Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8: Nach DNS BLOCK (Maleware?) nur noch eingeschränkt Internet möglich (https://www.trojaner-board.de/173644-windows-8-dns-block-maleware-nur-noch-eingeschraenkt-internet-moeglich.html)

AngelNights 01.12.2015 22:50
Windows 8: Nach DNS BLOCK (Maleware?) nur noch eingeschränkt Internet möglich
 
Hallöchen,

Ich benötige leider eure Hilfe.
Ich scheine mir einen Virus oder Maleware unter meinem Windows 8 Betriebssystem eingefangen zu haben.
Jedenfalls hat von Windows 8 der Defender heute angeschlagen und Maleware gemeldet. Konkret ging es dabei wohl um "DNS Block". Kann leider nicht genau sagen, wo ich es mir heute einfangen habe...und ob noch mehr dabei war.

Ich habe es dann in der Systemsteuerung deinstalliert, sowie alle anderen Programme (DNS Block, SpeedMon) die ich nicht kenne und nicht bewusst installiert habe (nur die heute installiert wurden).

Problem:
Seit dem Programm habe ich über Firefox keinen Internetzugang mehr, auch wenn ich Programme starte, die Zugriff auf das Internet haben wollen/müssen, sind diese nicht möglich. Über den Internet Explorer geht es seltsamerweise aber!
Malewarebytes startet ebenfalls mit einer Fehlermeldung nicht mehr.

Malewarebytes, Emsisoft Emergency Kit, Eset und ADW Cleaner habe ich bereits drüberlaufen lassen und alles entfernen lassen, was sie gefunden hatten. Nun findet keins der Programme noch etwas. Aber die Probleme bestehen leider immer noch.

Mein zweites Betriebssystem (w7) ist derzeit noch nicht betroffen. So dass ich von hieraus z.b. Eset, Malewarebytes starten lassen konnte.

Windows 8: Laufwerk C
Windows 7: Laufwerk F


ADW Cleaner hat nichts gefunden.

Hier meine Logfiles:
FRST

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
durchgeführt von Cindy (Administrator) auf BLACKHAWK (01-12-2015 13:28:30)
Gestartet von C:\Users\Cindy\Desktop\Sicherheit
Geladene Profile: Cindy (Verfügbare Profile: Cindy)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
(Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Emsisoft Ltd) C:\EEK\bin\a2emergencykit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2010-04-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\...\MountPoints2: {7b704c3d-2650-11e5-bf1e-1c6f65ac0a50} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\...\MountPoints2: {c11208b8-3800-11e2-be65-806e6f6e6963} - "D:\Run.exe"
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 06  Keine Datei
Winsock: Catalog5 07  Keine Datei
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E62E1234-B99F-4FAB-A372-219771470ABA}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll => Keine Datei
BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll => Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\apj325c5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-12-01] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-01] ()
FF Plugin HKU\S-1-5-21-1062219747-2790550789-386354793-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cindy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-09] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\apj325c5.default\searchplugins\google-images.xml [2015-03-03]
FF SearchPlugin: C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\apj325c5.default\searchplugins\google-maps.xml [2015-03-03]
FF SearchPlugin: C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\apj325c5.default\searchplugins\youtube.xml [2015-11-29]
FF Extension: Avira Browser Safety - C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\apj325c5.default\Extensions\abs@avira.com [2015-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi => nicht gefunden

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [igkejcihojcegdmifcnlkhmnelneogef] - C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\extension.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1226488 2015-05-11] (GfK)
R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [18016 2014-07-10] (Olof Lagerkvist)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [X]
S2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [X]
S2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [20536 2014-06-03] (Olof Lagerkvist)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-07-08] (Emsisoft GmbH)
R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [42560 2014-07-10] (Olof Lagerkvist)
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2012-06-02] (Realtek Semiconductor Corporation                          )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
S1 A2DDA; \??\F:\EEK\bin\a2ddax64.sys [X]
S3 cleanhlp; \??\F:\EEK\bin\cleanhlp64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 13:11 - 2015-07-22 19:54 - 02248704 _____ C:\Users\Cindy\Desktop\AdwCleaner_4.208.exe
2015-12-01 13:05 - 2015-12-01 13:05 - 00003128 _____ C:\WINDOWS\System32\Tasks\{9FC7978D-D067-433A-A607-4B7992D37B78}
2015-12-01 12:59 - 2015-12-01 13:00 - 19646888 _____ (Microsoft Corporation) C:\Users\Cindy\Desktop\MediaCreationToolx64.exe
2015-12-01 12:59 - 2015-12-01 12:59 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-01 12:55 - 2015-12-01 13:06 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\SpeedMon
2015-12-01 12:54 - 2015-12-01 12:54 - 00000728 __RSH C:\ProgramData\ntuser.pol
2015-12-01 12:52 - 2015-12-01 12:52 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\dlg
2015-12-01 11:43 - 2015-12-01 11:43 - 00281784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-01 11:31 - 2015-12-01 11:31 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-12-01 11:31 - 2015-12-01 11:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-01 11:14 - 2015-09-02 14:49 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-12-01 11:14 - 2015-09-02 14:49 - 01850880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-12-01 11:14 - 2015-09-02 14:38 - 01744384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-12-01 11:14 - 2015-09-02 14:38 - 01422336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-12-01 11:14 - 2015-07-03 14:33 - 01303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-12-01 11:14 - 2015-07-03 14:23 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-12-01 11:14 - 2015-03-04 07:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-12-01 11:14 - 2015-03-04 07:39 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-12-01 11:14 - 2015-03-04 07:39 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2015-12-01 11:14 - 2015-03-04 05:53 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-12-01 11:14 - 2015-03-04 05:52 - 00676864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2015-12-01 11:13 - 2015-03-27 09:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2015-12-01 10:52 - 2015-03-12 06:31 - 01688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-12-01 10:51 - 2015-10-24 06:28 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-01 10:51 - 2015-10-24 06:24 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-01 10:51 - 2015-10-22 20:01 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-01 10:51 - 2015-10-22 20:01 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-01 10:51 - 2015-10-22 20:01 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-01 10:51 - 2015-10-22 20:01 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-01 10:51 - 2015-10-22 20:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-01 10:51 - 2015-10-22 20:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-01 10:51 - 2015-10-22 14:43 - 00478280 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-01 10:51 - 2015-10-22 14:42 - 00478280 _____ C:\WINDOWS\system32\locale.nls
2015-12-01 10:51 - 2015-09-18 16:09 - 00032432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-12-01 10:51 - 2015-09-18 14:30 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-12-01 10:51 - 2015-09-18 14:30 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-01 10:51 - 2015-09-18 14:30 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-12-01 10:51 - 2015-09-18 14:30 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-12-01 10:51 - 2015-09-18 14:30 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-01 10:51 - 2015-09-18 14:10 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-12-01 10:51 - 2015-05-22 21:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-12-01 10:51 - 2015-03-14 09:07 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-01 10:51 - 2015-03-14 07:33 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-01 10:50 - 2015-09-12 14:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-12-01 10:50 - 2015-09-12 14:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2015-12-01 10:50 - 2015-09-12 14:29 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2015-12-01 10:50 - 2015-09-12 14:29 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2015-12-01 10:50 - 2015-09-12 14:29 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2015-12-01 10:50 - 2015-03-12 06:31 - 02048000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-12-01 10:50 - 2015-03-12 06:31 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2015-12-01 10:50 - 2015-03-12 04:52 - 01933312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-12-01 10:50 - 2014-11-26 07:43 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-12-01 10:50 - 2014-11-26 05:50 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-12-01 10:50 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2015-12-01 10:50 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2015-12-01 10:50 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-01 10:50 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-01 10:50 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2015-12-01 10:50 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2015-12-01 10:50 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-12-01 10:50 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-12-01 10:50 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-12-01 10:50 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2015-12-01 10:50 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2015-12-01 10:50 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2015-12-01 10:50 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2015-12-01 10:50 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2015-12-01 10:50 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2015-12-01 10:50 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2015-12-01 10:50 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2015-12-01 10:49 - 2015-08-10 15:34 - 05331968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-12-01 10:49 - 2015-08-10 15:34 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-12-01 10:49 - 2015-08-10 15:34 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-01 10:49 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-01 10:49 - 2015-04-06 06:36 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-12-01 10:49 - 2015-04-06 05:08 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-12-01 10:49 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-12-01 10:49 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-12-01 10:49 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-12-01 10:49 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-12-01 10:05 - 2015-12-01 10:05 - 00000000 ___HD C:\$Windows.~WS
2015-12-01 10:05 - 2015-12-01 10:05 - 00000000 ___HD C:\$Windows.~GWX
2015-12-01 09:31 - 2015-12-01 09:31 - 00000000 ____D C:\Users\Cindy\AppData\Local\ElevatedDiagnostics
2015-12-01 09:29 - 2015-12-01 10:04 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-30 18:12 - 2015-11-30 18:12 - 00000000 __SHD C:\found.001
2015-11-30 15:57 - 2015-11-30 15:57 - 07635472 _____ (Microsoft Corporation) C:\Users\Cindy\Desktop\GetWindows10-pse_ggl.exe
2015-11-29 19:22 - 2015-11-29 19:22 - 00000000 __SHD C:\found.000
2015-11-29 15:21 - 2015-10-01 14:10 - 00869568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-11-29 15:21 - 2015-10-01 14:09 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-11-29 15:15 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-29 15:15 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-29 15:13 - 2015-07-01 14:00 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-11-29 15:13 - 2015-07-01 13:58 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-11-29 15:13 - 2015-07-01 12:42 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-11-29 15:13 - 2015-07-01 12:41 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-11-29 15:13 - 2015-06-27 14:46 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-11-29 15:13 - 2015-06-27 14:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-11-29 15:12 - 2015-10-17 14:28 - 04063744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-29 15:12 - 2015-08-05 14:52 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-11-29 15:12 - 2015-08-01 17:21 - 00073352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-11-29 15:12 - 2015-08-01 16:22 - 00063992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-11-29 15:12 - 2015-08-01 14:56 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2015-11-29 15:12 - 2015-08-01 14:56 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-11-29 15:12 - 2015-08-01 14:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2015-11-29 15:12 - 2015-07-30 14:11 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-29 15:12 - 2015-07-30 14:10 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-29 15:12 - 2015-07-06 17:16 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-11-29 15:12 - 2015-07-06 15:32 - 00281944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-11-29 15:12 - 2015-06-17 15:13 - 01150264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-11-29 15:12 - 2015-06-17 14:44 - 01567560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-11-29 15:03 - 2015-06-15 16:22 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-11-29 15:03 - 2015-06-15 16:22 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-11-29 15:03 - 2015-06-15 16:21 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-11-29 15:03 - 2015-06-15 16:20 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-11-29 15:03 - 2015-06-09 14:57 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-11-29 15:03 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-11-29 15:03 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-11-29 15:01 - 2015-10-27 15:46 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-29 15:01 - 2015-10-27 15:46 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-29 15:01 - 2015-10-27 15:46 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-29 15:01 - 2015-10-27 14:55 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-29 15:01 - 2015-10-27 14:54 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-29 15:01 - 2015-10-27 14:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-29 15:01 - 2015-10-11 07:45 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-29 15:01 - 2015-10-11 07:45 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-29 15:01 - 2015-09-23 14:10 - 00377552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-29 15:01 - 2015-09-23 14:10 - 00332576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-29 15:01 - 2015-09-02 14:48 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-29 15:01 - 2015-09-02 14:38 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-29 15:01 - 2015-08-28 22:59 - 00304128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-29 15:01 - 2015-08-27 19:41 - 00366592 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-29 15:01 - 2014-12-18 09:51 - 00096576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-29 15:01 - 2014-12-18 07:52 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-29 15:01 - 2014-12-18 07:20 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-29 15:00 - 2015-10-28 17:46 - 06970704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-29 15:00 - 2015-10-28 15:59 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-29 15:00 - 2015-10-28 15:59 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-29 15:00 - 2015-10-28 15:37 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-29 15:00 - 2015-10-02 00:55 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-11-29 15:00 - 2015-10-02 00:55 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-11-29 15:00 - 2015-09-29 03:02 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-11-29 15:00 - 2015-09-29 03:02 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-11-29 15:00 - 2015-09-23 14:10 - 00570256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-29 15:00 - 2015-09-22 18:53 - 01405408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-29 15:00 - 2015-09-22 18:53 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-29 15:00 - 2015-09-12 14:09 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-29 15:00 - 2015-07-29 15:45 - 01412608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-11-29 15:00 - 2015-07-29 14:52 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-11-29 15:00 - 2015-07-29 14:52 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-11-29 15:00 - 2015-07-15 17:09 - 00095064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-11-29 15:00 - 2015-07-15 17:06 - 01824296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-11-29 15:00 - 2015-07-15 14:49 - 01410000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-11-29 15:00 - 2015-07-15 14:29 - 01333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-11-29 15:00 - 2015-06-27 14:55 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-11-29 15:00 - 2015-06-27 14:46 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-11-29 15:00 - 2015-06-25 19:29 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-29 15:00 - 2015-06-25 19:27 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-11-29 15:00 - 2015-01-07 05:25 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-29 14:59 - 2015-10-20 14:53 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-29 14:59 - 2015-10-13 14:16 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-29 14:59 - 2015-10-13 14:16 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-29 14:58 - 2015-10-20 16:00 - 14292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-29 14:58 - 2015-10-20 16:00 - 13775360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-29 14:58 - 2015-10-20 16:00 - 02056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-29 14:58 - 2015-10-20 14:53 - 15416320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-29 14:58 - 2015-10-20 14:53 - 03960832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-29 14:58 - 2015-10-20 14:53 - 02657280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-29 14:57 - 2015-10-20 16:01 - 01763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-29 14:57 - 2015-10-20 16:01 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 02866176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-11-29 14:57 - 2015-10-20 16:00 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-11-29 14:57 - 2015-10-20 14:54 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-29 14:57 - 2015-10-20 14:54 - 01409024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-29 14:57 - 2015-10-20 14:54 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-29 14:57 - 2015-10-20 14:53 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-29 14:57 - 2015-10-20 14:53 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-29 14:57 - 2015-10-20 14:53 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-29 14:57 - 2015-09-18 14:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-11-29 14:57 - 2015-08-13 11:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-11-29 14:57 - 2015-08-13 11:44 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-11-29 14:57 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-11-29 14:57 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-11-29 14:57 - 2015-07-09 21:18 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-11-29 14:57 - 2015-06-15 16:22 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-11-29 14:57 - 2015-06-15 16:22 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-11-29 14:57 - 2015-06-15 16:20 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-11-29 14:57 - 2015-06-15 16:19 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-11-29 14:57 - 2015-06-15 16:19 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-11-29 14:55 - 2015-08-04 15:42 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-29 14:55 - 2015-08-04 15:42 - 02038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-11-29 14:55 - 2015-08-04 15:42 - 01229824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-11-29 14:55 - 2015-08-04 15:42 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-11-29 14:55 - 2015-08-04 15:42 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2015-11-29 14:55 - 2015-08-04 14:54 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-29 14:55 - 2015-08-04 14:54 - 01399808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-11-29 14:55 - 2015-08-04 14:53 - 02307584 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-11-29 14:55 - 2015-08-04 14:53 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-11-29 14:55 - 2015-08-04 14:53 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2015-11-29 14:55 - 2015-07-13 22:05 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-11-29 14:55 - 2015-07-13 22:05 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-11-29 14:55 - 2015-07-09 22:46 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-11-29 14:55 - 2015-07-09 22:44 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2015-11-29 14:55 - 2015-07-09 21:17 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-11-29 14:55 - 2015-07-09 21:16 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2015-11-29 14:52 - 2015-08-01 15:50 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-29 14:52 - 2015-08-01 14:56 - 19778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 13:28 - 2015-07-09 06:58 - 00000000 ____D C:\Users\Cindy\Desktop\Sicherheit
2015-12-01 13:28 - 2015-03-03 22:44 - 00000000 ____D C:\FRST
2015-12-01 13:24 - 2012-11-26 20:42 - 00000000 ____D C:\Users\Cindy\AppData\Local\VirtualStore
2015-12-01 13:21 - 2012-07-26 11:27 - 00953506 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-01 13:21 - 2012-07-26 11:27 - 00216898 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-01 13:21 - 2012-07-26 08:28 - 00005430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-01 13:17 - 2015-07-09 07:01 - 00000000 ____D C:\EEK
2015-12-01 13:17 - 2015-03-03 19:52 - 00000000 ____D C:\AdwCleaner
2015-12-01 13:13 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 13:01 - 2015-03-03 19:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-01 12:59 - 2015-03-03 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-01 12:59 - 2015-03-03 19:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-01 12:57 - 2013-08-01 03:50 - 00000000 ____D C:\Users\Cindy\AppData\Local\Adobe
2015-12-01 12:54 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-12-01 12:52 - 2015-03-03 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-01 11:46 - 2012-07-26 06:37 - 00000000 ____D C:\WINDOWS\Inf
2015-12-01 11:45 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-01 11:42 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-01 11:33 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-01 11:33 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-12-01 11:31 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\WinStore
2015-12-01 11:31 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-01 11:31 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AppCompat
2015-12-01 11:31 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-12-01 11:31 - 2012-07-26 06:37 - 00000000 ____D C:\Windows
2015-12-01 10:05 - 2012-11-26 20:31 - 00000000 ____D C:\WINDOWS\Panther
2015-12-01 09:41 - 2012-11-26 20:38 - 00002825 _____ C:\WINDOWS\diagerr.xml
2015-12-01 09:41 - 2012-11-26 20:38 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-12-01 09:40 - 2012-07-26 06:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-01 09:36 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\Registration
2015-12-01 09:27 - 2012-11-26 19:57 - 00000000 __RHD C:\ESD
2015-12-01 09:00 - 2012-11-26 20:48 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1062219747-2790550789-386354793-1001
2015-11-30 19:14 - 2015-03-03 19:56 - 00000000 ____D C:\ProgramData\Avira
2015-11-30 19:00 - 2015-07-09 18:42 - 00000000 ____D C:\Program Files (x86)\MozBackup
2015-11-30 17:53 - 2012-11-26 20:38 - 00000000 ____D C:\Users\Cindy
2015-11-30 15:33 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2015-11-29 15:55 - 2012-07-26 09:12 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-29 15:55 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-29 15:55 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-11-29 15:17 - 2013-08-18 11:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-29 15:16 - 2012-07-26 11:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-03 01:20 - 2013-11-25 23:46 - 00809944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:20 - 2013-11-25 23:46 - 00176088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Cindy\SB24_PCDRV_LB_WIN8_1_04_0090.exe
C:\Users\Cindy\Windows8-UpgradeAssistant.exe


Einige Dateien in TEMP:
====================
C:\Users\Cindy\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-29 17:33

==================== Ende von FRST.txt ============================
--- --- ---


addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Cindy (2015-12-01 13:29:05)
Gestartet von C:\Users\Cindy\Desktop\Sicherheit
Windows 8 Pro (X64) (2012-11-26 19:42:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1062219747-2790550789-386354793-500 - Administrator - Disabled)
Cindy (S-1-5-21-1062219747-2790550789-386354793-1001 - Administrator - Enabled) => C:\Users\Cindy
Gast (S-1-5-21-1062219747-2790550789-386354793-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1062219747-2790550789-386354793-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: 1.* - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Unity Web Player (HKU\S-1-5-21-1062219747-2790550789-386354793-1001\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

01-12-2015 11:41:41 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {22838185-F76F-413E-AEC0-92A2D804FB01} - System32\Tasks\ASC8_SkipUac_Cindy => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {5B797F98-9FB2-417B-8671-FC2D09E89B2D} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
Task: {7337DA9F-39B9-4439-9E77-5530A1F07D49} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe
Task: {A525990F-EF35-4B57-9B8A-7E4878A09985} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {C6516443-4212-4182-809B-E0BF90197625} - System32\Tasks\{9FC7978D-D067-433A-A607-4B7992D37B78} => pcalua.exe -a C:\Users\Cindy\AppData\Roaming\SpeedMon\speedmon.exe -c /uninstall
Task: {C91EA9AC-55AB-4FD9-9714-F3BB367066A6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-27] (Microsoft Corporation)
Task: {CDDCFB7B-5069-4479-8876-49419FA7A77E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Cindy.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-06-01 18:28 - 2015-06-01 18:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1062219747-2790550789-386354793-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-1062219747-2790550789-386354793-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{76153CF6-8608-454F-89BA-6BEF85B74CDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4A07801-2924-4375-8F46-33DC793DE8CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{23310C5F-F721-49F4-98E8-4B4488D3AFF9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{135CD2CC-0B7C-4480-9399-F538FA0035D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: CanoScan
Description: CanoScan
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Eingabegerät
Description: PCI-Eingabegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 01:29:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:29:14Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:28:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:28:44Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:28:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:28:14Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:27:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:27:44Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:27:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam-setup.tmp, Version: 51.52.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.17366, Zeitstempel: 0x554d16f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010192
ID des fehlerhaften Prozesses: 0xd04
Startzeit der fehlerhaften Anwendung: 0xmbam-setup.tmp0
Pfad der fehlerhaften Anwendung: mbam-setup.tmp1
Pfad des fehlerhaften Moduls: mbam-setup.tmp2
Berichtskennung: mbam-setup.tmp3
Vollständiger Name des fehlerhaften Pakets: mbam-setup.tmp4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam-setup.tmp5

Error: (12/01/2015 01:27:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:27:14Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:27:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam-setup.tmp, Version: 51.52.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.17366, Zeitstempel: 0x554d16f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010192
ID des fehlerhaften Prozesses: 0xd04
Startzeit der fehlerhaften Anwendung: 0xmbam-setup.tmp0
Pfad der fehlerhaften Anwendung: mbam-setup.tmp1
Pfad des fehlerhaften Moduls: mbam-setup.tmp2
Berichtskennung: mbam-setup.tmp3
Vollständiger Name des fehlerhaften Pakets: mbam-setup.tmp4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam-setup.tmp5

Error: (12/01/2015 01:26:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:26:44Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:26:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:26:14Z. Fehlercode: 0x80041316.

Error: (12/01/2015 01:25:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-07T12:25:44Z. Fehlercode: 0x80041316.


Systemfehler:
=============
Error: (12/01/2015 01:24:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/01/2015 01:24:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/01/2015 01:24:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/01/2015 01:14:10 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "BLACKHAWK      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.22
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (12/01/2015 01:14:09 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "BLACKHAWK      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.22
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (12/01/2015 01:14:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "BLACKHAWK      :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.22
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (12/01/2015 01:14:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/01/2015 01:14:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.

Error: (12/01/2015 01:14:08 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{E62E1234-B99F-4FAB-A372-219771470ABA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (12/01/2015 01:13:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


==================== Speicherinformationen ===========================

Prozessor: AMD Athlon(tm) II X4 640 Processor
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8189.55 MB
Verfügbarer physikalischer RAM: 5308.98 MB
Summe virtueller Speicher: 9405.55 MB
Verfügbarer virtueller Speicher: 7186.69 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:50.81 GB) NTFS
Drive f: (Volume) (Fixed) (Total:634.76 GB) (Free:578.12 GB) NTFS
Drive g: (Musik) (Fixed) (Total:296.75 GB) (Free:285.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=634.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6DC32E65)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

GMER:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-12-01 21:57:52
Windows 6.1.7601 Service Pack 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-6 OCZ-AGILITY3 rev.2.22 111,79GB
Running: Gmer-19357.exe; Driver: F:\Users\CE\AppData\Local\Temp\pfloqpog.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwAdjustPrivilegesToken [0x8D0040A0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwAlpcConnectPort [0x8D004020]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwAlpcSendWaitReceivePort [0x8D004030]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwConnectPort [0x8D004050]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwCreateSection [0x8D004000]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwCreateSymbolicLinkObject [0x8D004190]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwCreateThread [0x8D0040F0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwCreateThreadEx [0x8D004040]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwDebugActiveProcess [0x8D004130]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwDeviceIoControlFile [0x8D0041F0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwDuplicateObject [0x8D004160]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwLoadDriver [0x8D004140]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwMapViewOfSection [0x8D004170]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwOpenProcess [0x8D004080]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwOpenSection [0x8D004070]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwOpenThread [0x8D004090]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwPlugPlayControl [0x8D0041A0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwProtectVirtualMemory [0x8D0040B0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwQueueApcThread [0x8D004110]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwRequestWaitReplyPort [0x8D0041E0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwResumeThread [0x8D0041B0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSecureConnectPort [0x8D004060]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSetContextThread [0x8D004100]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSetInformationToken [0x8D004010]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSetSystemInformation [0x8D004150]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSuspendProcess [0x8D0041D0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSuspendThread [0x8D0041C0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwSystemDebugControl [0x8D004120]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwTerminateProcess [0x8D0040C0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwTerminateThread [0x8D0040D0]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwUnmapViewOfSection [0x8D004180]
SSDT            \SystemRoot\system32\DRIVERS\klhk.sys                                                                                      ZwWriteVirtualMemory [0x8D0040E0]

---- Kernel code sections - GMER 2.1 ----

.text          ntkrnlpa.exe!ZwReplaceKey + 1525                                                                                          8308DB55 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                    830C7BB2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          ntkrnlpa.exe!KeRemoveQueueEx + 10D7                                                                                        830CEFBC 4 Bytes  [A0, 40, 00, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 10FF                                                                                        830CEFE4 4 Bytes  [20, 40, 00, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1143                                                                                        830CF028 4 Bytes  [30, 40, 00, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1193                                                                                        830CF078 4 Bytes  [50, 40, 00, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                                        830CF0DC 4 Bytes  [00, 40, 00, 8D]
.text          ...                                                                                                                       
.text          F:\Windows\system32\DRIVERS\atikmdag.sys                                                                                  section is writeable [0x9300A000, 0x341E0C, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[1916] ntdll.dll!LdrLoadDll                                          77C72576 5 Bytes  JMP 5C87A8A8 F:\Program Files\Mozilla Firefox\mozglue.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtCreateFile                                                  77C556B0 5 Bytes  JMP 5840B983 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtFlushBuffersFile                                            77C55A40 5 Bytes  JMP 5840B6C3 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtQueryFullAttributesFile                                    77C560D0 5 Bytes  JMP 5840B7F8 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtReadFile                                                    77C563A0 5 Bytes  JMP 5840B6FD F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtReadFileScatter                                            77C563B0 5 Bytes  JMP 58792E91 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtWriteFile                                                  77C56B50 5 Bytes  JMP 5840BB27 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!NtWriteFileGather                                            77C56B60 5 Bytes  JMP 58792EE1 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!LdrLoadDll                                                    77C72576 5 Bytes  JMP 5C87A8A8 F:\Program Files\Mozilla Firefox\mozglue.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D                          7746952E 7 Bytes  JMP 5877B5A5 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] kernel32.dll!QueryPerformanceCounter + 13                              7746C535 7 Bytes  JMP 5877BFAC F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] kernel32.dll!LoadAppInitDlls + 355                                      7746F5F6 7 Bytes  JMP 584DAFF1 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] USER32.dll!GetWindowInfo                                                77754B5E 5 Bytes  JMP 5925AE81 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\firefox.exe[3340] GDI32.dll!GetViewportOrgEx + 26C                                        771087DB 7 Bytes  JMP 5877AF5D F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[3960] ntdll.dll!LdrLoadDll                                          77C72576 5 Bytes  JMP 5C87A8A8 F:\Program Files\Mozilla Firefox\mozglue.dll
.text          F:\Program Files\GfK Internet-Monitor\GfK-LoginInterface.exe[4100] kernel32.dll!SetFileCompletionNotificationModes        7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll
.text          F:\Users\CE\Desktop\Demon_Slayer_Anmeldeclient.exe[4484] kernel32.dll!SetFileCompletionNotificationModes                  7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll
.text          F:\Users\CE\AppData\Local\Akamai\netsession_win.exe[4532] kernel32.dll!SetFileCompletionNotificationModes                  7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll
.text          F:\Program Files\Windows Media Player\wmpnetwk.exe[4828] kernel32.dll!SetFileCompletionNotificationModes                  7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6096] ntdll.dll!LdrLoadDll                                          77C72576 5 Bytes  JMP 5C87A8A8 F:\Program Files\Mozilla Firefox\mozglue.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6396] ntdll.dll!LdrLoadDll                                          77C72576 5 Bytes  JMP 5C87A8A8 F:\Program Files\Mozilla Firefox\mozglue.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6396] USER32.dll!RegisterMessagePumpHook + 2F1                      77748B9E 7 Bytes  JMP 5912AC59 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6396] USER32.dll!IsDialogMessageW + 340                              77754444 7 Bytes  JMP 5912AD2E F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6396] USER32.dll!GetWindowInfo                                      77754B5E 5 Bytes  JMP 5912CDA9 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Program Files\Mozilla Firefox\plugin-container.exe[6396] USER32.dll!ToUnicodeEx + 71                                    77762223 7 Bytes  JMP 5912B5C8 F:\Program Files\Mozilla Firefox\xul.dll
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateFile + 6                      77C556B6 4 Bytes  [28, E0, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateFile + B                      77C556BB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateKey + 6                        77C556F6 4 Bytes  [68, E1, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateKey + B                        77C556FB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateMutant + 6                    77C55736 4 Bytes  [68, E2, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateMutant + B                    77C5573B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateSection + 6                    77C557D6 4 Bytes  [A8, E2, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtCreateSection + B                    77C557DB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtMapViewOfSection + B                77C55D1B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenFile + 6                        77C55DC6 4 Bytes  [68, E0, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenFile + B                        77C55DCB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenKey + 6                          77C55DF6 4 Bytes  [A8, E1, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenKey + B                          77C55DFB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenKeyEx + B                        77C55E0B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenMutant + 6                      77C55E46 4 Bytes  [28, E2, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenMutant + B                      77C55E4B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcess + 6                      77C55E76 4 Bytes  [68, E3, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcess + B                      77C55E7B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcessToken + 6                77C55E86 4 Bytes  [A8, E3, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcessToken + B                77C55E8B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcessTokenEx + 6              77C55E96 4 Bytes  [68, E4, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenProcessTokenEx + B              77C55E9B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenSection + B                      77C55EBB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThread + 6                      77C55EF6 4 Bytes  [28, E3, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThread + B                      77C55EFB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThreadToken + 6                  77C55F06 4 Bytes  [28, E4, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThreadToken + B                  77C55F0B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThreadTokenEx + 6                77C55F16 4 Bytes  [A8, E4, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtOpenThreadTokenEx + B                77C55F1B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtQueryAttributesFile + 6              77C56026 4 Bytes  [A8, E0, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtQueryAttributesFile + B              77C5602B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtQueryFullAttributesFile + B          77C560DB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtSetInformationFile + 6              77C56726 4 Bytes  [28, E1, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtSetInformationFile + B              77C5672B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtSetInformationThread + B            77C5678B 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtUnmapViewOfSection + 6              77C56AA6 4 Bytes  [28, E5, 07, 00]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ntdll.dll!NtUnmapViewOfSection + B              77C56AAB 1 Byte  [E2]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] kernel32.dll!CreateProcessW                      7742204D 5 Bytes  JMP 00080030
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] kernel32.dll!CreateProcessA                      77422082 5 Bytes  JMP 00080070
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] kernel32.dll!SetFileCompletionNotificationModes  7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!ActivateKeyboardLayout                77748203 5 Bytes  JMP 002304F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!ScreenToClient                        7774A506 7 Bytes  JMP 00230670
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!RegisterClipboardFormatA              7774C091 5 Bytes  JMP 002302F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!RegisterClipboardFormatW              7774DF8D 5 Bytes  JMP 002302B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!SetCursor                            77753075 5 Bytes  JMP 00230530
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!MonitorFromWindow                    77753622 7 Bytes  JMP 00230630
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!PostMessageW                          7775447B 5 Bytes  JMP 002305F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!IsWindowVisible                      77754D69 7 Bytes  JMP 002306B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClientRect                        777554DD 7 Bytes  JMP 002305B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!MapWindowPoints                      77755CAA 5 Bytes  JMP 00230570
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetParent                            77756029 7 Bytes  JMP 002306F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!EmptyClipboard                        7776290C 5 Bytes  JMP 00230130
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!SetClipboardData                      77762962 5 Bytes  JMP 00230170
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardData                      77762BA7 5 Bytes  JMP 00230030
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardFormatNameW              77765FD2 5 Bytes  JMP 00230230
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!SetClipboardViewer                    77766FF6 5 Bytes  JMP 002304B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardFormatNameA              7776700A 5 Bytes  JMP 00230270
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!ChangeClipboardChain                  7777147C 5 Bytes  JMP 00230430
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetTopWindow                          777724D9 7 Bytes  JMP 00230730
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!CloseClipboard                        7777446C 5 Bytes  JMP 002300B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!OpenClipboard                        7777447E 5 Bytes  JMP 00230070
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!IsClipboardFormatAvailable            777744FF 5 Bytes  JMP 002300F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardSequenceNumber            77774513 5 Bytes  JMP 00230330
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardOwner                    77774525 5 Bytes  JMP 00230370
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!CountClipboardFormats                7777470A 5 Bytes  JMP 002301F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!EnumClipboardFormats                  777747EC 5 Bytes  JMP 002301B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetOpenClipboardWindow                7777480B 5 Bytes  JMP 002303F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!SetCursorPos                          7778C1B0 5 Bytes  JMP 00230770
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetClipboardViewer                    777A4AF7 5 Bytes  JMP 00230470
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] user32.DLL!GetPriorityClipboardFormat            777A4BF9 5 Bytes  JMP 002303B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!DeleteObject                          77105F14 5 Bytes  JMP 002401B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SelectObject                          77106640 5 Bytes  JMP 002405F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetTextColor                          77106906 5 Bytes  JMP 00240A30
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetBkMode                              771069B1 5 Bytes  JMP 002408F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!DeleteDC                              77106EAA 5 Bytes  JMP 00240170
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetDeviceCaps                          77106F7F 5 Bytes  JMP 002403B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!ExtSelectClipRgn                      77107114 5 Bytes  JMP 002402F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SelectClipRgn                          77107242 5 Bytes  JMP 002405B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetCurrentObject                      7710782B 5 Bytes  JMP 00240370
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetStretchBltMode                      77107872 5 Bytes  JMP 002406B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextMetricsW                        77107B1F 5 Bytes  JMP 00240E30
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextAlign                          77107D3F 5 Bytes  JMP 00240D70
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!IntersectClipRect                      77107D8E 5 Bytes  JMP 002403F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!ExtTextOutW                            77108122 5 Bytes  JMP 00240970
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetTextAlign                          7710821E 5 Bytes  JMP 002409F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetClipBox                            771084B5 5 Bytes  JMP 00240330
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!MoveToEx                              77108BB1 5 Bytes  JMP 00240470
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!StretchDIBits                          7710A204 5 Bytes  JMP 00240770
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!RestoreDC                              7710A341 5 Bytes  JMP 00240530
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SaveDC                                7710A411 5 Bytes  JMP 00240570
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextExtentPoint32W                  7710B17D 5 Bytes  JMP 00240670
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextFaceW                          7710B402 5 Bytes  JMP 00240D30
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetFontData                            7710B98C 5 Bytes  JMP 00240C70
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!CreateDCA                              7710BDC9 5 Bytes  JMP 002400B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!CreateDCW                              7710C099 5 Bytes  JMP 002400F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!CreateICW                              7710C0F0 5 Bytes  JMP 00240130
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetWorldTransform                      7710CD04 5 Bytes  JMP 002406F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextMetricsA                        7710D328 5 Bytes  JMP 00240DF0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!Rectangle                              7710F1BD 5 Bytes  JMP 002409B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!LineTo                                7710F559 5 Bytes  JMP 00240430
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetICMMode                            7710FA62 5 Bytes  JMP 00240DB0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!ExtTextOutA                            77110CDE 5 Bytes  JMP 00240930
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextExtentPoint32A                  7711113D 5 Bytes  JMP 00240630
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!ExtEscape                              77112D09 5 Bytes  JMP 002402B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!Escape                                771133C0 5 Bytes  JMP 00240270
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!ResetDCW                              77113A5B 5 Bytes  JMP 00240AB0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!EndPage                                7711409A 5 Bytes  JMP 00240230
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetPolyFillMode                        77116741 5 Bytes  JMP 00240B30
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SetMiterLimit                          771168FD 5 Bytes  JMP 00240B70
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetTextFaceA                          77120C82 5 Bytes  JMP 00240CF0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!GetGlyphOutlineW                      7712C39A 5 Bytes  JMP 00240CB0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!CreateScalableFontResourceW            7712E9F7 5 Bytes  JMP 00240BB0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!AddFontResourceW                      7712EDF3 5 Bytes  JMP 00240BF0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!RemoveFontResourceW                    7712F2E9 5 Bytes  JMP 00240C30
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!AbortDoc                              77134F9B 5 Bytes  JMP 00240030
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!EndDoc                                771353E2 5 Bytes  JMP 002401F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!StartPage                              771354CD 5 Bytes  JMP 00240730
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!StartDocW                              77135EE8 5 Bytes  JMP 002407F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!BeginPath                              77136695 5 Bytes  JMP 00240830
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SelectClipPath                        771366EC 1 Byte  [E9]
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!SelectClipPath                        771366EC 5 Bytes  JMP 00240AF0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!CloseFigure                            77136747 5 Bytes  JMP 00240070
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!EndPath                                7713679E 5 Bytes  JMP 00240A70
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!StrokePath                            771369D1 5 Bytes  JMP 002407B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!FillPath                              77136A5E 5 Bytes  JMP 00240870
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!PolylineTo                            77136ECC 5 Bytes  JMP 002404F0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!PolyBezierTo                          77136F5D 5 Bytes  JMP 002404B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] GDI32.dll!PolyDraw                              7713700F 5 Bytes  JMP 002408B0
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ole32.dll!OleSetClipboard                        77B10225 5 Bytes  JMP 00260030
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ole32.dll!OleIsCurrentClipboard                  77B136A6 5 Bytes  JMP 00260070
.text          F:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe[6476] ole32.dll!OleGetClipboard                        77B3FDBD 5 Bytes  JMP 002600B0
.text          F:\Users\CE\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe[7108] kernel32.dll!SetFileCompletionNotificationModes    7747F10D 5 Bytes  JMP 100078E0 F:\Windows\system32\LavasoftTcpService.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                    kltdi.sys

Device          \Driver\NetworkMeterDriver \Device\NetworkMeterDriver                                                                      NetworkMeterDriver32.sys

AttachedDevice  \Driver\tdx \Device\Udp                                                                                                    kltdi.sys
AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                  kltdi.sys

---- Registry - GMER 2.1 ----

Reg            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active                                       
Reg            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@ADD159B2                                348

---- EOF - GMER 2.1 ----

Malewarebytes:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 01.12.2015
Suchlaufzeit: 14:25
Protokolldatei: logile_mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.01.03
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: CE

Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 455148
Abgelaufene Zeit: 54 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)

Eset:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# end=init
# utc_time=2015-12-01 01:36:42
# local_time=2015-12-01 02:36:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26990
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# end=updated
# utc_time=2015-12-01 01:37:56
# local_time=2015-12-01 02:37:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# engine=26990
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-12-01 02:47:13
# local_time=2015-12-01 03:47:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 9204 76560063 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 352471 200612424 0 0
# scanned=299018
# found=10
# cleaned=10
# scan_time=4156
sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{B15768A1-2743-43B9-B33C-5BF1F3C4FE43}\RP273\A0111955.exe"
sh=4E5E8B54DDA603D7E83F3EDE2BCDD8064D4EDF22 ft=1 fh=895bb0fee970ac49 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\AppData\Local\Temp\DMR\dmr_72.exe"
sh=12EB0AF500FEF297E77346508080D2794112E72B ft=1 fh=a6caf9f715c69e75 vn="Variante von Win32/RiskWare.Astori.C Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\AppData\Roaming\SpeedMon\speedmon.exe"
sh=CDC5190A2D68FCF7B08DB0E38D5521C8D926C5AE ft=1 fh=dc819f836e023691 vn="Win64/HideRun.A potenziell unsichere Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\Desktop\pcwMultiBoot\Tools\Win7PE_SE\Projects\Tools\Win7PESE\x64\hiderun_x64.exe"
sh=5DF30CBA4DE1B492F293A09B267EA80FEAAEDB8B ft=1 fh=3fc03d75d5d5e31d vn="Win32/HideRun.A potenziell unsichere Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\Desktop\pcwMultiBoot\Tools\Win7PE_SE\Projects\Tools\Win7PESE\x86\hiderun_x86.exe"
sh=D86CAF4F4782833D0488A00323D2427630F15093 ft=1 fh=4fcb2e98cc95c38e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\Documents\Computer_neu\FreeVideoToMP3Converter5.0.48.922.exe"
sh=927ADC53DAD373C3C5DC99AB7DA243F435E9DCB7 ft=1 fh=5d495a1ecc8d5fce vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Cindy\Documents\Computer_neu\FreeYouTubeDownload.exe"
sh=8A3A1905AF66EEC7D4BF1793BA2275A181A1A00E ft=1 fh=ce3b10fda6d63ca3 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Users\CE\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader.exe"
sh=651744B85ADFD373C9CD1DAE395B9B9FBA46E17E ft=1 fh=0e8d01e15de6196e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Windows\System32\FreeVideoEditor.exe"
sh=8D4A90947D3929B246A5E513F04A121D35E924CF ft=0 fh=0000000000000000 vn="Win64/HideRun.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Win7PE_SE.zip"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# end=init
# utc_time=2015-12-01 03:02:17
# local_time=2015-12-01 04:02:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 26990
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# end=updated
# utc_time=2015-12-01 03:02:39
# local_time=2015-12-01 04:02:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=eccc9d0fc5624c4aa406b922c0acd66c
# engine=26990
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-12-01 04:05:02
# local_time=2015-12-01 05:05:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 10273 76564732 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6938 200617093 0 0
# scanned=299015
# found=0
# cleaned=0
# scan_time=3742
Emsisoft:
Code:
Emsisoft Emergency Kit - Version 10.0
Letztes Update: 30.11.2015 19:39:41
Benutzerkonto: BlackHawk\Cindy

Scan-Einstellungen:

Scan-Methode: Schnelltest
Objekte: Rootkits, Speicher, Traces

PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:        01.12.2015 13:49:13
Value: HKEY_USERS\S-1-5-21-1062219747-2790550789-386354793-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR        Gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1062219747-2790550789-386354793-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        Gefunden: Setting.DisableRegistryTools (A)

Gescannt:        60608
Gefunden        2

Scan-Ende:        01.12.2015 13:49:27
Scan-Zeit:        0:00:14

Value: HKEY_USERS\S-1-5-21-1062219747-2790550789-386354793-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        Gelöscht Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1062219747-2790550789-386354793-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR        Gelöscht Setting.DisableTaskMgr (A)

Gelöscht        2
Der intensivere Suchlauf hat danach nichts mehr gefunden.

schrauber 02.12.2015 00:17
hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

AngelNights 02.12.2015 09:59
Habe heute nochmal versucht den gmer unter meinen Windows 8 laufen zu lassen, da mein Rechner gestern dabei immer heruntergefahren war, heute hat es endlich einmal geklappt!
Da der Inhalt der Textdatei zu viele Zeichen hat, um ihn hier zu posten habe ich ihn als Datei angehängt. (musste ich auch noch zippen)

Und hier das Ergebnis vom
TDSSKiller (der nichts gefunden hat):
Code:
09:36:24.0561 0x0bbc  TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
09:36:27.0026 0x0bbc  ============================================================
09:36:27.0026 0x0bbc  Current date / time: 2015/12/02 09:36:27.0026
09:36:27.0026 0x0bbc  SystemInfo:
09:36:27.0026 0x0bbc 
09:36:27.0026 0x0bbc  OS Version: 6.2.9200 ServicePack: 0.0
09:36:27.0026 0x0bbc  Product type: Workstation
09:36:27.0026 0x0bbc  ComputerName: BLACKHAWK
09:36:27.0026 0x0bbc  UserName: Cindy
09:36:27.0026 0x0bbc  Windows directory: C:\WINDOWS
09:36:27.0026 0x0bbc  System windows directory: C:\WINDOWS
09:36:27.0026 0x0bbc  Running under WOW64
09:36:27.0026 0x0bbc  Processor architecture: Intel x64
09:36:27.0026 0x0bbc  Number of processors: 4
09:36:27.0026 0x0bbc  Page size: 0x1000
09:36:27.0026 0x0bbc  Boot type: Normal boot
09:36:27.0026 0x0bbc  ============================================================
09:36:27.0135 0x0bbc  KLMD registered as C:\WINDOWS\system32\drivers\42659182.sys
09:36:27.0822 0x0bbc  System UUID: {3D740D54-0CF8-F160-F188-94784DEACD1A}
09:36:28.0508 0x0bbc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:36:28.0524 0x0bbc  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
09:36:29.0819 0x0bbc  ============================================================
09:36:29.0819 0x0bbc  \Device\Harddisk0\DR0:
09:36:29.0819 0x0bbc  MBR partitions:
09:36:29.0819 0x0bbc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4F586000
09:36:29.0819 0x0bbc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4F5868EF, BlocksNum 0x2517F0D2
09:36:29.0819 0x0bbc  \Device\Harddisk1\DR1:
09:36:29.0819 0x0bbc  MBR partitions:
09:36:29.0819 0x0bbc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:36:29.0819 0x0bbc  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
09:36:29.0819 0x0bbc  ============================================================
09:36:29.0819 0x0bbc  C: <-> \Device\Harddisk1\DR1\Partition2
09:36:29.0881 0x0bbc  G: <-> \Device\Harddisk0\DR0\Partition2
09:36:29.0944 0x0bbc  F: <-> \Device\Harddisk0\DR0\Partition1
09:36:29.0944 0x0bbc  ============================================================
09:36:29.0944 0x0bbc  Initialize success
09:36:29.0944 0x0bbc  ============================================================
09:36:38.0524 0x0794  ============================================================
09:36:38.0524 0x0794  Scan started
09:36:38.0524 0x0794  Mode: Manual; SigCheck; TDLFS;
09:36:38.0524 0x0794  ============================================================
09:36:38.0524 0x0794  KSN ping started
09:36:38.0570 0x0794  KSN ping finished: false
09:36:38.0695 0x0794  ================ Scan system memory ========================
09:36:38.0695 0x0794  System memory - ok
09:36:38.0695 0x0794  ================ Scan services =============================
09:36:38.0758 0x0794  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
09:36:38.0914 0x0794  1394ohci - ok
09:36:38.0929 0x0794  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
09:36:38.0960 0x0794  3ware - ok
09:36:38.0976 0x0794  A2DDA - ok
09:36:38.0992 0x0794  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
09:36:39.0038 0x0794  ACPI - ok
09:36:39.0054 0x0794  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
09:36:39.0085 0x0794  acpiex - ok
09:36:39.0085 0x0794  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
09:36:39.0116 0x0794  acpipagr - ok
09:36:39.0132 0x0794  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
09:36:39.0163 0x0794  AcpiPmi - ok
09:36:39.0163 0x0794  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
09:36:39.0194 0x0794  acpitime - ok
09:36:39.0210 0x0794  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx        C:\WINDOWS\system32\drivers\adp94xx.sys
09:36:39.0257 0x0794  adp94xx - ok
09:36:39.0272 0x0794  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci        C:\WINDOWS\system32\drivers\adpahci.sys
09:36:39.0304 0x0794  adpahci - ok
09:36:39.0319 0x0794  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320        C:\WINDOWS\system32\drivers\adpu320.sys
09:36:39.0350 0x0794  adpu320 - ok
09:36:39.0366 0x0794  AdvancedSystemCareService8 - ok
09:36:39.0366 0x0794  [ 480C020D9B58E881A5349F5F1189A418, 8AE8ED9CD8F239DF47853FBCE45DB34652CE94E3FD296FDF3897AC6DD5F9B143 ] AeLookupSvc    C:\WINDOWS\System32\aelupsvc.dll
09:36:39.0397 0x0794  AeLookupSvc - ok
09:36:39.0413 0x0794  [ 8252EE6D7F87846EA409D0DA602FB1D9, 2A89C654B2C92B8E2445A35A1B6ACA4926AFDC2C875142E0A21D339B8FC8D474 ] AFD            C:\WINDOWS\system32\drivers\afd.sys
09:36:39.0475 0x0794  AFD - ok
09:36:39.0475 0x0794  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
09:36:39.0522 0x0794  agp440 - ok
09:36:39.0522 0x0794  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG            C:\WINDOWS\System32\alg.exe
09:36:39.0569 0x0794  ALG - ok
09:36:39.0569 0x0794  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
09:36:39.0616 0x0794  AllUserInstallAgent - ok
09:36:39.0616 0x0794  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
09:36:39.0647 0x0794  AmdK8 - ok
09:36:39.0928 0x0794  [ 8DC532B5BF820E48194C6AFC8862FCBC, AA8040A2EC9004FBED4B94166B2DD5A4F5BC835EBADD6199651C856A695AA3E1 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
09:36:40.0271 0x0794  amdkmdag - ok
09:36:40.0302 0x0794  [ AA48FEABA50C2DED9C485DFDBA044E40, AE52933B85494F51E4F1524489BEAC4C16F80D09BC8974D97F792D94EAD2A231 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
09:36:40.0380 0x0794  amdkmdap - ok
09:36:40.0380 0x0794  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
09:36:40.0411 0x0794  AmdPPM - ok
09:36:40.0427 0x0794  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
09:36:40.0458 0x0794  amdsata - ok
09:36:40.0458 0x0794  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
09:36:40.0505 0x0794  amdsbs - ok
09:36:40.0505 0x0794  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
09:36:40.0536 0x0794  amdxata - ok
09:36:40.0552 0x0794  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID          C:\WINDOWS\system32\drivers\appid.sys
09:36:40.0583 0x0794  AppID - ok
09:36:40.0583 0x0794  [ A33B59C8DF9012E7B129D0A1D2F50E81, 50F1E05AA808600B49595CD9FDDDB4327272CC09647E3D94D3FD1B426381F839 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
09:36:40.0614 0x0794  AppIDSvc - ok
09:36:40.0614 0x0794  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
09:36:40.0645 0x0794  Appinfo - ok
09:36:40.0661 0x0794  [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
09:36:40.0692 0x0794  AppMgmt - ok
09:36:40.0708 0x0794  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc            C:\WINDOWS\system32\drivers\arc.sys
09:36:40.0739 0x0794  arc - ok
09:36:40.0739 0x0794  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
09:36:40.0786 0x0794  arcsas - ok
09:36:40.0786 0x0794  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:36:40.0832 0x0794  AsyncMac - ok
09:36:40.0832 0x0794  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
09:36:40.0848 0x0794  atapi - ok
09:36:40.0864 0x0794  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:36:40.0895 0x0794  AudioEndpointBuilder - ok
09:36:40.0910 0x0794  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
09:36:40.0957 0x0794  Audiosrv - ok
09:36:40.0973 0x0794  [ F00A9C22B82F3B06B0B958656C2C1B78, 7C41000054797081771273FA8BEFE7A829BEFFAFD0BF0B7AAA8DF5FC2CE5DF5A ] AWEAlloc        C:\WINDOWS\system32\DRIVERS\awealloc.sys
09:36:41.0035 0x0794  AWEAlloc - ok
09:36:41.0035 0x0794  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
09:36:41.0082 0x0794  AxInstSV - ok
09:36:41.0098 0x0794  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
09:36:41.0144 0x0794  b06bdrv - ok
09:36:41.0144 0x0794  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:36:41.0191 0x0794  BasicDisplay - ok
09:36:41.0191 0x0794  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
09:36:41.0222 0x0794  BasicRender - ok
09:36:41.0222 0x0794  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
09:36:41.0269 0x0794  BDESVC - ok
09:36:41.0285 0x0794  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:36:41.0316 0x0794  Beep - ok
09:36:41.0332 0x0794  [ 431320C07A4073BD77AF7E32DB241FA8, 9285D8CE161291751A037C19ABA744A74B41EA6F9805F5A1101198C6E519F444 ] BFE            C:\WINDOWS\System32\bfe.dll
09:36:41.0378 0x0794  BFE - ok
09:36:41.0394 0x0794  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\WINDOWS\System32\qmgr.dll
09:36:41.0456 0x0794  BITS - ok
09:36:41.0472 0x0794  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
09:36:41.0503 0x0794  bowser - ok
09:36:41.0519 0x0794  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:36:41.0566 0x0794  BrokerInfrastructure - ok
09:36:41.0566 0x0794  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser        C:\WINDOWS\System32\browser.dll
09:36:41.0612 0x0794  Browser - ok
09:36:41.0612 0x0794  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:36:41.0644 0x0794  BthAvrcpTg - ok
09:36:41.0659 0x0794  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
09:36:41.0690 0x0794  BthHFEnum - ok
09:36:41.0706 0x0794  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
09:36:41.0737 0x0794  bthhfhid - ok
09:36:41.0737 0x0794  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
09:36:41.0784 0x0794  BTHMODEM - ok
09:36:41.0784 0x0794  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv        C:\WINDOWS\system32\bthserv.dll
09:36:41.0846 0x0794  bthserv - ok
09:36:41.0846 0x0794  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:36:41.0878 0x0794  cdfs - ok
09:36:41.0893 0x0794  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
09:36:41.0940 0x0794  cdrom - ok
09:36:41.0940 0x0794  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
09:36:41.0987 0x0794  CertPropSvc - ok
09:36:41.0987 0x0794  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
09:36:42.0034 0x0794  circlass - ok
09:36:42.0034 0x0794  cleanhlp - ok
09:36:42.0049 0x0794  [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
09:36:42.0096 0x0794  CLFS - ok
09:36:42.0112 0x0794  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
09:36:42.0143 0x0794  CmBatt - ok
09:36:42.0158 0x0794  [ 1824F120E8390BC47B1C3013C9E84D84, CEC0D3F32410A33FD2CAE3533F0361615037FC20A4229262CB2ED555732EDBFC ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
09:36:42.0221 0x0794  CNG - ok
09:36:42.0221 0x0794  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
09:36:42.0268 0x0794  CompositeBus - ok
09:36:42.0268 0x0794  COMSysApp - ok
09:36:42.0268 0x0794  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
09:36:42.0314 0x0794  condrv - ok
09:36:42.0314 0x0794  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
09:36:42.0361 0x0794  CryptSvc - ok
09:36:42.0377 0x0794  [ F2C69C3D98249DE14D4B2832516D4FD5, 5F622A61A99202802B35532036CFCFDFB1FDEC32465BA8CCAB4C4FAFA336FC2A ] CSC            C:\WINDOWS\system32\drivers\csc.sys
09:36:42.0424 0x0794  CSC - ok
09:36:42.0455 0x0794  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService      C:\WINDOWS\System32\cscsvc.dll
09:36:42.0502 0x0794  CscService - ok
09:36:42.0517 0x0794  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam            C:\WINDOWS\system32\drivers\dam.sys
09:36:42.0548 0x0794  dam - ok
09:36:42.0564 0x0794  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:36:42.0611 0x0794  DcomLaunch - ok
09:36:42.0626 0x0794  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
09:36:42.0658 0x0794  defragsvc - ok
09:36:42.0673 0x0794  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:36:42.0736 0x0794  DeviceAssociationService - ok
09:36:42.0751 0x0794  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
09:36:42.0782 0x0794  DeviceInstall - ok
09:36:42.0798 0x0794  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
09:36:42.0829 0x0794  Dfsc - ok
09:36:42.0845 0x0794  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
09:36:42.0892 0x0794  Dhcp - ok
09:36:42.0892 0x0794  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\WINDOWS\system32\drivers\discache.sys
09:36:42.0938 0x0794  discache - ok
09:36:42.0938 0x0794  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\WINDOWS\system32\drivers\disk.sys
09:36:42.0970 0x0794  disk - ok
09:36:42.0985 0x0794  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
09:36:43.0016 0x0794  dmvsc - ok
09:36:43.0032 0x0794  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:36:43.0063 0x0794  Dnscache - ok
09:36:43.0063 0x0794  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
09:36:43.0110 0x0794  dot3svc - ok
09:36:43.0126 0x0794  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS            C:\WINDOWS\system32\dps.dll
09:36:43.0157 0x0794  DPS - ok
09:36:43.0172 0x0794  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
09:36:43.0204 0x0794  drmkaud - ok
09:36:43.0204 0x0794  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
09:36:43.0266 0x0794  DsmSvc - ok
09:36:43.0297 0x0794  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:36:43.0375 0x0794  DXGKrnl - ok
09:36:43.0391 0x0794  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
09:36:43.0438 0x0794  Eaphost - ok
09:36:43.0516 0x0794  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
09:36:43.0640 0x0794  ebdrv - ok
09:36:43.0656 0x0794  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS            C:\WINDOWS\System32\lsass.exe
09:36:43.0687 0x0794  EFS - ok
09:36:43.0687 0x0794  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
09:36:43.0718 0x0794  EhStorClass - ok
09:36:43.0734 0x0794  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:36:43.0765 0x0794  EhStorTcgDrv - ok
09:36:43.0781 0x0794  [ 9ED89A533D125C273F93C6A524A1A118, 0CB4282509F455538CF4F9276184CDCC3CF783B0F0D45BB136DB02063983B0C3 ] epp64          C:\EEK\bin\epp64.sys
09:36:43.0828 0x0794  epp64 - ok
09:36:43.0828 0x0794  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
09:36:43.0859 0x0794  ErrDev - ok
09:36:43.0874 0x0794  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem    C:\WINDOWS\system32\es.dll
09:36:43.0921 0x0794  EventSystem - ok
09:36:43.0937 0x0794  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
09:36:43.0968 0x0794  exfat - ok
09:36:43.0984 0x0794  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
09:36:44.0015 0x0794  fastfat - ok
09:36:44.0046 0x0794  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax            C:\WINDOWS\system32\fxssvc.exe
09:36:44.0108 0x0794  Fax - ok
09:36:44.0108 0x0794  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
09:36:44.0140 0x0794  fdc - ok
09:36:44.0155 0x0794  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
09:36:44.0186 0x0794  fdPHost - ok
09:36:44.0186 0x0794  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
09:36:44.0233 0x0794  FDResPub - ok
09:36:44.0233 0x0794  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
09:36:44.0280 0x0794  fhsvc - ok
09:36:44.0280 0x0794  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
09:36:44.0327 0x0794  FileInfo - ok
09:36:44.0327 0x0794  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
09:36:44.0358 0x0794  Filetrace - ok
09:36:44.0374 0x0794  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
09:36:44.0405 0x0794  flpydisk - ok
09:36:44.0405 0x0794  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:36:44.0452 0x0794  FltMgr - ok
09:36:44.0483 0x0794  [ AD61E8B66750B9C921F52FF6287C9B30, 6C284E7DC99D2A7DEE269FBCBF2FA97B035268F37633EE667DEEBAE627D51F83 ] FontCache      C:\WINDOWS\system32\FntCache.dll
09:36:44.0545 0x0794  FontCache - ok
09:36:44.0561 0x0794  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:36:44.0576 0x0794  FontCache3.0.0.0 - ok
09:36:44.0576 0x0794  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
09:36:44.0608 0x0794  FsDepends - ok
09:36:44.0623 0x0794  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:36:44.0654 0x0794  Fs_Rec - ok
09:36:44.0670 0x0794  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:36:44.0701 0x0794  fvevol - ok
09:36:44.0717 0x0794  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM          C:\WINDOWS\System32\drivers\fxppm.sys
09:36:44.0748 0x0794  FxPPM - ok
09:36:44.0748 0x0794  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
09:36:44.0795 0x0794  gagp30kx - ok
09:36:44.0795 0x0794  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\WINDOWS\gdrv.sys
09:36:44.0826 0x0794  gdrv - ok
09:36:44.0826 0x0794  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
09:36:44.0857 0x0794  gencounter - ok
09:36:44.0888 0x0794  [ 3BD63CB8882AF84E4DC4B39A04C992E9, AE5984FFE3A857A3BBA189F56FCC266ABFC013A6BEAC5D920CC318E3379B994D ] GfK-NetworkMeter C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
09:36:44.0982 0x0794  GfK-NetworkMeter - ok
09:36:44.0982 0x0794  GfK-Reporting-Service - ok
09:36:44.0982 0x0794  GfK-Update-Service - ok
09:36:44.0998 0x0794  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:36:45.0029 0x0794  GPIOClx0101 - ok
09:36:45.0060 0x0794  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
09:36:45.0138 0x0794  gpsvc - ok
09:36:45.0154 0x0794  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
09:36:45.0200 0x0794  HdAudAddService - ok
09:36:45.0200 0x0794  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
09:36:45.0247 0x0794  HDAudBus - ok
09:36:45.0247 0x0794  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
09:36:45.0278 0x0794  HidBatt - ok
09:36:45.0294 0x0794  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
09:36:45.0325 0x0794  HidBth - ok
09:36:45.0325 0x0794  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
09:36:45.0356 0x0794  hidi2c - ok
09:36:45.0372 0x0794  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
09:36:45.0403 0x0794  HidIr - ok
09:36:45.0419 0x0794  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv        C:\WINDOWS\system32\hidserv.dll
09:36:45.0450 0x0794  hidserv - ok
09:36:45.0450 0x0794  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
09:36:45.0497 0x0794  HidUsb - ok
09:36:45.0497 0x0794  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
09:36:45.0544 0x0794  hkmsvc - ok
09:36:45.0559 0x0794  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:36:45.0606 0x0794  HomeGroupListener - ok
09:36:45.0622 0x0794  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:36:45.0653 0x0794  HomeGroupProvider - ok
09:36:45.0653 0x0794  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
09:36:45.0684 0x0794  HpSAMD - ok
09:36:45.0715 0x0794  [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
09:36:45.0778 0x0794  HTTP - ok
09:36:45.0778 0x0794  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
09:36:45.0809 0x0794  hwpolicy - ok
09:36:45.0809 0x0794  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
09:36:45.0840 0x0794  hyperkbd - ok
09:36:45.0856 0x0794  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:36:45.0887 0x0794  HyperVideo - ok
09:36:45.0902 0x0794  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
09:36:45.0949 0x0794  i8042prt - ok
09:36:45.0965 0x0794  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
09:36:46.0043 0x0794  iaStorV - ok
09:36:46.0043 0x0794  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp          C:\WINDOWS\system32\drivers\iirsp.sys
09:36:46.0090 0x0794  iirsp - ok
09:36:46.0121 0x0794  [ 6F3037196ED82BA5ABA3135C49A1BAB4, 3862C6A27E78A279E974A5B97A1648CFD4FEF824CBEF6493F52812ECEA688D93 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
09:36:46.0168 0x0794  IKEEXT - ok
09:36:46.0168 0x0794  [ DFCF9773D8215A4360314D39CE5ED83D, EE32D76C6FA9867DF4DF9C4BB8C1734625D2684B2DC6FCFBA49CA068AE58B333 ] ImDisk          C:\WINDOWS\system32\DRIVERS\imdisk.sys
09:36:46.0214 0x0794  ImDisk - ok
09:36:46.0214 0x0794  [ 5B95AD3A9589DF9D5586189F1D5D243E, 94992248AC57C4DBC08DCB4760B106BF6C1DF11E30EC6DC5E85303A90DF3D520 ] ImDskSvc        C:\WINDOWS\system32\imdsksvc.exe
09:36:46.0261 0x0794  ImDskSvc - ok
09:36:46.0324 0x0794  [ 0ADF714079AE174A39D69036143E4C50, 93184D0DB1265D94BA92922783514ADFDAB04557EB0DEF9715D8B1EF06EDD692 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:36:46.0448 0x0794  IntcAzAudAddService - ok
09:36:46.0448 0x0794  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
09:36:46.0480 0x0794  intelide - ok
09:36:46.0495 0x0794  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
09:36:46.0526 0x0794  intelppm - ok
09:36:46.0526 0x0794  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:36:46.0573 0x0794  IpFilterDriver - ok
09:36:46.0589 0x0794  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
09:36:46.0651 0x0794  iphlpsvc - ok
09:36:46.0667 0x0794  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:36:46.0698 0x0794  IPMIDRV - ok
09:36:46.0714 0x0794  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
09:36:46.0745 0x0794  IPNAT - ok
09:36:46.0760 0x0794  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
09:36:46.0792 0x0794  IRENUM - ok
09:36:46.0792 0x0794  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
09:36:46.0823 0x0794  isapnp - ok
09:36:46.0838 0x0794  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
09:36:46.0885 0x0794  iScsiPrt - ok
09:36:46.0885 0x0794  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
09:36:46.0916 0x0794  kbdclass - ok
09:36:46.0932 0x0794  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
09:36:46.0963 0x0794  kbdhid - ok
09:36:46.0963 0x0794  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic          C:\WINDOWS\system32\DRIVERS\kdnic.sys
09:36:46.0994 0x0794  kdnic - ok
09:36:46.0994 0x0794  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\WINDOWS\system32\lsass.exe
09:36:47.0026 0x0794  KeyIso - ok
09:36:47.0026 0x0794  [ 559A933F5647A7A2783C8A0C6CB0514C, B4CF12D409F14E21DE081A5D7FC935719582FADA1505D03301B444B6B027F1EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
09:36:47.0072 0x0794  KSecDD - ok
09:36:47.0072 0x0794  [ F30A4233D39280A3E6C18ED034663B47, 0BB0ED9C59CB3B70ADB0D4678E153022DD7E4570B388544387D9D0761DD5C22E ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:36:47.0119 0x0794  KSecPkg - ok
09:36:47.0119 0x0794  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
09:36:47.0150 0x0794  ksthunk - ok
09:36:47.0166 0x0794  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
09:36:47.0213 0x0794  KtmRm - ok
09:36:47.0228 0x0794  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
09:36:47.0260 0x0794  LanmanServer - ok
09:36:47.0260 0x0794  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:36:47.0306 0x0794  LanmanWorkstation - ok
09:36:47.0322 0x0794  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
09:36:47.0353 0x0794  lltdio - ok
09:36:47.0369 0x0794  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
09:36:47.0416 0x0794  lltdsvc - ok
09:36:47.0416 0x0794  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
09:36:47.0447 0x0794  lmhosts - ok
09:36:47.0462 0x0794  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
09:36:47.0494 0x0794  LSI_SAS - ok
09:36:47.0509 0x0794  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
09:36:47.0540 0x0794  LSI_SAS2 - ok
09:36:47.0540 0x0794  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
09:36:47.0587 0x0794  LSI_SCSI - ok
09:36:47.0587 0x0794  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
09:36:47.0618 0x0794  LSI_SSS - ok
09:36:47.0634 0x0794  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM            C:\WINDOWS\System32\lsm.dll
09:36:47.0665 0x0794  LSM - ok
09:36:47.0681 0x0794  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
09:36:47.0728 0x0794  luafv - ok
09:36:47.0728 0x0794  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
09:36:47.0759 0x0794  megasas - ok
09:36:47.0774 0x0794  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
09:36:47.0821 0x0794  MegaSR - ok
09:36:47.0837 0x0794  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS          C:\WINDOWS\system32\mmcss.dll
09:36:47.0868 0x0794  MMCSS - ok
09:36:47.0868 0x0794  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem          C:\WINDOWS\system32\drivers\modem.sys
09:36:47.0915 0x0794  Modem - ok
09:36:47.0915 0x0794  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
09:36:47.0962 0x0794  monitor - ok
09:36:47.0962 0x0794  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
09:36:47.0993 0x0794  mouclass - ok
09:36:47.0993 0x0794  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
09:36:48.0040 0x0794  mouhid - ok
09:36:48.0040 0x0794  [ A1825437F11C4FD9778F293A08DE65F3, 8AD337363F6BDEB816770EFDA7C3F1AAFA88BA7E265ED168ACBC03001669B902 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
09:36:48.0071 0x0794  mountmgr - ok
09:36:48.0086 0x0794  [ 5C2B2F10C847834C6DA4E680A4093BA3, 0222EBC8789765613184F47339A1DBD118ED209B72BC5565A8A7D4FB4CCF5418 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:36:48.0133 0x0794  MozillaMaintenance - ok
09:36:48.0149 0x0794  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
09:36:48.0180 0x0794  mpsdrv - ok
09:36:48.0211 0x0794  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
09:36:48.0258 0x0794  MpsSvc - ok
09:36:48.0274 0x0794  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
09:36:48.0305 0x0794  MRxDAV - ok
09:36:48.0320 0x0794  [ 6BA2A5D1C74E7CB3AFAF301A7E5D9E44, 92CACD154D3D7E738C6D2492186270762B1888E89F505EE00C3CAE58F71650ED ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:36:48.0367 0x0794  mrxsmb - ok
09:36:48.0383 0x0794  [ 7E86B45D5F84E0F96AE18BEAC7A51EE4, 2B4DC0B017FD90D7D2F6A35342F5A17B20E79D077D3DFC4AD2455C0D814B7B5E ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:36:48.0430 0x0794  mrxsmb10 - ok
09:36:48.0430 0x0794  [ 1BB4582396718EDEFF8A4493AEF67D66, 62AA83190CA041131E43B2031175D9F0F8ACD9A0EB0EC8B8F66C2951F15420E4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:36:48.0476 0x0794  mrxsmb20 - ok
09:36:48.0476 0x0794  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
09:36:48.0523 0x0794  MsBridge - ok
09:36:48.0539 0x0794  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC          C:\WINDOWS\System32\msdtc.exe
09:36:48.0570 0x0794  MSDTC - ok
09:36:48.0586 0x0794  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:36:48.0617 0x0794  Msfs - ok
09:36:48.0632 0x0794  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:36:48.0664 0x0794  msgpiowin32 - ok
09:36:48.0664 0x0794  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:36:48.0695 0x0794  mshidkmdf - ok
09:36:48.0695 0x0794  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
09:36:48.0726 0x0794  mshidumdf - ok
09:36:48.0742 0x0794  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
09:36:48.0773 0x0794  msisadrv - ok
09:36:48.0773 0x0794  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
09:36:48.0820 0x0794  MSiSCSI - ok
09:36:48.0820 0x0794  msiserver - ok
09:36:48.0835 0x0794  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:36:48.0866 0x0794  MSKSSRV - ok
09:36:48.0866 0x0794  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
09:36:48.0898 0x0794  MsLldp - ok
09:36:48.0913 0x0794  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:36:48.0944 0x0794  MSPCLOCK - ok
09:36:48.0944 0x0794  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
09:36:48.0976 0x0794  MSPQM - ok
09:36:48.0991 0x0794  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
09:36:49.0038 0x0794  MsRPC - ok
09:36:49.0054 0x0794  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
09:36:49.0085 0x0794  mssmbios - ok
09:36:49.0085 0x0794  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
09:36:49.0116 0x0794  MSTEE - ok
09:36:49.0116 0x0794  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
09:36:49.0147 0x0794  MTConfig - ok
09:36:49.0163 0x0794  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
09:36:49.0194 0x0794  Mup - ok
09:36:49.0194 0x0794  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
09:36:49.0225 0x0794  mvumis - ok
09:36:49.0241 0x0794  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\WINDOWS\system32\qagentRT.dll
09:36:49.0303 0x0794  napagent - ok
09:36:49.0319 0x0794  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:36:49.0366 0x0794  NativeWifiP - ok
09:36:49.0366 0x0794  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
09:36:49.0412 0x0794  NcaSvc - ok
09:36:49.0428 0x0794  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
09:36:49.0459 0x0794  NcdAutoSetup - ok
09:36:49.0490 0x0794  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
09:36:49.0553 0x0794  NDIS - ok
09:36:49.0568 0x0794  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap        C:\WINDOWS\system32\DRIVERS\ndiscap.sys
09:36:49.0600 0x0794  NdisCap - ok
09:36:49.0600 0x0794  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
09:36:49.0646 0x0794  NdisImPlatform - ok
09:36:49.0646 0x0794  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:36:49.0678 0x0794  NdisTapi - ok
09:36:49.0693 0x0794  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:36:49.0724 0x0794  Ndisuio - ok
09:36:49.0740 0x0794  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:36:49.0771 0x0794  NdisWan - ok
09:36:49.0787 0x0794  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:36:49.0818 0x0794  NDISWANLEGACY - ok
09:36:49.0818 0x0794  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
09:36:49.0865 0x0794  NDProxy - ok
09:36:49.0865 0x0794  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
09:36:49.0896 0x0794  Ndu - ok
09:36:49.0912 0x0794  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
09:36:49.0943 0x0794  NetBIOS - ok
09:36:49.0958 0x0794  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
09:36:50.0005 0x0794  NetBT - ok
09:36:50.0005 0x0794  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:36:50.0036 0x0794  Netlogon - ok
09:36:50.0052 0x0794  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\WINDOWS\System32\netman.dll
09:36:50.0083 0x0794  Netman - ok
09:36:50.0099 0x0794  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
09:36:50.0161 0x0794  netprofm - ok
09:36:50.0177 0x0794  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:36:50.0224 0x0794  NetTcpPortSharing - ok
09:36:50.0239 0x0794  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960        C:\WINDOWS\system32\drivers\nfrd960.sys
09:36:50.0270 0x0794  nfrd960 - ok
09:36:50.0270 0x0794  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
09:36:50.0317 0x0794  NlaSvc - ok
09:36:50.0317 0x0794  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:36:50.0380 0x0794  Npfs - ok
09:36:50.0380 0x0794  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
09:36:50.0411 0x0794  npsvctrig - ok
09:36:50.0426 0x0794  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi            C:\WINDOWS\system32\nsisvc.dll
09:36:50.0458 0x0794  nsi - ok
09:36:50.0458 0x0794  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
09:36:50.0489 0x0794  nsiproxy - ok
09:36:50.0551 0x0794  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:36:50.0645 0x0794  Ntfs - ok
09:36:50.0645 0x0794  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:36:50.0676 0x0794  Null - ok
09:36:50.0692 0x0794  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
09:36:50.0723 0x0794  nvraid - ok
09:36:50.0738 0x0794  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
09:36:50.0770 0x0794  nvstor - ok
09:36:50.0785 0x0794  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
09:36:50.0816 0x0794  nv_agp - ok
09:36:50.0832 0x0794  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
09:36:50.0879 0x0794  p2pimsvc - ok
09:36:50.0894 0x0794  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
09:36:50.0941 0x0794  p2psvc - ok
09:36:50.0957 0x0794  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport        C:\WINDOWS\System32\drivers\parport.sys
09:36:50.0988 0x0794  Parport - ok
09:36:51.0004 0x0794  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
09:36:51.0035 0x0794  partmgr - ok
09:36:51.0050 0x0794  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
09:36:51.0082 0x0794  PcaSvc - ok
09:36:51.0097 0x0794  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci            C:\WINDOWS\system32\drivers\pci.sys
09:36:51.0128 0x0794  pci - ok
09:36:51.0144 0x0794  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
09:36:51.0175 0x0794  pciide - ok
09:36:51.0175 0x0794  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
09:36:51.0222 0x0794  pcmcia - ok
09:36:51.0238 0x0794  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
09:36:51.0269 0x0794  pcw - ok
09:36:51.0269 0x0794  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
09:36:51.0300 0x0794  pdc - ok
09:36:51.0331 0x0794  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
09:36:51.0409 0x0794  PEAUTH - ok
09:36:51.0472 0x0794  [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc    C:\WINDOWS\system32\peerdistsvc.dll
09:36:51.0565 0x0794  PeerDistSvc - ok
09:36:51.0612 0x0794  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
09:36:51.0659 0x0794  PerfHost - ok
09:36:51.0706 0x0794  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla            C:\WINDOWS\system32\pla.dll
09:36:51.0784 0x0794  pla - ok
09:36:51.0799 0x0794  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
09:36:51.0815 0x0794  PlugPlay - ok
09:36:51.0831 0x0794  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
09:36:51.0862 0x0794  PNRPAutoReg - ok
09:36:51.0877 0x0794  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
09:36:51.0909 0x0794  PNRPsvc - ok
09:36:51.0924 0x0794  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
09:36:51.0971 0x0794  PolicyAgent - ok
09:36:51.0987 0x0794  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power          C:\WINDOWS\system32\umpo.dll
09:36:52.0018 0x0794  Power - ok
09:36:52.0033 0x0794  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:36:52.0065 0x0794  PptpMiniport - ok
09:36:52.0143 0x0794  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify    C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
09:36:52.0283 0x0794  PrintNotify - ok
09:36:52.0283 0x0794  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor      C:\WINDOWS\System32\drivers\processr.sys
09:36:52.0330 0x0794  Processor - ok
09:36:52.0345 0x0794  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
09:36:52.0361 0x0794  ProfSvc - ok
09:36:52.0377 0x0794  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
09:36:52.0423 0x0794  Psched - ok
09:36:52.0439 0x0794  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE          C:\WINDOWS\system32\qwave.dll
09:36:52.0470 0x0794  QWAVE - ok
09:36:52.0486 0x0794  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
09:36:52.0517 0x0794  QWAVEdrv - ok
09:36:52.0533 0x0794  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:36:52.0564 0x0794  RasAcd - ok
09:36:52.0564 0x0794  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn    C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
09:36:52.0595 0x0794  RasAgileVpn - ok
09:36:52.0611 0x0794  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
09:36:52.0657 0x0794  RasAuto - ok
09:36:52.0657 0x0794  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp        C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:36:52.0704 0x0794  Rasl2tp - ok
09:36:52.0720 0x0794  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:36:52.0767 0x0794  RasMan - ok
09:36:52.0767 0x0794  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:36:52.0798 0x0794  RasPppoe - ok
09:36:52.0813 0x0794  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp        C:\WINDOWS\system32\DRIVERS\rassstp.sys
09:36:52.0845 0x0794  RasSstp - ok
09:36:52.0860 0x0794  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:36:52.0923 0x0794  rdbss - ok
09:36:52.0923 0x0794  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
09:36:52.0969 0x0794  rdpbus - ok
09:36:52.0969 0x0794  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
09:36:53.0016 0x0794  RDPDR - ok
09:36:53.0032 0x0794  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:36:53.0063 0x0794  RdpVideoMiniport - ok
09:36:53.0079 0x0794  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD          C:\WINDOWS\system32\drivers\RDPWD.sys
09:36:53.0110 0x0794  RDPWD - ok
09:36:53.0125 0x0794  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
09:36:53.0172 0x0794  rdyboost - ok
09:36:53.0172 0x0794  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:36:53.0219 0x0794  RemoteAccess - ok
09:36:53.0235 0x0794  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:36:53.0266 0x0794  RemoteRegistry - ok
09:36:53.0281 0x0794  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
09:36:53.0313 0x0794  RpcEptMapper - ok
09:36:53.0328 0x0794  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:36:53.0359 0x0794  RpcLocator - ok
09:36:53.0391 0x0794  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
09:36:53.0422 0x0794  RpcSs - ok
09:36:53.0437 0x0794  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
09:36:53.0469 0x0794  rspndr - ok
09:36:53.0484 0x0794  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIVX.sys
09:36:53.0515 0x0794  RTHDMIAzAudService - ok
09:36:53.0531 0x0794  [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64      C:\WINDOWS\system32\DRIVERS\Rtnic64.sys
09:36:53.0562 0x0794  RTL8023x64 - ok
09:36:53.0578 0x0794  [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168        C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
09:36:53.0625 0x0794  RTL8168 - ok
09:36:53.0640 0x0794  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
09:36:53.0671 0x0794  s3cap - ok
09:36:53.0671 0x0794  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs          C:\WINDOWS\system32\lsass.exe
09:36:53.0703 0x0794  SamSs - ok
09:36:53.0703 0x0794  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
09:36:53.0734 0x0794  sbp2port - ok
09:36:53.0749 0x0794  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
09:36:53.0796 0x0794  SCardSvr - ok
09:36:53.0812 0x0794  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:36:53.0843 0x0794  scfilter - ok
09:36:53.0874 0x0794  [ C67ACB63A860E041995414148B3DC840, 54883B7ECE8921B2CA0A0FE35B0E3B4B7D8CA8890F0CA7EACD54E706F04880C5 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:36:53.0937 0x0794  Schedule - ok
09:36:53.0952 0x0794  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
09:36:53.0968 0x0794  SCPolicySvc - ok
09:36:53.0983 0x0794  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
09:36:54.0030 0x0794  sdbus - ok
09:36:54.0030 0x0794  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
09:36:54.0077 0x0794  SDRSVC - ok
09:36:54.0093 0x0794  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
09:36:54.0124 0x0794  sdstor - ok
09:36:54.0124 0x0794  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
09:36:54.0155 0x0794  secdrv - ok
09:36:54.0171 0x0794  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\WINDOWS\system32\seclogon.dll
09:36:54.0202 0x0794  seclogon - ok
09:36:54.0217 0x0794  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\WINDOWS\System32\sens.dll
09:36:54.0249 0x0794  SENS - ok
09:36:54.0249 0x0794  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
09:36:54.0295 0x0794  SensrSvc - ok
09:36:54.0311 0x0794  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
09:36:54.0342 0x0794  SerCx - ok
09:36:54.0342 0x0794  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
09:36:54.0373 0x0794  Serenum - ok
09:36:54.0389 0x0794  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
09:36:54.0420 0x0794  Serial - ok
09:36:54.0420 0x0794  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
09:36:54.0467 0x0794  sermouse - ok
09:36:54.0483 0x0794  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
09:36:54.0529 0x0794  SessionEnv - ok
09:36:54.0545 0x0794  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
09:36:54.0576 0x0794  sfloppy - ok
09:36:54.0592 0x0794  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:36:54.0639 0x0794  SharedAccess - ok
09:36:54.0654 0x0794  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:36:54.0717 0x0794  ShellHWDetection - ok
09:36:54.0732 0x0794  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:36:54.0763 0x0794  SiSRaid2 - ok
09:36:54.0763 0x0794  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
09:36:54.0795 0x0794  SiSRaid4 - ok
09:36:54.0810 0x0794  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
09:36:54.0841 0x0794  SNMPTRAP - ok
09:36:54.0857 0x0794  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
09:36:54.0904 0x0794  spaceport - ok
09:36:54.0904 0x0794  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
09:36:54.0935 0x0794  SpbCx - ok
09:36:54.0966 0x0794  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler        C:\WINDOWS\System32\spoolsv.exe
09:36:55.0029 0x0794  Spooler - ok
09:36:55.0153 0x0794  [ F6D844E928483CD532F90124A429812B, 41BC8F740DEB44AEAD568C63BAF40A52B7F13CA71EB499B51D0C59C5599ADBFF ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
09:36:55.0309 0x0794  sppsvc - ok
09:36:55.0341 0x0794  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
09:36:55.0387 0x0794  srv - ok
09:36:55.0403 0x0794  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
09:36:55.0465 0x0794  srv2 - ok
09:36:55.0481 0x0794  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:36:55.0528 0x0794  srvnet - ok
09:36:55.0528 0x0794  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
09:36:55.0575 0x0794  SSDPSRV - ok
09:36:55.0590 0x0794  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
09:36:55.0621 0x0794  SstpSvc - ok
09:36:55.0621 0x0794  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
09:36:55.0653 0x0794  stexstor - ok
09:36:55.0668 0x0794  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
09:36:55.0731 0x0794  stisvc - ok
09:36:55.0746 0x0794  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
09:36:55.0777 0x0794  storahci - ok
09:36:55.0777 0x0794  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt        C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
09:36:55.0809 0x0794  storflt - ok
09:36:55.0824 0x0794  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc        C:\WINDOWS\system32\storsvc.dll
09:36:55.0855 0x0794  StorSvc - ok
09:36:55.0871 0x0794  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
09:36:55.0902 0x0794  storvsc - ok
09:36:55.0902 0x0794  [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp        C:\WINDOWS\System32\drivers\storvsp.sys
09:36:55.0949 0x0794  storvsp - ok
09:36:55.0949 0x0794  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc          C:\WINDOWS\system32\svsvc.dll
09:36:55.0996 0x0794  svsvc - ok
09:36:56.0011 0x0794  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
09:36:56.0043 0x0794  swenum - ok
09:36:56.0058 0x0794  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv          C:\WINDOWS\System32\swprv.dll
09:36:56.0105 0x0794  swprv - ok
09:36:56.0152 0x0794  [ DC695DCF6C9A4A2B23C2FA284BBF19F8, 0D0357874CCC3AA9E76340ACFDB8FCF79DD79A3B333CC36A836B40ECFC61E4A1 ] SysMain        C:\WINDOWS\system32\sysmain.dll
09:36:56.0214 0x0794  SysMain - ok
09:36:56.0214 0x0794  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:36:56.0245 0x0794  SystemEventsBroker - ok
09:36:56.0261 0x0794  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:36:56.0308 0x0794  TabletInputService - ok
09:36:56.0323 0x0794  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
09:36:56.0370 0x0794  TapiSrv - ok
09:36:56.0417 0x0794  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
09:36:56.0526 0x0794  Tcpip - ok
09:36:56.0589 0x0794  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:36:56.0667 0x0794  TCPIP6 - ok
09:36:56.0682 0x0794  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
09:36:56.0713 0x0794  tcpipreg - ok
09:36:56.0729 0x0794  [ 217AEE5DAE1BEF81A1E9A184C4C0BF6A, E554EBE85EE27186C1BD3005E757F356D76574EAFD3E5E03A490C9B8DF19F21A ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
09:36:56.0760 0x0794  tdx - ok
09:36:56.0776 0x0794  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
09:36:56.0807 0x0794  terminpt - ok
09:36:56.0823 0x0794  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService    C:\WINDOWS\System32\termsrv.dll
09:36:56.0869 0x0794  TermService - ok
09:36:56.0885 0x0794  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\WINDOWS\system32\themeservice.dll
09:36:56.0932 0x0794  Themes - ok
09:36:56.0932 0x0794  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER    C:\WINDOWS\system32\mmcss.dll
09:36:56.0963 0x0794  THREADORDER - ok
09:36:56.0963 0x0794  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
09:36:56.0994 0x0794  TimeBroker - ok
09:36:57.0010 0x0794  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM            C:\WINDOWS\system32\drivers\tpm.sys
09:36:57.0041 0x0794  TPM - ok
09:36:57.0057 0x0794  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
09:36:57.0103 0x0794  TrkWks - ok
09:36:57.0103 0x0794  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:36:57.0135 0x0794  TrustedInstaller - ok
09:36:57.0150 0x0794  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
09:36:57.0181 0x0794  TsUsbFlt - ok
09:36:57.0197 0x0794  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:36:57.0228 0x0794  TsUsbGD - ok
09:36:57.0228 0x0794  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
09:36:57.0275 0x0794  tunnel - ok
09:36:57.0291 0x0794  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
09:36:57.0322 0x0794  uagp35 - ok
09:36:57.0322 0x0794  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
09:36:57.0353 0x0794  UASPStor - ok
09:36:57.0369 0x0794  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
09:36:57.0415 0x0794  UCX01000 - ok
09:36:57.0431 0x0794  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
09:36:57.0478 0x0794  udfs - ok
09:36:57.0493 0x0794  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
09:36:57.0540 0x0794  UI0Detect - ok
09:36:57.0540 0x0794  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
09:36:57.0571 0x0794  uliagpkx - ok
09:36:57.0587 0x0794  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
09:36:57.0618 0x0794  umbus - ok
09:36:57.0634 0x0794  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
09:36:57.0665 0x0794  UmPass - ok
09:36:57.0681 0x0794  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
09:36:57.0712 0x0794  UmRdpService - ok
09:36:57.0727 0x0794  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:36:57.0790 0x0794  upnphost - ok
09:36:57.0805 0x0794  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
09:36:57.0837 0x0794  usbccgp - ok
09:36:57.0852 0x0794  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
09:36:57.0883 0x0794  usbcir - ok
09:36:57.0899 0x0794  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
09:36:57.0930 0x0794  usbehci - ok
09:36:57.0946 0x0794  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
09:36:58.0008 0x0794  usbhub - ok
09:36:58.0024 0x0794  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
09:36:58.0086 0x0794  USBHUB3 - ok
09:36:58.0086 0x0794  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
09:36:58.0117 0x0794  usbohci - ok
09:36:58.0133 0x0794  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
09:36:58.0164 0x0794  usbprint - ok
09:36:58.0180 0x0794  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:36:58.0211 0x0794  USBSTOR - ok
09:36:58.0227 0x0794  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
09:36:58.0258 0x0794  usbuhci - ok
09:36:58.0273 0x0794  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:36:58.0320 0x0794  USBXHCI - ok
09:36:58.0320 0x0794  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
09:36:58.0351 0x0794  VaultSvc - ok
09:36:58.0351 0x0794  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
09:36:58.0383 0x0794  vdrvroot - ok
09:36:58.0414 0x0794  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds            C:\WINDOWS\System32\vds.exe
09:36:58.0476 0x0794  vds - ok
09:36:58.0492 0x0794  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
09:36:58.0523 0x0794  VerifierExt - ok
09:36:58.0539 0x0794  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
09:36:58.0601 0x0794  vhdmp - ok
09:36:58.0601 0x0794  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
09:36:58.0632 0x0794  viaide - ok
09:36:58.0648 0x0794  [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid            C:\WINDOWS\System32\drivers\Vid.sys
09:36:58.0679 0x0794  Vid - ok
09:36:58.0695 0x0794  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
09:36:58.0726 0x0794  vmbus - ok
09:36:58.0741 0x0794  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
09:36:58.0773 0x0794  VMBusHID - ok
09:36:58.0788 0x0794  [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
09:36:58.0819 0x0794  vmbusr - ok
09:36:58.0835 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
09:36:58.0882 0x0794  vmicheartbeat - ok
09:36:58.0897 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:36:58.0929 0x0794  vmickvpexchange - ok
09:36:58.0944 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
09:36:58.0975 0x0794  vmicrdv - ok
09:36:58.0991 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
09:36:59.0007 0x0794  vmicshutdown - ok
09:36:59.0022 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
09:36:59.0053 0x0794  vmictimesync - ok
09:36:59.0069 0x0794  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
09:36:59.0100 0x0794  vmicvss - ok
09:36:59.0116 0x0794  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
09:36:59.0147 0x0794  volmgr - ok
09:36:59.0163 0x0794  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
09:36:59.0194 0x0794  volmgrx - ok
09:36:59.0209 0x0794  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
09:36:59.0256 0x0794  volsnap - ok
09:36:59.0272 0x0794  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
09:36:59.0303 0x0794  vpci - ok
09:36:59.0303 0x0794  [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp        C:\WINDOWS\System32\drivers\vpcivsp.sys
09:36:59.0350 0x0794  vpcivsp - ok
09:36:59.0350 0x0794  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
09:36:59.0397 0x0794  vsmraid - ok
09:36:59.0428 0x0794  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS            C:\WINDOWS\system32\vssvc.exe
09:36:59.0490 0x0794  VSS - ok
09:36:59.0506 0x0794  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
09:36:59.0553 0x0794  VSTXRAID - ok
09:36:59.0568 0x0794  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
09:36:59.0599 0x0794  vwifibus - ok
09:36:59.0615 0x0794  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time        C:\WINDOWS\system32\w32time.dll
09:36:59.0662 0x0794  W32Time - ok
09:36:59.0677 0x0794  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
09:36:59.0709 0x0794  WacomPen - ok
09:36:59.0709 0x0794  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:36:59.0755 0x0794  Wanarp - ok
09:36:59.0755 0x0794  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:36:59.0787 0x0794  Wanarpv6 - ok
09:36:59.0818 0x0794  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\WINDOWS\system32\wbengine.exe
09:36:59.0927 0x0794  wbengine - ok
09:36:59.0943 0x0794  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
09:36:59.0989 0x0794  WbioSrvc - ok
09:37:00.0005 0x0794  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
09:37:00.0036 0x0794  Wcmsvc - ok
09:37:00.0052 0x0794  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
09:37:00.0114 0x0794  wcncsvc - ok
09:37:00.0114 0x0794  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:37:00.0161 0x0794  WcsPlugInService - ok
09:37:00.0161 0x0794  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\WINDOWS\system32\drivers\wd.sys
09:37:00.0192 0x0794  Wd - ok
09:37:00.0208 0x0794  [ 413935CA0DB07EB40002B4384187821F, 223B26B233B308CA311E970EBF6E159268EB93D61DD0D863CE11A7F54D746A18 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
09:37:00.0239 0x0794  WdBoot - ok
09:37:00.0270 0x0794  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
09:37:00.0333 0x0794  Wdf01000 - ok
09:37:00.0348 0x0794  [ 4E69BE2A5DB2B01B3D6F6A07C62953B2, D2C9FCE14EF4E333101623D8C2E27A292880FB8F2F7EDFC6481E6E88E2C7A845 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
09:37:00.0379 0x0794  WdFilter - ok
09:37:00.0395 0x0794  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
09:37:00.0426 0x0794  WdiServiceHost - ok
09:37:00.0442 0x0794  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
09:37:00.0473 0x0794  WdiSystemHost - ok
09:37:00.0489 0x0794  [ E8CC1297B90D9DB8288200EB29A96021, CE097E703D1C41A84F582F9FE356A9EF0DAB4705A1209649E5A4772FC9553116 ] WebClient      C:\WINDOWS\System32\webclnt.dll
09:37:00.0520 0x0794  WebClient - ok
09:37:00.0535 0x0794  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
09:37:00.0567 0x0794  Wecsvc - ok
09:37:00.0582 0x0794  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
09:37:00.0629 0x0794  wercplsupport - ok
09:37:00.0645 0x0794  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
09:37:00.0676 0x0794  WerSvc - ok
09:37:00.0676 0x0794  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS        C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
09:37:00.0723 0x0794  WFPLWFS - ok
09:37:00.0723 0x0794  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
09:37:00.0769 0x0794  WiaRpc - ok
09:37:00.0769 0x0794  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
09:37:00.0801 0x0794  WIMMount - ok
09:37:00.0816 0x0794  WinDefend - ok
09:37:00.0847 0x0794  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:37:00.0894 0x0794  WinHttpAutoProxySvc - ok
09:37:00.0910 0x0794  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
09:37:00.0972 0x0794  Winmgmt - ok
09:37:01.0035 0x0794  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
09:37:01.0144 0x0794  WinRM - ok
09:37:01.0191 0x0794  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
09:37:01.0269 0x0794  WlanSvc - ok
09:37:01.0315 0x0794  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
09:37:01.0393 0x0794  wlidsvc - ok
09:37:01.0409 0x0794  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
09:37:01.0440 0x0794  WmiAcpi - ok
09:37:01.0456 0x0794  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:37:01.0503 0x0794  wmiApSrv - ok
09:37:01.0503 0x0794  WMPNetworkSvc - ok
09:37:01.0518 0x0794  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:37:01.0565 0x0794  wpcfltr - ok
09:37:01.0565 0x0794  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
09:37:01.0612 0x0794  WPCSvc - ok
09:37:01.0627 0x0794  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
09:37:01.0659 0x0794  WPDBusEnum - ok
09:37:01.0659 0x0794  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:37:01.0705 0x0794  WpdUpFltr - ok
09:37:01.0705 0x0794  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:37:01.0737 0x0794  ws2ifsl - ok
09:37:01.0752 0x0794  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
09:37:01.0799 0x0794  wscsvc - ok
09:37:01.0799 0x0794  WSearch - ok
09:37:01.0877 0x0794  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService      C:\WINDOWS\System32\WSService.dll
09:37:01.0971 0x0794  WSService - ok
09:37:02.0049 0x0794  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
09:37:02.0158 0x0794  wuauserv - ok
09:37:02.0173 0x0794  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
09:37:02.0205 0x0794  WudfPf - ok
09:37:02.0220 0x0794  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
09:37:02.0267 0x0794  WUDFRd - ok
09:37:02.0283 0x0794  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
09:37:02.0314 0x0794  wudfsvc - ok
09:37:02.0329 0x0794  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:37:02.0345 0x0794  WUDFWpdFs - ok
09:37:02.0376 0x0794  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
09:37:02.0407 0x0794  WwanSvc - ok
09:37:02.0439 0x0794  ================ Scan global ===============================
09:37:02.0439 0x0794  [ B31E908A78791A4B61DF39F4271CAF2F, 663F940E68A8C1839AD0133DEB13FCF9F45041EA0DCF9E91B67288CA0E0D3326 ] C:\WINDOWS\system32\basesrv.dll
09:37:02.0454 0x0794  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
09:37:02.0470 0x0794  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
09:37:02.0501 0x0794  [ 590A2B4198DD35AA42893BA04F66FD3F, BDD9609F43275E895AE3A685DF921B19F11E4D8617F7BD3D4BA21A230EB9A060 ] C:\WINDOWS\system32\services.exe
09:37:02.0501 0x0794  [ Global ] - ok
09:37:02.0501 0x0794  ================ Scan MBR ==================================
09:37:02.0517 0x0794  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:37:02.0641 0x0794  \Device\Harddisk0\DR0 - ok
09:37:02.0641 0x0794  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:37:02.0797 0x0794  \Device\Harddisk1\DR1 - ok
09:37:02.0797 0x0794  ================ Scan VBR ==================================
09:37:02.0797 0x0794  [ 4F06CFAF347D8BC36C7E57D365B91F55 ] \Device\Harddisk0\DR0\Partition1
09:37:02.0829 0x0794  \Device\Harddisk0\DR0\Partition1 - ok
09:37:02.0829 0x0794  [ C50536DF130FD372CFE30A68D7B64688 ] \Device\Harddisk0\DR0\Partition2
09:37:02.0844 0x0794  \Device\Harddisk0\DR0\Partition2 - ok
09:37:02.0844 0x0794  [ 2F75C6B102E09F2B2CBB77693429D8DE ] \Device\Harddisk1\DR1\Partition1
09:37:02.0844 0x0794  \Device\Harddisk1\DR1\Partition1 - ok
09:37:02.0844 0x0794  [ C311C99830F1757336448A36F2F8BB74 ] \Device\Harddisk1\DR1\Partition2
09:37:02.0844 0x0794  \Device\Harddisk1\DR1\Partition2 - ok
09:37:02.0844 0x0794  ================ Scan generic autorun ======================
09:37:03.0063 0x0794  [ EF8152CC98AFB4C40F10C2070C278AFB, E4C16E22E21F68C566A5E6CB7DBA712123F03FDD1DFEE456B3DD8CAFAF65C3EA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:37:03.0281 0x0794  RtHDVCpl - ok
09:37:03.0328 0x0794  [ A52D7349AD92A9072C230B8CF68B87E5, 5288BF9D99649B0EC8AC36EE91A074A76923D7F95001F5BF8470B41870F66C3B ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
09:37:03.0390 0x0794  Skytel - ok
09:37:03.0390 0x0794  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] C:\Windows\system32\rundll32.exe
09:37:03.0421 0x0794  Logitech Download Assistant - ok
09:37:03.0609 0x0794  [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe
09:37:03.0780 0x0794  CCleaner Monitoring - ok
09:37:03.0905 0x0794  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
09:37:03.0921 0x0794  Win FW state via NFP2: enabled ( trusted )
09:37:03.0921 0x0794  ============================================================
09:37:03.0921 0x0794  Scan finished
09:37:03.0921 0x0794  ============================================================
09:37:03.0921 0x0b38  Detected object count: 0
09:37:03.0921 0x0b38  Actual detected object count: 0
09:37:31.0377 0x09b4  Deinitialize success

schrauber 03.12.2015 15:34
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
cmd: netsh winsock reset

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Alle Zeitangaben in WEZ +1. Es ist jetzt 06:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131