| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: UPS-Mail anhang geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.03.2015, 18:58
| #1 |
| |  UPS-Mail anhang geöffnet Hi, mein Vater hat, da er von UPS eine Sendung erwartet hatte, eine Mail mit ZIP-Anhang bzw die Zip geöffnet. Nun kommen unzählige Mail Delivery-Mails zurück.... Wie bzw was können wir tun damit sein Win 8-Rechner wieder sauber läuft? Danke für die Unterstützung |
|
05.03.2015, 19:04
| #2 |
| /// the machine /// TB-Ausbilder    | UPS-Mail anhang geöffnet hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.03.2015, 06:30
| #3 |
| | UPS-Mail anhang geöffnet FRST.txt
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Peter Kuttig (administrator) on BUCHLEMMI on 05-03-2015 19:50:20
Running from F:\
Loaded Profiles: Peter Kuttig (Available profiles: Peter Kuttig)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\setup\New\instup.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\SetupInf64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2965816 2012-10-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199800 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405624 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5513424 2015-03-05] (Avast Software s.r.o.)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f566-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f60f-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f659-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {cde90d2d-867f-11e4-bf11-dc0ea1b51b21} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {cde90df3-867f-11e4-bf11-dc0ea1b51b21} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {dad8ed3d-985e-11e3-bed4-dc0ea1b51b21} - "F:\AutoRun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CHR HKU\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-9287429-4187079875-4244921196-1001 -> {54AAEA08-3310-4E4F-8372-61B29FC6CD2A} URL =
SearchScopes: HKU\S-1-5-21-9287429-4187079875-4244921196-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
FireFox:
========
FF ProfilePath: C:\Users\Peter Kuttig\AppData\Roaming\Mozilla\Firefox\Profiles\cwfql4dl.default
FF Homepage: hxxp://buchlemmi.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Peter Kuttig\AppData\Roaming\Mozilla\Firefox\Profiles\cwfql4dl.default\searchplugins\bing-avast.xml
FF Extension: ELO Archiv-Transfer - C:\Program Files (x86)\Mozilla Firefox\extensions\EloFirefoxAddon.xpi [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-05]
Chrome:
=======
CHR Profile: C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-21]
CHR Extension: (Google Drive) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-21]
CHR Extension: (YouTube) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-21]
CHR Extension: (Google Search) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-21]
CHR Extension: (Google Wallet) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-21]
CHR Extension: (Gmail) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-05]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-05] (Avast Software s.r.o.)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-05] (Avast Software s.r.o.)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-08] (Dritek System INC.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-05] ()
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-05] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-05] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-05] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-08] (Dritek System Inc.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 PCDSRVC{0368CD8C-041F8379-06020200}_0; \??\c:\users\peterk~1\appdata\local\temp\zedqb0ldkesd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-05 19:50 - 2015-03-05 19:50 - 00001954 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-03-05 19:50 - 2015-03-05 19:50 - 00001894 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-03-05 19:50 - 2015-03-05 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-05 19:49 - 2015-03-05 19:49 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-03-05 19:49 - 2015-03-05 19:49 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-03-05 19:49 - 2015-03-05 19:45 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA4AE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA57E.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-05 19:49 - 2015-03-05 19:45 - 00268640 _____ () C:\Windows\system32\Drivers\aswA58E.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA5CE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA4CE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA53D.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00065736 _____ () C:\Windows\system32\Drivers\aswA55D.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00029168 _____ () C:\Windows\system32\Drivers\aswA51D.tmp
2015-03-05 19:46 - 2015-03-05 19:46 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Roaming\AVAST Software
2015-03-05 19:45 - 2015-03-05 19:50 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-05 19:45 - 2015-03-05 19:45 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-05 19:45 - 2015-03-05 19:45 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-05 19:43 - 2015-03-05 19:43 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-05 19:16 - 2015-03-05 19:50 - 00000000 ____D () C:\FRST
2015-03-05 15:29 - 2013-04-12 02:12 - 00173568 _____ (Xerox Corporation) C:\Windows\system32\xrxznzil.dll
2015-03-05 15:12 - 2015-03-05 15:19 - 00000000 ____D () C:\AdwCleaner
2015-03-05 14:28 - 2015-03-05 14:28 - 00000000 _____ () C:\autoexec.bat
2015-03-05 14:27 - 2015-03-05 14:27 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2015-03-05 14:24 - 2015-03-05 19:26 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP
2015-03-03 19:09 - 2008-03-28 13:32 - 00039936 _____ (AVM GmbH) C:\Windows\system32\capi2032.dll
2015-02-28 16:09 - 2015-02-28 16:09 - 00000959 _____ () C:\Users\Public\Desktop\FRITZ!fax.lnk
2015-02-28 16:09 - 2015-02-28 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2015-02-28 16:08 - 2015-02-28 16:09 - 00000000 ____D () C:\Program Files (x86)\FRITZ!
2015-02-28 16:08 - 2015-02-28 16:08 - 00000000 ____D () C:\ProgramData\ISDNWatch
2015-02-28 16:08 - 2015-02-28 16:08 - 00000000 ____D () C:\ProgramData\FRITZ!fax für FRITZ!Box
2015-02-28 16:08 - 2007-09-07 10:05 - 00492848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2015-02-28 16:08 - 2007-09-07 10:05 - 00349488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 01066288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00980272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00970032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00070960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-02-28 16:08 - 2007-09-07 10:04 - 00060208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2015-02-25 08:20 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 08:20 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-02-25 08:19 - 2015-01-09 07:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 08:19 - 2015-01-09 06:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-23 11:51 - 2015-01-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-23 11:51 - 2015-01-23 05:27 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-14 10:13 - 2014-04-16 19:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-02-14 10:13 - 2014-04-16 19:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-02-11 15:30 - 2015-03-02 10:44 - 00033508 _____ () C:\Users\Peter Kuttig\Documents\Insulin.xlsx
2015-02-11 08:25 - 2015-01-12 07:48 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 08:24 - 2015-01-29 09:30 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-02-11 08:24 - 2015-01-29 09:30 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-02-11 08:24 - 2015-01-29 09:30 - 00011056 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-02-11 08:24 - 2015-01-29 09:05 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-11 08:24 - 2015-01-29 09:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 08:24 - 2015-01-29 07:19 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-11 08:24 - 2015-01-29 07:19 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 08:24 - 2015-01-15 12:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-02-11 08:24 - 2015-01-15 12:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-11 08:24 - 2015-01-15 12:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 08:24 - 2015-01-15 11:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-02-11 08:24 - 2015-01-15 11:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-11 08:24 - 2015-01-15 10:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 08:24 - 2015-01-15 10:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 08:24 - 2015-01-15 05:08 - 00568656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 08:24 - 2015-01-12 07:49 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 08:24 - 2015-01-12 07:48 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 15403008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 02655744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 08:24 - 2015-01-12 07:46 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 08:24 - 2015-01-12 06:07 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 08:24 - 2015-01-12 05:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 08:24 - 2015-01-12 04:46 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-11 08:24 - 2015-01-09 05:33 - 04061696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 08:24 - 2014-12-08 07:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 08:24 - 2014-12-08 06:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 08:23 - 2015-02-04 10:54 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 08:23 - 2015-02-03 00:18 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 08:23 - 2014-12-18 09:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-02-11 08:23 - 2014-12-18 07:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-11 08:23 - 2014-12-18 07:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-11 08:23 - 2014-12-18 07:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-11 08:23 - 2014-12-18 07:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-11 08:23 - 2014-12-09 00:14 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 08:23 - 2014-11-26 07:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 08:23 - 2014-11-26 05:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 08:21 - 2015-01-15 22:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-09 13:43 - 2015-02-28 16:08 - 00000462 _____ () C:\Windows\setup.log
2015-02-05 11:05 - 2015-02-05 11:05 - 00007706 _____ () C:\Windows\OT_FileVersions.TXT
2015-02-05 11:05 - 2015-02-05 11:05 - 00000000 ____D () C:\Windows\OTBackup
2015-02-05 11:05 - 2000-08-02 15:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdocurs.dll
2015-02-05 11:05 - 1999-02-02 16:56 - 00000421 _____ () C:\Windows\SysWOW64\odbcinst.cnt
2015-02-05 11:05 - 1998-11-30 09:21 - 00041316 _____ () C:\Windows\SysWOW64\odbcinst.hlp
2015-02-05 11:05 - 1998-06-17 18:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-05 11:04 - 2015-02-05 11:05 - 60388865 _____ (LifeScan ) C:\Users\Peter Kuttig\Downloads\onetouchsetup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-05 19:47 - 2012-12-09 05:58 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 19:47 - 2012-12-09 05:58 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 19:47 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 19:43 - 2013-09-25 09:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 19:42 - 2013-10-21 15:40 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 19:42 - 2013-10-21 15:40 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 19:42 - 2013-03-06 14:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-05 19:41 - 2014-10-01 05:56 - 00506066 _____ () C:\Windows\PFRO.log
2015-03-05 19:41 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 18:03 - 2013-08-19 09:31 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\Outlook-Dateien
2015-03-05 18:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-05 17:57 - 2014-10-01 05:14 - 01175639 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 10:49 - 2014-10-01 05:12 - 00000099 _____ () C:\Users\Public\LMDebug.log
2015-03-04 10:49 - 2013-08-21 10:47 - 00025088 _____ () C:\Users\Peter Kuttig\Documents\Büchersendung.zdl
2015-03-03 19:11 - 2013-09-02 11:15 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\FRITZ!
2015-03-03 17:50 - 2013-10-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-03 14:53 - 2014-12-12 09:12 - 00119602 _____ () C:\Users\Peter Kuttig\Documents\VK 2015.xlsx
2015-03-03 14:28 - 2015-01-16 10:34 - 00007680 _____ () C:\Users\Peter Kuttig\Documents\Regalboden.zdl
2015-03-03 08:26 - 2013-10-21 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-03 07:39 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-02 10:29 - 2013-08-21 06:33 - 00014284 _____ () C:\Users\Peter Kuttig\Documents\Medikamente.xlsx
2015-02-28 16:08 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2015-02-27 10:43 - 2014-07-07 06:54 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\Adobe
2015-02-27 10:19 - 2014-06-10 10:49 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\SelfMV
2015-02-27 07:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-25 08:20 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-25 07:58 - 2014-11-11 07:20 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1382366736
2015-02-25 07:58 - 2013-10-21 15:45 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-24 13:33 - 2013-03-06 14:39 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\CrashDumps
2015-02-23 14:03 - 2013-03-09 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-23 14:02 - 2013-03-06 16:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-20 08:44 - 2013-10-21 15:42 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-16 10:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-02-16 07:56 - 2014-10-22 07:11 - 00433944 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-16 07:54 - 2013-03-06 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 10:22 - 2014-12-15 08:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-14 10:22 - 2014-07-14 07:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-14 10:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2015-02-13 08:16 - 2013-08-28 06:30 - 00000000 ____D () C:\ProgramData\Lexware
2015-02-12 14:19 - 2013-03-06 11:45 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\Packages
2015-02-11 14:48 - 2014-06-17 10:13 - 00046906 _____ () C:\Users\Peter Kuttig\Documents\Amazon-Alex.xlsx
2015-02-11 10:24 - 2012-07-26 06:26 - 00000167 _____ () C:\Windows\win.ini
2015-02-11 10:14 - 2013-08-19 09:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 10:03 - 2013-03-06 13:53 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 13:37 - 2013-10-21 15:40 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-09 13:37 - 2013-10-21 15:40 - 00003874 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-09 13:33 - 2013-03-06 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-05 11:07 - 2012-12-08 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-05 09:48 - 2015-02-02 15:14 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\Commerzbank
2015-02-05 09:43 - 2013-09-25 09:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:29 - 2014-12-15 08:24 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:29 - 2014-12-15 08:24 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-08-20 07:35 - 2014-10-06 07:49 - 0026778 _____ () C:\Users\Peter Kuttig\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2013-08-22 11:11 - 2013-10-22 06:54 - 0000090 _____ () C:\Users\Peter Kuttig\AppData\Roaming\WB.CFG
2013-09-12 09:11 - 2013-10-22 06:54 - 0000006 _____ () C:\Users\Peter Kuttig\AppData\Roaming\WBPU-TTL.DAT
2013-03-06 14:40 - 2013-03-06 14:40 - 0000017 _____ () C:\Users\Peter Kuttig\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Peter Kuttig\AppData\Local\Temp\Quarantine.exe
C:\Users\Peter Kuttig\AppData\Local\Temp\sqlite3.dll
C:\Users\Peter Kuttig\AppData\Local\Temp\UninstallSer.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-02 11:15
==================== End Of Log ============================
--- --- --- Additional.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Peter Kuttig at 2015-03-05 19:53:08
Running from F:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1&1 Surf-Stick (HKLM-x32\...\{7438DA7D-782C-450F-BCDC-5FC54E6831B8}) (Version: 1.0.0.2 - ZTE Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{1E654AA2-629D-C426-2561-01AAC1371950}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4311.52 - CyberLink Corp.)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Dropbox (HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Dropbox) (Version: 2.4.2 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HomeBase 3 (HKLM-x32\...\{09359BE4-C819-485F-AEF8-DCD4D1CBBFC5}) (Version: 3.0.308.0 - AbeBooks)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Packard Bell)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.5 - Packard Bell)
Lexware faktura+auftrag 2014 (HKLM-x32\...\{4d54c3b8-5e73-4f9e-a810-07fc42ddb356}) (Version: 18.0.0.78 - Haufe-Lexware GmbH & Co.KG)
Lexware faktura+auftrag 2014 (x32 Version: 18.51.00.0174 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (x32 Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 3.01.00.0011 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM-x32\...\{7F603892-89C9-4EC4-9236-7AD4A798EA41}) (Version: 21.00.00.0039 - Haufe-Lexware GmbH & Co.KG)
Lexware Zeiterfassung (HKLM-x32\...\{41115DDB-A8D9-48D9-B530-4A0252DFAF20}) (Version: 26.00.04.0001 - Haufe-Lexware GmbH & Co.KG)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Packard Bell)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.80 - Heiko Schröder)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.02.511 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MyFreeCodec) (Version: - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Packard Bell)
PDF24 Creator 5.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PicSizer (HKLM-x32\...\PicSizer) (Version: - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28127 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.10.000 - Samsung Electronics Co., Ltd.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.16 - Stardock Software, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.52 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-02-2015 10:11:07 Windows Update
23-02-2015 11:20:01 Geplanter Prüfpunkt
01-03-2015 09:40:59 SpeedMaxPc Backup
04-03-2015 10:04:39 Wiederherstellungsvorgang
05-03-2015 14:25:20 Installed SpyHunter
05-03-2015 17:46:01 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0CB22815-5FEA-4D97-8521-21BB42BB63DF} - System32\Tasks\{05D2606B-BD52-48B0-9F99-5468EC7E5CA2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002
Task: {131B36BA-1F07-4A47-9D5F-EA7050CAB521} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {204EF743-9C74-48AB-90D3-319499FB2979} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {339272ED-3FA3-4897-B38F-A02C0984FE54} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {540AA790-213F-40DD-83DF-3BEDB873174D} - System32\Tasks\Opera scheduled Autoupdate 1382366736 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {547B0A66-AA87-46FD-8263-114F68144E88} - System32\Tasks\{FBC5EBD6-3D38-4A07-98A2-42D043B4E3F4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {580918AE-505E-43C6-ADFC-072DF03E40B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21] (Google Inc.)
Task: {6FF92F17-85C9-409D-804A-18063FD0FF97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {809C6080-8653-4C4A-8ED9-BE22F84E250A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {9871F825-673B-42FA-AEA1-2FB8F649F9E0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-05] (Avast Software s.r.o.)
Task: {DEC08BA6-E79D-423E-A13C-CD8A29D3E9C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FA8F14BB-871E-43ED-9830-B683B7B60003} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {FB8582DA-CC5D-48BB-AFAB-23D9A5849241} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21] (Google Inc.)
Task: {FCB98D0B-D119-47A6-8004-EC9D71128FC9} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-08-30] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-02 11:06 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-09-02 11:06 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-04-14 01:41 - 2011-04-14 01:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2015-01-28 10:46 - 2014-04-16 09:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 02917376 _____ () C:\Program Files\AVAST Software\Avast\defs\15030500\algo.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\PackardBell01.jpg
DNS Servers: 192.168.178.15
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "STO Backup Service"
HKLM\...\StartupApproved\Run32: => "STO Launcher Service"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => ""
==================== Accounts: =============================
Administrator (S-1-5-21-9287429-4187079875-4244921196-500 - Administrator - Disabled)
Gast (S-1-5-21-9287429-4187079875-4244921196-501 - Limited - Disabled)
Peter Kuttig (S-1-5-21-9287429-4187079875-4244921196-1001 - Administrator - Enabled) => C:\Users\Peter Kuttig
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/05/2015 07:02:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002637d
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (03/05/2015 05:52:51 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x81000204.
Error: (03/05/2015 04:10:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/05/2015 03:54:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (03/05/2015 07:22:40 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/05/2015 07:22:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.03.2015 um 19:00:29 unerwartet heruntergefahren.
Error: (03/05/2015 07:03:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/05/2015 07:03:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Sicherheitscenter" wurde mit folgendem Fehler beendet:
%%16389
Error: (03/05/2015 07:00:12 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/05/2015 07:00:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.03.2015 um 18:59:18 unerwartet heruntergefahren.
Error: (03/05/2015 05:49:25 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/05/2015 05:49:01 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Packard Bell" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x10000000034cf. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Error: (03/05/2015 05:25:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Sicherheitscenter" wurde mit folgendem Fehler beendet:
%%16389
Error: (03/05/2015 05:24:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Microsoft Office Sessions:
=========================
Error: (03/05/2015 07:02:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec0000005000000000002637dea401d0576e721241deC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllc0be2a05-c361-11e4-bf1e-809b20508748
Error: (03/05/2015 05:52:51 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x81000204
Error: (03/05/2015 04:10:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1
Error: (03/05/2015 03:54:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 22%
Total physical RAM: 5706.25 MB
Available physical RAM: 4427.51 MB
Total Pagefile: 6602.25 MB
Available Pagefile: 5272.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:246.75 GB) (Free:145.9 GB) NTFS
Drive d: (Bücher) (Fixed) (Total:200 GB) (Free:198.24 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:58.59 GB) (Free:53.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4B4444A3)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 58.6 GB) (Disk ID: 539E5865)
Partition 1: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Bringt es da was office / Outlook zu deinstallieren und neu zu installieren? |
|
06.03.2015, 12:15
| #4 |
| /// the machine /// TB-Ausbilder | UPS-Mail anhang geöffnet hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.03.2015, 15:47
| #5 |
| | UPS-Mail anhang geöffnet mbar Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.06.03
rootkit: v2015.02.25.01
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.17228
Peter Kuttig :: BUCHLEMMI [administrator]
06.03.2015 12:27:18
mbar-log-2015-03-06 (12-27-18).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 353954
Time elapsed: 32 minute(s), 23 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
tdsskiller Code:
ATTFilter 15:41:10.0177 0x158c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:41:10.0177 0x158c UEFI system
15:41:24.0113 0x158c ============================================================
15:41:24.0113 0x158c Current date / time: 2015/03/06 15:41:24.0113
15:41:24.0113 0x158c SystemInfo:
15:41:24.0113 0x158c
15:41:24.0113 0x158c OS Version: 6.2.9200 ServicePack: 0.0
15:41:24.0113 0x158c Product type: Workstation
15:41:24.0113 0x158c ComputerName: BUCHLEMMI
15:41:24.0113 0x158c UserName: Peter Kuttig
15:41:24.0113 0x158c Windows directory: C:\Windows
15:41:24.0113 0x158c System windows directory: C:\Windows
15:41:24.0113 0x158c Running under WOW64
15:41:24.0113 0x158c Processor architecture: Intel x64
15:41:24.0113 0x158c Number of processors: 2
15:41:24.0113 0x158c Page size: 0x1000
15:41:24.0113 0x158c Boot type: Normal boot
15:41:24.0113 0x158c ============================================================
15:41:25.0189 0x158c KLMD registered as C:\Windows\system32\drivers\86336867.sys
15:41:25.0782 0x158c System UUID: {191BEE8A-9914-CEBA-ECEA-215CFFF8CE90}
15:41:26.0983 0x158c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:26.0999 0x158c Drive \Device\Harddisk1\DR1 - Size: 0xEA6000000 ( 58.59 Gb ), SectorSize: 0x200, Cylinders: 0x1DE0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:41:27.0014 0x158c ============================================================
15:41:27.0014 0x158c \Device\Harddisk0\DR0:
15:41:27.0014 0x158c GPT partitions:
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3B60F638-E95C-44A8-AC16-74263FE01961}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0B2164DA-72FC-44DB-8861-CBDFA8F31085}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {83E186B4-05D3-4818-93D4-703FA2B8E76C}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A64ED29C-BB3A-4C48-8083-7BF165F8C950}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1ED81000
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1D0BD8B2-AA36-480E-B28C-C7FCC790657C}, Name: , StartLBA 0x1EF1F800, BlocksNum 0xE1000
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4BCA1FF8-ABF4-4EB6-B0DA-1BDD9C503B17}, Name: Basic data partition, StartLBA 0x1F000800, BlocksNum 0x18FFF800
15:41:27.0014 0x158c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2E7398E5-B885-479C-8C83-559884041F97}, Name: Basic data partition, StartLBA 0x38000800, BlocksNum 0x2385800
15:41:27.0014 0x158c MBR partitions:
15:41:27.0014 0x158c \Device\Harddisk1\DR1:
15:41:27.0014 0x158c MBR partitions:
15:41:27.0014 0x158c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x80, BlocksNum 0x752FF80
15:41:27.0014 0x158c ============================================================
15:41:27.0030 0x158c C: <-> \Device\Harddisk0\DR0\Partition4
15:41:27.0170 0x158c D: <-> \Device\Harddisk0\DR0\Partition6
15:41:27.0170 0x158c F: <-> \Device\Harddisk1\DR1\Partition1
15:41:27.0186 0x158c ============================================================
15:41:27.0186 0x158c Initialize success
15:41:27.0186 0x158c ============================================================
15:41:52.0196 0x11bc ============================================================
15:41:52.0196 0x11bc Scan started
15:41:52.0196 0x11bc Mode: Manual;
15:41:52.0196 0x11bc ============================================================
15:41:52.0196 0x11bc KSN ping started
15:41:54.0801 0x11bc KSN ping finished: true
15:41:57.0001 0x11bc ================ Scan system memory ========================
15:41:57.0001 0x11bc System memory - ok
15:41:57.0001 0x11bc ================ Scan services =============================
15:41:57.0219 0x11bc [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
15:41:57.0235 0x11bc 1394ohci - ok
15:41:57.0297 0x11bc [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
15:41:57.0313 0x11bc 3ware - ok
15:41:57.0375 0x11bc [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:41:57.0406 0x11bc ACPI - ok
15:41:57.0422 0x11bc [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
15:41:57.0437 0x11bc acpiex - ok
15:41:57.0453 0x11bc [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
15:41:57.0453 0x11bc acpipagr - ok
15:41:57.0469 0x11bc [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
15:41:57.0484 0x11bc AcpiPmi - ok
15:41:57.0516 0x11bc [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
15:41:57.0516 0x11bc acpitime - ok
15:41:57.0609 0x11bc [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:41:57.0625 0x11bc AdobeARMservice - ok
15:41:57.0796 0x11bc [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:57.0812 0x11bc AdobeFlashPlayerUpdateSvc - ok
15:41:57.0859 0x11bc [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:41:57.0890 0x11bc adp94xx - ok
15:41:57.0937 0x11bc [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:41:57.0952 0x11bc adpahci - ok
15:41:57.0983 0x11bc [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:41:57.0999 0x11bc adpu320 - ok
15:41:58.0046 0x11bc [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:41:58.0108 0x11bc AeLookupSvc - ok
15:41:58.0202 0x11bc [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD C:\Windows\system32\drivers\afd.sys
15:41:58.0233 0x11bc AFD - ok
15:41:58.0264 0x11bc [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:41:58.0264 0x11bc agp440 - ok
15:41:58.0296 0x11bc [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
15:41:58.0311 0x11bc ALG - ok
15:41:58.0358 0x11bc [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
15:41:58.0374 0x11bc AllUserInstallAgent - ok
15:41:58.0420 0x11bc [ E14F7B22FD0BD5FAA8C885C64690965D, B50217D1C23AF191389B9A335270A2B6254B8A3035BFCAFE4A5F7DB0FDBD7DF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:41:58.0436 0x11bc AMD External Events Utility - ok
15:41:58.0467 0x11bc [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
15:41:58.0467 0x11bc AmdK8 - ok
15:41:59.0122 0x11bc [ F931C2ED6C8294909C10657DCB9A9A4E, 7A9CEA4ADF31C5C93F0FE433A78817FAEE57DB737D8FC4F6A0E53F1D527EA10F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:41:59.0715 0x11bc amdkmdag - ok
15:41:59.0778 0x11bc [ 0D481A7FE3A66724DC11AD8A4E417A9A, 85726C7AC933ABD5ADE7A508E7C114BA512795F6BDC53663521AE66C27231527 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:41:59.0793 0x11bc amdkmdap - ok
15:41:59.0824 0x11bc [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
15:41:59.0840 0x11bc AmdPPM - ok
15:41:59.0871 0x11bc [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:41:59.0887 0x11bc amdsata - ok
15:41:59.0902 0x11bc [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:41:59.0918 0x11bc amdsbs - ok
15:41:59.0949 0x11bc [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:41:59.0949 0x11bc amdxata - ok
15:41:59.0996 0x11bc [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL C:\Windows\System32\drivers\AMPPAL.sys
15:41:59.0996 0x11bc AMPPAL - ok
15:42:00.0027 0x11bc [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:42:00.0027 0x11bc AMPPALP - ok
15:42:00.0152 0x11bc [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:42:00.0199 0x11bc AMPPALR3 - ok
15:42:00.0214 0x11bc [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
15:42:00.0230 0x11bc AppID - ok
15:42:00.0261 0x11bc [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:42:00.0277 0x11bc AppIDSvc - ok
15:42:00.0324 0x11bc [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
15:42:00.0324 0x11bc Appinfo - ok
15:42:00.0355 0x11bc [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
15:42:00.0355 0x11bc arc - ok
15:42:00.0386 0x11bc [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:42:00.0386 0x11bc arcsas - ok
15:42:00.0433 0x11bc [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
15:42:00.0448 0x11bc aswHwid - ok
15:42:00.0480 0x11bc [ 543D8AD4621A685CECBBE44BD5B71FAE, 5E8A20B4848F2AEB7BE56BA8966B961FD135433A87EC36ACAB3B63646A1DDCA8 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:42:00.0480 0x11bc aswKbd - ok
15:42:00.0511 0x11bc [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:42:00.0511 0x11bc aswMonFlt - ok
15:42:00.0573 0x11bc [ 95AAB2D70A5B8F4BDB1FF131CD726232, 8C7267BAE92FB2F31BCA7818BAC43F7E542F0E8A7405422B730DF2805CCD7FB4 ] aswNdisFlt C:\Windows\system32\DRIVERS\aswNdisFlt.sys
15:42:00.0604 0x11bc aswNdisFlt - ok
15:42:00.0636 0x11bc [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
15:42:00.0636 0x11bc aswRdr - ok
15:42:00.0667 0x11bc [ 713AFFD4E38553AEF04617C985B4030B, A09FBE4D49390024E8CF93352EACEB5AC53BEE5A4E5A76F5BE0341F8A002C4DD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
15:42:00.0682 0x11bc aswRvrt - ok
15:42:00.0776 0x11bc [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:42:00.0838 0x11bc aswSnx - ok
15:42:00.0901 0x11bc [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:42:00.0932 0x11bc aswSP - ok
15:42:00.0979 0x11bc [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] aswStm C:\Windows\system32\drivers\aswStm.sys
15:42:00.0994 0x11bc aswStm - ok
15:42:01.0026 0x11bc [ 11644D8399F4AC8BB12C2364DCB87CB4, 828C3A03AB9D5F0650C7B90B7479CCAAD586B22BB7AC6DB7C91E8D9D80427DFB ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
15:42:01.0041 0x11bc aswVmm - ok
15:42:01.0072 0x11bc [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:01.0072 0x11bc AsyncMac - ok
15:42:01.0088 0x11bc [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
15:42:01.0088 0x11bc atapi - ok
15:42:01.0166 0x11bc [ 87DAD8D354E312DB16636DC71EB39E5E, 904C874799BF30F06BFC725A59040C6E1B7D176011DA41D1ACBE4CAB20369671 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
15:42:01.0182 0x11bc AtiHDAudioService - ok
15:42:01.0275 0x11bc [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:42:01.0291 0x11bc AudioEndpointBuilder - ok
15:42:01.0463 0x11bc [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:42:01.0525 0x11bc Audiosrv - ok
15:42:01.0603 0x11bc [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:42:01.0619 0x11bc avast! Antivirus - ok
15:42:01.0681 0x11bc [ 9BCCEF665F197A5BBE86C679EFF608D0, 16D818E6642DD23B5915311C909E1131AA27592254ED8A6EAC59674AC80A01A0 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:42:01.0697 0x11bc avast! Firewall - ok
15:42:01.0743 0x11bc [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:42:01.0759 0x11bc AxInstSV - ok
15:42:01.0853 0x11bc [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:42:01.0884 0x11bc b06bdrv - ok
15:42:01.0915 0x11bc [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
15:42:01.0931 0x11bc BasicDisplay - ok
15:42:01.0946 0x11bc [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
15:42:01.0946 0x11bc BasicRender - ok
15:42:02.0289 0x11bc [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys
15:42:02.0601 0x11bc BCM43XX - ok
15:42:02.0664 0x11bc [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
15:42:02.0679 0x11bc BDESVC - ok
15:42:02.0711 0x11bc [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
15:42:02.0711 0x11bc Beep - ok
15:42:02.0804 0x11bc [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE C:\Windows\System32\bfe.dll
15:42:02.0851 0x11bc BFE - ok
15:42:02.0929 0x11bc [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
15:42:03.0023 0x11bc BITS - ok
15:42:03.0085 0x11bc [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:42:03.0085 0x11bc bowser - ok
15:42:03.0132 0x11bc [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:42:03.0147 0x11bc BrokerInfrastructure - ok
15:42:03.0179 0x11bc [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
15:42:03.0194 0x11bc Browser - ok
15:42:03.0225 0x11bc [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
15:42:03.0241 0x11bc BthAvrcpTg - ok
15:42:03.0272 0x11bc [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
15:42:03.0272 0x11bc BthHFEnum - ok
15:42:03.0319 0x11bc [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
15:42:03.0319 0x11bc bthhfhid - ok
15:42:03.0335 0x11bc [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
15:42:03.0350 0x11bc BTHMODEM - ok
15:42:03.0382 0x11bc [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
15:42:03.0397 0x11bc bthserv - ok
15:42:03.0428 0x11bc [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:42:03.0444 0x11bc BTHSSecurityMgr - ok
15:42:03.0475 0x11bc [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:42:03.0491 0x11bc cdfs - ok
15:42:03.0522 0x11bc [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
15:42:03.0522 0x11bc cdrom - ok
15:42:03.0584 0x11bc [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
15:42:03.0600 0x11bc CertPropSvc - ok
15:42:03.0631 0x11bc [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
15:42:03.0631 0x11bc circlass - ok
15:42:03.0662 0x11bc [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\Windows\system32\drivers\CLFS.sys
15:42:03.0693 0x11bc CLFS - ok
15:42:03.0725 0x11bc [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
15:42:03.0740 0x11bc CmBatt - ok
15:42:03.0818 0x11bc [ 93E49DDA75C10C3AE084C32608C68666, 1F05F40B362AD8A9DA579D03E08C3E7DC0B8996DC7DBAF096B33F92C854EAA43 ] CNG C:\Windows\system32\Drivers\cng.sys
15:42:03.0849 0x11bc CNG - ok
15:42:03.0865 0x11bc [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
15:42:03.0881 0x11bc CompositeBus - ok
15:42:03.0881 0x11bc COMSysApp - ok
15:42:03.0896 0x11bc [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
15:42:03.0912 0x11bc condrv - ok
15:42:03.0974 0x11bc [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:42:03.0974 0x11bc CryptSvc - ok
15:42:04.0021 0x11bc [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
15:42:04.0021 0x11bc dam - ok
15:42:04.0099 0x11bc [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:42:04.0161 0x11bc DcomLaunch - ok
15:42:04.0208 0x11bc [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\Windows\System32\defragsvc.dll
15:42:04.0239 0x11bc defragsvc - ok
15:42:04.0302 0x11bc [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
15:42:04.0317 0x11bc DeviceAssociationService - ok
15:42:04.0411 0x11bc [ 91E80E3783883DA59A065E16AC031C3B, 4889980BE707C3C595F241411BD3E670517A50A33AECECEC471636969AFBA20E ] DeviceFastLaneService C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
15:42:04.0442 0x11bc DeviceFastLaneService - ok
15:42:04.0489 0x11bc [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
15:42:04.0505 0x11bc DeviceInstall - ok
15:42:04.0552 0x11bc [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
15:42:04.0567 0x11bc Dfsc - ok
15:42:04.0614 0x11bc [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:42:04.0629 0x11bc dg_ssudbus - ok
15:42:04.0692 0x11bc [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:42:04.0707 0x11bc Dhcp - ok
15:42:04.0754 0x11bc [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
15:42:04.0770 0x11bc discache - ok
15:42:04.0817 0x11bc [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
15:42:04.0817 0x11bc disk - ok
15:42:04.0848 0x11bc [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
15:42:04.0848 0x11bc dmvsc - ok
15:42:04.0895 0x11bc [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:42:04.0926 0x11bc Dnscache - ok
15:42:04.0973 0x11bc [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
15:42:04.0988 0x11bc dot3svc - ok
15:42:05.0035 0x11bc [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:42:05.0035 0x11bc dot4 - ok
15:42:05.0066 0x11bc [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:42:05.0082 0x11bc dot4usb - ok
15:42:05.0113 0x11bc [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
15:42:05.0129 0x11bc DPS - ok
15:42:05.0176 0x11bc [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:42:05.0176 0x11bc drmkaud - ok
15:42:05.0254 0x11bc [ AAC635BC81CB07771D944D64757FB1D2, 78DF2DF029D7B72747AECC6274986DD651C1F79EE8A754997A0E7C9D0A45A201 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:42:05.0269 0x11bc DsiWMIService - ok
15:42:05.0316 0x11bc [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
15:42:05.0331 0x11bc DsmSvc - ok
15:42:05.0456 0x11bc [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:42:05.0534 0x11bc DXGKrnl - ok
15:42:05.0581 0x11bc [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
15:42:05.0597 0x11bc Eaphost - ok
15:42:05.0831 0x11bc [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:42:06.0049 0x11bc ebdrv - ok
15:42:06.0112 0x11bc [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
15:42:06.0127 0x11bc EFS - ok
15:42:06.0158 0x11bc [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
15:42:06.0174 0x11bc EhStorClass - ok
15:42:06.0190 0x11bc [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:42:06.0205 0x11bc EhStorTcgDrv - ok
15:42:06.0299 0x11bc [ 3D897AAAAC4BC8D6F069DA3BB65D136D, 65FAD19C638AE65FB29587EF980FB6EF12B528274469403281A5DCDD1E46C1DB ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
15:42:06.0330 0x11bc ePowerSvc - ok
15:42:06.0361 0x11bc [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
15:42:06.0361 0x11bc ErrDev - ok
15:42:06.0424 0x11bc esgiguard - ok
15:42:06.0502 0x11bc [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
15:42:06.0533 0x11bc EventSystem - ok
15:42:06.0626 0x11bc [ E67E289FA8AA393223AD7F9AFB738FD6, DBAB42EE5C140024CB4FF669664885B5CB404054A430331B5ABF273598A881C0 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:42:06.0658 0x11bc EvtEng - ok
15:42:06.0704 0x11bc [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
15:42:06.0704 0x11bc exfat - ok
15:42:06.0751 0x11bc [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:42:06.0751 0x11bc fastfat - ok
15:42:06.0829 0x11bc [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
15:42:06.0860 0x11bc Fax - ok
15:42:06.0892 0x11bc [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
15:42:06.0892 0x11bc fdc - ok
15:42:06.0923 0x11bc [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
15:42:06.0938 0x11bc fdPHost - ok
15:42:06.0954 0x11bc [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
15:42:06.0954 0x11bc FDResPub - ok
15:42:07.0001 0x11bc [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
15:42:07.0016 0x11bc fhsvc - ok
15:42:07.0032 0x11bc [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:42:07.0048 0x11bc FileInfo - ok
15:42:07.0079 0x11bc [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:42:07.0079 0x11bc Filetrace - ok
15:42:07.0110 0x11bc [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
15:42:07.0110 0x11bc flpydisk - ok
15:42:07.0141 0x11bc [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:42:07.0172 0x11bc FltMgr - ok
15:42:07.0297 0x11bc [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\Windows\system32\FntCache.dll
15:42:07.0391 0x11bc FontCache - ok
15:42:07.0485 0x11bc [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:42:07.0500 0x11bc FontCache3.0.0.0 - ok
15:42:07.0531 0x11bc [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:42:07.0531 0x11bc FsDepends - ok
15:42:07.0562 0x11bc [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:42:07.0562 0x11bc Fs_Rec - ok
15:42:07.0656 0x11bc [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:42:07.0672 0x11bc fvevol - ok
15:42:07.0719 0x11bc [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
15:42:07.0719 0x11bc FxPPM - ok
15:42:07.0750 0x11bc [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:42:07.0765 0x11bc gagp30kx - ok
15:42:07.0796 0x11bc [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
15:42:07.0796 0x11bc gencounter - ok
15:42:07.0859 0x11bc [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
15:42:07.0874 0x11bc GPIOClx0101 - ok
15:42:07.0984 0x11bc [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
15:42:08.0093 0x11bc gpsvc - ok
15:42:08.0155 0x11bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:08.0155 0x11bc gupdate - ok
15:42:08.0171 0x11bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:08.0186 0x11bc gupdatem - ok
15:42:08.0233 0x11bc [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:08.0264 0x11bc HdAudAddService - ok
15:42:08.0311 0x11bc [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
15:42:08.0311 0x11bc HDAudBus - ok
15:42:08.0343 0x11bc [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
15:42:08.0358 0x11bc HidBatt - ok
15:42:08.0389 0x11bc [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
15:42:08.0405 0x11bc HidBth - ok
15:42:08.0436 0x11bc [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
15:42:08.0436 0x11bc hidi2c - ok
15:42:08.0467 0x11bc [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
15:42:08.0467 0x11bc HidIr - ok
15:42:08.0514 0x11bc [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
15:42:08.0514 0x11bc hidserv - ok
15:42:08.0545 0x11bc [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
15:42:08.0545 0x11bc HidUsb - ok
15:42:08.0592 0x11bc [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:42:08.0592 0x11bc hkmsvc - ok
15:42:08.0639 0x11bc [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:08.0670 0x11bc HomeGroupListener - ok
15:42:08.0717 0x11bc [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:08.0748 0x11bc HomeGroupProvider - ok
15:42:08.0779 0x11bc [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:42:08.0795 0x11bc HpSAMD - ok
15:42:08.0873 0x11bc [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:42:08.0920 0x11bc HTTP - ok
15:42:08.0967 0x11bc [ D96A290F699081AE737390C0FE329D7C, 11D69424AD08AEA58AA546883535E6D8E51E2F3D0B5299549DC0B7A31498E982 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:42:08.0982 0x11bc hwdatacard - ok
15:42:08.0998 0x11bc [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:42:09.0013 0x11bc hwpolicy - ok
15:42:09.0029 0x11bc [ E0C7255498640FC64B19AAE17FD6F965, 10BCE55F36A36F962A7BA774B8B4C0F07081EA1EAB0FD3B8C57AA01FE8CFDF48 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
15:42:09.0044 0x11bc hwusbdev - ok
15:42:09.0060 0x11bc [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
15:42:09.0076 0x11bc hyperkbd - ok
15:42:09.0107 0x11bc [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
15:42:09.0107 0x11bc HyperVideo - ok
15:42:09.0122 0x11bc [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
15:42:09.0138 0x11bc i8042prt - ok
15:42:09.0185 0x11bc [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:42:09.0216 0x11bc iaStorV - ok
15:42:09.0403 0x11bc [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:42:09.0528 0x11bc IconMan_R - ok
15:42:09.0559 0x11bc [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:42:09.0559 0x11bc iirsp - ok
15:42:09.0669 0x11bc [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT C:\Windows\System32\ikeext.dll
15:42:09.0762 0x11bc IKEEXT - ok
15:42:10.0027 0x11bc [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:42:10.0277 0x11bc IntcAzAudAddService - ok
15:42:10.0339 0x11bc [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
15:42:10.0339 0x11bc intelide - ok
15:42:10.0355 0x11bc [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
15:42:10.0371 0x11bc intelppm - ok
15:42:10.0402 0x11bc [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:10.0402 0x11bc IpFilterDriver - ok
15:42:10.0495 0x11bc [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:42:10.0558 0x11bc iphlpsvc - ok
15:42:10.0605 0x11bc [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
15:42:10.0605 0x11bc IPMIDRV - ok
15:42:10.0636 0x11bc [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:42:10.0651 0x11bc IPNAT - ok
15:42:10.0667 0x11bc [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:42:10.0667 0x11bc IRENUM - ok
15:42:10.0698 0x11bc [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:42:10.0698 0x11bc isapnp - ok
15:42:10.0745 0x11bc [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
15:42:10.0776 0x11bc iScsiPrt - ok
15:42:10.0807 0x11bc [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
15:42:10.0807 0x11bc kbdclass - ok
15:42:10.0823 0x11bc [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
15:42:10.0823 0x11bc kbdhid - ok
15:42:10.0839 0x11bc [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
15:42:10.0839 0x11bc kdnic - ok
15:42:10.0870 0x11bc [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
15:42:10.0885 0x11bc KeyIso - ok
15:42:10.0917 0x11bc [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:42:10.0932 0x11bc KSecDD - ok
15:42:10.0979 0x11bc [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:42:10.0995 0x11bc KSecPkg - ok
15:42:11.0010 0x11bc [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:42:11.0010 0x11bc ksthunk - ok
15:42:11.0057 0x11bc [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:42:11.0088 0x11bc KtmRm - ok
15:42:11.0135 0x11bc [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
15:42:11.0135 0x11bc L1C - ok
15:42:11.0229 0x11bc [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:42:11.0244 0x11bc LanmanServer - ok
15:42:11.0307 0x11bc [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:11.0338 0x11bc LanmanWorkstation - ok
15:42:11.0416 0x11bc [ E6DA531F2C86A230AF5D73354D161D3C, 96A0A443B16F44DF8BB2EFD0AEA56E5B2AC323E99CDF4BA29EA379B62B8EB039 ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
15:42:11.0416 0x11bc Lexware_Update_Service - ok
15:42:11.0431 0x11bc [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:42:11.0447 0x11bc lltdio - ok
15:42:11.0494 0x11bc [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:42:11.0509 0x11bc lltdsvc - ok
15:42:11.0541 0x11bc [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:42:11.0541 0x11bc lmhosts - ok
15:42:11.0587 0x11bc [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:42:11.0587 0x11bc LSI_SAS - ok
15:42:11.0619 0x11bc [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:42:11.0619 0x11bc LSI_SAS2 - ok
15:42:11.0650 0x11bc [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:42:11.0665 0x11bc LSI_SCSI - ok
15:42:11.0697 0x11bc [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
15:42:11.0697 0x11bc LSI_SSS - ok
15:42:11.0806 0x11bc [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM C:\Windows\System32\lsm.dll
15:42:11.0837 0x11bc LSM - ok
15:42:11.0884 0x11bc [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
15:42:11.0899 0x11bc luafv - ok
15:42:11.0915 0x11bc massfilter - ok
15:42:11.0931 0x11bc [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
15:42:11.0946 0x11bc megasas - ok
15:42:11.0993 0x11bc [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:42:12.0009 0x11bc MegaSR - ok
15:42:12.0055 0x11bc [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
15:42:12.0055 0x11bc MMCSS - ok
15:42:12.0087 0x11bc [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
15:42:12.0087 0x11bc Modem - ok
15:42:12.0133 0x11bc [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
15:42:12.0149 0x11bc monitor - ok
15:42:12.0165 0x11bc [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
15:42:12.0165 0x11bc mouclass - ok
15:42:12.0212 0x11bc [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
15:42:12.0212 0x11bc mouhid - ok
15:42:12.0258 0x11bc [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:42:12.0258 0x11bc mountmgr - ok
15:42:12.0305 0x11bc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:42:12.0321 0x11bc MozillaMaintenance - ok
15:42:12.0367 0x11bc [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:42:12.0367 0x11bc mpsdrv - ok
15:42:12.0463 0x11bc [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:42:12.0525 0x11bc MpsSvc - ok
15:42:12.0572 0x11bc [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:42:12.0588 0x11bc MRxDAV - ok
15:42:12.0666 0x11bc [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:12.0681 0x11bc mrxsmb - ok
15:42:12.0728 0x11bc [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:12.0744 0x11bc mrxsmb10 - ok
15:42:12.0775 0x11bc [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:12.0790 0x11bc mrxsmb20 - ok
15:42:12.0837 0x11bc [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
15:42:12.0837 0x11bc MsBridge - ok
15:42:12.0868 0x11bc [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
15:42:12.0915 0x11bc MSDTC - ok
15:42:12.0946 0x11bc [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:42:12.0946 0x11bc Msfs - ok
15:42:12.0993 0x11bc [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
15:42:12.0993 0x11bc msgpiowin32 - ok
15:42:13.0024 0x11bc [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:42:13.0024 0x11bc mshidkmdf - ok
15:42:13.0056 0x11bc [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
15:42:13.0056 0x11bc mshidumdf - ok
15:42:13.0071 0x11bc [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:42:13.0071 0x11bc msisadrv - ok
15:42:13.0118 0x11bc [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:42:13.0134 0x11bc MSiSCSI - ok
15:42:13.0149 0x11bc msiserver - ok
15:42:13.0165 0x11bc [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:42:13.0180 0x11bc MSKSSRV - ok
15:42:13.0196 0x11bc [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
15:42:13.0212 0x11bc MsLldp - ok
15:42:13.0227 0x11bc [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:13.0243 0x11bc MSPCLOCK - ok
15:42:13.0258 0x11bc [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:42:13.0258 0x11bc MSPQM - ok
15:42:13.0305 0x11bc [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:42:13.0321 0x11bc MsRPC - ok
15:42:13.0336 0x11bc [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
15:42:13.0352 0x11bc mssmbios - ok
15:42:13.0368 0x11bc [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:42:13.0368 0x11bc MSTEE - ok
15:42:13.0399 0x11bc [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
15:42:13.0399 0x11bc MTConfig - ok
15:42:13.0430 0x11bc [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
15:42:13.0430 0x11bc Mup - ok
15:42:13.0446 0x11bc [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
15:42:13.0461 0x11bc mvumis - ok
15:42:13.0492 0x11bc [ 431F065E2A99FC3C670BD20694117C8B, ADE1D6B5EC0C0F078DB5F24FE4E830AC08FA1EDA1C895E7F4873874BCC1F2154 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:42:13.0508 0x11bc MyWiFiDHCPDNS - ok
15:42:13.0570 0x11bc [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
15:42:13.0602 0x11bc napagent - ok
15:42:13.0648 0x11bc [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:42:13.0680 0x11bc NativeWifiP - ok
15:42:13.0773 0x11bc [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:42:13.0804 0x11bc NAUpdate - ok
15:42:13.0851 0x11bc [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
15:42:13.0882 0x11bc NcaSvc - ok
15:42:13.0914 0x11bc [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
15:42:13.0929 0x11bc NcdAutoSetup - ok
15:42:14.0023 0x11bc [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
15:42:14.0070 0x11bc NDIS - ok
15:42:14.0117 0x11bc [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:14.0117 0x11bc NdisCap - ok
15:42:14.0148 0x11bc [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:42:14.0163 0x11bc NdisImPlatform - ok
15:42:14.0194 0x11bc [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:14.0210 0x11bc NdisTapi - ok
15:42:14.0241 0x11bc [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:14.0241 0x11bc Ndisuio - ok
15:42:14.0257 0x11bc [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:14.0272 0x11bc NdisWan - ok
15:42:14.0288 0x11bc [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:14.0304 0x11bc NDISWANLEGACY - ok
15:42:14.0350 0x11bc [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:42:14.0366 0x11bc NDProxy - ok
15:42:14.0382 0x11bc [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
15:42:14.0382 0x11bc Ndu - ok
15:42:14.0397 0x11bc [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:42:14.0413 0x11bc NetBIOS - ok
15:42:14.0444 0x11bc [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:42:14.0460 0x11bc NetBT - ok
15:42:14.0491 0x11bc [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
15:42:14.0491 0x11bc Netlogon - ok
15:42:14.0538 0x11bc [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
15:42:14.0569 0x11bc Netman - ok
15:42:14.0631 0x11bc [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
15:42:14.0662 0x11bc netprofm - ok
15:42:14.0725 0x11bc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:14.0740 0x11bc NetTcpPortSharing - ok
15:42:15.0021 0x11bc [ A92DECBD3D9624F298A49A2B25EDE3B0, 5CD6914DE33E70B2097BDBB302BDE2AC3654AF54B6F673D98E48881CEA98BD36 ] NETwNe64 C:\Windows\system32\DRIVERS\NETwew00.sys
15:42:15.0302 0x11bc NETwNe64 - ok
15:42:15.0380 0x11bc [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:42:15.0380 0x11bc nfrd960 - ok
15:42:15.0458 0x11bc [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:42:15.0489 0x11bc NlaSvc - ok
15:42:15.0505 0x11bc [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:42:15.0505 0x11bc Npfs - ok
15:42:15.0520 0x11bc [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
15:42:15.0536 0x11bc npsvctrig - ok
15:42:15.0567 0x11bc [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
15:42:15.0583 0x11bc nsi - ok
15:42:15.0598 0x11bc [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:42:15.0598 0x11bc nsiproxy - ok
15:42:15.0786 0x11bc [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:42:15.0910 0x11bc Ntfs - ok
15:42:15.0973 0x11bc [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
15:42:15.0973 0x11bc Null - ok
15:42:16.0020 0x11bc [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:42:16.0051 0x11bc nvraid - ok
15:42:16.0066 0x11bc [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:42:16.0082 0x11bc nvstor - ok
15:42:16.0113 0x11bc [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:42:16.0129 0x11bc nv_agp - ok
15:42:16.0207 0x11bc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:16.0222 0x11bc ose - ok
15:42:16.0581 0x11bc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:42:16.0862 0x11bc osppsvc - ok
15:42:16.0940 0x11bc [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:42:16.0971 0x11bc p2pimsvc - ok
15:42:17.0018 0x11bc [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
15:42:17.0049 0x11bc p2psvc - ok
15:42:17.0081 0x11bc [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
15:42:17.0081 0x11bc Parport - ok
15:42:17.0127 0x11bc [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:42:17.0143 0x11bc partmgr - ok
15:42:17.0221 0x11bc [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:42:17.0252 0x11bc PcaSvc - ok
15:42:17.0330 0x11bc PCDSRVC{0368CD8C-041F8379-06020200}_0 - ok
15:42:17.0377 0x11bc [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
15:42:17.0393 0x11bc pci - ok
15:42:17.0408 0x11bc [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
15:42:17.0424 0x11bc pciide - ok
15:42:17.0455 0x11bc [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:42:17.0471 0x11bc pcmcia - ok
15:42:17.0486 0x11bc [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
15:42:17.0486 0x11bc pcw - ok
15:42:17.0533 0x11bc [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
15:42:17.0533 0x11bc pdc - ok
15:42:17.0627 0x11bc [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:42:17.0673 0x11bc PEAUTH - ok
15:42:17.0783 0x11bc [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:42:17.0783 0x11bc PerfHost - ok
15:42:17.0923 0x11bc [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
15:42:18.0048 0x11bc pla - ok
15:42:18.0095 0x11bc [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:42:18.0110 0x11bc PlugPlay - ok
15:42:18.0142 0x11bc [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:42:18.0157 0x11bc PNRPAutoReg - ok
15:42:18.0188 0x11bc [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:42:18.0219 0x11bc PNRPsvc - ok
15:42:18.0282 0x11bc [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:42:18.0313 0x11bc PolicyAgent - ok
15:42:18.0360 0x11bc [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
15:42:18.0391 0x11bc Power - ok
15:42:18.0422 0x11bc [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:42:18.0422 0x11bc PptpMiniport - ok
15:42:18.0656 0x11bc [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:42:18.0843 0x11bc PrintNotify - ok
15:42:18.0890 0x11bc [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
15:42:18.0890 0x11bc Processor - ok
15:42:18.0937 0x11bc [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:42:18.0968 0x11bc ProfSvc - ok
15:42:18.0999 0x11bc [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
15:42:18.0999 0x11bc Ps2Kb2Hid - ok
15:42:19.0015 0x11bc [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:42:19.0031 0x11bc Psched - ok
15:42:19.0078 0x11bc [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
15:42:19.0109 0x11bc QWAVE - ok
15:42:19.0140 0x11bc [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:42:19.0140 0x11bc QWAVEdrv - ok
15:42:19.0156 0x11bc [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:42:19.0171 0x11bc RasAcd - ok
15:42:19.0202 0x11bc [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:19.0218 0x11bc RasAgileVpn - ok
15:42:19.0234 0x11bc [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
15:42:19.0249 0x11bc RasAuto - ok
15:42:19.0265 0x11bc [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:19.0280 0x11bc Rasl2tp - ok
15:42:19.0327 0x11bc [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
15:42:19.0358 0x11bc RasMan - ok
15:42:19.0374 0x11bc [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:19.0374 0x11bc RasPppoe - ok
15:42:19.0390 0x11bc [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:42:19.0405 0x11bc RasSstp - ok
15:42:19.0468 0x11bc [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:42:19.0483 0x11bc rdbss - ok
15:42:19.0499 0x11bc [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
15:42:19.0514 0x11bc rdpbus - ok
15:42:19.0577 0x11bc [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:42:19.0577 0x11bc RDPDR - ok
15:42:19.0623 0x11bc [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:42:19.0639 0x11bc RdpVideoMiniport - ok
15:42:19.0670 0x11bc [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:42:19.0686 0x11bc RDPWD - ok
15:42:19.0702 0x11bc [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:42:19.0717 0x11bc rdyboost - ok
15:42:19.0795 0x11bc [ D4F8266D63800FF9ACFAC838005A974C, 4FF1053A6B5365867F58AE521FDD32565C144686CB399C2B606005A507EC206E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:42:19.0795 0x11bc RegSrvc - ok
15:42:19.0858 0x11bc [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:42:19.0873 0x11bc RemoteAccess - ok
15:42:19.0920 0x11bc [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:42:19.0936 0x11bc RemoteRegistry - ok
15:42:19.0967 0x11bc [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
15:42:19.0982 0x11bc RfButtonDriverService - ok
15:42:20.0014 0x11bc [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:42:20.0029 0x11bc RpcEptMapper - ok
15:42:20.0045 0x11bc [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
15:42:20.0060 0x11bc RpcLocator - ok
15:42:20.0138 0x11bc [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
15:42:20.0185 0x11bc RpcSs - ok
15:42:20.0232 0x11bc [ 1EE9D150653775BAA064F3FF1A02F267, 8E25A94899056C85FBF93038D47AB0A13FEC97855FB9A9977D807ED06F6C24C9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
15:42:20.0248 0x11bc RSPCIESTOR - ok
15:42:20.0295 0x11bc [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:42:20.0310 0x11bc rspndr - ok
15:42:20.0326 0x11bc [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
15:42:20.0341 0x11bc s3cap - ok
15:42:20.0372 0x11bc [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
15:42:20.0372 0x11bc SamSs - ok
15:42:20.0404 0x11bc [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:42:20.0404 0x11bc sbp2port - ok
15:42:20.0435 0x11bc [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:42:20.0466 0x11bc SCardSvr - ok
15:42:20.0482 0x11bc [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:42:20.0497 0x11bc scfilter - ok
15:42:20.0606 0x11bc [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\Windows\system32\schedsvc.dll
15:42:20.0716 0x11bc Schedule - ok
15:42:20.0747 0x11bc [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:42:20.0762 0x11bc SCPolicySvc - ok
15:42:20.0809 0x11bc [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
15:42:20.0825 0x11bc sdbus - ok
15:42:20.0856 0x11bc [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:42:20.0887 0x11bc SDRSVC - ok
15:42:20.0934 0x11bc [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
15:42:20.0934 0x11bc sdstor - ok
15:42:20.0965 0x11bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:42:20.0981 0x11bc secdrv - ok
15:42:20.0996 0x11bc [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
15:42:21.0012 0x11bc seclogon - ok
15:42:21.0059 0x11bc [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
15:42:21.0074 0x11bc SENS - ok
15:42:21.0106 0x11bc [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:42:21.0121 0x11bc SensrSvc - ok
15:42:21.0152 0x11bc [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
15:42:21.0152 0x11bc SerCx - ok
15:42:21.0184 0x11bc [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
15:42:21.0184 0x11bc Serenum - ok
15:42:21.0215 0x11bc [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
15:42:21.0215 0x11bc Serial - ok
15:42:21.0246 0x11bc [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
15:42:21.0246 0x11bc sermouse - ok
15:42:21.0308 0x11bc [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
15:42:21.0340 0x11bc SessionEnv - ok
15:42:21.0355 0x11bc [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
15:42:21.0355 0x11bc sfloppy - ok
15:42:21.0433 0x11bc [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:42:21.0464 0x11bc SharedAccess - ok
15:42:21.0511 0x11bc [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:42:21.0558 0x11bc ShellHWDetection - ok
15:42:21.0574 0x11bc [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:42:21.0589 0x11bc SiSRaid2 - ok
15:42:21.0620 0x11bc [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:42:21.0620 0x11bc SiSRaid4 - ok
15:42:21.0698 0x11bc [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:42:21.0730 0x11bc SkypeUpdate - ok
15:42:21.0761 0x11bc [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:42:21.0776 0x11bc SNMPTRAP - ok
15:42:21.0839 0x11bc [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
15:42:21.0854 0x11bc spaceport - ok
15:42:21.0901 0x11bc [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
15:42:21.0901 0x11bc SpbCx - ok
15:42:21.0979 0x11bc [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
15:42:22.0026 0x11bc Spooler - ok
15:42:22.0354 0x11bc [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\Windows\system32\sppsvc.exe
15:42:22.0681 0x11bc sppsvc - ok
15:42:22.0744 0x11bc [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
15:42:22.0775 0x11bc srv - ok
15:42:22.0853 0x11bc [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:42:22.0884 0x11bc srv2 - ok
15:42:22.0947 0x11bc [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:42:22.0978 0x11bc srvnet - ok
15:42:23.0056 0x11bc [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:42:23.0087 0x11bc SSDPSRV - ok
15:42:23.0118 0x11bc [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:42:23.0134 0x11bc SSPORT - ok
15:42:23.0149 0x11bc [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:42:23.0165 0x11bc SstpSvc - ok
15:42:23.0227 0x11bc [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:42:23.0243 0x11bc ssudmdm - ok
15:42:23.0290 0x11bc [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
15:42:23.0305 0x11bc ssudserd - ok
15:42:23.0477 0x11bc [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
15:42:23.0508 0x11bc ss_conn_service - ok
15:42:23.0571 0x11bc [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8 C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
15:42:23.0586 0x11bc Start8 - ok
15:42:23.0617 0x11bc [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:42:23.0617 0x11bc stexstor - ok
15:42:23.0695 0x11bc [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
15:42:23.0742 0x11bc stisvc - ok
15:42:23.0789 0x11bc [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
15:42:23.0789 0x11bc storahci - ok
15:42:23.0820 0x11bc [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:42:23.0820 0x11bc storflt - ok
15:42:23.0867 0x11bc [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
15:42:23.0883 0x11bc StorSvc - ok
15:42:23.0898 0x11bc [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:42:23.0898 0x11bc storvsc - ok
15:42:23.0929 0x11bc [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
15:42:23.0945 0x11bc svsvc - ok
15:42:23.0961 0x11bc [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
15:42:23.0961 0x11bc swenum - ok
15:42:24.0023 0x11bc [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
15:42:24.0054 0x11bc swprv - ok
15:42:24.0117 0x11bc [ C72663637DBAD69DDE0919DA4A378A2A, 250E49419FB21EC4046D3C38C25B784ADC8A727A54E5AB3835E830B1D49C996A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:42:24.0148 0x11bc SynTP - ok
15:42:24.0257 0x11bc [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
15:42:24.0366 0x11bc SysMain - ok
15:42:24.0429 0x11bc [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:42:24.0460 0x11bc SystemEventsBroker - ok
15:42:24.0507 0x11bc [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
15:42:24.0522 0x11bc TabletInputService - ok
15:42:24.0553 0x11bc [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:42:24.0585 0x11bc TapiSrv - ok
15:42:24.0756 0x11bc [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:42:24.0897 0x11bc Tcpip - ok
15:42:25.0053 0x11bc [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:42:25.0162 0x11bc TCPIP6 - ok
15:42:25.0209 0x11bc [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:42:25.0209 0x11bc tcpipreg - ok
15:42:25.0240 0x11bc [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:42:25.0240 0x11bc tdx - ok
15:42:25.0599 0x11bc [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
15:42:25.0833 0x11bc TeamViewer9 - ok
15:42:25.0895 0x11bc [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
15:42:25.0957 0x11bc terminpt - ok
15:42:26.0145 0x11bc [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\Windows\System32\termsrv.dll
15:42:26.0192 0x11bc TermService - ok
15:42:26.0238 0x11bc [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
15:42:26.0254 0x11bc Themes - ok
15:42:26.0301 0x11bc [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
15:42:26.0316 0x11bc THREADORDER - ok
15:42:26.0363 0x11bc [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
15:42:26.0379 0x11bc TimeBroker - ok
15:42:26.0426 0x11bc [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
15:42:26.0441 0x11bc TPM - ok
15:42:26.0457 0x11bc [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
15:42:26.0488 0x11bc TrkWks - ok
15:42:26.0550 0x11bc [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:42:26.0566 0x11bc TrustedInstaller - ok
15:42:26.0613 0x11bc [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:42:26.0613 0x11bc TsUsbFlt - ok
15:42:26.0628 0x11bc [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
15:42:26.0628 0x11bc TsUsbGD - ok
15:42:26.0660 0x11bc [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:42:26.0675 0x11bc tunnel - ok
15:42:26.0706 0x11bc [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:42:26.0706 0x11bc uagp35 - ok
15:42:26.0738 0x11bc [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
15:42:26.0753 0x11bc UASPStor - ok
15:42:26.0800 0x11bc [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
15:42:26.0816 0x11bc UCX01000 - ok
15:42:26.0878 0x11bc [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:42:26.0894 0x11bc udfs - ok
15:42:26.0940 0x11bc [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:42:26.0956 0x11bc UI0Detect - ok
15:42:26.0971 0x11bc [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:42:26.0971 0x11bc uliagpkx - ok
15:42:26.0987 0x11bc [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
15:42:27.0003 0x11bc umbus - ok
15:42:27.0034 0x11bc [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
15:42:27.0034 0x11bc UmPass - ok
15:42:27.0081 0x11bc [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
15:42:27.0112 0x11bc UmRdpService - ok
15:42:27.0159 0x11bc [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
15:42:27.0206 0x11bc upnphost - ok
15:42:27.0252 0x11bc [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
15:42:27.0268 0x11bc usbccgp - ok
15:42:27.0315 0x11bc [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
15:42:27.0315 0x11bc usbcir - ok
15:42:27.0346 0x11bc [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
15:42:27.0362 0x11bc usbehci - ok
15:42:27.0408 0x11bc [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:42:27.0408 0x11bc usbfilter - ok
15:42:27.0471 0x11bc [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
15:42:27.0502 0x11bc usbhub - ok
15:42:27.0580 0x11bc [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
15:42:27.0611 0x11bc USBHUB3 - ok
15:42:27.0642 0x11bc [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
15:42:27.0642 0x11bc usbohci - ok
15:42:27.0673 0x11bc [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
15:42:27.0673 0x11bc usbprint - ok
15:42:27.0705 0x11bc [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan C:\Windows\System32\drivers\usbscan.sys
15:42:27.0720 0x11bc usbscan - ok
15:42:27.0752 0x11bc [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
15:42:27.0752 0x11bc USBSTOR - ok
15:42:27.0783 0x11bc [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
15:42:27.0783 0x11bc usbuhci - ok
15:42:27.0830 0x11bc [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:42:27.0845 0x11bc usbvideo - ok
15:42:27.0876 0x11bc [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
15:42:27.0892 0x11bc USBXHCI - ok
15:42:27.0939 0x11bc [ 9AD9560606A3049CE492E3A06FB12716, D154976648BC3F6B3E3B8E055ECF18C6BE93359B3F679D9BFC5430E4746CB52E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:42:27.0939 0x11bc usb_rndisx - ok
15:42:27.0954 0x11bc [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
15:42:27.0970 0x11bc VaultSvc - ok
15:42:28.0001 0x11bc [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:42:28.0017 0x11bc vdrvroot - ok
15:42:28.0079 0x11bc [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
15:42:28.0126 0x11bc vds - ok
15:42:28.0157 0x11bc [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
15:42:28.0157 0x11bc VerifierExt - ok
15:42:28.0220 0x11bc [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
15:42:28.0251 0x11bc vhdmp - ok
15:42:28.0282 0x11bc [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
15:42:28.0282 0x11bc viaide - ok
15:42:28.0313 0x11bc [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:42:28.0329 0x11bc vmbus - ok
15:42:28.0344 0x11bc [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
15:42:28.0344 0x11bc VMBusHID - ok
15:42:28.0407 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
15:42:28.0438 0x11bc vmicheartbeat - ok
15:42:28.0469 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:42:28.0485 0x11bc vmickvpexchange - ok
15:42:28.0516 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
15:42:28.0532 0x11bc vmicrdv - ok
15:42:28.0563 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
15:42:28.0578 0x11bc vmicshutdown - ok
15:42:28.0610 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
15:42:28.0641 0x11bc vmictimesync - ok
15:42:28.0656 0x11bc [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
15:42:28.0688 0x11bc vmicvss - ok
15:42:28.0703 0x11bc [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:42:28.0703 0x11bc volmgr - ok
15:42:28.0766 0x11bc [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:42:28.0781 0x11bc volmgrx - ok
15:42:28.0844 0x11bc [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:42:28.0859 0x11bc volsnap - ok
15:42:28.0890 0x11bc [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
15:42:28.0890 0x11bc vpci - ok
15:42:28.0922 0x11bc [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:42:28.0937 0x11bc vsmraid - ok
15:42:29.0093 0x11bc [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS C:\Windows\system32\vssvc.exe
15:42:29.0202 0x11bc VSS - ok
15:42:29.0234 0x11bc [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
15:42:29.0265 0x11bc VSTXRAID - ok
15:42:29.0296 0x11bc [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:42:29.0296 0x11bc vwifibus - ok
15:42:29.0312 0x11bc [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:29.0312 0x11bc vwififlt - ok
15:42:29.0327 0x11bc [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:42:29.0343 0x11bc vwifimp - ok
15:42:29.0390 0x11bc [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
15:42:29.0421 0x11bc W32Time - ok
15:42:29.0436 0x11bc [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
15:42:29.0452 0x11bc WacomPen - ok
15:42:29.0499 0x11bc [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:42:29.0499 0x11bc Wanarp - ok
15:42:29.0514 0x11bc [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:42:29.0530 0x11bc Wanarpv6 - ok
15:42:29.0639 0x11bc [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
15:42:29.0748 0x11bc wbengine - ok
15:42:29.0795 0x11bc [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:42:29.0826 0x11bc WbioSrvc - ok
15:42:29.0889 0x11bc [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\Windows\System32\wcmsvc.dll
15:42:29.0920 0x11bc Wcmsvc - ok
15:42:29.0982 0x11bc [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:42:30.0014 0x11bc wcncsvc - ok
15:42:30.0045 0x11bc [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:42:30.0061 0x11bc WcsPlugInService - ok
15:42:30.0092 0x11bc [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
15:42:30.0092 0x11bc Wd - ok
15:42:30.0139 0x11bc [ B7FD627AAE8E95848BFEC437C923A87E, 26188FC7E86AD9B92FB732DD3EC5E8EAB18EB52B21E854B27798EC08C49167D8 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
15:42:30.0154 0x11bc WdBoot - ok
15:42:30.0232 0x11bc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:42:30.0279 0x11bc Wdf01000 - ok
15:42:30.0326 0x11bc [ FAC362ED29713A535C6E2EEFFA5B4733, C4AF6C5A74389F9F51668433D4478806016C4913CB241F77513601803D532EC0 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
15:42:30.0341 0x11bc WdFilter - ok
15:42:30.0419 0x11bc [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:42:30.0450 0x11bc WdiServiceHost - ok
15:42:30.0466 0x11bc [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:42:30.0497 0x11bc WdiSystemHost - ok
15:42:30.0560 0x11bc [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
15:42:30.0575 0x11bc WebClient - ok
15:42:30.0607 0x11bc [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:42:30.0638 0x11bc Wecsvc - ok
15:42:30.0669 0x11bc [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:42:30.0685 0x11bc wercplsupport - ok
15:42:30.0731 0x11bc [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
15:42:30.0747 0x11bc WerSvc - ok
15:42:30.0794 0x11bc [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
15:42:30.0809 0x11bc WFPLWFS - ok
15:42:30.0840 0x11bc [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
15:42:30.0856 0x11bc WiaRpc - ok
15:42:30.0872 0x11bc [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:42:30.0887 0x11bc WIMMount - ok
15:42:30.0903 0x11bc WinDefend - ok
15:42:31.0012 0x11bc [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:42:31.0059 0x11bc WinHttpAutoProxySvc - ok
15:42:31.0121 0x11bc [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:42:31.0137 0x11bc Winmgmt - ok
15:42:31.0340 0x11bc [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM C:\Windows\system32\WsmSvc.dll
15:42:31.0543 0x11bc WinRM - ok
15:42:31.0589 0x11bc [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:31.0589 0x11bc WinUsb - ok
15:42:31.0699 0x11bc [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
15:42:31.0823 0x11bc WlanSvc - ok
15:42:31.0964 0x11bc [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
15:42:32.0120 0x11bc wlidsvc - ok
15:42:32.0167 0x11bc [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
15:42:32.0167 0x11bc WmiAcpi - ok
15:42:32.0214 0x11bc [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:42:32.0229 0x11bc wmiApSrv - ok
15:42:32.0260 0x11bc WMPNetworkSvc - ok
15:42:32.0291 0x11bc [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
15:42:32.0291 0x11bc wpcfltr - ok
15:42:32.0338 0x11bc [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:42:32.0354 0x11bc WPCSvc - ok
15:42:32.0401 0x11bc [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:42:32.0416 0x11bc WPDBusEnum - ok
15:42:32.0432 0x11bc [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
15:42:32.0432 0x11bc WpdUpFltr - ok
15:42:32.0494 0x11bc [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:42:32.0494 0x11bc ws2ifsl - ok
15:42:32.0541 0x11bc [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
15:42:32.0572 0x11bc wscsvc - ok
15:42:32.0603 0x11bc [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
15:42:32.0619 0x11bc WSDPrintDevice - ok
15:42:32.0635 0x11bc WSearch - ok
15:42:32.0806 0x11bc [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
15:42:32.0962 0x11bc WSService - ok
15:42:33.0227 0x11bc [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv C:\Windows\system32\wuaueng.dll
15:42:33.0446 0x11bc wuauserv - ok
15:42:33.0493 0x11bc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:42:33.0508 0x11bc WudfPf - ok
15:42:33.0524 0x11bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
15:42:33.0540 0x11bc WUDFRd - ok
15:42:33.0571 0x11bc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:42:33.0602 0x11bc wudfsvc - ok
15:42:33.0617 0x11bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:33.0633 0x11bc WUDFWpdFs - ok
15:42:33.0649 0x11bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:33.0664 0x11bc WUDFWpdMtp - ok
15:42:33.0727 0x11bc [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:42:33.0758 0x11bc WwanSvc - ok
15:42:33.0992 0x11bc [ 97D3DCBBF3915782644DB56F5C191B9F, 3207D951F8042ADA9256283E9D64C3427D145DB98172A87733F868215FF62EF4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:42:34.0117 0x11bc ZeroConfigService - ok
15:42:34.0132 0x11bc ZTEusbmdm6k - ok
15:42:34.0148 0x11bc ZTEusbnmea - ok
15:42:34.0164 0x11bc ZTEusbser6k - ok
15:42:34.0210 0x11bc ================ Scan global ===============================
15:42:34.0257 0x11bc [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
15:42:34.0320 0x11bc [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
15:42:34.0366 0x11bc [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
15:42:34.0444 0x11bc [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\Windows\system32\services.exe
15:42:34.0476 0x11bc [ Global ] - ok
15:42:34.0491 0x11bc ================ Scan MBR ==================================
15:42:34.0491 0x11bc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:42:34.0507 0x11bc \Device\Harddisk0\DR0 - ok
15:42:34.0522 0x11bc [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
15:42:34.0522 0x11bc \Device\Harddisk1\DR1 - ok
15:42:34.0522 0x11bc ================ Scan VBR ==================================
15:42:34.0569 0x11bc [ 9813877863508D709DE4F7C6ACC3D0AC ] \Device\Harddisk0\DR0\Partition1
15:42:34.0569 0x11bc \Device\Harddisk0\DR0\Partition1 - ok
15:42:34.0585 0x11bc [ 8C289B6D229F43B1E3FB9360C97A1D16 ] \Device\Harddisk0\DR0\Partition2
15:42:34.0600 0x11bc \Device\Harddisk0\DR0\Partition2 - ok
15:42:34.0616 0x11bc [ FDD2E7C952566CAFA7B84BE734674D05 ] \Device\Harddisk0\DR0\Partition3
15:42:34.0616 0x11bc \Device\Harddisk0\DR0\Partition3 - ok
15:42:34.0632 0x11bc [ 654116B0868014985524E518A86DD709 ] \Device\Harddisk0\DR0\Partition4
15:42:34.0647 0x11bc \Device\Harddisk0\DR0\Partition4 - ok
15:42:34.0678 0x11bc [ 7EEB3A168E0F7FDF7AF023AE060A70DD ] \Device\Harddisk0\DR0\Partition5
15:42:34.0694 0x11bc \Device\Harddisk0\DR0\Partition5 - ok
15:42:34.0710 0x11bc [ 140AD8802C85F2F42089E0DF8F7C9C80 ] \Device\Harddisk0\DR0\Partition6
15:42:34.0725 0x11bc \Device\Harddisk0\DR0\Partition6 - ok
15:42:34.0756 0x11bc [ DF93DD5DF27B95FDC0178B77CDC1AFBD ] \Device\Harddisk0\DR0\Partition7
15:42:34.0756 0x11bc \Device\Harddisk0\DR0\Partition7 - ok
15:42:34.0772 0x11bc [ B8131B8C94AC17245F23DAC2228CEDD3 ] \Device\Harddisk1\DR1\Partition1
15:42:34.0772 0x11bc \Device\Harddisk1\DR1\Partition1 - ok
15:42:34.0772 0x11bc ================ Scan generic autorun ======================
15:42:35.0583 0x11bc [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:42:36.0129 0x11bc RTHDVCPL - ok
15:42:36.0176 0x11bc SynTPEnh - ok
15:42:36.0270 0x11bc [ 73D5A5EA6209DAF5A324A5D4D40D4B8C, 0A37DFBE4772403CD24F0ECE8EFBA24026CED34652986716DF4451AACFCF6479 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:42:36.0332 0x11bc StartCCC - ok
15:42:36.0379 0x11bc [ 482C20F8A1528960BF0C58233E907226, 2DE1F92881A25D93669A9D2A331903B230CAFD51786776E393148448A32BC505 ] C:\Program Files (x86)\PDF24\pdf24.exe
15:42:36.0394 0x11bc PDFPrint - ok
15:42:36.0535 0x11bc [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:42:36.0597 0x11bc Adobe ARM - ok
15:42:36.0675 0x11bc [ 4E942B9318ECF3E3F435AA4BFA3E39A0, 374012FDD59FBEEDCFA6FA0699573DC06DD961E7104A68ABBA198A35602D8059 ] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
15:42:36.0691 0x11bc STO Backup Service - ok
15:42:36.0753 0x11bc [ A7354D6552E0F8847F1689A9C3D4C001, 65A664EAD9EE55C99E3BABDBEFA91401CEA236213AC3DBB388BD4E8551D07620 ] C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
15:42:36.0784 0x11bc STO Launcher Service - ok
15:42:36.0909 0x11bc [ 53EBC5A93B96B8590BC7F02D7316A9EE, 40E2FF18A57128A197502A2D52808F326C4250B0CE9C310232A92139AF039D89 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
15:42:36.0940 0x11bc KiesTrayAgent - ok
15:42:37.0050 0x11bc [ 1CEB6E00AEDDAE46BF52DD4741DD80BA, 60266CBB61F73AF3A143C65F5907897B4522D905AA25C2FBAD40EB6CDEF4E65E ] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
15:42:37.0065 0x11bc LexwareInfoService - ok
15:42:37.0128 0x11bc [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:42:37.0143 0x11bc SunJavaUpdateSched - ok
15:42:37.0486 0x11bc [ 4D41E99E1986D54BF7F0DA18AFDB703E, F49741DF7172FFE7E9FD075B095A0CAE581CA2CF32C196A299968886293621E2 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:42:37.0736 0x11bc AvastUI.exe - ok
15:42:37.0830 0x11bc [ 7778935A256BBA9267784E3FEDF0B747, 2A5F2903A779DBCCE657EC127FB36B7D947E5E8BD096C75AD67B5EDE14AE4F50 ] C:\Windows\BrowserChoice\browserchoice.exe
15:42:37.0830 0x11bc BrowserChoice - ok
15:42:37.0970 0x11bc [ 99C03F5D726A415253DBF09AFDA0A72E, 860DEF308AA90385763AF0F91F9CEFC3AFDB3C7DFB317B4A5C94429FD0F9707E ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
15:42:38.0064 0x11bc KiesPreload - ok
15:42:38.0079 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:39.0093 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:40.0094 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:41.0108 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:42.0122 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:43.0138 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:44.0152 0x11bc Waiting for KSN requests completion. In queue: 85
15:42:45.0244 0x11bc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:42:45.0260 0x11bc AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41000 ( enabled : updated )
15:42:45.0276 0x11bc FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41010 ( enabled )
15:42:47.0818 0x11bc ============================================================
15:42:47.0818 0x11bc Scan finished
15:42:47.0818 0x11bc ============================================================
15:42:47.0865 0x0668 Detected object count: 0
15:42:47.0865 0x0668 Actual detected object count: 0
15:43:00.0641 0x1538 Deinitialize success
Office inkl. Outlook ist deinstalliert |
|
07.03.2015, 12:45
| #6 |
| /// the machine /// TB-Ausbilder | UPS-Mail anhang geöffnet Passwort vom Mail Account ändern. Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
__________________ --> UPS-Mail anhang geöffnet |
|
09.03.2015, 16:40
| #7 |
| | UPS-Mail anhang geöffnetCode:
ATTFilter Emsisoft Emergency Kit - Version 9.0
Letztes Update: 09.03.2015 13:47:51
Benutzerkonto: Buchlemmi\Peter Kuttig
Scan-Einstellungen:
Scan Methode: Detail-Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 09.03.2015 13:48:40
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
C:\Windows\Re-Aktivierung\trz8390.tmp gefunden: Application.Hacktool.GA (B)
D:\Avast Internet Security 7.0.1474\Patch 2050.exe gefunden: Riskware.Win32.Cracktool (A)
D:\IM.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\Patch for Win7\incredimail.plus.v6.xx.xxxx.win7-patch.exe gefunden: Gen:Variant.Graftor.14826 (B)
D:\WinZipPro-17.0.10283g-64\WinZipPro-17.0.10283g-64\keymaker-tmg-wz17.exe gefunden: Trojan.Generic.9998826 (B)
Gescannt 307975
Gefunden 7
Scan-Ende: 09.03.2015 16:28:02
Scan-Zeit: 2:39:22
D:\WinZipPro-17.0.10283g-64\WinZipPro-17.0.10283g-64\keymaker-tmg-wz17.exe Quarantäne Trojan.Generic.9998826 (B)
D:\StSt8_1.11\StSt8_1.11\stardock.start8-patch.painter.exe Quarantäne Riskware.Win32.Keygen (A)
D:\IM.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\Patch for Win7\incredimail.plus.v6.xx.xxxx.win7-patch.exe Quarantäne Gen:Variant.Graftor.14826 (B)
D:\Avast Internet Security 7.0.1474\Patch 2050.exe Quarantäne Riskware.Win32.Cracktool (A)
C:\Windows\Re-Aktivierung\trz8390.tmp Quarantäne Application.Hacktool.GA (B)
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantäne Setting.DisableTaskMgr (A)
Quarantäne 7
|
|
10.03.2015, 09:29
| #8 |
| /// the machine /// TB-Ausbilder | UPS-Mail anhang geöffnet und damit wäre der Support dann beendet..... Wieviele Cracks sind denn da im Einsatz?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.03.2015, 12:56
| #9 |
| | UPS-Mail anhang geöffnet eigentlich keiner soweit ich weiss Die Teile sind auf D: und haben keine Bewandnis da weder Incredimail noch start8 installiert sind Aber ich werd den Rechner platt machen |
|
10.03.2015, 20:00
| #10 | |
| /// the machine /// TB-Ausbilder | UPS-Mail anhang geöffnetZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu UPS-Mail anhang geöffnet |
| anhang, anhang geöffnet, mail, sauber, sendung, unterstützung, ups, ups-mail, vater, win, zip-anhang |
Linear-Darstellung
