0x1620 [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:17:13.0946 0x1620 Ntfs - ok
09:17:13.0962 0x1620 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
09:17:13.0977 0x1620 Null - ok
09:17:14.0477 0x1620 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:17:14.0774 0x1620 nvlddmkm - ok
09:17:14.0790 0x1620 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:17:14.0805 0x1620 nvraid - ok
09:17:14.0805 0x1620 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:17:14.0821 0x1620 nvstor - ok
09:17:14.0868 0x1620 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\Windows\system32\nvvsvc.exe
09:17:14.0899 0x1620 nvsvc - ok
09:17:14.0961 0x1620 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:17:14.0993 0x1620 nvUpdatusService - ok
09:17:14.0993 0x1620 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:17:15.0008 0x1620 nv_agp - ok
09:17:15.0024 0x1620 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:17:15.0040 0x1620 ose - ok
09:17:15.0055 0x1620 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:17:15.0087 0x1620 p2pimsvc - ok
09:17:15.0118 0x1620 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
09:17:15.0149 0x1620 p2psvc - ok
09:17:15.0180 0x1620 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
09:17:15.0196 0x1620 Parport - ok
09:17:15.0211 0x1620 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:17:15.0227 0x1620 partmgr - ok
09:17:15.0258 0x1620 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:17:15.0274 0x1620 PcaSvc - ok
09:17:15.0290 0x1620 [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci C:\Windows\system32\drivers\pci.sys
09:17:15.0305 0x1620 pci - ok
09:17:15.0305 0x1620 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
09:17:15.0321 0x1620 pciide - ok
09:17:15.0336 0x1620 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:17:15.0352 0x1620 pcmcia - ok
09:17:15.0368 0x1620 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
09:17:15.0368 0x1620 pcw - ok
09:17:15.0415 0x1620 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\Windows\system32\drivers\pdc.sys
09:17:15.0446 0x1620 pdc - ok
09:17:15.0477 0x1620 [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:17:15.0508 0x1620 PEAUTH - ok
09:17:15.0743 0x1620 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:17:15.0805 0x1620 PerfHost - ok
09:17:15.0977 0x1620 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
09:17:16.0055 0x1620 pla - ok
09:17:16.0071 0x1620 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:17:16.0086 0x1620 PlugPlay - ok
09:17:16.0102 0x1620 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:17:16.0133 0x1620 PNRPAutoReg - ok
09:17:16.0149 0x1620 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:17:16.0165 0x1620 PNRPsvc - ok
09:17:16.0212 0x1620 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:17:16.0243 0x1620 PolicyAgent - ok
09:17:16.0274 0x1620 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
09:17:16.0321 0x1620 Power - ok
09:17:16.0446 0x1620 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:17:16.0540 0x1620 PrintNotify - ok
09:17:16.0555 0x1620 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
09:17:16.0571 0x1620 Processor - ok
09:17:16.0602 0x1620 [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc C:\Windows\system32\profsvc.dll
09:17:16.0618 0x1620 ProfSvc - ok
09:17:16.0618 0x1620 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:17:16.0649 0x1620 Psched - ok
09:17:16.0665 0x1620 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
09:17:16.0680 0x1620 QWAVE - ok
09:17:16.0696 0x1620 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:17:16.0727 0x1620 QWAVEdrv - ok
09:17:16.0743 0x1620 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:17:16.0758 0x1620 RasAcd - ok
09:17:16.0758 0x1620 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
09:17:16.0790 0x1620 RasAuto - ok
09:17:16.0805 0x1620 [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan C:\Windows\System32\rasmans.dll
09:17:16.0837 0x1620 RasMan - ok
09:17:16.0852 0x1620 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:17:16.0868 0x1620 RasPppoe - ok
09:17:16.0883 0x1620 [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:17:16.0899 0x1620 rdbss - ok
09:17:16.0915 0x1620 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
09:17:16.0915 0x1620 rdpbus - ok
09:17:16.0946 0x1620 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:17:16.0946 0x1620 RDPDR - ok
09:17:16.0962 0x1620 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:17:16.0962 0x1620 RdpVideoMiniport - ok
09:17:16.0977 0x1620 [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:17:16.0993 0x1620 rdyboost - ok
09:17:17.0024 0x1620 [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
09:17:17.0040 0x1620 ReFS - ok
09:17:17.0071 0x1620 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:17:17.0087 0x1620 RemoteAccess - ok
09:17:17.0102 0x1620 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:17:17.0118 0x1620 RemoteRegistry - ok
09:17:17.0149 0x1620 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
09:17:17.0165 0x1620 rpcapd - ok
09:17:17.0165 0x1620 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:17:17.0196 0x1620 RpcEptMapper - ok
09:17:17.0196 0x1620 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
09:17:17.0227 0x1620 RpcLocator - ok
09:17:17.0243 0x1620 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs C:\Windows\system32\rpcss.dll
09:17:17.0274 0x1620 RpcSs - ok
09:17:17.0274 0x1620 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:17:17.0305 0x1620 rspndr - ok
09:17:17.0352 0x1620 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
09:17:17.0399 0x1620 RTL8168 - ok
09:17:17.0415 0x1620 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
09:17:17.0430 0x1620 s3cap - ok
09:17:17.0446 0x1620 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
09:17:17.0446 0x1620 SamSs - ok
09:17:17.0462 0x1620 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:17:17.0477 0x1620 sbp2port - ok
09:17:17.0477 0x1620 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:17:17.0508 0x1620 SCardSvr - ok
09:17:17.0524 0x1620 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
09:17:17.0540 0x1620 ScDeviceEnum - ok
09:17:17.0571 0x1620 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:17:17.0571 0x1620 scfilter - ok
09:17:17.0602 0x1620 [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule C:\Windows\system32\schedsvc.dll
09:17:17.0633 0x1620 Schedule - ok
09:17:17.0665 0x1620 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:17:17.0680 0x1620 SCPolicySvc - ok
09:17:17.0743 0x1620 [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus C:\Windows\System32\drivers\sdbus.sys
09:17:17.0774 0x1620 sdbus - ok
09:17:17.0805 0x1620 [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor C:\Windows\System32\drivers\sdstor.sys
09:17:17.0805 0x1620 sdstor - ok
09:17:17.0821 0x1620 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:17:17.0837 0x1620 secdrv - ok
09:17:17.0852 0x1620 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
09:17:17.0883 0x1620 seclogon - ok
09:17:17.0899 0x1620 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
09:17:17.0930 0x1620 SENS - ok
09:17:17.0930 0x1620 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:17:17.0946 0x1620 SensrSvc - ok
09:17:17.0962 0x1620 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
09:17:17.0977 0x1620 SerCx - ok
09:17:17.0993 0x1620 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
09:17:18.0008 0x1620 SerCx2 - ok
09:17:18.0024 0x1620 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
09:17:18.0040 0x1620 Serenum - ok
09:17:18.0055 0x1620 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
09:17:18.0087 0x1620 Serial - ok
09:17:18.0102 0x1620 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
09:17:18.0118 0x1620 sermouse - ok
09:17:18.0149 0x1620 [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv C:\Windows\system32\sessenv.dll
09:17:18.0180 0x1620 SessionEnv - ok
09:17:18.0180 0x1620 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
09:17:18.0212 0x1620 sfloppy - ok
09:17:18.0227 0x1620 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:17:18.0258 0x1620 SharedAccess - ok
09:17:18.0337 0x1620 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:17:18.0368 0x1620 ShellHWDetection - ok
09:17:18.0383 0x1620 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:17:18.0415 0x1620 SiSRaid2 - ok
09:17:18.0415 0x1620 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:17:18.0430 0x1620 SiSRaid4 - ok
09:17:18.0430 0x1620 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
09:17:18.0446 0x1620 smphost - ok
09:17:18.0462 0x1620 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:17:18.0477 0x1620 SNMPTRAP - ok
09:17:18.0508 0x1620 [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport C:\Windows\system32\drivers\spaceport.sys
09:17:18.0524 0x1620 spaceport - ok
09:17:18.0540 0x1620 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
09:17:18.0540 0x1620 SpbCx - ok
09:17:18.0571 0x1620 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\Windows\System32\spoolsv.exe
09:17:18.0586 0x1620 Spooler - ok
09:17:19.0040 0x1620 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc C:\Windows\system32\sppsvc.exe
09:17:19.0243 0x1620 sppsvc - ok
09:17:19.0321 0x1620 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:17:19.0368 0x1620 srv - ok
09:17:19.0415 0x1620 [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:17:19.0462 0x1620 srv2 - ok
09:17:19.0477 0x1620 [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:17:19.0508 0x1620 srvnet - ok
09:17:19.0555 0x1620 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:17:19.0602 0x1620 SSDPSRV - ok
09:17:19.0618 0x1620 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:17:19.0649 0x1620 SstpSvc - ok
09:17:19.0712 0x1620 [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:17:19.0743 0x1620 Stereo Service - ok
09:17:19.0774 0x1620 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:17:19.0790 0x1620 stexstor - ok
09:17:19.0837 0x1620 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
09:17:19.0883 0x1620 stisvc - ok
09:17:19.0899 0x1620 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
09:17:19.0915 0x1620 storahci - ok
09:17:19.0915 0x1620 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
09:17:19.0930 0x1620 storflt - ok
09:17:19.0962 0x1620 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
09:17:19.0977 0x1620 stornvme - ok
09:17:19.0977 0x1620 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
09:17:19.0993 0x1620 StorSvc - ok
09:17:20.0008 0x1620 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:17:20.0008 0x1620 storvsc - ok
09:17:20.0024 0x1620 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
09:17:20.0055 0x1620 svsvc - ok
09:17:20.0055 0x1620 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
09:17:20.0071 0x1620 swenum - ok
09:17:20.0087 0x1620 [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv C:\Windows\System32\swprv.dll
09:17:20.0118 0x1620 swprv - ok
09:17:20.0165 0x1620 [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain C:\Windows\system32\sysmain.dll
09:17:20.0227 0x1620 SysMain - ok
09:17:20.0243 0x1620 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:17:20.0274 0x1620 SystemEventsBroker - ok
09:17:20.0274 0x1620 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
09:17:20.0290 0x1620 TabletInputService - ok
09:17:20.0305 0x1620 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:17:20.0337 0x1620 TapiSrv - ok
09:17:20.0462 0x1620 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:17:20.0540 0x1620 Tcpip - ok
09:17:20.0680 0x1620 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:17:20.0727 0x1620 TCPIP6 - ok
09:17:20.0758 0x1620 [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:17:20.0790 0x1620 tcpipreg - ok
09:17:20.0805 0x1620 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:17:20.0837 0x1620 tdx - ok
09:17:21.0087 0x1620 [ 5EA4CFD8443E2052055F5DD5B49DD071, F93D567BD6110830C36FD8A650F639D516FD20C88769A941FA4F4E4DB48C52A1 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
09:17:21.0165 0x1620 TeamViewer9 - ok
09:17:21.0180 0x1620 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
09:17:21.0212 0x1620 terminpt - ok
09:17:21.0337 0x1620 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
09:17:21.0399 0x1620 TermService - ok
09:17:21.0415 0x1620 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
09:17:21.0477 0x1620 Themes - ok
09:17:21.0493 0x1620 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
09:17:21.0508 0x1620 THREADORDER - ok
09:17:21.0540 0x1620 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
09:17:21.0602 0x1620 TimeBroker - ok
09:17:21.0633 0x1620 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
09:17:21.0665 0x1620 TPM - ok
09:17:21.0680 0x1620 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
09:17:21.0696 0x1620 TrkWks - ok
09:17:21.0727 0x1620 [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:17:21.0743 0x1620 TrustedInstaller - ok
09:17:21.0774 0x1620 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:17:21.0790 0x1620 TsUsbFlt - ok
09:17:21.0821 0x1620 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
09:17:21.0837 0x1620 TsUsbGD - ok
09:17:21.0852 0x1620 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:17:21.0868 0x1620 tunnel - ok
09:17:21.0883 0x1620 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:17:21.0899 0x1620 uagp35 - ok
09:17:21.0915 0x1620 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
09:17:21.0915 0x1620 UASPStor - ok
09:17:21.0946 0x1620 [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
09:17:21.0946 0x1620 UCX01000 - ok
09:17:21.0977 0x1620 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:17:21.0993 0x1620 udfs - ok
09:17:22.0008 0x1620 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
09:17:22.0008 0x1620 UEFI - ok
09:17:22.0024 0x1620 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:17:22.0055 0x1620 UI0Detect - ok
09:17:22.0071 0x1620 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:17:22.0102 0x1620 uliagpkx - ok
09:17:22.0133 0x1620 [ 694BCF23662F97D987CF4C6739C35F8B, 6D7D57785C8F968514FAB383732F9E2FB15349369D17E3BD1C438B5E95EBD388 ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
09:17:22.0165 0x1620 UltraMonUtility - ok
09:17:22.0165 0x1620 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
09:17:22.0196 0x1620 umbus - ok
09:17:22.0212 0x1620 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
09:17:22.0212 0x1620 UmPass - ok
09:17:22.0243 0x1620 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
09:17:22.0274 0x1620 UmRdpService - ok
09:17:22.0305 0x1620 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
09:17:22.0352 0x1620 upnphost - ok
09:17:22.0352 0x1620 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
09:17:22.0368 0x1620 usbccgp - ok
09:17:22.0383 0x1620 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
09:17:22.0399 0x1620 usbcir - ok
09:17:22.0415 0x1620 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\Windows\System32\drivers\usbehci.sys
09:17:22.0430 0x1620 usbehci - ok
09:17:22.0446 0x1620 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\Windows\System32\drivers\usbhub.sys
09:17:22.0462 0x1620 usbhub - ok
09:17:22.0477 0x1620 [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
09:17:22.0508 0x1620 USBHUB3 - ok
09:17:22.0508 0x1620 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
09:17:22.0524 0x1620 usbohci - ok
09:17:22.0540 0x1620 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
09:17:22.0540 0x1620 usbprint - ok
09:17:22.0571 0x1620 [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
09:17:22.0587 0x1620 USBSTOR - ok
09:17:22.0602 0x1620 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
09:17:22.0602 0x1620 usbuhci - ok
09:17:22.0633 0x1620 [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
09:17:22.0649 0x1620 USBXHCI - ok
09:17:22.0680 0x1620 [ 102F170CF0F5304ACF7FB663B7ADB5E0, 9EBC79F56131FC030B013BA4913FDF0D31746E8DE07556F56F64D63407194518 ] V0330VID C:\Windows\system32\DRIVERS\V0330Vid.sys
09:17:22.0712 0x1620 V0330VID - ok
09:17:22.0727 0x1620 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
09:17:22.0727 0x1620 VaultSvc - ok
09:17:22.0758 0x1620 [ 8DB40EB504AE9C10558675035B4B4A4A, B998BF9E358B6E7603BA765F6C55A387CEFE94D52D29B31EC6AB01210D52A338 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
09:17:22.0774 0x1620 VBoxDrv - ok
09:17:22.0790 0x1620 [ 9C24F61B36E7305AC42DC41881A2C97C, 4800D9517D2AE7772784BC2E8A85F4516A1483B9A2F7C3FE96DFC65CD3089E06 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
09:17:22.0790 0x1620 VBoxNetAdp - ok
09:17:22.0805 0x1620 [ 4B3B9912BBA05473BE94E61334971858, D7AA4FF319310E15D93B4B32B050F42E3386F4ABF50DAC0FF9B8FA1C0BD3EDFE ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
09:17:22.0805 0x1620 VBoxNetFlt - ok
09:17:22.0852 0x1620 [ DD8F22BA8DD0F2A9A1D5D93023441FE0, 6A66FB19459955941559B4DFFC9CD93359EADDB5EA26DFEE5B4C8773FCA0A942 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
09:17:22.0868 0x1620 VBoxUSBMon - ok
09:17:22.0868 0x1620 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:17:22.0883 0x1620 vdrvroot - ok
09:17:22.0915 0x1620 [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds C:\Windows\System32\vds.exe
09:17:22.0962 0x1620 vds - ok
09:17:22.0993 0x1620 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
09:17:23.0024 0x1620 VerifierExt - ok
09:17:23.0055 0x1620 [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
09:17:23.0087 0x1620 vhdmp - ok
09:17:23.0102 0x1620 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
09:17:23.0118 0x1620 viaide - ok
09:17:23.0133 0x1620 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:17:23.0133 0x1620 vmbus - ok
09:17:23.0149 0x1620 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
09:17:23.0165 0x1620 VMBusHID - ok
09:17:23.0180 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
09:17:23.0227 0x1620 vmicguestinterface - ok
09:17:23.0227 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
09:17:23.0243 0x1620 vmicheartbeat - ok
09:17:23.0274 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
09:17:23.0305 0x1620 vmickvpexchange - ok
09:17:23.0321 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
09:17:23.0352 0x1620 vmicrdv - ok
09:17:23.0368 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
09:17:23.0383 0x1620 vmicshutdown - ok
09:17:23.0415 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
09:17:23.0430 0x1620 vmictimesync - ok
09:17:23.0477 0x1620 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
09:17:23.0508 0x1620 vmicvss - ok
09:17:23.0524 0x1620 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:17:23.0540 0x1620 volmgr - ok
09:17:23.0571 0x1620 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:17:23.0587 0x1620 volmgrx - ok
09:17:23.0602 0x1620 [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:17:23.0618 0x1620 volsnap - ok
09:17:23.0633 0x1620 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
09:17:23.0649 0x1620 vpci - ok
09:17:23.0665 0x1620 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:17:23.0665 0x1620 vsmraid - ok
09:17:23.0712 0x1620 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS C:\Windows\system32\vssvc.exe
09:17:23.0758 0x1620 VSS - ok
09:17:23.0774 0x1620 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
09:17:23.0790 0x1620 VSTXRAID - ok
09:17:23.0790 0x1620 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:17:23.0821 0x1620 vwifibus - ok
09:17:23.0837 0x1620 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
09:17:23.0868 0x1620 W32Time - ok
09:17:23.0868 0x1620 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
09:17:23.0977 0x1620 WacomPen - ok
09:17:24.0040 0x1620 [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine C:\Windows\system32\wbengine.exe
09:17:24.0087 0x1620 wbengine - ok
09:17:24.0102 0x1620 [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:17:24.0133 0x1620 WbioSrvc - ok
09:17:24.0165 0x1620 [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
09:17:24.0196 0x1620 Wcmsvc - ok
09:17:24.0227 0x1620 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:17:24.0258 0x1620 wcncsvc - ok
09:17:24.0274 0x1620 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:17:24.0305 0x1620 WcsPlugInService - ok
09:17:24.0305 0x1620 [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
09:17:24.0321 0x1620 WdBoot - ok
09:17:24.0383 0x1620 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:17:24.0415 0x1620 Wdf01000 - ok
09:17:24.0430 0x1620 [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
09:17:24.0446 0x1620 WdFilter - ok
09:17:24.0462 0x1620 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:17:24.0477 0x1620 WdiServiceHost - ok
09:17:24.0493 0x1620 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:17:24.0508 0x1620 WdiSystemHost - ok
09:17:24.0524 0x1620 [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
09:17:24.0524 0x1620 WdNisDrv - ok
09:17:24.0540 0x1620 WdNisSvc - ok
09:17:24.0555 0x1620 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\Windows\System32\webclnt.dll
09:17:24.0587 0x1620 WebClient - ok
09:17:24.0602 0x1620 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
09:17:24.0633 0x1620 Wecsvc - ok
09:17:24.0633 0x1620 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
09:17:24.0649 0x1620 WEPHOSTSVC - ok
09:17:24.0649 0x1620 [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:17:24.0680 0x1620 wercplsupport - ok
09:17:24.0696 0x1620 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc C:\Windows\System32\WerSvc.dll
09:17:24.0727 0x1620 WerSvc - ok
09:17:24.0743 0x1620 [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
09:17:24.0743 0x1620 WFPLWFS - ok
09:17:24.0758 0x1620 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
09:17:24.0774 0x1620 WiaRpc - ok
09:17:24.0790 0x1620 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:17:24.0790 0x1620 WIMMount - ok
09:17:24.0790 0x1620 WinDefend - ok
09:17:24.0821 0x1620 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:17:24.0837 0x1620 WinHttpAutoProxySvc - ok
09:17:24.0899 0x1620 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:17:24.0962 0x1620 Winmgmt - ok
09:17:25.0071 0x1620 [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM C:\Windows\system32\WsmSvc.dll
09:17:25.0196 0x1620 WinRM - ok
09:17:25.0227 0x1620 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:17:25.0243 0x1620 WinUsb - ok
09:17:25.0305 0x1620 [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc C:\Windows\System32\wlansvc.dll
09:17:25.0368 0x1620 WlanSvc - ok
09:17:25.0462 0x1620 [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc C:\Windows\system32\wlidsvc.dll
09:17:25.0508 0x1620 wlidsvc - ok
09:17:25.0508 0x1620 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
09:17:25.0524 0x1620 WmiAcpi - ok
09:17:25.0540 0x1620 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:17:25.0555 0x1620 wmiApSrv - ok
09:17:25.0571 0x1620 WMPNetworkSvc - ok
09:17:25.0633 0x1620 [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
09:17:25.0680 0x1620 workfolderssvc - ok
09:17:25.0696 0x1620 [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
09:17:25.0712 0x1620 wpcfltr - ok
09:17:25.0727 0x1620 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:17:25.0758 0x1620 WPCSvc - ok
09:17:25.0774 0x1620 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:17:25.0805 0x1620 WPDBusEnum - ok
09:17:25.0821 0x1620 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
09:17:25.0821 0x1620 WpdUpFltr - ok
09:17:25.0821 0x1620 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:17:25.0852 0x1620 ws2ifsl - ok
09:17:25.0868 0x1620 [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc C:\Windows\System32\wscsvc.dll
09:17:25.0883 0x1620 wscsvc - ok
09:17:25.0883 0x1620 WSearch - ok
09:17:26.0055 0x1620 [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService C:\Windows\System32\WSService.dll
09:17:26.0196 0x1620 WSService - ok
09:17:26.0368 0x1620 [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv C:\Windows\system32\wuaueng.dll
09:17:26.0477 0x1620 wuauserv - ok
09:17:26.0493 0x1620 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:17:26.0524 0x1620 WudfPf - ok
09:17:26.0540 0x1620 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
09:17:26.0555 0x1620 WUDFRd - ok
09:17:26.0587 0x1620 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
09:17:26.0618 0x1620 WUDFSensorLP - ok
09:17:26.0633 0x1620 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:17:26.0649 0x1620 wudfsvc - ok
09:17:26.0665 0x1620 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
09:17:26.0665 0x1620 WUDFWpdFs - ok
09:17:26.0680 0x1620 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
09:17:26.0680 0x1620 WUDFWpdMtp - ok
09:17:26.0712 0x1620 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
09:17:26.0774 0x1620 WwanSvc - ok
09:17:26.0790 0x1620 ================ Scan global ===============================
09:17:26.0805 0x1620 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
09:17:26.0821 0x1620 [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\Windows\system32\winsrv.dll
09:17:26.0837 0x1620 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
09:17:26.0868 0x1620 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\system32\services.exe
09:17:26.0883 0x1620 [ Global ] - ok
09:17:26.0883 0x1620 ================ Scan MBR ==================================
09:17:26.0883 0x1620 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:17:27.0102 0x1620 \Device\Harddisk0\DR0 - ok
09:17:27.0118 0x1620 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
09:17:27.0243 0x1620 \Device\Harddisk1\DR1 - ok
09:17:27.0243 0x1620 ================ Scan VBR ==================================
09:17:27.0274 0x1620 [ 14B984C89DA08C2F8C2D9BD86ED69376 ] \Device\Harddisk0\DR0\Partition1
09:17:27.0290 0x1620 \Device\Harddisk0\DR0\Partition1 - ok
09:17:27.0305 0x1620 [ 1C91CDFE7A4EF721C6816FD4863F2661 ] \Device\Harddisk0\DR0\Partition2
09:17:27.0305 0x1620 \Device\Harddisk0\DR0\Partition2 - ok
09:17:27.0321 0x1620 [ 6DF1CFDFF8B11C21510606B766A94BF3 ] \Device\Harddisk0\DR0\Partition3
09:17:27.0337 0x1620 \Device\Harddisk0\DR0\Partition3 - ok
09:17:27.0352 0x1620 [ E12FE0FF7A31BC0F407B7735F466F795 ] \Device\Harddisk0\DR0\Partition4
09:17:27.0368 0x1620 \Device\Harddisk0\DR0\Partition4 - ok
09:17:27.0399 0x1620 [ BC3E089144E7FF2E7F6B2BC5CE58EB99 ] \Device\Harddisk0\DR0\Partition5
09:17:27.0415 0x1620 \Device\Harddisk0\DR0\Partition5 - ok
09:17:27.0446 0x1620 [ BA20954FE95DDF079AB8DCA41BB071F2 ] \Device\Harddisk0\DR0\Partition6
09:17:27.0477 0x1620 \Device\Harddisk0\DR0\Partition6 - ok
09:17:27.0477 0x1620 [ 567632BE1C6AC046F47D40E2478C5EDA ] \Device\Harddisk1\DR1\Partition1
09:17:27.0477 0x1620 \Device\Harddisk1\DR1\Partition1 - ok
09:17:27.0477 0x1620 Waiting for KSN requests completion. In queue: 133
09:17:28.0493 0x1620 Waiting for KSN requests completion. In queue: 133
09:17:29.0509 0x1620 Waiting for KSN requests completion. In queue: 133
09:17:30.0587 0x1620 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
09:17:30.0602 0x1620 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2006.159 ), 0x41000 ( enabled : updated )
09:17:30.0618 0x1620 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 6.3.38526.2970 ), 0x61010 ( enabled )
09:17:33.0102 0x1620 ============================================================
09:17:33.0102 0x1620 Scan finished
09:17:33.0102 0x1620 ============================================================
09:17:33.0102 0x1618 Detected object count: 0
09:17:33.0102 0x1618 Actual detected object count: 0
09:17:43.0766 0x02f4 Deinitialize success

Larusso 09.02.2014 12:20
Jetzt wirds knifflig.
Wir wissen, dass dafür eine gewisse modifizierte DLL verantwortlich ist, aber diese scheint bei dir OK.
Ich möchte sie denoch prüfen.

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    C:\Windows\system32\rpcss.dll
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

justblack 09.02.2014 15:52
Hallo Daniel,
hier ist der Link von Virustotal.com

https://www.virustotal.com/de/file/8282823022391acf65e23f461fce5caffb5adc077647fef80b91bc4bc31edfe2/analysis/1391957439/

mfg
Frank

Larusso 09.02.2014 16:38
Okay. Kannst du bitte einmal in den abgesicherten Modus mit Netzwerktreibern booten und mir sagen, ob der sound auch hier kommt.
Ich bin mit Win8 noch nicht soo 100%ig vertraut aber hier steht wie es gehen sollte
Windows-Starteinstellungen (einschließlich abgesicherter Modus) - Hilfe zu Microsoft*Windows

Larusso 09.02.2014 16:54
Vergiss bitte den Post weiter oben.


Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).


justblack 09.02.2014 17:48
so,
hier ist der neue scan nach Anleitung.
Leider mal wieder zu groß für das Forum*seufz*
gruß
Frank

Larusso 09.02.2014 21:00
Hy.
Ich sehe da nichts. Ich werd das Thema mal intern mit anderen Experts absprechen. Eventuell übersehe ich ja was.
Ich bitte um etwas Geduld.

justblack 09.02.2014 21:03
ok,
schon mal vielen dank für deine mühe im vorfeld.
mfg
frank

Gerade läuft das radio mal wieder....brauchst du mal ein screenshot vom taskmanager oder so?

Larusso 09.02.2014 21:05
Ne, aber mich würde denoch mal intersieren, ob der auch im abgesicherten Modus auftritt.
Du sagtest ja, er kommt auch ohne Verbindung mit dem Internet.

justblack 09.02.2014 22:00
werde ich mal eben probieren....
ja selbst bei getrennter leitung läuft es weiter.
bis gleich denn

leider unterstützt windows 8 im abgesicherten modus die soundtreiber nicht:(
die Musik lief komischer weiße weiter während der Rechner neu startete und wurde mal lauter mal leise. diesmal ein Englischer Sender. Das ganze dauerte aber irgendwie nur so drei bis vier Minuten

Vielleicht hilft das weiter....
habe mal den mbrcheck durch laufen lassen....
Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:               
Windows Information:                (build 9200), 64-bit
Base Board Manufacturer:        MEDION
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                MEDION
System Product Name:                MS-7848
Logical Drives Mask:                0x0000147c

Kernel Drivers (total 153):
  0x6801A000 \SystemRoot\system32\ntoskrnl.exe
  0x6879B000 \SystemRoot\system32\hal.dll
  0x67566000 \SystemRoot\system32\kd.dll
  0x000A0000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00106000 \SystemRoot\System32\drivers\werkernel.sys
  0x00114000 \SystemRoot\System32\drivers\CLFS.SYS
  0x00176000 \SystemRoot\System32\drivers\tm.sys
  0x00198000 \SystemRoot\system32\PSHED.dll
  0x001AD000 \SystemRoot\system32\BOOTVID.dll
  0x00000000 \SystemRoot\system32\CI.dll
  0x00288000 \SystemRoot\System32\drivers\msrpc.sys
  0x002E5000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x003B4000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x003C5000 \SystemRoot\System32\Drivers\acpiex.sys
  0x003DD000 \SystemRoot\System32\Drivers\WppRecorder.sys
  0x00200000 \SystemRoot\System32\drivers\ACPI.sys
  0x003E8000 \SystemRoot\System32\drivers\WMILIB.SYS
  0x00479000 \SystemRoot\System32\Drivers\cng.sys
  0x00504000 \SystemRoot\System32\drivers\msisadrv.sys
  0x0050E000 \SystemRoot\System32\drivers\pci.sys
  0x00557000 \SystemRoot\System32\drivers\vdrvroot.sys
  0x00564000 \SystemRoot\system32\drivers\pdc.sys
  0x00580000 \SystemRoot\System32\drivers\partmgr.sys
  0x00598000 \SystemRoot\System32\drivers\spaceport.sys
  0x00400000 \SystemRoot\System32\drivers\volmgr.sys
  0x00415000 \SystemRoot\System32\drivers\volmgrx.sys
  0x001B7000 \SystemRoot\System32\drivers\mountmgr.sys
  0x001D2000 \SystemRoot\System32\drivers\storahci.sys
  0x00673000 \SystemRoot\System32\drivers\storport.sys
  0x006EC000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00748000 \SystemRoot\System32\drivers\fileinfo.sys
  0x008EA000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x00AE0000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x00AFC000 \SystemRoot\System32\drivers\pcw.sys
  0x00B0C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x00C90000 \SystemRoot\system32\drivers\ndis.sys
  0x00C00000 \SystemRoot\system32\drivers\NETIO.SYS
  0x00DA8000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x00E14000 \SystemRoot\System32\drivers\tcpip.sys
  0x01092000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x010FE000 \SystemRoot\system32\DRIVERS\wfplwfs.sys
  0x01123000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x00B17000 \SystemRoot\System32\drivers\volsnap.sys
  0x011B6000 \SystemRoot\System32\drivers\rdyboost.sys
  0x00DDC000 \SystemRoot\System32\Drivers\mup.sys
  0x00E00000 \SystemRoot\System32\drivers\intelpep.sys
  0x00B67000 \SystemRoot\System32\drivers\disk.sys
  0x00B83000 \SystemRoot\System32\drivers\CLASSPNP.SYS
  0x00800000 \SystemRoot\System32\Drivers\aswVmm.sys
  0x00C79000 \SystemRoot\System32\Drivers\aswRvrt.sys
  0x00834000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x0087C000 \SystemRoot\System32\drivers\dtsoftbus01.sys
  0x008C4000 \SystemRoot\System32\DRIVERS\cmderd.sys
  0x0075E000 \SystemRoot\System32\drivers\cdrom.sys
  0x01437000 \??\C:\Windows\system32\drivers\aswSnx.sys
  0x01537000 \SystemRoot\system32\DRIVERS\cmdguard.sys
  0x015EA000 \SystemRoot\System32\Drivers\Null.SYS
  0x015F3000 \SystemRoot\System32\Drivers\Beep.SYS
  0x01400000 \SystemRoot\System32\drivers\BasicRender.sys
  0x01648000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x017C2000 \SystemRoot\System32\drivers\watchdog.sys
  0x0078C000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x017D4000 \SystemRoot\System32\drivers\BasicDisplay.sys
  0x017E6000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x01600000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x0160C000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x0162C000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x0163A000 \SystemRoot\system32\DRIVERS\cmdhlp.sys
  0x00600000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x0140E000 \??\C:\Windows\system32\drivers\aswRdr2.sys
  0x0185C000 \SystemRoot\system32\drivers\afd.sys
  0x018EF000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x01919000 \SystemRoot\system32\DRIVERS\inspect.sys
  0x01938000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x01949000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x019B9000 \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
  0x01800000 \SystemRoot\system32\DRIVERS\VBoxDrv.sys
  0x01842000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x01850000 \SystemRoot\System32\drivers\npsvctrig.sys
  0x019DF000 \SystemRoot\System32\drivers\mssmbios.sys
  0x00BD9000 \SystemRoot\System32\Drivers\dfsc.sys
  0x01A0F000 \??\C:\Windows\system32\drivers\aswSP.sys
  0x01A78000 \SystemRoot\system32\DRIVERS\ahcache.sys
  0x01A8F000 \SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
  0x01AB7000 \SystemRoot\System32\drivers\CompositeBus.sys
  0x01AC6000 \SystemRoot\system32\DRIVERS\kdnic.sys
  0x01AD1000 \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
  0x01AFC000 \SystemRoot\System32\drivers\umbus.sys
  0x02A8C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x036C3000 \SystemRoot\System32\drivers\HDAudBus.sys
  0x036DC000 \SystemRoot\System32\drivers\USBXHCI.SYS
  0x03731000 \SystemRoot\System32\drivers\ucx01000.sys
  0x03763000 \SystemRoot\System32\drivers\usbehci.sys
  0x0377B000 \SystemRoot\System32\drivers\USBPORT.SYS
  0x01B0D000 \SystemRoot\system32\DRIVERS\Rt630x64.sys
  0x037EA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x02A00000 \SystemRoot\System32\drivers\intelppm.sys
  0x02A1E000 \SystemRoot\System32\drivers\UEFI.sys
  0x02A29000 \SystemRoot\System32\drivers\NdisVirtualBus.sys
  0x02A34000 \SystemRoot\System32\drivers\swenum.sys
  0x02A36000 \SystemRoot\System32\drivers\ks.sys
  0x037F1000 \SystemRoot\System32\drivers\rdpbus.sys
  0x01C62000 \SystemRoot\System32\drivers\usbhub.sys
  0x01CCD000 \SystemRoot\System32\drivers\USBD.SYS
  0x01CD9000 \SystemRoot\System32\Drivers\fastfat.SYS
  0x01D12000 \SystemRoot\System32\drivers\UsbHub3.sys
  0x01D8A000 \SystemRoot\system32\drivers\HdAudio.sys
  0x01C00000 \SystemRoot\system32\drivers\portcls.sys
  0x01BA1000 \SystemRoot\system32\drivers\drmk.sys
  0x01C47000 \SystemRoot\system32\drivers\ksthunk.sys
  0x01C4D000 \SystemRoot\System32\drivers\hidusb.sys
  0x01BBD000 \SystemRoot\System32\drivers\HIDCLASS.SYS
  0x01DF0000 \SystemRoot\System32\drivers\HIDPARSE.SYS
  0x01BDC000 \SystemRoot\System32\drivers\mouhid.sys
  0x01BE9000 \SystemRoot\System32\drivers\mouclass.sys
  0x00849000 \SystemRoot\System32\drivers\USBSTOR.SYS
  0x01E3B000 \SystemRoot\System32\drivers\usbccgp.sys
  0x01E65000 \SystemRoot\System32\drivers\kbdhid.sys
  0x01E73000 \SystemRoot\System32\drivers\kbdclass.sys
  0x01E83000 \SystemRoot\system32\DRIVERS\V0330Vid.sys
  0x001BA000 \SystemRoot\System32\win32k.sys
  0x00791000 \SystemRoot\System32\TSDDD.dll
  0x00A73000 \SystemRoot\System32\ATMFD.DLL
  0x0083E000 \SystemRoot\System32\cdd.dll
  0x01ECD000 \SystemRoot\system32\drivers\luafv.sys
  0x01EF1000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
  0x01F1E000 \??\C:\Windows\system32\drivers\aswFsBlk.sys
  0x01F2A000 \SystemRoot\System32\drivers\monitor.sys
  0x01F38000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x01F44000 \SystemRoot\System32\Drivers\dump_storahci.sys
  0x01F61000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x01F77000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x01F8B000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x01FA3000 \SystemRoot\System32\drivers\condrv.sys
  0x04092000 \SystemRoot\system32\drivers\HTTP.sys
  0x0418C000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x041AC000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x04000000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x041C3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x01FB3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0406C000 \SystemRoot\system32\drivers\Ndu.sys
  0x042C0000 \SystemRoot\system32\drivers\peauth.sys
  0x04369000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x04374000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x043B7000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x043C9000 \??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
  0x04200000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x0448A000 \SystemRoot\System32\DRIVERS\srv.sys
  0x04522000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x045CB000 \SystemRoot\system32\drivers\WudfPf.sys
  0x04400000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x0443E000 \SystemRoot\System32\drivers\WpdUpFltr.sys
  0x04449000 \SystemRoot\System32\drivers\umpass.sys

Processes (total 62):
      0 System Idle Process
      4 System
    388 C:\Windows\System32\smss.exe
    504 csrss.exe
    584 C:\Windows\System32\wininit.exe
    600 csrss.exe
    644 C:\Windows\System32\services.exe
    672 C:\Windows\System32\lsass.exe
    684 C:\Windows\System32\winlogon.exe
    780 C:\Windows\System32\svchost.exe
    812 C:\Windows\System32\svchost.exe
    908 dwm.exe
    992 C:\Windows\System32\nvvsvc.exe
    284 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    292 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    420 C:\Windows\System32\nvvsvc.exe
    444 C:\Windows\System32\svchost.exe
    736 C:\Windows\System32\svchost.exe
    856 C:\Windows\System32\svchost.exe
    1112 C:\Windows\System32\svchost.exe
    1160 C:\Windows\System32\svchost.exe
    1260 C:\Program Files\HitmanPro\hmpsched.exe
    1376 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1492 C:\Windows\explorer.exe
    1580 C:\Program Files\Classic Shell\ClassicStartMenu.exe
    1152 C:\Windows\System32\spoolsv.exe
    1204 C:\Windows\System32\taskhostex.exe
    1512 C:\Windows\System32\svchost.exe
    1632 C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
    2440 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    2836 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    2844 C:\Program Files\UltraMon\UltraMon.exe
    2896 dasHost.exe
    3372 C:\xampp\mysql\bin\mysqld.exe
    3424 C:\Windows\System32\svchost.exe
    3624 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    3940 C:\Windows\System32\SearchIndexer.exe
    3284 C:\Windows\System32\svchost.exe
    3664 WUDFHost.exe
    4492 C:\Windows\System32\SettingSyncHost.exe
    4736 C:\Windows\System32\svchost.exe
    4760 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    5108 cavwp.exe
    4732 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    5492 dllhost.exe
    5548 C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    5952 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5216 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5336 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    5636 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    4040 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3956 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    3904 C:\Program Files\UltraMon\UltraMonUiAcc.exe
    400 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    5816 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    5820 C:\Windows\System32\SearchProtocolHost.exe
    2816 C:\Windows\System32\SearchFilterHost.exe
    2372 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5176 C:\Windows\System32\audiodg.exe
    5856 C:\Users\frank\Downloads\MBRCheck.exe
    2756 C:\Windows\System32\conhost.exe
    824 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`21100000  (NTFS)
\\.\K: --> \\.\PhysicalDrive0 at offset 0x000000f6`07100000  (NTFS)
\\.\M: --> \\.\PhysicalDrive0 at offset 0x00000170`19000000  (NTFS)

PhysicalDrive0 Model Number: ST2000DM001-1CH164, Rev: CC27   

      Size  Device Name          MBR Status
  --------------------------------------------
  1863 GB  \\.\PhysicalDrive0  Unknown MBR code
            SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 1Available MBR codes:
 [ 0] Default (UNKNOWN)
 [ 1] Windows XP
 [ 2] Windows Server 2003
 [ 3] Windows Vista
 [ 4] Windows 2008
 [ 5] Windows 7
 [-1] Cancel

Please select the MBR code to write to this drive:

Larusso 10.02.2014 12:10
Hy.

Mbrcheck ist ein tool welches ich eher nicht nutze.
Hast du eventuell etwas mehr zeit damit wir die Ursache finden ?

justblack 10.02.2014 12:27
moin,
na klar habe ich zeit dafür. bin ja selber interessiert woran das liegt.
sag mir was du brauchst.
mfg
frank

Larusso 10.02.2014 14:03
Melde mich dann später. Bin noch auf Arbeit

Larusso 10.02.2014 15:44
Okay, lets get it on.

Zu aller erst möchte ich, dass du entweder Avast oder Comodo deinstallierst.
Warum 2 AVPs nicht gut ist, erklär ich dir später. Vertrau mir in der Hinsicht einfach mal.


Dann bitte folgende Dateien herunter laden.
Process Explorer
Process Monitor

Entpacke jedes Archiv in seinen eigenen Ordner.

Starte nun Process Explorer aber bitte keine andere Software, Browser etc
Dieses Tool ist weit aus komplexer als der Task Manager also nicht wundern :D

Warte nun bis der Sound wieder kommt. Process Explorer hinterlegt neue Prozesse mit giftgrüner Farbe. Sieh bitte genau hin, ob sich ein neuer Prozess öffnet und wenn ja, sag mir bitte welcher. Mit der Space Taste kannst du pausieren, so dass keine weiteren änderungen angezeigt werden.

justblack 11.02.2014 15:50
Hallo Daniel,
leider lief das Radio schon als ich den Rechner angeschaltet habe.Ich
habe ein paar screenshots gemacht um zu vergleichen wie das morgen ohne Radio aussieht.
Da müsste sich ja einige Dateien geändert haben.
Ich poste Morgen wenn ich was weiß.
mfg
frank

Hallo Daniel,
folgende Prozesse waren heute im gegensatz (gleiche bedingungen am Rechner) weg.
WmiPrsvSE.EXE
RTSHOOKINTERUPT
Taskeng.EXE
Taskhost
Spoolsv.EXE
Mysqld.EXE
Wmpnetwk.EXE
und alle Nvdia exe-Dateien

Mfg
Frank

zudem hat zusätzlich HitmanPro zwei verdächtige Dateien gefunden.
-vList.x32
-ShockFiler.X32

Beide im Ordner:C:\User\Frank\AppData\Local\Temp\Tempfolder.aae\extras\

Larusso 11.02.2014 16:03
Bitte keine Scans ohne Anweisung. Das kann meine Arbeit zunichte machen.

Okay, für mich ist da jetzt nichts ungewöhnlich daran, bis auf den WmiPrsvSE.EXE.
Mal sehen ob folgendes mehr aufzeigt.

Downloade dir bitte ListDLL

Extrahiere das Archiv und kopiere die Listdlls.exe nach C:\Windows\System32


Starte bitte ProcessExplorer. Warte bis sich der Radiosound hören lässt und pausiere dann mit der Space Taste den Explorer. ( unten steht dann paused )


In die Windows Suche bitte cmd eingeben und als Admin ausführen.
Hier bitte folgendes eingeben

listdlls -u wmiprvse

Sag mir mal, ob er eine .dll Datei ausgibt.

justblack 11.02.2014 19:49
Hallo Daniel,
kein Problem mit den Scan`s...das lief bei mir immer im hintergrund.
Bis auf die Programm-version etc sagt er gar nichts und springt wieder in das system32-verzeichnis.

Larusso 11.02.2014 20:20
Okay, ansich schon mal gut, für unsere Diagnose schlecht :D

Mal sehen ob dieses Tool was findet für uns.


Downloade dir bitte Rogue Killer von hier.
  • Speichere das Tool auf deinem Desktop !
  • Schließe alle laufenden Programme.
  • Starte die RogueKiller.exe
  • Warte bis Prescan abgeschlossen erscheint und klicke dann auf Scannen.
  • Wenn der Scan beendet wurde, klicke auf Bericht und poste diesen hier.
  • Du findest die Logdatei RKreport[1].txt auch auf deinem Desktop.
http://i121.photobucket.com/albums/o...iller/TRK2.png

justblack 11.02.2014 20:58
so,
endlich mal was gefunden^^
Hier ist der Log:
Code:
RogueKiller V8.8.7 _x64_ [Feb 11 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 8.1 (6.3.9200 ) 64 bits version
Gestartet in : Normaler Modus
Benutzer : frank [Admin Rechte]
Funktion : Scannen -- Datum : 02/11/2014 20:56:31
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 3 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} ("C:\ProgramData\cis9B69.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} [x][x]) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 0 ¤¤¤

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion :  ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

Larusso 11.02.2014 21:14
Kannst du bitte einmal folgende Datei bei Virustotal prüfen

C:\ProgramData\cis9B69.exe

justblack 11.02.2014 21:25
so blöd es auch klingt, aber diese datei ist nicht auffindbar....weder im ordner noch auf dem rechner selbst.....

Larusso 11.02.2014 21:33
Okay, dann ist das nicht unser Feind. Ein Reg Eintrag ohne Datei ist nutzlos.

Starte bitte FRST erneut im Recovery Mode, so wie hier beschrieben.

In die Search Leiste, tippe bitte
csrss.exe;rpcss.dll

und klicke Search Files.


Es wird eine Search.txt auf deinem USB Stick erstellt. Diese bitte posten.

justblack 11.02.2014 22:00
der neue Log ist da:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by SYSTEM on MININT-157I5D0 on 11-02-2014 21:54:05
Running from F:\
Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.



==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2014-01-27] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PrivDogService] - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe [525480 2013-12-13] (AdTrustMedia)
HKLM-x32\...\Run: [V0330Mon.exe] - C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)

==================== Services (Whitelisted) =================

S2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2013-02-23] (Apache Software Foundation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-27] (AVAST Software)
S2 FileZilla Server; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project)
S2 mysql; C:\xampp\mysql\bin\mysqld.exe [10900480 2013-04-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2014-01-27] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2014-01-27] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-27] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-27] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2014-01-27] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2014-01-27] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2014-01-27] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-27] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 V0330VID; C:\Windows\system32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-11 21:50 - 2014-02-11 21:50 - 00000000 _____ () C:\Recovery.txt
2014-02-11 20:38 - 2014-02-11 20:38 - 02151424 _____ (Farbar) C:\Users\frank\Downloads\FRST64 (2).exe
2014-02-11 20:37 - 2014-02-11 20:37 - 00001756 _____ () C:\Users\frank\Desktop\RKreport[0]_D_02112014_213727.txt
2014-02-11 19:56 - 2014-02-11 19:56 - 00001714 _____ () C:\Users\frank\Desktop\RKreport[0]_S_02112014_205631.txt
2014-02-11 19:54 - 2014-02-11 19:54 - 04408320 _____ () C:\Users\frank\Desktop\RogueKillerX64.exe
2014-02-11 19:53 - 2014-02-11 20:37 - 00000000 ____D () C:\Users\frank\Desktop\RK_Quarantine
2014-02-11 19:51 - 2014-02-11 19:51 - 02467477 _____ () C:\Users\frank\Downloads\RogueKiller_8.8.5.zip
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\frank\Downloads\ListDlls
2014-02-11 18:12 - 2011-07-07 12:28 - 00520496 _____ (Sysinternals) C:\Windows\System32\Listdlls.exe
2014-02-11 18:12 - 2006-07-28 08:32 - 00007005 ____N () C:\Users\frank\Desktop\Eula.txt
2014-02-11 18:11 - 2014-02-11 18:11 - 00269722 _____ () C:\Users\frank\Downloads\ListDlls.zip
2014-02-11 11:44 - 2014-02-11 11:44 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (3).php
2014-02-11 11:06 - 2014-02-11 11:06 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum (1).php
2014-02-11 11:04 - 2014-02-11 11:04 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum.php
2014-02-11 10:35 - 2014-02-11 10:35 - 00000462 _____ () C:\Windows\System32\.crusader
2014-02-10 15:41 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\Desktop\ProcessMonitor
2014-02-10 15:41 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\Desktop\ProcessExplorer
2014-02-10 15:40 - 2014-02-03 23:43 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\frank\Downloads\procexp.exe
2014-02-10 15:40 - 2012-10-15 12:23 - 00072154 _____ () C:\Users\frank\Downloads\procexp.chm
2014-02-10 15:40 - 2006-07-28 07:32 - 00007005 _____ () C:\Users\frank\Downloads\Eula.txt
2014-02-09 20:52 - 2014-02-09 20:52 - 00080384 _____ () C:\Users\frank\Downloads\MBRCheck.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00007597 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Windows\pss
2014-02-09 08:45 - 2014-02-09 08:57 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-09 08:45 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-09 08:34 - 2014-02-09 08:35 - 148896080 _____ (Apple Inc.) C:\Users\frank\Downloads\iTunes64Setup.exe
2014-02-09 08:32 - 2014-02-09 08:33 - 02751750 _____ () C:\Users\frank\Downloads\images.zip
2014-02-09 08:13 - 2014-02-09 08:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-08 21:51 - 2014-02-08 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-08 21:50 - 2014-02-09 20:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-08 21:49 - 2014-02-08 21:50 - 12589848 _____ (Malwarebytes Corp.) C:\Users\frank\Downloads\mbar-1.07.0.1009.exe
2014-02-08 21:17 - 2014-02-08 21:17 - 00710558 _____ () C:\Users\frank\Downloads\gmer.txt
2014-02-08 21:00 - 2014-02-08 21:00 - 00028263 _____ () C:\Users\frank\Downloads\Addition.txt
2014-02-08 20:59 - 2014-02-09 17:41 - 00000000 ____D () C:\FRST
2014-02-08 20:59 - 2014-02-08 21:00 - 00120970 _____ () C:\Users\frank\Downloads\FRST.txt
2014-02-08 20:58 - 2014-02-08 20:58 - 00000542 _____ () C:\Users\frank\Downloads\defogger_disable.log
2014-02-08 20:58 - 2014-02-08 20:58 - 00000168 _____ () C:\Users\frank\defogger_reenable
2014-02-08 20:57 - 2014-02-08 20:57 - 02079744 _____ (Farbar) C:\Users\frank\Downloads\FRST64.exe
2014-02-08 20:57 - 2014-02-08 20:57 - 00050477 _____ () C:\Users\frank\Downloads\Defogger.exe
2014-02-08 20:53 - 2014-02-08 20:53 - 00009263 _____ () C:\Users\frank\Downloads\hijackthis.log
2014-02-08 20:52 - 2014-02-08 20:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\frank\Downloads\hijackthis.exe
2014-02-08 20:42 - 2014-02-08 20:42 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (2).php
2014-02-08 20:25 - 2014-02-08 20:25 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (1).php
2014-02-08 20:07 - 2014-02-08 20:07 - 00000650 _____ () C:\Users\Public\Desktop\Finale PrintMusic 2011.lnk
2014-02-08 20:07 - 2014-02-08 20:07 - 00000000 ____D () C:\Users\frank\Documents\Finale Files
2014-02-08 19:59 - 2014-02-08 19:59 - 12513728 _____ () C:\Users\frank\Downloads\Mein_Foto_Puzzle.exe
2014-02-08 19:59 - 2014-02-08 19:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 19:58 - 2014-02-08 19:58 - 00710848 _____ ( ) C:\Users\frank\Downloads\COMPUTER_BILD-Download-Manager_fuer_Mein_Foto_Puzzle.exe
2014-02-08 19:52 - 2014-02-08 19:52 - 05987556 _____ ( ) C:\Users\frank\Downloads\sonnensystem.exe
2014-02-08 19:47 - 2014-02-08 19:59 - 146421352 _____ () C:\Users\frank\Downloads\UMBackup_FinalePmusic.rar
2014-02-08 14:27 - 2014-02-08 14:28 - 27783201 _____ () C:\Users\frank\Downloads\Finale-NotePad-2008.rar
2014-02-08 14:11 - 2014-02-08 14:11 - 00065910 _____ () C:\Users\frank\Downloads\pong.zip
2014-02-07 18:24 - 2014-02-07 18:39 - 00000000 ____D () C:\Users\frank\AppData\Roaming\TeamViewer
2014-02-07 16:26 - 2014-02-08 15:32 - 00006884 _____ () C:\Windows\PFRO.log
2014-02-07 14:16 - 2014-02-11 18:10 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-07 14:14 - 2014-02-07 14:19 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-07 14:13 - 2014-02-07 14:13 - 00000000 ____D () C:\Users\frank\Pavark
2014-02-07 13:58 - 2014-02-07 13:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Sun
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-07 13:09 - 2014-02-11 10:32 - 00000000 ____D () C:\Users\frank\Documents\SupervisionCam
2014-02-07 13:09 - 2014-02-07 13:09 - 00000000 ____D () C:\Program Files (x86)\SupervisionCam
2014-02-07 12:58 - 2014-02-07 13:08 - 00000000 ____D () C:\Program Files (x86)\WatchMyCam
2014-02-07 12:47 - 2014-02-07 12:47 - 00000000 ____D () C:\Users\frank\AppData\Roaming\CrazyPixels
2014-02-07 12:39 - 2014-02-07 12:51 - 00000000 ____D () C:\Program Files (x86)\go1984
2014-02-07 12:39 - 2014-02-07 12:39 - 00000000 ____D () C:\ProgramData\logiware gmbh
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Live! Cam
2014-02-07 12:38 - 2009-07-06 17:58 - 00005366 _____ () C:\Windows\VF0330.uns
2014-02-07 12:38 - 2009-07-06 00:12 - 00282624 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Cvw.dll
2014-02-07 12:38 - 2009-07-03 15:25 - 00193408 _____ (Creative Technology Ltd.) C:\Windows\System32\Drivers\V0330Vid.sys
2014-02-07 12:38 - 2009-07-03 10:38 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Pin.dll
2014-02-07 12:38 - 2009-07-01 00:12 - 00108032 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Ext.ax
2014-02-07 12:38 - 2009-07-01 00:12 - 00098304 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Ext.ax
2014-02-07 12:38 - 2009-07-01 00:12 - 00049152 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Ext.crl
2014-02-07 12:38 - 2009-07-01 00:12 - 00041472 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Ext.crl
2014-02-07 12:38 - 2009-06-26 00:12 - 00253952 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Cvw.crl
2014-02-07 12:38 - 2009-06-16 14:17 - 00036864 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\CtCamMgr.dll
2014-02-07 12:38 - 2009-06-16 14:17 - 00029184 _____ (Creative Technology Ltd.) C:\Windows\System32\CtCamMgr.dll
2014-02-07 12:38 - 2009-03-18 17:30 - 00108032 _____ (Creative Technology Ltd.) C:\Windows\CtDrvIns.exe
2014-02-07 12:38 - 2007-08-23 18:46 - 00010752 _____ (Creative Technology Ltd.) C:\Windows\System32\CtCamPin.crl
2014-02-07 12:38 - 2007-04-30 00:03 - 00032768 _____ (Creative Technology Ltd.) C:\Windows\V0330Mon.exe
2014-02-07 12:38 - 2007-04-26 00:10 - 00032768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Hwx.dll
2014-02-07 12:38 - 2007-04-26 00:10 - 00023552 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Hwx.dll
2014-02-07 12:38 - 2007-02-15 12:26 - 00811008 _____ (Pizzolato Davide - www.xdp.it) C:\Windows\SysWOW64\cximage.dll
2014-02-07 12:38 - 2006-11-10 00:00 - 00126976 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Vfw.dll
2014-02-07 12:38 - 2006-09-19 12:56 - 00057656 _____ () C:\Windows\System32\V0330PC.bmp
2014-02-07 12:38 - 2006-08-28 13:22 - 00188891 _____ () C:\Windows\SysWOW64\V0330Cvw.bff
2014-02-07 12:30 - 2014-02-07 12:33 - 00000000 ____D () C:\Program Files (x86)\CamAlert
2014-02-07 12:28 - 2014-02-07 12:28 - 00003957 _____ () C:\Users\frank\Desktop\vlc - Verknüpfung.lnk
2014-02-07 10:13 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\frank\Desktop\Office
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Schule
2014-02-07 10:12 - 2014-02-10 11:46 - 00000000 ____D () C:\Users\frank\Desktop\Sicherheit
2014-02-07 10:12 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Netzwerk
2014-02-07 10:11 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Programmierung
2014-02-07 08:02 - 2014-02-07 08:07 - 586924032 _____ () C:\Users\frank\Downloads\ubcd528.iso
2014-02-07 07:55 - 2014-01-19 07:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-02-06 14:07 - 2013-12-11 07:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winbici.dll
2014-02-06 14:07 - 2013-12-09 00:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll
2014-02-06 14:07 - 2013-12-09 00:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-02-06 14:07 - 2013-11-27 15:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-06 14:07 - 2013-11-27 15:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2014-02-06 14:07 - 2013-11-27 14:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-02-06 14:07 - 2013-11-27 13:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-06 14:07 - 2013-11-27 12:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2014-02-06 14:07 - 2013-11-27 10:54 - 00461824 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-06 14:07 - 2013-11-27 10:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-02-06 14:07 - 2013-11-27 10:08 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-06 14:07 - 2013-11-27 09:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-06 14:07 - 2013-11-27 09:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2014-02-06 14:07 - 2013-11-27 09:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2014-02-06 14:07 - 2013-11-27 09:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Graphics.dll
2014-02-06 14:07 - 2013-11-27 08:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2014-02-06 14:07 - 2013-11-27 08:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-02-06 14:07 - 2013-11-27 08:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\System32\SyncEngine.dll
2014-02-06 14:07 - 2013-11-27 04:01 - 00385614 _____ () C:\Windows\System32\ApnDatabase.xml
2014-02-06 14:07 - 2013-11-26 13:22 - 01928144 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 02131120 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2014-02-06 14:07 - 2013-11-26 11:50 - 01371312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-02-06 14:07 - 2013-11-26 11:44 - 02142936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-02-06 14:07 - 2013-11-26 11:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-02-06 14:07 - 2013-11-26 10:13 - 04191232 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-02-06 14:07 - 2013-11-26 09:21 - 18577920 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2014-02-06 14:07 - 2013-11-26 08:28 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-02-06 14:07 - 2013-11-25 01:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-02-06 14:07 - 2013-11-25 01:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-02-06 14:07 - 2013-11-24 23:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-02-06 14:07 - 2013-11-24 23:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-02-06 14:07 - 2013-11-23 12:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\System32\ploptin.dll
2014-02-06 14:07 - 2013-11-23 11:49 - 21196664 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-02-06 14:07 - 2013-11-23 08:19 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-06 14:07 - 2013-11-23 07:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\bi.dll
2014-02-06 14:07 - 2013-11-23 07:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2014-02-06 14:07 - 2013-11-23 07:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-02-06 14:07 - 2013-11-23 04:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2014-02-06 14:07 - 2013-11-23 03:57 - 00637952 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2014-02-06 14:07 - 2013-11-23 03:48 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-02-06 14:07 - 2013-11-23 03:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll
2014-02-06 14:07 - 2013-11-23 03:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-02-06 14:07 - 2013-11-23 03:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-02-06 14:07 - 2013-11-23 03:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-06 14:07 - 2013-11-21 06:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\deviceregistration.dll
2014-02-06 14:07 - 2013-11-21 06:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-02-06 14:07 - 2013-11-16 05:11 - 00764856 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2014-02-06 14:07 - 2013-11-15 18:19 - 00669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-02-06 14:07 - 2013-11-15 14:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2014-02-06 14:07 - 2013-11-15 14:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-02-06 14:07 - 2013-11-15 14:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2014-02-06 14:07 - 2013-11-15 13:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-02-06 14:07 - 2013-11-05 20:12 - 02551128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-02-06 14:07 - 2013-10-31 00:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-02-06 14:07 - 2013-10-30 23:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-02-06 10:28 - 2014-02-06 10:28 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-06 08:12 - 2014-02-06 08:12 - 00000046 _____ () C:\Windows\wininit.ini
2014-02-06 07:35 - 2014-02-06 07:35 - 00000000 ____D () C:\Users\frank\AppData\Roaming\OpenOffice
2014-02-06 07:34 - 2014-02-06 07:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-06 07:31 - 2014-02-06 07:32 - 163606685 _____ () C:\Users\frank\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 14:38 - 2014-02-05 14:38 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr.php
2014-02-03 14:04 - 2014-02-11 14:40 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F81F6709-A6D3-45E6-A9BC-D60ACD28289C}
2014-02-03 10:14 - 2014-02-03 10:14 - 00064472 _____ () C:\Users\frank\Downloads\2014.01.27 ER Modell Fahrradhändler.graphml
2014-02-03 10:14 - 2014-02-03 10:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\yWorks
2014-02-03 09:11 - 2014-02-09 09:05 - 00074752 ___SH () C:\Users\frank\Downloads\Thumbs.db
2014-02-02 20:53 - 2014-02-02 20:53 - 00116138 _____ () C:\Users\frank\Downloads\tabellen.zip
2014-02-02 16:38 - 2014-02-02 16:38 - 32093427 _____ ( ) C:\Users\frank\Downloads\Childsplay-1.5_www_freispiel_de.exe
2014-02-02 16:36 - 2014-02-02 16:37 - 01446932 _____ () C:\Users\frank\Downloads\bubble97.zip
2014-02-02 16:35 - 2014-02-02 16:35 - 00000000 ____D () C:\Users\frank\AppData\Local\DownloadGuide
2014-02-01 20:45 - 2014-02-09 08:44 - 00002357 _____ () C:\Windows\setupact.log
2014-02-01 20:45 - 2014-02-01 20:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-01 20:41 - 2014-02-01 20:41 - 00000000 ____D () C:\Users\frank\Downloads\Schandmaul-Unendlich-2CD-2014_
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-01 19:47 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\System32\PresentationNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-02-01 19:47 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-02-01 19:42 - 2014-02-01 19:45 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Notepad++
2014-02-01 19:42 - 2014-02-01 19:45 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 19:41 - 2014-02-01 19:42 - 07598942 _____ () C:\Users\frank\Downloads\npp.6.5.3.Installer.exe
2014-02-01 19:37 - 2013-12-31 13:48 - 00000000 ____D () C:\PowerEditor
2014-02-01 18:27 - 2014-02-01 18:27 - 26351664 _____ (Salfeld Computer GmbH ) C:\Users\frank\Downloads\nw_28334_kisiexe.exe
2014-01-31 11:41 - 2014-01-31 11:41 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-01-31 11:41 - 2014-01-31 11:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-01-31 10:16 - 2014-01-31 20:05 - 00000000 ___SD () C:\Users\frank\Documents\Meine Websites
2014-01-31 08:34 - 2014-01-31 10:06 - 281129273 _____ () C:\Users\frank\Downloads\Fishdom.exe
2014-01-31 07:51 - 2014-01-31 07:51 - 00000000 ____D () C:\Users\frank\AppData\Local\Apps\2.0
2014-01-30 17:08 - 2014-01-30 17:08 - 00895466 _____ () C:\Windows\Die Planeten Uninstaller.exe
2014-01-30 17:08 - 2014-01-30 17:08 - 00000000 ____D () C:\Program Files (x86)\Die Planeten
2014-01-30 14:43 - 2014-01-28 08:54 - 00000000 ____D () C:\Users\frank\Downloads\netnet
2014-01-30 14:42 - 2014-01-30 14:42 - 93084883 _____ () C:\Users\frank\Downloads\netnet_pwfisi2014.rar
2014-01-30 14:16 - 2014-02-10 19:00 - 00000000 ____D () C:\Program Files\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Users\frank\AppData\Local\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\first_launch
2014-01-30 14:15 - 2014-02-11 18:55 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-01-30 14:15 - 2014-01-30 14:15 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-01-30 14:05 - 2014-01-30 14:05 - 00003138 _____ () C:\Windows\System32\Tasks\{33B9F1BB-4ED2-4D27-998A-D02280BE0F11}
2014-01-30 13:53 - 2014-01-30 13:56 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-30 13:52 - 2014-01-30 13:53 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-01-30 13:52 - 2014-01-30 13:52 - 02365840 _____ () C:\Users\frank\Downloads\SecurityTaskManager_Setup.exe
2014-01-30 10:16 - 2014-01-31 09:09 - 00000188 _____ () C:\Users\frank\.packettracer
2014-01-30 10:16 - 2014-01-30 10:20 - 00000000 ____D () C:\Users\frank\Cisco Packet Tracer 6.0.1
2014-01-30 09:37 - 2014-01-30 09:40 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Dream Aquarium
2014-01-30 09:16 - 2014-02-02 15:32 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-30 09:16 - 2014-01-30 09:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-30 09:15 - 2014-01-30 10:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Adobe
2014-01-30 08:04 - 2014-02-11 14:41 - 00116736 ___SH () C:\Users\frank\Desktop\Thumbs.db
2014-01-30 06:51 - 2014-01-30 06:51 - 00073584 _____ () C:\Users\frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 06:49 - 2014-01-30 06:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-30 06:48 - 2014-01-30 06:50 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-01-30 06:48 - 2014-01-30 06:48 - 25755856 _____ (Microsoft Corporation) C:\Users\frank\Downloads\wordview_de-de.exe
2014-01-29 18:22 - 2014-01-29 18:40 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-29 18:22 - 2014-01-29 18:22 - 2321575125 _____ () C:\Windows\MEMORY.DMP
2014-01-29 15:17 - 2014-02-07 13:22 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vlc
2014-01-29 15:16 - 2014-01-29 15:16 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-29 12:34 - 2014-01-29 12:34 - 00276276 _____ () C:\Users\frank\Documents\version1.pcapng
2014-01-29 12:25 - 2014-01-29 12:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Wireshark
2014-01-29 12:24 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-01-29 12:23 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files\Wireshark
2014-01-29 12:22 - 2014-01-29 12:23 - 27976248 _____ (Wireshark development team) C:\Users\frank\Downloads\Wireshark-win64-1.10.4.exe
2014-01-29 11:04 - 2013-05-07 14:11 - 00000000 ____D () C:\Users\frank\Downloads\Portscanner
2014-01-29 10:41 - 2014-01-29 10:41 - 00000000 ____D () C:\Users\frank\AppData\Roaming\WinRAR
2014-01-29 10:24 - 2014-01-29 10:24 - 00000036 _____ () C:\Users\frank\AppData\Local\housecall.guid.cache
2014-01-29 09:54 - 2014-01-29 09:54 - 12734464 _____ () C:\Users\frank\Downloads\zwischenzeit_divx240.avi
2014-01-28 20:40 - 2014-01-06 15:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-01-28 20:39 - 2014-01-28 20:39 - 24859352 _____ (Microsoft Corporation) C:\Users\frank\Downloads\Windows-KB890830-x64-V5.8.exe
2014-01-28 20:37 - 2014-01-28 20:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\QuickScan
2014-01-28 18:24 - 2013-11-26 11:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-01-28 18:24 - 2013-11-26 10:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-28 18:24 - 2013-11-26 08:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-01-28 18:24 - 2013-11-26 07:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-01-28 18:24 - 2013-10-23 11:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\System32\wldp.dll
2014-01-28 18:24 - 2013-10-23 11:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-01-28 18:24 - 2013-10-23 11:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\System32\kd_02_8086.dll
2014-01-28 18:24 - 2013-10-22 08:18 - 01287064 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-01-28 18:24 - 2013-10-22 07:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-28 18:24 - 2013-10-22 06:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-01-28 18:24 - 2013-10-22 05:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2014-01-28 18:24 - 2013-10-22 04:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-01-28 18:24 - 2013-10-22 04:02 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-01-28 18:24 - 2013-10-22 03:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersShell.dll
2014-01-28 18:24 - 2013-10-22 03:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\System32\WorkfoldersControl.dll
2014-01-28 18:24 - 2013-10-22 02:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-01-28 18:24 - 2013-10-22 02:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2014-01-28 18:24 - 2013-10-22 02:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-01-28 18:24 - 2013-10-22 01:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\System32\workfolderssvc.dll
2014-01-28 18:24 - 2013-10-19 08:51 - 00481392 _____ (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2014-01-28 18:24 - 2013-10-19 07:12 - 00380656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-01-28 18:24 - 2013-10-19 04:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2014-01-28 18:24 - 2013-10-19 04:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-01-28 18:24 - 2013-10-19 03:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2014-01-28 18:24 - 2013-10-19 03:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-01-28 18:24 - 2013-10-16 09:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-01-28 18:24 - 2013-10-16 09:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2014-01-28 18:24 - 2013-10-13 03:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2014-01-28 18:24 - 2013-10-13 02:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2014-01-28 18:24 - 2013-10-10 16:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-01-28 18:24 - 2013-10-10 16:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2014-01-28 18:24 - 2013-10-10 14:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-01-28 18:24 - 2013-10-10 14:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-01-28 18:24 - 2013-10-10 11:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2014-01-28 18:24 - 2013-10-08 10:28 - 00523096 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2014-01-28 18:24 - 2013-10-08 06:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2014-01-28 18:24 - 2013-10-08 05:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-01-28 18:24 - 2013-10-08 05:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2014-01-28 18:24 - 2013-10-08 05:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2014-01-28 18:24 - 2013-10-08 05:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-01-28 18:24 - 2013-10-08 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.Http.dll
2014-01-28 18:24 - 2013-10-08 04:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-01-28 18:24 - 2013-10-08 04:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-01-28 18:24 - 2013-10-07 07:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-01-28 18:24 - 2013-10-07 02:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-01-28 18:24 - 2013-10-05 15:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2014-01-28 18:24 - 2013-10-05 14:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-01-28 18:24 - 2013-10-05 12:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-01-28 18:24 - 2013-10-05 11:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2014-01-28 18:24 - 2013-10-05 09:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-01-28 18:24 - 2013-10-05 09:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-01-28 18:24 - 2013-10-05 09:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-01-28 18:24 - 2013-10-05 08:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2014-01-28 18:24 - 2013-10-05 08:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\miutils.dll
2014-01-28 18:24 - 2013-10-05 08:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-01-28 18:24 - 2013-10-05 08:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-01-28 18:24 - 2013-10-05 08:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-01-28 18:24 - 2013-10-05 08:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\System32\pcsvDevice.dll
2014-01-28 18:24 - 2013-10-05 07:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2014-01-28 18:24 - 2013-10-05 07:39 - 06639616 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-01-28 18:24 - 2013-10-05 07:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-01-28 18:24 - 2013-10-05 07:32 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-28 18:24 - 2013-10-04 08:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\System32\AppReadiness.dll
2014-01-28 18:24 - 2013-09-17 09:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2014-01-28 18:24 - 2013-09-17 09:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-01-28 18:24 - 2013-09-17 06:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-01-28 18:24 - 2013-09-17 06:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-01-28 18:24 - 2013-09-17 04:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\System32\dafBth.dll
2014-01-28 18:24 - 2013-09-14 14:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2014-01-28 18:24 - 2013-09-14 14:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2014-01-28 18:24 - 2013-09-14 12:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-01-28 18:24 - 2013-09-14 12:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-01-28 18:24 - 2013-09-14 10:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2014-01-28 18:24 - 2013-09-14 09:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\System32\ipnathlp.dll
2014-01-28 18:24 - 2013-09-13 08:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\ftp.exe
2014-01-28 18:24 - 2013-09-13 07:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-01-28 18:24 - 2013-09-12 08:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2014-01-28 18:24 - 2013-09-12 08:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2014-01-28 18:24 - 2013-09-12 08:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2014-01-28 18:24 - 2013-09-12 08:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-01-28 18:24 - 2013-09-12 07:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2014-01-28 18:24 - 2013-09-12 07:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-01-28 18:24 - 2013-09-12 07:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\System32\dafWfdProvider.dll
2014-01-28 18:24 - 2013-09-12 07:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-01-28 18:24 - 2013-09-12 07:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2014-01-28 18:24 - 2013-09-12 07:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-01-28 18:24 - 2013-09-10 05:26 - 04599808 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-01-28 18:24 - 2013-09-10 04:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\System32\msched.dll
2014-01-28 18:24 - 2013-09-10 04:34 - 03934208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-01-28 18:23 - 2013-11-27 15:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2014-01-28 18:23 - 2013-11-27 11:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\WSCollect.exe
2014-01-28 18:23 - 2013-11-27 10:34 - 00138240 _____ () C:\Windows\System32\OEMLicense.dll
2014-01-28 18:23 - 2013-11-27 09:54 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-01-28 18:23 - 2013-11-27 08:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-28 18:23 - 2013-11-27 08:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2014-01-28 18:23 - 2013-11-27 08:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-28 18:23 - 2013-11-27 08:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-28 18:23 - 2013-11-27 08:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-28 18:23 - 2013-11-27 08:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-01-28 18:23 - 2013-11-26 09:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-01-28 18:23 - 2013-11-26 08:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-01-28 18:23 - 2013-11-26 08:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-28 18:23 - 2013-11-26 08:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-28 18:23 - 2013-11-26 08:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-01-28 18:23 - 2013-11-26 07:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-28 18:23 - 2013-11-26 07:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-28 18:23 - 2013-11-26 07:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-01-28 18:23 - 2013-11-26 06:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-01-28 18:23 - 2013-11-26 06:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-01-28 18:23 - 2013-11-26 06:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-28 18:23 - 2013-11-26 06:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-28 18:23 - 2013-11-26 06:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-28 18:23 - 2013-11-23 04:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-01-28 18:23 - 2013-11-23 04:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-28 18:23 - 2013-11-23 03:10 - 00568832 _____ (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
2014-01-28 18:23 - 2013-11-11 02:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2014-01-28 18:23 - 2013-11-09 11:55 - 00325464 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2014-01-28 18:23 - 2013-11-09 06:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\System32\WMPDMC.exe
2014-01-28 18:23 - 2013-11-09 05:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-01-28 18:23 - 2013-11-08 10:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\System32\dcomp.dll
2014-01-28 18:23 - 2013-11-08 04:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2014-01-28 18:23 - 2013-11-08 04:28 - 13177344 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2014-01-28 18:23 - 2013-11-08 04:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-01-28 18:23 - 2013-11-08 04:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-01-28 18:23 - 2013-11-08 04:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-01-28 18:23 - 2013-11-08 03:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2014-01-28 18:23 - 2013-11-08 03:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2014-01-28 18:23 - 2013-11-05 14:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2014-01-28 18:23 - 2013-11-04 17:13 - 01530200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-01-28 18:23 - 2013-11-04 17:13 - 00382808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-01-28 18:23 - 2013-11-04 13:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\System32\Display.dll
2014-01-28 18:23 - 2013-11-04 11:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2014-01-28 18:23 - 2013-11-04 10:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers.dll
2014-01-28 18:23 - 2013-11-04 02:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-01-28 18:23 - 2013-11-04 01:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-01-28 18:23 - 2013-11-01 11:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-01-28 18:23 - 2013-11-01 06:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\System32\wlidcli.dll
2014-01-28 18:23 - 2013-11-01 05:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-01-28 18:23 - 2013-10-31 00:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2014-01-28 18:23 - 2013-10-31 00:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-01-28 18:23 - 2013-10-31 00:33 - 01642016 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2014-01-28 18:23 - 2013-10-31 00:33 - 01506680 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2014-01-28 18:23 - 2013-10-31 00:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2014-01-28 18:23 - 2013-10-31 00:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2014-01-28 18:23 - 2013-10-26 01:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2014-01-28 18:23 - 2013-10-24 09:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\CredentialMigrationHandler.dll
2014-01-28 18:23 - 2013-10-24 09:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-01-28 18:23 - 2013-10-23 11:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2014-01-28 18:23 - 2013-10-23 08:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-01-28 18:23 - 2013-10-19 08:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-01-28 18:23 - 2013-10-19 07:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-28 18:23 - 2013-10-19 05:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-01-28 18:23 - 2013-10-17 11:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2014-01-28 18:23 - 2013-10-17 10:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-01-28 18:23 - 2013-10-15 08:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-01-28 18:23 - 2013-10-15 08:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-28 18:23 - 2013-10-13 02:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-01-28 18:23 - 2013-10-12 21:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-01-28 18:23 - 2013-10-12 21:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-01-28 18:23 - 2013-10-11 13:24 - 00909312 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2014-01-28 18:23 - 2013-10-11 13:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-01-28 18:23 - 2013-10-10 11:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\System32\AppxAllUserStore.dll
2014-01-28 18:23 - 2013-10-10 11:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-01-28 18:23 - 2013-10-10 11:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-01-28 18:23 - 2013-10-10 11:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-01-28 18:23 - 2013-10-10 10:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2014-01-28 18:23 - 2013-10-10 10:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-01-28 18:23 - 2013-10-05 12:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-28 18:23 - 2013-10-05 12:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-01-28 18:23 - 2013-10-05 08:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-28 18:23 - 2013-10-03 09:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Sensors.dll
2014-01-28 18:23 - 2013-10-03 09:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-01-28 18:23 - 2013-10-02 11:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2014-01-28 18:23 - 2013-10-02 09:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-01-28 18:23 - 2013-10-01 03:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2014-01-28 18:23 - 2013-10-01 03:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-01-28 18:23 - 2013-09-26 06:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveTelemetry.dll
2014-01-28 18:23 - 2013-09-26 06:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\MrmIndexer.dll
2014-01-28 18:23 - 2013-09-26 06:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-01-28 18:23 - 2013-09-25 10:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2014-01-28 18:23 - 2013-09-25 08:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-01-28 18:23 - 2013-09-24 05:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\SRH.dll
2014-01-28 18:23 - 2013-09-24 05:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-01-28 18:23 - 2013-09-24 05:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2014-01-28 18:23 - 2013-09-24 03:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-01-28 18:23 - 2013-09-21 12:10 - 00236376 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-01-28 18:23 - 2013-09-21 11:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-01-28 18:23 - 2013-09-21 11:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\System32\dwmapi.dll
2014-01-28 18:23 - 2013-09-21 11:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-01-28 18:23 - 2013-09-21 11:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2014-01-28 18:23 - 2013-09-21 10:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-01-28 18:23 - 2013-09-21 10:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-01-28 18:23 - 2013-09-21 09:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-01-28 18:23 - 2013-09-21 09:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-01-28 18:23 - 2013-09-21 07:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-01-28 18:23 - 2013-09-21 07:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-01-28 18:23 - 2013-09-21 07:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2014-01-28 18:23 - 2013-09-21 07:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2014-01-28 18:23 - 2013-09-21 07:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\BulkOperationHost.exe
2014-01-28 18:23 - 2013-09-21 07:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-01-28 18:23 - 2013-09-21 06:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2014-01-28 18:23 - 2013-09-21 06:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2014-01-28 18:23 - 2013-09-21 05:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-01-28 18:23 - 2013-09-21 05:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\System32\livessp.dll
2014-01-28 18:23 - 2013-09-21 05:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-01-28 18:23 - 2013-09-21 05:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-01-28 18:23 - 2013-09-21 05:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\dpapisrv.dll
2014-01-28 18:23 - 2013-09-21 05:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2014-01-28 18:23 - 2013-09-21 05:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2014-01-28 18:23 - 2013-09-21 05:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-01-28 18:23 - 2013-09-21 05:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2014-01-28 18:23 - 2013-09-21 05:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2014-01-28 18:23 - 2013-09-21 05:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2014-01-28 18:23 - 2013-09-21 05:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-01-28 18:23 - 2013-09-21 04:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-01-28 18:23 - 2013-09-21 04:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-01-28 18:23 - 2013-09-21 04:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Search.dll
2014-01-28 18:23 - 2013-09-21 04:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2014-01-28 18:23 - 2013-09-21 04:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2014-01-28 18:23 - 2013-09-21 04:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-01-28 18:23 - 2013-09-21 04:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-01-28 18:23 - 2013-09-19 05:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2014-01-28 18:23 - 2013-09-19 05:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\System32\wlidprov.dll
2014-01-28 18:23 - 2013-09-19 04:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-01-28 18:23 - 2013-09-19 04:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-01-28 18:23 - 2013-09-19 04:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\System32\dui70.dll
2014-01-28 18:23 - 2013-09-19 04:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-01-28 18:23 - 2013-09-19 04:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-01-28 18:23 - 2013-09-19 04:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-01-28 18:23 - 2013-09-19 03:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2014-01-28 18:23 - 2013-09-19 03:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-01-28 18:23 - 2013-09-19 03:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-01-28 18:23 - 2013-09-19 03:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2014-01-28 18:23 - 2013-09-17 09:18 - 00467800 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2014-01-28 18:23 - 2013-09-17 05:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\System32\wbiosrvc.dll
2014-01-28 18:23 - 2013-09-12 07:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2014-01-28 18:23 - 2013-09-07 11:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\TetheringMgr.dll
2014-01-28 18:23 - 2013-09-07 10:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveShell.dll
2014-01-28 18:23 - 2013-09-04 05:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\System32\tpmvsc.dll
2014-01-28 18:23 - 2013-08-31 14:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\System32\mftranscode.dll
2014-01-28 18:23 - 2013-08-31 12:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-01-28 18:22 - 2013-12-09 00:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2014-01-28 18:22 - 2013-11-09 06:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\MDMAgent.exe
2014-01-28 18:22 - 2013-11-09 06:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\mdmregistration.dll
2014-01-28 18:22 - 2013-11-09 05:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-01-28 18:22 - 2013-10-16 15:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-01-28 18:22 - 2013-10-16 13:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-28 18:22 - 2013-09-26 09:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\System32\recimg.exe
2014-01-28 18:22 - 2013-09-26 08:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-28 18:22 - 2013-09-26 07:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2014-01-28 18:22 - 2013-09-26 07:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-01-28 18:22 - 2013-09-25 07:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\BthRadioMedia.dll
2014-01-28 18:22 - 2013-09-25 05:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2014-01-28 18:22 - 2013-09-24 06:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2014-01-28 18:22 - 2013-09-24 05:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-01-28 18:22 - 2013-09-21 12:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-01-28 18:22 - 2013-09-21 12:10 - 00151384 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2014-01-28 18:22 - 2013-09-21 11:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2014-01-28 18:22 - 2013-09-21 10:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-01-28 18:22 - 2013-09-21 10:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2014-01-28 18:22 - 2013-09-21 09:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-01-28 18:22 - 2013-09-21 06:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-01-28 18:22 - 2013-09-21 06:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\System32\ReInfo.dll
2014-01-28 18:22 - 2013-09-21 05:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-28 18:22 - 2013-09-21 05:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2014-01-28 18:22 - 2013-09-21 05:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-01-28 18:22 - 2013-09-21 05:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2014-01-28 18:22 - 2013-09-21 04:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-01-28 18:22 - 2013-09-21 04:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-01-28 18:22 - 2013-09-21 04:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2014-01-28 18:22 - 2013-09-21 04:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\efswrt.dll
2014-01-28 18:22 - 2013-09-21 04:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\System32\printui.dll
2014-01-28 18:22 - 2013-09-19 07:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersRes.dll
2014-01-28 18:22 - 2013-09-19 06:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\pcaui.dll
2014-01-28 18:22 - 2013-09-19 06:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\WorkFolders.exe
2014-01-28 18:22 - 2013-09-19 06:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2014-01-28 18:22 - 2013-09-19 06:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2014-01-28 18:22 - 2013-09-19 05:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2014-01-28 18:22 - 2013-09-19 05:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-01-28 18:22 - 2013-09-19 04:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2014-01-28 18:22 - 2013-09-17 06:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-01-28 18:22 - 2013-09-17 05:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-01-28 18:22 - 2013-09-17 05:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2014-01-28 18:22 - 2013-09-17 04:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-01-28 18:22 - 2013-09-17 04:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\System32\msctfuimanager.dll
2014-01-28 18:22 - 2013-09-17 03:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-01-28 18:22 - 2013-09-14 14:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2014-01-28 18:22 - 2013-09-14 14:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\System32\PSHED.DLL
2014-01-28 18:22 - 2013-09-14 11:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2014-01-28 18:22 - 2013-09-13 09:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\SensorsClassExtension.dll
2014-01-28 18:22 - 2013-09-13 08:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Usb.dll
2014-01-28 18:22 - 2013-09-13 08:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2014-01-28 18:22 - 2013-09-13 07:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.HumanInterfaceDevice.dll
2014-01-28 18:22 - 2013-09-13 07:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-01-28 18:22 - 2013-09-12 12:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2014-01-28 18:22 - 2013-09-11 09:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-01-28 18:22 - 2013-09-11 09:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-01-28 18:22 - 2013-09-11 07:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2014-01-28 18:22 - 2013-09-11 07:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-01-28 18:22 - 2013-09-07 16:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2014-01-28 18:22 - 2013-09-07 16:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2014-01-28 18:22 - 2013-09-07 14:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-01-28 18:22 - 2013-09-07 14:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-01-28 18:22 - 2013-09-07 12:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\fdprint.dll
2014-01-28 18:22 - 2013-09-07 12:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2014-01-28 18:22 - 2013-09-07 12:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2014-01-28 18:22 - 2013-09-07 11:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-01-28 18:22 - 2013-09-07 11:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\CryptoWinRT.dll
2014-01-28 18:22 - 2013-09-07 11:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Vpn.dll
2014-01-28 18:22 - 2013-09-07 11:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2014-01-28 18:22 - 2013-09-07 11:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2014-01-28 18:22 - 2013-09-07 10:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-01-28 18:22 - 2013-09-05 07:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2014-01-28 18:22 - 2013-09-05 06:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\Utilman.exe
2014-01-28 18:22 - 2013-09-05 05:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2014-01-28 18:22 - 2013-09-04 07:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersGPExt.dll
2014-01-28 18:22 - 2013-09-04 06:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\System32\vmrdvcore.dll
2014-01-28 18:22 - 2013-09-04 05:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\DscCoreConfProv.dll
2014-01-28 18:22 - 2013-09-04 04:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\DscCore.dll
2014-01-28 18:22 - 2013-09-04 04:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2014-01-28 18:22 - 2013-09-04 04:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-01-28 18:22 - 2013-08-31 12:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\riched20.dll
2014-01-28 18:22 - 2013-08-31 10:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-01-28 18:22 - 2013-08-31 10:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2014-01-28 18:22 - 2013-08-31 09:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-01-28 18:22 - 2013-08-30 07:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2014-01-28 18:22 - 2013-08-28 08:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2014-01-28 18:22 - 2013-08-28 07:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\System32\MDEServer.exe
2014-01-28 18:22 - 2013-08-28 07:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\msra.exe
2014-01-28 18:22 - 2013-08-28 07:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\rdsdwmdr.dll
2014-01-28 18:22 - 2013-08-28 07:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-01-28 18:22 - 2013-08-27 06:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2014-01-28 18:22 - 2013-08-27 05:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-01-28 13:04 - 2014-01-28 13:08 - 00000000 ____D () C:\Users\frank\AppData\Local\JDownloader v2.0
2014-01-28 07:43 - 2014-02-11 11:00 - 00000000 ____D () C:\Users\frank\Desktop\vitero Dateien
2014-01-28 07:02 - 2014-01-28 07:02 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Macromedia
2014-01-28 07:01 - 2014-01-28 18:12 - 00000000 ____D () C:\Windows\Minidump
2014-01-27 19:14 - 2014-01-27 19:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\NVIDIA
2014-01-27 19:13 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\.VirtualBox
2014-01-27 19:13 - 2014-02-09 19:00 - 00000000 ____D () C:\Users\frank\VirtualBox VMs
2014-01-27 19:13 - 2013-12-18 16:19 - 00252688 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2014-01-27 19:12 - 2014-01-27 19:12 - 00000000 ____D () C:\Program Files\Oracle
2014-01-27 19:12 - 2013-12-18 16:16 - 00126736 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2014-01-27 19:07 - 2014-01-27 19:09 - 106322704 _____ (Oracle Corporation) C:\Users\frank\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-27 18:39 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-27 18:38 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
2014-01-27 18:38 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-27 18:25 - 2014-01-27 18:25 - 03171840 _____ () C:\Users\frank\Downloads\UltraMon_3.2.2_de_x64.msi
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files\UltraMon
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\WPF Toolkit
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-27 18:24 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-01-27 18:24 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-27 18:24 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-27 18:23 - 2014-01-27 18:23 - 00000000 ____D () C:\Program Files (x86)\yWorks
2014-01-27 18:22 - 2014-01-28 08:14 - 00000000 ____D () C:\xampp
2014-01-27 18:02 - 2014-01-30 06:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-27 17:39 - 2014-01-27 17:39 - 00000424 _____ () C:\Users\frank\Desktop\Arbeitsplatz.lnk
2014-01-27 17:32 - 2014-02-11 20:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-27 17:32 - 2014-01-27 17:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-27 17:32 - 2013-10-23 08:20 - 06669600 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 03489568 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 03426956 _____ () C:\Windows\System32\nvcoproc.bin
2014-01-27 17:32 - 2013-10-23 08:20 - 02559776 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 00922912 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2014-01-27 17:32 - 2013-10-23 08:20 - 00219424 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 00063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-27 17:31 - 2013-10-28 11:53 - 00061216 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2014-01-27 17:31 - 2013-10-28 11:53 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-01-27 17:16 - 2014-02-11 10:31 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vitero
2014-01-27 16:21 - 2014-01-27 16:21 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-27 16:06 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-01-27 16:05 - 2014-02-11 20:48 - 00000000 ____D () C:\Users\frank\AppData\Roaming\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\Program Files\Classic Shell
2014-01-27 15:09 - 2014-02-11 20:48 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 15:09 - 2014-02-11 20:20 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 15:09 - 2014-01-27 17:15 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-27 15:09 - 2014-01-27 17:15 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-27 15:09 - 2014-01-27 15:28 - 50053120 _____ () C:\Program Files (x86)\GUT730F.tmp
2014-01-27 15:09 - 2014-01-27 15:28 - 00000000 ____D () C:\Program Files (x86)\GUM730E.tmp
2014-01-27 15:08 - 2014-02-09 18:50 - 00000000 ____D () C:\Users\frank\AppData\Roaming\DAEMON Tools Lite
2014-01-27 15:08 - 2014-01-27 15:08 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-01-27 15:08 - 2014-01-27 15:08 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-01-27 15:06 - 2014-01-27 18:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-27 15:04 - 2014-01-27 18:00 - 00000000 ____D () C:\Install-Dateien
2014-01-27 14:59 - 2014-01-27 14:59 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Users\frank\AppData\Roaming\AVAST Software
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-27 14:47 - 2014-01-27 16:26 - 00000000 ____D () C:\Users\frank\AppData\Local\Google
2014-01-27 14:47 - 2014-01-27 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-27 14:47 - 2014-01-27 14:59 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-01-27 14:47 - 2014-01-27 14:47 - 00205320 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 14:47 - 2014-01-27 14:47 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 14:46 - 2014-01-27 14:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-27 14:23 - 2014-02-11 19:05 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1301974214-127450241-1762815529-1001
2014-01-27 14:20 - 2014-02-11 20:38 - 01776918 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-01-27 14:18 - 2014-02-11 20:47 - 00000000 __RDO () C:\Users\frank\SkyDrive
2014-01-27 14:16 - 2014-01-27 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-27 14:15 - 2014-02-08 20:09 - 00000000 ____D () C:\Users\frank\AppData\Local\VirtualStore
2014-01-27 14:15 - 2014-02-06 08:14 - 00000000 ____D () C:\Users\frank\AppData\Local\Packages
2014-01-27 14:15 - 2014-01-30 10:15 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Adobe
2014-01-27 14:11 - 2014-02-08 20:58 - 00000000 ____D () C:\users\frank
2014-01-27 14:11 - 2014-01-27 14:11 - 00000020 ___SH () C:\Users\frank\ntuser.ini
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Vorlagen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Startmenü
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Netzwerkumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Lokale Einstellungen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Eigene Dateien
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Druckumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Musik
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Bilder
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Verlauf
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Anwendungsdaten
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Anwendungsdaten
2014-01-27 14:10 - 2013-08-22 05:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2014-01-27 14:09 - 2014-02-11 18:20 - 01125563 _____ () C:\Windows\WindowsUpdate.log
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Programme
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-01-27 14:07 - 2014-02-09 17:37 - 00000000 __SHD () C:\Recovery
2014-01-27 14:07 - 2014-01-27 14:07 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

2014-02-11 21:50 - 2014-02-11 21:50 - 00000000 _____ () C:\Recovery.txt
2014-02-11 20:49 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 20:48 - 2014-01-27 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-11 20:48 - 2014-01-27 16:05 - 00000000 ____D () C:\Users\frank\AppData\Roaming\ClassicShell
2014-02-11 20:48 - 2014-01-27 15:09 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-11 20:47 - 2014-01-27 14:18 - 00000000 __RDO () C:\Users\frank\SkyDrive
2014-02-11 20:38 - 2014-02-11 20:38 - 02151424 _____ (Farbar) C:\Users\frank\Downloads\FRST64 (2).exe
2014-02-11 20:38 - 2014-01-27 14:20 - 01776918 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-11 20:38 - 2013-09-12 09:43 - 00764340 _____ () C:\Windows\System32\perfh007.dat
2014-02-11 20:38 - 2013-09-12 09:43 - 00159160 _____ () C:\Windows\System32\perfc007.dat
2014-02-11 20:37 - 2014-02-11 20:37 - 00001756 _____ () C:\Users\frank\Desktop\RKreport[0]_D_02112014_213727.txt
2014-02-11 20:37 - 2014-02-11 19:53 - 00000000 ____D () C:\Users\frank\Desktop\RK_Quarantine
2014-02-11 20:20 - 2014-01-27 15:09 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-11 20:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\sru
2014-02-11 19:56 - 2014-02-11 19:56 - 00001714 _____ () C:\Users\frank\Desktop\RKreport[0]_S_02112014_205631.txt
2014-02-11 19:54 - 2014-02-11 19:54 - 04408320 _____ () C:\Users\frank\Desktop\RogueKillerX64.exe
2014-02-11 19:51 - 2014-02-11 19:51 - 02467477 _____ () C:\Users\frank\Downloads\RogueKiller_8.8.5.zip
2014-02-11 19:05 - 2014-01-27 14:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1301974214-127450241-1762815529-1001
2014-02-11 18:55 - 2014-01-30 14:15 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-02-11 18:20 - 2014-01-27 14:09 - 01125563 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\frank\Downloads\ListDlls
2014-02-11 18:11 - 2014-02-11 18:11 - 00269722 _____ () C:\Users\frank\Downloads\ListDlls.zip
2014-02-11 18:10 - 2014-02-07 14:16 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-11 14:41 - 2014-01-30 08:04 - 00116736 ___SH () C:\Users\frank\Desktop\Thumbs.db
2014-02-11 14:40 - 2014-02-03 14:04 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F81F6709-A6D3-45E6-A9BC-D60ACD28289C}
2014-02-11 11:44 - 2014-02-11 11:44 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (3).php
2014-02-11 11:06 - 2014-02-11 11:06 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum (1).php
2014-02-11 11:04 - 2014-02-11 11:04 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum.php
2014-02-11 11:00 - 2014-01-28 07:43 - 00000000 ____D () C:\Users\frank\Desktop\vitero Dateien
2014-02-11 10:35 - 2014-02-11 10:35 - 00000462 _____ () C:\Windows\System32\.crusader
2014-02-11 10:32 - 2014-02-07 13:09 - 00000000 ____D () C:\Users\frank\Documents\SupervisionCam
2014-02-11 10:31 - 2014-01-27 17:16 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vitero
2014-02-11 10:30 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\System32\config\BBI
2014-02-11 07:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-02-10 19:00 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\COMODO
2014-02-10 15:42 - 2014-02-10 15:41 - 00000000 ____D () C:\Users\frank\Desktop\ProcessMonitor
2014-02-10 15:42 - 2014-02-10 15:41 - 00000000 ____D () C:\Users\frank\Desktop\ProcessExplorer
2014-02-10 15:42 - 2014-01-27 19:13 - 00000000 ____D () C:\Users\frank\.VirtualBox
2014-02-10 11:46 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Sicherheit
2014-02-09 20:52 - 2014-02-09 20:52 - 00080384 _____ () C:\Users\frank\Downloads\MBRCheck.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00007597 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Windows\pss
2014-02-09 20:13 - 2014-02-08 21:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-09 19:00 - 2014-01-27 19:13 - 00000000 ____D () C:\Users\frank\VirtualBox VMs
2014-02-09 18:50 - 2014-01-27 15:08 - 00000000 ____D () C:\Users\frank\AppData\Roaming\DAEMON Tools Lite
2014-02-09 17:41 - 2014-02-08 20:59 - 00000000 ____D () C:\FRST
2014-02-09 17:37 - 2014-01-27 14:07 - 00000000 __SHD () C:\Recovery
2014-02-09 16:48 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Office
2014-02-09 15:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-02-09 09:05 - 2014-02-03 09:11 - 00074752 ___SH () C:\Users\frank\Downloads\Thumbs.db
2014-02-09 08:57 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-09 08:44 - 2014-02-01 20:45 - 00002357 _____ () C:\Windows\setupact.log
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-09 08:35 - 2014-02-09 08:34 - 148896080 _____ (Apple Inc.) C:\Users\frank\Downloads\iTunes64Setup.exe
2014-02-09 08:33 - 2014-02-09 08:32 - 02751750 _____ () C:\Users\frank\Downloads\images.zip
2014-02-09 08:15 - 2013-08-22 14:44 - 00387472 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-09 08:13 - 2014-02-09 08:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-08 21:59 - 2014-02-08 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-08 21:50 - 2014-02-08 21:49 - 12589848 _____ (Malwarebytes Corp.) C:\Users\frank\Downloads\mbar-1.07.0.1009.exe
2014-02-08 21:17 - 2014-02-08 21:17 - 00710558 _____ () C:\Users\frank\Downloads\gmer.txt
2014-02-08 21:00 - 2014-02-08 21:00 - 00028263 _____ () C:\Users\frank\Downloads\Addition.txt
2014-02-08 21:00 - 2014-02-08 20:59 - 00120970 _____ () C:\Users\frank\Downloads\FRST.txt
2014-02-08 20:58 - 2014-02-08 20:58 - 00000542 _____ () C:\Users\frank\Downloads\defogger_disable.log
2014-02-08 20:58 - 2014-02-08 20:58 - 00000168 _____ () C:\Users\frank\defogger_reenable
2014-02-08 20:58 - 2014-01-27 14:11 - 00000000 ____D () C:\users\frank
2014-02-08 20:57 - 2014-02-08 20:57 - 02079744 _____ (Farbar) C:\Users\frank\Downloads\FRST64.exe
2014-02-08 20:57 - 2014-02-08 20:57 - 00050477 _____ () C:\Users\frank\Downloads\Defogger.exe
2014-02-08 20:53 - 2014-02-08 20:53 - 00009263 _____ () C:\Users\frank\Downloads\hijackthis.log
2014-02-08 20:52 - 2014-02-08 20:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\frank\Downloads\hijackthis.exe
2014-02-08 20:42 - 2014-02-08 20:42 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (2).php
2014-02-08 20:25 - 2014-02-08 20:25 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (1).php
2014-02-08 20:09 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Local\VirtualStore
2014-02-08 20:07 - 2014-02-08 20:07 - 00000650 _____ () C:\Users\Public\Desktop\Finale PrintMusic 2011.lnk
2014-02-08 20:07 - 2014-02-08 20:07 - 00000000 ____D () C:\Users\frank\Documents\Finale Files
2014-02-08 19:59 - 2014-02-08 19:59 - 12513728 _____ () C:\Users\frank\Downloads\Mein_Foto_Puzzle.exe
2014-02-08 19:59 - 2014-02-08 19:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 19:59 - 2014-02-08 19:47 - 146421352 _____ () C:\Users\frank\Downloads\UMBackup_FinalePmusic.rar
2014-02-08 19:58 - 2014-02-08 19:58 - 00710848 _____ ( ) C:\Users\frank\Downloads\COMPUTER_BILD-Download-Manager_fuer_Mein_Foto_Puzzle.exe
2014-02-08 19:52 - 2014-02-08 19:52 - 05987556 _____ ( ) C:\Users\frank\Downloads\sonnensystem.exe
2014-02-08 15:32 - 2014-02-07 16:26 - 00006884 _____ () C:\Windows\PFRO.log
2014-02-08 14:28 - 2014-02-08 14:27 - 27783201 _____ () C:\Users\frank\Downloads\Finale-NotePad-2008.rar
2014-02-08 14:11 - 2014-02-08 14:11 - 00065910 _____ () C:\Users\frank\Downloads\pong.zip
2014-02-07 18:39 - 2014-02-07 18:24 - 00000000 ____D () C:\Users\frank\AppData\Roaming\TeamViewer
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
2014-02-07 16:25 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-02-07 16:25 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\Dism
2014-02-07 14:19 - 2014-02-07 14:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-07 14:13 - 2014-02-07 14:13 - 00000000 ____D () C:\Users\frank\Pavark
2014-02-07 13:58 - 2014-02-07 13:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Sun
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-07 13:22 - 2014-01-29 15:17 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vlc
2014-02-07 13:09 - 2014-02-07 13:09 - 00000000 ____D () C:\Program Files (x86)\SupervisionCam
2014-02-07 13:08 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\WatchMyCam
2014-02-07 12:51 - 2014-02-07 12:39 - 00000000 ____D () C:\Program Files (x86)\go1984
2014-02-07 12:47 - 2014-02-07 12:47 - 00000000 ____D () C:\Users\frank\AppData\Roaming\CrazyPixels
2014-02-07 12:39 - 2014-02-07 12:39 - 00000000 ____D () C:\ProgramData\logiware gmbh
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Live! Cam
2014-02-07 12:33 - 2014-02-07 12:30 - 00000000 ____D () C:\Program Files (x86)\CamAlert
2014-02-07 12:28 - 2014-02-07 12:28 - 00003957 _____ () C:\Users\frank\Desktop\vlc - Verknüpfung.lnk
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Schule
2014-02-07 10:12 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Netzwerk
2014-02-07 10:12 - 2014-02-07 10:11 - 00000000 ____D () C:\Users\frank\Desktop\Programmierung
2014-02-07 08:07 - 2014-02-07 08:02 - 586924032 _____ () C:\Users\frank\Downloads\ubcd528.iso
2014-02-06 10:28 - 2014-02-06 10:28 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-06 08:14 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Packages
2014-02-06 08:12 - 2014-02-06 08:12 - 00000046 _____ () C:\Windows\wininit.ini
2014-02-06 07:35 - 2014-02-06 07:35 - 00000000 ____D () C:\Users\frank\AppData\Roaming\OpenOffice
2014-02-06 07:34 - 2014-02-06 07:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-06 07:32 - 2014-02-06 07:31 - 163606685 _____ () C:\Users\frank\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 14:38 - 2014-02-05 14:38 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr.php
2014-02-03 23:43 - 2014-02-10 15:40 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\frank\Downloads\procexp.exe
2014-02-03 10:14 - 2014-02-03 10:14 - 00064472 _____ () C:\Users\frank\Downloads\2014.01.27 ER Modell Fahrradhändler.graphml
2014-02-03 10:14 - 2014-02-03 10:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\yWorks
2014-02-02 20:53 - 2014-02-02 20:53 - 00116138 _____ () C:\Users\frank\Downloads\tabellen.zip
2014-02-02 16:38 - 2014-02-02 16:38 - 32093427 _____ ( ) C:\Users\frank\Downloads\Childsplay-1.5_www_freispiel_de.exe
2014-02-02 16:37 - 2014-02-02 16:36 - 01446932 _____ () C:\Users\frank\Downloads\bubble97.zip
2014-02-02 16:35 - 2014-02-02 16:35 - 00000000 ____D () C:\Users\frank\AppData\Local\DownloadGuide
2014-02-02 15:32 - 2014-01-30 09:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-01 20:45 - 2014-02-01 20:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-01 20:41 - 2014-02-01 20:41 - 00000000 ____D () C:\Users\frank\Downloads\Schandmaul-Unendlich-2CD-2014_
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-01 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-02-01 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\MUI
2014-02-01 19:45 - 2014-02-01 19:42 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Notepad++
2014-02-01 19:45 - 2014-02-01 19:42 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 19:42 - 2014-02-01 19:41 - 07598942 _____ () C:\Users\frank\Downloads\npp.6.5.3.Installer.exe
2014-02-01 18:27 - 2014-02-01 18:27 - 26351664 _____ (Salfeld Computer GmbH ) C:\Users\frank\Downloads\nw_28334_kisiexe.exe
2014-01-31 20:05 - 2014-01-31 10:16 - 00000000 ___SD () C:\Users\frank\Documents\Meine Websites
2014-01-31 11:41 - 2014-01-31 11:41 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-01-31 11:41 - 2014-01-31 11:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-01-31 10:06 - 2014-01-31 08:34 - 281129273 _____ () C:\Users\frank\Downloads\Fishdom.exe
2014-01-31 09:09 - 2014-01-30 10:16 - 00000188 _____ () C:\Users\frank\.packettracer
2014-01-31 07:53 - 2013-08-22 20:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\winrm
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\WCN
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\slmgr
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\Printing_Admin_Scripts
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ___SD () C:\Windows\System32\dsc
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\SystemResetPlatform
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\migwiz
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\Com
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\IME
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\Sysprep
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\oobe
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\servicing
2014-01-31 07:51 - 2014-01-31 07:51 - 00000000 ____D () C:\Users\frank\AppData\Local\Apps\2.0
2014-01-30 20:47 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 20:47 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\NDF
2014-01-30 17:08 - 2014-01-30 17:08 - 00895466 _____ () C:\Windows\Die Planeten Uninstaller.exe
2014-01-30 17:08 - 2014-01-30 17:08 - 00000000 ____D () C:\Program Files (x86)\Die Planeten
2014-01-30 14:42 - 2014-01-30 14:42 - 93084883 _____ () C:\Users\frank\Downloads\netnet_pwfisi2014.rar
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Users\frank\AppData\Local\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\first_launch
2014-01-30 14:15 - 2014-01-30 14:15 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-01-30 14:05 - 2014-01-30 14:05 - 00003138 _____ () C:\Windows\System32\Tasks\{33B9F1BB-4ED2-4D27-998A-D02280BE0F11}
2014-01-30 13:56 - 2014-01-30 13:53 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-30 13:53 - 2014-01-30 13:52 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-01-30 13:52 - 2014-01-30 13:52 - 02365840 _____ () C:\Users\frank\Downloads\SecurityTaskManager_Setup.exe
2014-01-30 10:20 - 2014-01-30 10:16 - 00000000 ____D () C:\Users\frank\Cisco Packet Tracer 6.0.1
2014-01-30 10:15 - 2014-01-30 09:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Adobe
2014-01-30 10:15 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Adobe
2014-01-30 09:40 - 2014-01-30 09:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Dream Aquarium
2014-01-30 09:16 - 2014-01-30 09:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-30 08:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-01-30 08:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\en-GB
2014-01-30 06:51 - 2014-01-30 06:51 - 00073584 _____ () C:\Users\frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 06:50 - 2014-01-30 06:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-30 06:50 - 2014-01-30 06:48 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-01-30 06:48 - 2014-01-30 06:48 - 25755856 _____ (Microsoft Corporation) C:\Users\frank\Downloads\wordview_de-de.exe
2014-01-30 06:45 - 2014-01-27 18:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-29 18:40 - 2014-01-29 18:22 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-29 18:22 - 2014-01-29 18:22 - 2321575125 _____ () C:\Windows\MEMORY.DMP
2014-01-29 15:16 - 2014-01-29 15:16 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-29 12:34 - 2014-01-29 12:34 - 00276276 _____ () C:\Users\frank\Documents\version1.pcapng
2014-01-29 12:25 - 2014-01-29 12:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Wireshark
2014-01-29 12:24 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-01-29 12:24 - 2014-01-29 12:23 - 00000000 ____D () C:\Program Files\Wireshark
2014-01-29 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-29 12:23 - 2014-01-29 12:22 - 27976248 _____ (Wireshark development team) C:\Users\frank\Downloads\Wireshark-win64-1.10.4.exe
2014-01-29 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Registration
2014-01-29 10:41 - 2014-01-29 10:41 - 00000000 ____D () C:\Users\frank\AppData\Roaming\WinRAR
2014-01-29 10:24 - 2014-01-29 10:24 - 00000036 _____ () C:\Users\frank\AppData\Local\housecall.guid.cache
2014-01-29 09:54 - 2014-01-29 09:54 - 12734464 _____ () C:\Users\frank\Downloads\zwischenzeit_divx240.avi
2014-01-28 20:39 - 2014-01-28 20:39 - 24859352 _____ (Microsoft Corporation) C:\Users\frank\Downloads\Windows-KB890830-x64-V5.8.exe
2014-01-28 20:37 - 2014-01-28 20:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\QuickScan
2014-01-28 18:12 - 2014-01-28 07:01 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 18:12 - 2013-09-12 10:47 - 00000000 ____D () C:\Windows\Panther
2014-01-28 13:08 - 2014-01-28 13:04 - 00000000 ____D () C:\Users\frank\AppData\Local\JDownloader v2.0
2014-01-28 08:54 - 2014-01-30 14:43 - 00000000 ____D () C:\Users\frank\Downloads\netnet
2014-01-28 08:14 - 2014-01-27 18:22 - 00000000 ____D () C:\xampp
2014-01-28 07:02 - 2014-01-28 07:02 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Macromedia
2014-01-27 19:14 - 2014-01-27 19:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\NVIDIA
2014-01-27 19:12 - 2014-01-27 19:12 - 00000000 ____D () C:\Program Files\Oracle
2014-01-27 19:09 - 2014-01-27 19:07 - 106322704 _____ (Oracle Corporation) C:\Users\frank\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-27 18:39 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-27 18:39 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
2014-01-27 18:38 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-27 18:25 - 2014-01-27 18:25 - 03171840 _____ () C:\Users\frank\Downloads\UltraMon_3.2.2_de_x64.msi
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files\UltraMon
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\WPF Toolkit
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-27 18:25 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-01-27 18:25 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-27 18:23 - 2014-01-27 18:23 - 00000000 ____D () C:\Program Files (x86)\yWorks
2014-01-27 18:23 - 2014-01-27 15:06 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-27 18:00 - 2014-01-27 15:04 - 00000000 ____D () C:\Install-Dateien
2014-01-27 17:39 - 2014-01-27 17:39 - 00000424 _____ () C:\Users\frank\Desktop\Arbeitsplatz.lnk
2014-01-27 17:32 - 2014-01-27 17:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-27 17:15 - 2014-01-27 15:09 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-27 17:15 - 2014-01-27 15:09 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-27 16:26 - 2014-01-27 14:47 - 00000000 ____D () C:\Users\frank\AppData\Local\Google
2014-01-27 16:21 - 2014-01-27 16:21 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-27 16:15 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\Program Files\Classic Shell
2014-01-27 15:28 - 2014-01-27 15:09 - 50053120 _____ () C:\Program Files (x86)\GUT730F.tmp
2014-01-27 15:28 - 2014-01-27 15:09 - 00000000 ____D () C:\Program Files (x86)\GUM730E.tmp
2014-01-27 15:08 - 2014-01-27 15:08 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-01-27 15:08 - 2014-01-27 15:08 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-01-27 15:06 - 2013-08-22 15:36 - 00262144 _____ () C:\Windows\System32\config\BCD-Template
2014-01-27 14:59 - 2014-01-27 14:59 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Users\frank\AppData\Roaming\AVAST Software
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-27 14:59 - 2014-01-27 14:47 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-01-27 14:47 - 2014-01-27 14:47 - 00205320 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 14:47 - 2014-01-27 14:47 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 14:46 - 2014-01-27 14:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-27 14:16 - 2014-01-27 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-27 14:11 - 2014-01-27 14:11 - 00000020 ___SH () C:\Users\frank\ntuser.ini
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Vorlagen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Startmenü
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Netzwerkumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Lokale Einstellungen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Eigene Dateien
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Druckumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Musik
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Bilder
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Verlauf
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Anwendungsdaten
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Programme
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-01-27 14:08 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-01-27 14:08 - 2013-08-22 13:36 - 00000000 __RHD () C:\users\Default
2014-01-27 14:07 - 2014-01-27 14:07 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-27 14:07 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\Recovery
2014-01-19 07:38 - 2014-02-07 07:55 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\frank\AppData\Local\Temp\CheckLang.dll
C:\Users\frank\AppData\Local\Temp\CtRunApp.dll
C:\Users\frank\AppData\Local\Temp\HitmanPro.exe
C:\Users\frank\AppData\Local\Temp\MAZDKJFL.exe
C:\Users\frank\AppData\Local\Temp\ntdll_dump.dll
C:\Users\frank\AppData\Local\Temp\proxy_vole4655281476205128139.dll
C:\Users\frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\frank\AppData\Local\Temp\ZLFG.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-02-01 19:46:03
Restore point made on: 2014-02-06 07:33:05
Restore point made on: 2014-02-07 13:58:24
Restore point made on: 2014-02-09 08:41:02

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 16340.29 MB
Available physical RAM: 15001.05 MB
Total Pagefile: 16340.29 MB
Available Pagefile: 15032.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:983.59 GB) (Free:893.05 GB) NTFS
Drive d: (Schule) (Fixed) (Total:488.28 GB) (Free:465.49 GB) NTFS
Drive e: (Privat) (Fixed) (Total:390.62 GB) (Free:295.58 GB) NTFS
Drive f: () (Removable) (Total:7.27 GB) (Free:7.16 GB) NTFS
Drive h: (DVD_ROM) (CDROM) (Total:4.28 GB) (Free:0 GB) UDF
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 1ED72A27)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: B045E18E)
Partition 1: (Active) - (Size=7 GB) - (Type=07 NTFS)


LastRegBack: 2014-02-09 08:38

==================== End Of Log ============================
--- --- ---

--- --- ---


Ich hoffe ich habe dich noch nicht zu sehr in Verzweiflung gebracht;)
mfg
Frank

Larusso 12.02.2014 09:29
Hallo

ich brauche die search.txt wie oben beschrieben aber im recovery modus :)

justblack 12.02.2014 09:50
das ist die aus dem recovery mode;)

Larusso 12.02.2014 10:31
Ja aber du hast auf scan gedrückt und nicht search :)

justblack 12.02.2014 13:19
ok ok, hast ja gewonnen^^
hier nun der richtige Log:
Code:
Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by SYSTEM at 2014-02-12 13:13:15
Running from F:\
Boot Mode: Recovery

================== Search: "csrss.exe;rpcss.dll" ===================

C:\Windows\WinSxS\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.3.9600.16384_none_49a243e2b80cb4c0\csrss.exe
[2013-08-22 13:25] - [2013-08-22 13:25] - 0017120 ____A (Microsoft Corporation) B2D3F07F5E8A13AF988A8B3C0A800880

C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.16384_none_5a893c0711d704b0\rpcss.dll
[2013-08-22 09:50] - [2013-08-22 09:50] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD

C:\Windows\System32\csrss.exe
[2013-08-22 13:25] - [2013-08-22 13:25] - 0017120 ____A (Microsoft Corporation) B2D3F07F5E8A13AF988A8B3C0A800880

C:\Windows\System32\rpcss.dll
[2013-08-22 09:50] - [2013-08-22 09:50] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD

X:\Windows\WinSxS\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.3.9600.16384_none_49a243e2b80cb4c0\csrss.exe
[2013-08-22 13:25] - [2013-08-22 13:25] - 0017120 ____A (Microsoft Corporation) B2D3F07F5E8A13AF988A8B3C0A800880

X:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.16384_none_5a893c0711d704b0\rpcss.dll
[2013-08-22 13:45] - [2013-08-22 13:45] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD

X:\Windows\System32\csrss.exe
[2013-08-22 13:25] - [2013-08-22 13:25] - 0017120 ____A (Microsoft Corporation) B2D3F07F5E8A13AF988A8B3C0A800880

X:\Windows\System32\rpcss.dll
[2013-08-22 13:45] - [2013-08-22 13:45] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD

====== End Of Search ======

Larusso 12.02.2014 14:10
Hy. Jetzt hat mich ein Mitleser mal auf ne abgespacte sache gebracht.

Ist das ein Desktop PC oder Laptop.

du sagtest, die Musik lief während der rechner neh startete. Kannst mir das mal genauer erklären

justblack 12.02.2014 14:24
jetzt verwirrst du mich^^
das ist ein desktop pc......
die musik ist mal laut und mal leise....verschiedene sender von rusisch bis englisch etc.
wird mal laut und mal leise.
selbst beim rechner neustart läuft sie weiter. allerdings ist zu bedenken das windows 8 ja eh immer ne Zeit braucht um runter zu fahren...

Larusso 12.02.2014 15:52
Also sobald du auf Herunterfahren klickst, und der Rechner sich abschalter, ist sense ?

Haben die Lautsprecher ein externes Stromkabel oder werden die vom PC mit Strom versorgt ?

justblack 12.02.2014 15:58
nein, da läuft sie weiter.
Die werden extern von Strom versorgt.
Auf die Idee bin ich auch schon gekommen und habe mal den rechner von den boxen abgeklemmt. da war dann sofort schluss mit der Musik.
Sie läuft also nur wenn die Boxen am Rechner dran sind

Larusso 12.02.2014 16:01
Naja, hat dein Bildschrim interne Boxen wo normaler Sound auch abgespielt werden kann ?
Wenn aus den (nennen wir sie ) internen nichts kommt, dann bin ich mir sicher, dass der Übeltäter nicht am Rechner sitzt.

Welche Boxen hast du da ? Ich kenn mich damit bisschen aus ;)

justblack 12.02.2014 16:08
die Monitore haben selbst keine boxen...
das ist ein multimedia speaker system von der firma g
modell G-490

Larusso 12.02.2014 16:17
Wenn keine Boxen angeschlossen sind, dann kann auch kein Sound kommen. Irgendwie logisch oder ? :zunge: :D

Ist das so ein 5.1 Multimedia System ? Hast du da noch andere Geräte angeschlossen, wie Radio, DVD Player, Fernseher ?

Könntest du testweise mal Kopfhörer anstatt den Boxen nehmen und mir sagen, ob da auch was kommt

justblack 12.02.2014 17:10
nun hast du mich falsch verstanden^^
die boxen(5.1) sind an der bassbox mit dem pc verbunden durch ein klinkenstecker.
unabhängig von den boxen die über chinch angeschlossen sind.
das mit den Kopfhörern teste ich auf jedenfall mal und geb dir bescheid
andere Geräte sind dort nicht angeschlossen.

Larusso 12.02.2014 20:07
Antwort gelesen und warte auf Feedback :D

justblack 13.02.2014 13:57
Hallo Daniel,
so endlich ein Feedback^^
Gestern lief die Musik auch als der Rechner aus war. Beim angeschlossenen Headset war nix zu hören. Ich hatte dann auch noch kurzfristig mein Iphone an die Lautsprecher angeschlossen und auch keine Musik.
Ich gehe mal davon aus das das wirklich an den Lautsprechern liegt. werde Heute Abend einfach mal andere anschließen und dann noch ein mal kurz berichten;)

Larusso 13.02.2014 15:43
Okay, einer meiner schrägsten Fälle seit rund 6 Jahren :D

liegt sda zufällig ein TV Kabel oder Antennenkabel ganz nah an den Boxenkabeln ?

justblack 13.02.2014 16:43
Naja leicht ist ja auch keine Herausforderung^^
Nein es liegt gar nix in der nähe.nur der Rechner allein

Larusso 13.02.2014 19:44
Dann kann ich mir aus rein technischer Sicht, den Ton nicht erklären.
Ich bezweilfe, dass da ein Bluetooth Radio Empfänger funktionsfähig eingebaut ist.
( zB ein Iphone hat so einen Chip verbaut, wird aber nicht verwendet vom System ).

Ich würde da mal in einem HiFi Forum nachfragen. Gibt da ein paar Freaks die dir eventuell bei der Lokalisierung helfen können


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:15 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29