Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Vista: iexplorer.exe startet eigenständig und belastet den PC

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 27.08.2014, 16:53   #16
plopptop
 
Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Ich hoffe, dass es nich angehackt war! *troll*

TDSSKiller hat mir zwei Logs zugeworfen. Den Zeiten nacht wohl eins vor und eins nach dem Neustart. Ich geb sie dir mal beide weiter.

TDSSKiller.3.0.0.40_27.08.2014_17.35.05_log:
Code:
ATTFilter
17:35:05.0703 0x072c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:35:09.0338 0x072c  ============================================================
17:35:09.0338 0x072c  Current date / time: 2014/08/27 17:35:09.0338
17:35:09.0338 0x072c  SystemInfo:
17:35:09.0338 0x072c  
17:35:09.0338 0x072c  OS Version: 6.0.6002 ServicePack: 2.0
17:35:09.0338 0x072c  Product type: Workstation
17:35:09.0338 0x072c  ComputerName: SEBASTIAN
17:35:09.0338 0x072c  UserName: Basti
17:35:09.0338 0x072c  Windows directory: C:\Windows
17:35:09.0338 0x072c  System windows directory: C:\Windows
17:35:09.0338 0x072c  Processor architecture: Intel x86
17:35:09.0338 0x072c  Number of processors: 4
17:35:09.0338 0x072c  Page size: 0x1000
17:35:09.0338 0x072c  Boot type: Normal boot
17:35:09.0338 0x072c  ============================================================
17:35:10.0727 0x072c  KLMD registered as C:\Windows\system32\drivers\26358141.sys
17:35:10.0883 0x072c  System UUID: {10CC0392-1777-4CA9-6AE3-1AA01B0BB5E0}
17:35:11.0507 0x072c  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:35:11.0507 0x072c  ============================================================
17:35:11.0507 0x072c  \Device\Harddisk0\DR0:
17:35:11.0507 0x072c  MBR partitions:
17:35:11.0507 0x072c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA9CD000
17:35:11.0507 0x072c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA9CD800, BlocksNum 0x186A0000
17:35:11.0507 0x072c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2306D800, BlocksNum 0x17317000
17:35:11.0507 0x072c  ============================================================
17:35:11.0538 0x072c  C: <-> \Device\Harddisk0\DR0\Partition1
17:35:11.0553 0x072c  D: <-> \Device\Harddisk0\DR0\Partition2
17:35:11.0631 0x072c  E: <-> \Device\Harddisk0\DR0\Partition3
17:35:11.0631 0x072c  ============================================================
17:35:11.0631 0x072c  Initialize success
17:35:11.0631 0x072c  ============================================================
17:35:25.0874 0x1270  ============================================================
17:35:25.0874 0x1270  Scan started
17:35:25.0874 0x1270  Mode: Manual; 
17:35:25.0874 0x1270  ============================================================
17:35:25.0874 0x1270  KSN ping started
17:35:28.0292 0x1270  KSN ping finished: true
17:35:28.0807 0x1270  ================ Scan system memory ========================
17:35:28.0807 0x1270  System memory - ok
17:35:28.0807 0x1270  ================ Scan services =============================
17:35:28.0932 0x1270  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:35:28.0947 0x1270  ACPI - ok
17:35:29.0010 0x1270  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:35:29.0025 0x1270  adp94xx - ok
17:35:29.0041 0x1270  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:35:29.0057 0x1270  adpahci - ok
17:35:29.0088 0x1270  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:35:29.0088 0x1270  adpu160m - ok
17:35:29.0103 0x1270  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:35:29.0119 0x1270  adpu320 - ok
17:35:29.0135 0x1270  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:35:29.0150 0x1270  AeLookupSvc - ok
17:35:29.0181 0x1270  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
17:35:29.0197 0x1270  AFD - ok
17:35:29.0228 0x1270  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:35:29.0228 0x1270  agp440 - ok
17:35:29.0244 0x1270  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:35:29.0244 0x1270  aic78xx - ok
17:35:29.0275 0x1270  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
17:35:29.0275 0x1270  ALG - ok
17:35:29.0291 0x1270  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:35:29.0291 0x1270  aliide - ok
17:35:29.0337 0x1270  [ DE697CA5522739901B17D60E18A48B57, 89C526BEDF5678047A8C0BDFA75FACA308F708B8FE3D3F0AC5A6BE20D27C76EA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:35:29.0353 0x1270  AMD External Events Utility - ok
17:35:29.0384 0x1270  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:35:29.0384 0x1270  amdagp - ok
17:35:29.0400 0x1270  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:35:29.0400 0x1270  amdide - ok
17:35:29.0431 0x1270  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:35:29.0431 0x1270  AmdK7 - ok
17:35:29.0447 0x1270  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:35:29.0447 0x1270  AmdK8 - ok
17:35:29.0946 0x1270  [ A5DE11C167222FB7F73588530F851784, 6847841BD121923BAB5CB118F5477696233F2A14789D99A1C7F528164BFC101B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:35:30.0258 0x1270  amdkmdag - ok
17:35:30.0351 0x1270  [ 354D38ECA8452AB6D3489CAD80BCFF25, 7A296CABC9EE6CB6CB9AA4CFBFBFB1BDC2E26E944D27E3C9BEDA30C979F2C794 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:35:30.0351 0x1270  amdkmdap - ok
17:35:30.0445 0x1270  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:35:30.0445 0x1270  AntiVirSchedulerService - ok
17:35:30.0476 0x1270  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:35:30.0492 0x1270  AntiVirService - ok
17:35:30.0523 0x1270  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
17:35:30.0523 0x1270  Appinfo - ok
17:35:30.0554 0x1270  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:35:30.0570 0x1270  AppMgmt - ok
17:35:30.0585 0x1270  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
17:35:30.0601 0x1270  arc - ok
17:35:30.0726 0x1270  [ E9FA6D1240CAE3FEB3EE333195863C2B, 7DD9F8B36DBAE40CA9726BB2BDE9D41DC2C3E80AB6AAE15E76894F199395B1C5 ] ArcGIS License Manager E:\Steffi\License10.2\bin\lmgrd.exe
17:35:30.0773 0x1270  ArcGIS License Manager - ok
17:35:30.0819 0x1270  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:35:30.0819 0x1270  arcsas - ok
17:35:30.0897 0x1270  [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:35:30.0897 0x1270  aspnet_state - ok
17:35:30.0929 0x1270  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:35:30.0944 0x1270  AsyncMac - ok
17:35:30.0975 0x1270  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
17:35:30.0975 0x1270  atapi - ok
17:35:31.0007 0x1270  [ DDCF63069542F513F3A26FA060F84B4C, 6E3B82065A4C33679AB8E1AE5B054EE3B1F352368FCF1D1486DE29610BC80EAA ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
17:35:31.0007 0x1270  AtiHDAudioService - ok
17:35:31.0069 0x1270  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
17:35:31.0069 0x1270  atksgt - ok
17:35:31.0116 0x1270  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:35:31.0116 0x1270  AudioEndpointBuilder - ok
17:35:31.0131 0x1270  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:35:31.0147 0x1270  Audiosrv - ok
17:35:31.0147 0x1270  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:35:31.0163 0x1270  avgntflt - ok
17:35:31.0194 0x1270  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:35:31.0209 0x1270  avipbb - ok
17:35:31.0256 0x1270  [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
17:35:31.0256 0x1270  Avira.OE.ServiceHost - ok
17:35:31.0272 0x1270  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:35:31.0287 0x1270  avkmgr - ok
17:35:31.0319 0x1270  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:35:31.0319 0x1270  Beep - ok
17:35:31.0350 0x1270  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
17:35:31.0365 0x1270  BFE - ok
17:35:31.0428 0x1270  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
17:35:31.0459 0x1270  BITS - ok
17:35:31.0459 0x1270  blbdrive - ok
17:35:31.0490 0x1270  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:35:31.0490 0x1270  bowser - ok
17:35:31.0521 0x1270  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:35:31.0521 0x1270  BrFiltLo - ok
17:35:31.0537 0x1270  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:35:31.0537 0x1270  BrFiltUp - ok
17:35:31.0568 0x1270  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
17:35:31.0568 0x1270  Browser - ok
17:35:31.0584 0x1270  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:35:31.0584 0x1270  Brserid - ok
17:35:31.0599 0x1270  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:35:31.0599 0x1270  BrSerWdm - ok
17:35:31.0615 0x1270  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:35:31.0615 0x1270  BrUsbMdm - ok
17:35:31.0615 0x1270  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:35:31.0615 0x1270  BrUsbSer - ok
17:35:31.0631 0x1270  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:35:31.0631 0x1270  BTHMODEM - ok
17:35:31.0677 0x1270  catchme - ok
17:35:31.0709 0x1270  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:35:31.0709 0x1270  cdfs - ok
17:35:31.0740 0x1270  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:35:31.0740 0x1270  cdrom - ok
17:35:31.0771 0x1270  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
17:35:31.0771 0x1270  CertPropSvc - ok
17:35:31.0818 0x1270  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:35:31.0818 0x1270  circlass - ok
17:35:31.0849 0x1270  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
17:35:31.0865 0x1270  CLFS - ok
17:35:31.0911 0x1270  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:35:31.0911 0x1270  clr_optimization_v2.0.50727_32 - ok
17:35:31.0958 0x1270  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:35:31.0958 0x1270  clr_optimization_v4.0.30319_32 - ok
17:35:31.0974 0x1270  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:35:31.0989 0x1270  cmdide - ok
17:35:32.0005 0x1270  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:35:32.0005 0x1270  Compbatt - ok
17:35:32.0005 0x1270  COMSysApp - ok
17:35:32.0036 0x1270  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:35:32.0036 0x1270  crcdisk - ok
17:35:32.0052 0x1270  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:35:32.0052 0x1270  Crusoe - ok
17:35:32.0099 0x1270  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:35:32.0099 0x1270  CryptSvc - ok
17:35:32.0145 0x1270  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC             C:\Windows\system32\drivers\csc.sys
17:35:32.0145 0x1270  CSC - ok
17:35:32.0192 0x1270  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService      C:\Windows\System32\cscsvc.dll
17:35:32.0208 0x1270  CscService - ok
17:35:32.0239 0x1270  [ FFC5377AA2C1A3F5B18F359F661E76C8, BEC4574ABCFF5B5261395B09AD6C14BEC75C603812ABB8C1786C434C84A102F4 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
17:35:32.0239 0x1270  ctxusbm - ok
17:35:32.0286 0x1270  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:35:32.0301 0x1270  DcomLaunch - ok
17:35:32.0333 0x1270  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:35:32.0333 0x1270  DfsC - ok
17:35:32.0457 0x1270  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
17:35:32.0520 0x1270  DFSR - ok
17:35:32.0567 0x1270  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:35:32.0567 0x1270  Dhcp - ok
17:35:32.0613 0x1270  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
17:35:32.0613 0x1270  disk - ok
17:35:32.0629 0x1270  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:35:32.0629 0x1270  Dnscache - ok
17:35:32.0660 0x1270  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
17:35:32.0660 0x1270  dot3svc - ok
17:35:32.0691 0x1270  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
17:35:32.0691 0x1270  DPS - ok
17:35:32.0738 0x1270  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:35:32.0738 0x1270  drmkaud - ok
17:35:32.0769 0x1270  [ 555E54AC2F601A8821CEF58961653991, C094E4BE6903D73C45BEEA21B8E0B65FB94178FF99927640C2C2792F46D543A0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:35:32.0769 0x1270  dtsoftbus01 - ok
17:35:32.0816 0x1270  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:35:32.0832 0x1270  DXGKrnl - ok
17:35:32.0894 0x1270  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:35:32.0910 0x1270  E1G60 - ok
17:35:32.0925 0x1270  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
17:35:32.0925 0x1270  EapHost - ok
17:35:32.0957 0x1270  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:35:32.0957 0x1270  Ecache - ok
17:35:33.0003 0x1270  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:35:33.0019 0x1270  ehRecvr - ok
17:35:33.0050 0x1270  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
17:35:33.0050 0x1270  ehSched - ok
17:35:33.0066 0x1270  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
17:35:33.0066 0x1270  ehstart - ok
17:35:33.0113 0x1270  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:35:33.0128 0x1270  elxstor - ok
17:35:33.0175 0x1270  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:35:33.0191 0x1270  EMDMgmt - ok
17:35:33.0237 0x1270  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
17:35:33.0253 0x1270  EventSystem - ok
17:35:33.0284 0x1270  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:35:33.0300 0x1270  exfat - ok
17:35:33.0315 0x1270  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:35:33.0315 0x1270  fastfat - ok
17:35:33.0362 0x1270  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
17:35:33.0378 0x1270  Fax - ok
17:35:33.0409 0x1270  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:35:33.0409 0x1270  fdc - ok
17:35:33.0425 0x1270  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
17:35:33.0425 0x1270  fdPHost - ok
17:35:33.0440 0x1270  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:35:33.0440 0x1270  FDResPub - ok
17:35:33.0471 0x1270  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:35:33.0471 0x1270  FileInfo - ok
17:35:33.0487 0x1270  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:35:33.0487 0x1270  Filetrace - ok
17:35:33.0581 0x1270  [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:35:33.0612 0x1270  FLEXnet Licensing Service - ok
17:35:33.0627 0x1270  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:35:33.0627 0x1270  flpydisk - ok
17:35:33.0659 0x1270  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:35:33.0659 0x1270  FltMgr - ok
17:35:33.0721 0x1270  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
17:35:33.0752 0x1270  FontCache - ok
17:35:33.0799 0x1270  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:35:33.0799 0x1270  FontCache3.0.0.0 - ok
17:35:33.0830 0x1270  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:35:33.0830 0x1270  Fs_Rec - ok
17:35:33.0846 0x1270  [ FECF4C2E42440A8D132BF94EEE3C3FC9, 38CA8707AABB4513FF3E4FD4FFA7D1117D3FE2224897ACC65DD55B207498B7C6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:35:33.0846 0x1270  fvevol - ok
17:35:33.0861 0x1270  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:35:33.0877 0x1270  gagp30kx - ok
17:35:33.0939 0x1270  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
17:35:33.0971 0x1270  gpsvc - ok
17:35:33.0986 0x1270  [ 7898E20A298105CC3EA1A7BAA695ACFC, 25A1C0B4DD2294966B1FB6F2D2F42628D4EA07C4A4CA5B8C742CCA3E6442254B ] hcmon           C:\Windows\system32\drivers\hcmon.sys
17:35:33.0986 0x1270  hcmon - ok
17:35:34.0033 0x1270  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:35:34.0033 0x1270  HdAudAddService - ok
17:35:34.0080 0x1270  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:35:34.0095 0x1270  HDAudBus - ok
17:35:34.0127 0x1270  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:35:34.0127 0x1270  HidBth - ok
17:35:34.0142 0x1270  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:35:34.0142 0x1270  HidIr - ok
17:35:34.0173 0x1270  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
17:35:34.0173 0x1270  hidserv - ok
17:35:34.0189 0x1270  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:35:34.0205 0x1270  HidUsb - ok
17:35:34.0220 0x1270  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:35:34.0220 0x1270  hkmsvc - ok
17:35:34.0236 0x1270  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:35:34.0236 0x1270  HpCISSs - ok
17:35:34.0267 0x1270  [ 37B1A74B7950F0B30BF575D85E997CF7, 8B3B45A2BF602D9CEDE98BC107F84AC6470D3DD9C1070B60B3D7E6B88CD009D9 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
17:35:34.0267 0x1270  HPSIService - ok
17:35:34.0314 0x1270  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:35:34.0329 0x1270  HTTP - ok
17:35:34.0361 0x1270  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:35:34.0361 0x1270  i2omp - ok
17:35:34.0407 0x1270  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:35:34.0407 0x1270  i8042prt - ok
17:35:34.0439 0x1270  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:35:34.0454 0x1270  iaStorV - ok
17:35:34.0517 0x1270  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:35:34.0563 0x1270  idsvc - ok
17:35:34.0595 0x1270  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:35:34.0610 0x1270  iirsp - ok
17:35:34.0641 0x1270  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:35:34.0657 0x1270  IKEEXT - ok
17:35:34.0673 0x1270  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:35:34.0673 0x1270  intelide - ok
17:35:34.0704 0x1270  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:35:34.0704 0x1270  intelppm - ok
17:35:34.0735 0x1270  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:35:34.0735 0x1270  IPBusEnum - ok
17:35:34.0766 0x1270  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:35:34.0766 0x1270  IpFilterDriver - ok
17:35:34.0797 0x1270  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:35:34.0797 0x1270  iphlpsvc - ok
17:35:34.0797 0x1270  IpInIp - ok
17:35:34.0844 0x1270  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:35:34.0844 0x1270  IPMIDRV - ok
17:35:34.0875 0x1270  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:35:34.0875 0x1270  IPNAT - ok
17:35:34.0922 0x1270  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:35:34.0922 0x1270  IRENUM - ok
17:35:34.0938 0x1270  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:35:34.0938 0x1270  isapnp - ok
17:35:34.0969 0x1270  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:35:34.0985 0x1270  iScsiPrt - ok
17:35:34.0985 0x1270  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:35:35.0000 0x1270  iteatapi - ok
17:35:35.0016 0x1270  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:35:35.0016 0x1270  iteraid - ok
17:35:35.0031 0x1270  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:35:35.0047 0x1270  kbdclass - ok
17:35:35.0063 0x1270  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:35:35.0063 0x1270  kbdhid - ok
17:35:35.0094 0x1270  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
17:35:35.0094 0x1270  KeyIso - ok
17:35:35.0125 0x1270  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:35:35.0141 0x1270  KSecDD - ok
17:35:35.0172 0x1270  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:35:35.0187 0x1270  KtmRm - ok
17:35:35.0219 0x1270  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:35:35.0219 0x1270  LanmanServer - ok
17:35:35.0250 0x1270  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:35:35.0250 0x1270  LanmanWorkstation - ok
17:35:35.0297 0x1270  [ 170E7093A77AD586F3A012A3DB651D94, 43A7C3BFBEC8FB255AB2B77C2A9705777EF6607F6BF0E8F2664766116EAAD536 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
17:35:35.0297 0x1270  LGBusEnum - ok
17:35:35.0312 0x1270  [ FC57B9EA6DC9CD4C5488A8F803F0A3C0, 577DFF1E042317AF9316DD347B401054478C493F1EA43DE39E9FF002DCA84113 ] LGPBTDD         C:\Windows\system32\Drivers\LGPBTDD.sys
17:35:35.0312 0x1270  LGPBTDD - ok
17:35:35.0343 0x1270  [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:35:35.0343 0x1270  LGVirHid - ok
17:35:35.0375 0x1270  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
17:35:35.0390 0x1270  lirsgt - ok
17:35:35.0406 0x1270  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:35:35.0406 0x1270  lltdio - ok
17:35:35.0437 0x1270  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:35:35.0453 0x1270  lltdsvc - ok
17:35:35.0468 0x1270  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:35:35.0468 0x1270  lmhosts - ok
17:35:35.0499 0x1270  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:35:35.0515 0x1270  LSI_FC - ok
17:35:35.0531 0x1270  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:35:35.0531 0x1270  LSI_SAS - ok
17:35:35.0562 0x1270  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:35:35.0577 0x1270  LSI_SCSI - ok
17:35:35.0593 0x1270  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:35:35.0593 0x1270  luafv - ok
17:35:35.0609 0x1270  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:35:35.0624 0x1270  Mcx2Svc - ok
17:35:35.0640 0x1270  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:35:35.0640 0x1270  megasas - ok
17:35:35.0780 0x1270  [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2013_32 D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
17:35:35.0780 0x1270  mi-raysat_3dsmax2013_32 - ok
17:35:35.0811 0x1270  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
17:35:35.0827 0x1270  MMCSS - ok
17:35:35.0843 0x1270  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
17:35:35.0843 0x1270  Modem - ok
17:35:35.0874 0x1270  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:35:35.0874 0x1270  monitor - ok
17:35:35.0889 0x1270  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:35:35.0889 0x1270  mouclass - ok
17:35:35.0921 0x1270  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:35:35.0936 0x1270  mouhid - ok
17:35:35.0952 0x1270  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:35:35.0952 0x1270  MountMgr - ok
17:35:35.0999 0x1270  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:35:36.0014 0x1270  MozillaMaintenance - ok
17:35:36.0045 0x1270  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:35:36.0061 0x1270  mpio - ok
17:35:36.0092 0x1270  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:35:36.0092 0x1270  mpsdrv - ok
17:35:36.0139 0x1270  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:35:36.0155 0x1270  MpsSvc - ok
17:35:36.0170 0x1270  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:35:36.0170 0x1270  Mraid35x - ok
17:35:36.0201 0x1270  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:35:36.0201 0x1270  MRxDAV - ok
17:35:36.0217 0x1270  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:35:36.0233 0x1270  mrxsmb - ok
17:35:36.0248 0x1270  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:35:36.0264 0x1270  mrxsmb10 - ok
17:35:36.0264 0x1270  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:35:36.0264 0x1270  mrxsmb20 - ok
17:35:36.0295 0x1270  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
17:35:36.0295 0x1270  msahci - ok
17:35:36.0326 0x1270  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:35:36.0342 0x1270  msdsm - ok
17:35:36.0357 0x1270  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
17:35:36.0357 0x1270  MSDTC - ok
17:35:36.0389 0x1270  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:35:36.0389 0x1270  Msfs - ok
17:35:36.0420 0x1270  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:35:36.0420 0x1270  msisadrv - ok
17:35:36.0435 0x1270  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:35:36.0451 0x1270  MSiSCSI - ok
17:35:36.0451 0x1270  msiserver - ok
17:35:36.0467 0x1270  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:35:36.0482 0x1270  MSKSSRV - ok
17:35:36.0498 0x1270  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:35:36.0498 0x1270  MSPCLOCK - ok
17:35:36.0498 0x1270  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:35:36.0513 0x1270  MSPQM - ok
17:35:36.0545 0x1270  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:35:36.0545 0x1270  MsRPC - ok
17:35:36.0560 0x1270  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:35:36.0560 0x1270  mssmbios - ok
17:35:36.0623 0x1270  MSSQL$SQLEXPRESS - ok
17:35:36.0654 0x1270  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:35:36.0654 0x1270  MSSQLServerADHelper100 - ok
17:35:36.0685 0x1270  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:35:36.0685 0x1270  MSTEE - ok
17:35:36.0701 0x1270  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:35:36.0701 0x1270  Mup - ok
17:35:36.0810 0x1270  MySQL - ok
17:35:36.0857 0x1270  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
17:35:36.0857 0x1270  napagent - ok
17:35:36.0888 0x1270  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:35:36.0888 0x1270  NativeWifiP - ok
17:35:36.0950 0x1270  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:35:36.0966 0x1270  NDIS - ok
17:35:36.0981 0x1270  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:35:36.0981 0x1270  NdisTapi - ok
17:35:36.0997 0x1270  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:35:36.0997 0x1270  Ndisuio - ok
17:35:37.0028 0x1270  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:35:37.0028 0x1270  NdisWan - ok
17:35:37.0059 0x1270  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:35:37.0059 0x1270  NDProxy - ok
17:35:37.0075 0x1270  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:35:37.0075 0x1270  NetBIOS - ok
17:35:37.0106 0x1270  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:35:37.0106 0x1270  netbt - ok
17:35:37.0122 0x1270  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
17:35:37.0122 0x1270  Netlogon - ok
17:35:37.0153 0x1270  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
17:35:37.0169 0x1270  Netman - ok
17:35:37.0184 0x1270  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:35:37.0184 0x1270  NetMsmqActivator - ok
17:35:37.0200 0x1270  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:35:37.0200 0x1270  NetPipeActivator - ok
17:35:37.0231 0x1270  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
17:35:37.0231 0x1270  netprofm - ok
17:35:37.0278 0x1270  [ 0DA6B9A40EEF9F3EEDE12BC634FACAB7, 8A97C8E3B52FBECF694CDF7A6F8C04DE683D596A1E23F343D30FE0E403F60174 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
17:35:37.0293 0x1270  netr28u - ok
17:35:37.0309 0x1270  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:35:37.0309 0x1270  NetTcpActivator - ok
17:35:37.0325 0x1270  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:35:37.0325 0x1270  NetTcpPortSharing - ok
17:35:37.0340 0x1270  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:35:37.0356 0x1270  nfrd960 - ok
17:35:37.0387 0x1270  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:35:37.0387 0x1270  NlaSvc - ok
17:35:37.0418 0x1270  [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU      C:\Program Files\CDBurnerXP\NMSAccessU.exe
17:35:37.0434 0x1270  NMSAccessU - ok
17:35:37.0449 0x1270  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:35:37.0449 0x1270  Npfs - ok
17:35:37.0481 0x1270  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
17:35:37.0481 0x1270  nsi - ok
17:35:37.0496 0x1270  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:35:37.0496 0x1270  nsiproxy - ok
17:35:37.0574 0x1270  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:35:37.0605 0x1270  Ntfs - ok
17:35:37.0621 0x1270  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:35:37.0621 0x1270  ntrigdigi - ok
17:35:37.0668 0x1270  nTuneService - ok
17:35:37.0683 0x1270  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
17:35:37.0699 0x1270  Null - ok
17:35:37.0699 0x1270  nvlddmkm - ok
17:35:37.0715 0x1270  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:35:37.0715 0x1270  nvraid - ok
17:35:37.0730 0x1270  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:35:37.0730 0x1270  nvstor - ok
17:35:37.0746 0x1270  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:35:37.0746 0x1270  nv_agp - ok
17:35:37.0761 0x1270  NwlnkFlt - ok
17:35:37.0761 0x1270  NwlnkFwd - ok
17:35:37.0839 0x1270  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:35:37.0871 0x1270  odserv - ok
17:35:37.0902 0x1270  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
17:35:37.0902 0x1270  ohci1394 - ok
17:35:37.0917 0x1270  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:37.0933 0x1270  ose - ok
17:35:37.0980 0x1270  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:35:38.0011 0x1270  p2pimsvc - ok
17:35:38.0027 0x1270  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:35:38.0042 0x1270  p2psvc - ok
17:35:38.0089 0x1270  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:35:38.0089 0x1270  Parport - ok
17:35:38.0105 0x1270  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:35:38.0105 0x1270  partmgr - ok
17:35:38.0120 0x1270  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:35:38.0120 0x1270  Parvdm - ok
17:35:38.0151 0x1270  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:35:38.0151 0x1270  PcaSvc - ok
17:35:38.0183 0x1270  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
17:35:38.0183 0x1270  pci - ok
17:35:38.0198 0x1270  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
17:35:38.0214 0x1270  pciide - ok
17:35:38.0245 0x1270  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:35:38.0261 0x1270  pcmcia - ok
17:35:38.0323 0x1270  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:35:38.0354 0x1270  PEAUTH - ok
17:35:38.0432 0x1270  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
17:35:38.0479 0x1270  pla - ok
17:35:38.0510 0x1270  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:35:38.0526 0x1270  PlugPlay - ok
17:35:38.0573 0x1270  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:35:38.0588 0x1270  PNRPAutoReg - ok
17:35:38.0619 0x1270  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:35:38.0635 0x1270  PNRPsvc - ok
17:35:38.0666 0x1270  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:35:38.0666 0x1270  PolicyAgent - ok
17:35:38.0697 0x1270  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:35:38.0697 0x1270  PptpMiniport - ok
17:35:38.0713 0x1270  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
17:35:38.0729 0x1270  Processor - ok
17:35:38.0744 0x1270  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
17:35:38.0744 0x1270  ProfSvc - ok
17:35:38.0760 0x1270  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:35:38.0760 0x1270  ProtectedStorage - ok
17:35:38.0791 0x1270  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:35:38.0791 0x1270  PSched - ok
17:35:38.0853 0x1270  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:35:38.0885 0x1270  ql2300 - ok
17:35:38.0900 0x1270  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:35:38.0916 0x1270  ql40xx - ok
17:35:38.0947 0x1270  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
17:35:38.0947 0x1270  QWAVE - ok
17:35:38.0978 0x1270  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:35:38.0978 0x1270  QWAVEdrv - ok
17:35:38.0994 0x1270  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:35:39.0009 0x1270  RasAcd - ok
17:35:39.0041 0x1270  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
17:35:39.0041 0x1270  RasAuto - ok
17:35:39.0056 0x1270  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:35:39.0056 0x1270  Rasl2tp - ok
17:35:39.0087 0x1270  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
17:35:39.0087 0x1270  RasMan - ok
17:35:39.0119 0x1270  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:35:39.0119 0x1270  RasPppoe - ok
17:35:39.0150 0x1270  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:35:39.0150 0x1270  RasSstp - ok
17:35:39.0181 0x1270  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:35:39.0181 0x1270  rdbss - ok
17:35:39.0197 0x1270  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:35:39.0212 0x1270  RDPCDD - ok
17:35:39.0228 0x1270  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
17:35:39.0228 0x1270  rdpdr - ok
17:35:39.0243 0x1270  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:35:39.0243 0x1270  RDPENCDD - ok
17:35:39.0259 0x1270  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:35:39.0275 0x1270  RDPWD - ok
17:35:39.0290 0x1270  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:35:39.0290 0x1270  RemoteAccess - ok
17:35:39.0321 0x1270  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:35:39.0321 0x1270  RemoteRegistry - ok
17:35:39.0337 0x1270  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
17:35:39.0337 0x1270  RpcLocator - ok
17:35:39.0368 0x1270  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
17:35:39.0384 0x1270  RpcSs - ok
17:35:39.0415 0x1270  [ FD692C6FFADE58F7C4C3C3C9A0EC35BD, 0168F61220999B2D084EDEF87079C1970BC53A9AFE4241B08931F9408FF58013 ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
17:35:39.0431 0x1270  RsFx0103 - ok
17:35:39.0462 0x1270  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:35:39.0462 0x1270  rspndr - ok
17:35:39.0509 0x1270  [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
17:35:39.0509 0x1270  RTL8169 - ok
17:35:39.0524 0x1270  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
17:35:39.0524 0x1270  SamSs - ok
17:35:39.0555 0x1270  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:35:39.0555 0x1270  sbp2port - ok
17:35:39.0587 0x1270  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:35:39.0602 0x1270  SCardSvr - ok
17:35:39.0633 0x1270  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
17:35:39.0665 0x1270  Schedule - ok
17:35:39.0665 0x1270  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:35:39.0680 0x1270  SCPolicySvc - ok
17:35:39.0696 0x1270  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:35:39.0696 0x1270  SDRSVC - ok
17:35:39.0711 0x1270  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:35:39.0711 0x1270  secdrv - ok
17:35:39.0743 0x1270  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
17:35:39.0743 0x1270  seclogon - ok
17:35:39.0758 0x1270  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
17:35:39.0758 0x1270  SENS - ok
17:35:39.0774 0x1270  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:35:39.0774 0x1270  Serenum - ok
17:35:39.0774 0x1270  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:35:39.0789 0x1270  Serial - ok
17:35:39.0805 0x1270  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:35:39.0805 0x1270  sermouse - ok
17:35:39.0836 0x1270  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:35:39.0852 0x1270  SessionEnv - ok
17:35:39.0867 0x1270  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:35:39.0867 0x1270  sffdisk - ok
17:35:39.0883 0x1270  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:35:39.0883 0x1270  sffp_mmc - ok
17:35:39.0899 0x1270  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:35:39.0914 0x1270  sffp_sd - ok
17:35:39.0930 0x1270  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:35:39.0930 0x1270  sfloppy - ok
17:35:39.0961 0x1270  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:35:39.0977 0x1270  SharedAccess - ok
17:35:40.0008 0x1270  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:35:40.0008 0x1270  ShellHWDetection - ok
17:35:40.0023 0x1270  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:35:40.0039 0x1270  sisagp - ok
17:35:40.0055 0x1270  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:35:40.0055 0x1270  SiSRaid2 - ok
17:35:40.0070 0x1270  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:35:40.0070 0x1270  SiSRaid4 - ok
17:35:40.0273 0x1270  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:35:40.0367 0x1270  Skype C2C Service - ok
17:35:40.0429 0x1270  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:35:40.0507 0x1270  SkypeUpdate - ok
17:35:40.0663 0x1270  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
17:35:40.0772 0x1270  slsvc - ok
17:35:40.0819 0x1270  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:35:40.0819 0x1270  SLUINotify - ok
17:35:40.0835 0x1270  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:35:40.0850 0x1270  Smb - ok
17:35:40.0866 0x1270  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:35:40.0866 0x1270  SNMPTRAP - ok
17:35:40.0897 0x1270  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:35:40.0897 0x1270  spldr - ok
17:35:40.0913 0x1270  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
17:35:40.0913 0x1270  Spooler - ok
17:35:40.0959 0x1270  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\System32\Drivers\sptd.sys
17:35:41.0006 0x1270  sptd - ok
17:35:41.0037 0x1270  [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:35:41.0069 0x1270  SQLAgent$SQLEXPRESS - ok
17:35:41.0115 0x1270  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:35:41.0115 0x1270  SQLBrowser - ok
17:35:41.0131 0x1270  [ 637A0F23F9012358E92E6F99835494D1, 5399EF5C35D58B6902F470BF5F851C96CBD83CAD77658917C46867B91D7D9442 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:35:41.0147 0x1270  SQLWriter - ok
17:35:41.0193 0x1270  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:35:41.0193 0x1270  srv - ok
17:35:41.0225 0x1270  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:35:41.0225 0x1270  srv2 - ok
17:35:41.0240 0x1270  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:35:41.0240 0x1270  srvnet - ok
17:35:41.0271 0x1270  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:35:41.0271 0x1270  SSDPSRV - ok
17:35:41.0303 0x1270  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
17:35:41.0303 0x1270  ssmdrv - ok
17:35:41.0334 0x1270  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:35:41.0334 0x1270  SstpSvc - ok
17:35:41.0365 0x1270  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
17:35:41.0365 0x1270  StarOpen - ok
17:35:41.0381 0x1270  Steam Client Service - ok
17:35:41.0412 0x1270  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
17:35:41.0427 0x1270  stisvc - ok
17:35:41.0443 0x1270  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:35:41.0459 0x1270  swenum - ok
17:35:41.0490 0x1270  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
17:35:41.0505 0x1270  swprv - ok
17:35:41.0537 0x1270  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:35:41.0537 0x1270  Symc8xx - ok
17:35:41.0552 0x1270  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:35:41.0552 0x1270  Sym_hi - ok
17:35:41.0568 0x1270  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:35:41.0583 0x1270  Sym_u3 - ok
17:35:41.0630 0x1270  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
17:35:41.0646 0x1270  SysMain - ok
17:35:41.0661 0x1270  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:35:41.0677 0x1270  TabletInputService - ok
17:35:41.0708 0x1270  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:35:41.0708 0x1270  TapiSrv - ok
17:35:41.0739 0x1270  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
17:35:41.0739 0x1270  TBS - ok
17:35:41.0786 0x1270  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:35:41.0817 0x1270  Tcpip - ok
17:35:41.0849 0x1270  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:35:41.0880 0x1270  Tcpip6 - ok
17:35:41.0895 0x1270  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:35:41.0895 0x1270  tcpipreg - ok
17:35:41.0911 0x1270  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:35:41.0927 0x1270  TDPIPE - ok
17:35:41.0958 0x1270  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:35:41.0958 0x1270  TDTCP - ok
17:35:41.0973 0x1270  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:35:41.0989 0x1270  tdx - ok
17:35:42.0005 0x1270  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:35:42.0036 0x1270  TermDD - ok
17:35:42.0098 0x1270  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
17:35:42.0114 0x1270  TermService - ok
17:35:42.0145 0x1270  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
17:35:42.0145 0x1270  Themes - ok
17:35:42.0161 0x1270  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:35:42.0161 0x1270  THREADORDER - ok
17:35:42.0176 0x1270  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
17:35:42.0192 0x1270  TrkWks - ok
17:35:42.0223 0x1270  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:35:42.0223 0x1270  TrustedInstaller - ok
17:35:42.0254 0x1270  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:35:42.0254 0x1270  tssecsrv - ok
17:35:42.0285 0x1270  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:35:42.0285 0x1270  tunmp - ok
17:35:42.0317 0x1270  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:35:42.0317 0x1270  tunnel - ok
17:35:42.0332 0x1270  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:35:42.0363 0x1270  uagp35 - ok
17:35:42.0395 0x1270  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:35:42.0410 0x1270  udfs - ok
17:35:42.0457 0x1270  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:35:42.0457 0x1270  UI0Detect - ok
17:35:42.0473 0x1270  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:35:42.0473 0x1270  uliagpkx - ok
17:35:42.0504 0x1270  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:35:42.0519 0x1270  uliahci - ok
17:35:42.0535 0x1270  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:35:42.0551 0x1270  UlSata - ok
17:35:42.0582 0x1270  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:35:42.0597 0x1270  ulsata2 - ok
17:35:42.0629 0x1270  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:35:42.0629 0x1270  umbus - ok
17:35:42.0660 0x1270  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:35:42.0660 0x1270  UmRdpService - ok
17:35:42.0691 0x1270  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
17:35:42.0691 0x1270  upnphost - ok
17:35:42.0738 0x1270  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:35:42.0738 0x1270  usbccgp - ok
17:35:42.0753 0x1270  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:35:42.0769 0x1270  usbcir - ok
17:35:42.0800 0x1270  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:35:42.0800 0x1270  usbehci - ok
17:35:42.0816 0x1270  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:35:42.0816 0x1270  usbhub - ok
17:35:42.0831 0x1270  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:35:42.0847 0x1270  usbohci - ok
17:35:42.0863 0x1270  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:35:42.0863 0x1270  usbprint - ok
17:35:42.0878 0x1270  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:35:42.0878 0x1270  USBSTOR - ok
17:35:42.0909 0x1270  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:35:42.0909 0x1270  usbuhci - ok
17:35:42.0925 0x1270  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
17:35:42.0925 0x1270  UxSms - ok
17:35:42.0972 0x1270  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
17:35:42.0972 0x1270  vds - ok
17:35:43.0019 0x1270  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:35:43.0050 0x1270  vga - ok
17:35:43.0065 0x1270  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:35:43.0065 0x1270  VgaSave - ok
17:35:43.0097 0x1270  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:35:43.0097 0x1270  viaagp - ok
17:35:43.0112 0x1270  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:35:43.0143 0x1270  ViaC7 - ok
17:35:43.0159 0x1270  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:35:43.0159 0x1270  viaide - ok
17:35:43.0221 0x1270  [ 7171B884DA8BFB1CE5C8BAE46D993CB1, 41FDD5973D7F02F0C568041E959C13EF2EA42334683C718B7443FFC5810322E6 ] VMAuthdService  E:\Progs\VMware\vmware-authd.exe
17:35:43.0221 0x1270  VMAuthdService - ok
17:35:43.0268 0x1270  [ 753BD0240B6586ABA0D67A70B3EF44A0, 8D891A6632F4241A1C21BF3C9F29D2599F371E2C953A67594417700641153CAB ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
17:35:43.0268 0x1270  vmci - ok
17:35:43.0299 0x1270  [ DB38B7DDC2E5E0DB3984AAEE0BED93AF, 11B2C9CB02D63E9D65C304F86745A87DCA3B3E945D3074597E9E153E71B7C05B ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
17:35:43.0315 0x1270  vmkbd - ok
17:35:43.0346 0x1270  [ A267D2321ED281359D301BFEB8202652, 63D76585733C79657106A057B97FD371AEDF0564BE5AD4BA50EB8DE096F4F73B ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:35:43.0362 0x1270  VMnetAdapter - ok
17:35:43.0377 0x1270  [ 7A4BB278D7860551A716D46349492692, 8974205C0E4453EAF4CCA167EA052702CC1A3446CA9C7172510BF5AAE9D79207 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:35:43.0393 0x1270  VMnetBridge - ok
17:35:43.0424 0x1270  [ 03A7980C30E9F00F1EAC752612DC80CE, 5EAC5FCEFE6663B53B6BE3DB5D048020D254A398BE4F1A355F2E9AB26E3A6A9B ] VMnetDHCP       C:\Windows\system32\vmnetdhcp.exe
17:35:43.0455 0x1270  VMnetDHCP - ok
17:35:43.0455 0x1270  [ F804B83C419F4D60458C19F9FA7C4253, CF77E6D136B16ADA22234A69B8750F1184655B360B3E370F88544473AD3B0B1E ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
17:35:43.0471 0x1270  VMnetuserif - ok
17:35:43.0502 0x1270  [ F88896A06172D58978D108F5DFE728D4, 2252E1620F6D8DEFB3DD4DFA7F4052A37C37E2651466BF13E6D64DAC612B151B ] VMparport       C:\Windows\system32\Drivers\VMparport.sys
17:35:43.0518 0x1270  VMparport - ok
17:35:43.0565 0x1270  [ AFB10AD9AA91D2F70C9F0E6BDA0D119B, 3321A9600CB284E25EAC909A44D3039C7330D398A48AAE2CEDDCFD5C5E438456 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
17:35:43.0565 0x1270  vmusb - ok
17:35:43.0627 0x1270  [ A77A76DD2773616651121B7EFA5948C1, 533A975CE23165EEDBC2A4B080A9FBEAE0648DC86A6E698A485C5ACF42D74824 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
17:35:43.0658 0x1270  VMUSBArbService - ok
17:35:43.0689 0x1270  [ F1D29D9C5DB9C144769F5CD7212BE555, 7FB533F79DF5AF8650D15E19C2B84E75BA2384AF82770DFDAA062A66DC277FD2 ] VMware NAT Service C:\Windows\system32\vmnat.exe
17:35:43.0705 0x1270  VMware NAT Service - ok
17:35:43.0721 0x1270  [ 168CEE789DB3B6C2432059AAC8C8D933, DAEB18382D9AB5C371C067846F04FC4619723942B710A632D242A4B53E2A0DD4 ] vmx86           C:\Windows\system32\Drivers\vmx86.sys
17:35:43.0721 0x1270  vmx86 - ok
17:35:43.0736 0x1270  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:35:43.0736 0x1270  volmgr - ok
17:35:43.0767 0x1270  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:35:43.0783 0x1270  volmgrx - ok
17:35:43.0814 0x1270  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:35:43.0814 0x1270  volsnap - ok
17:35:43.0845 0x1270  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:35:43.0845 0x1270  vsmraid - ok
17:35:43.0861 0x1270  [ C78C6BC9C3A65256B7A96B478C16278F, 11E98B1ACD998D83C69F342839F58E2CA1158FDE99EA0451C793A7FD98054E6F ] vsock           C:\Windows\system32\drivers\vsock.sys
17:35:43.0877 0x1270  vsock - ok
17:35:43.0939 0x1270  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
17:35:43.0970 0x1270  VSS - ok
17:35:44.0001 0x1270  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
17:35:44.0001 0x1270  W32Time - ok
17:35:44.0033 0x1270  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:35:44.0033 0x1270  WacomPen - ok
17:35:44.0048 0x1270  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:35:44.0048 0x1270  Wanarp - ok
17:35:44.0064 0x1270  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:35:44.0064 0x1270  Wanarpv6 - ok
17:35:44.0111 0x1270  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine        C:\Windows\system32\wbengine.exe
17:35:44.0142 0x1270  wbengine - ok
17:35:44.0173 0x1270  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:35:44.0189 0x1270  wcncsvc - ok
17:35:44.0220 0x1270  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:35:44.0220 0x1270  WcsPlugInService - ok
17:35:44.0251 0x1270  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
17:35:44.0267 0x1270  Wd - ok
17:35:44.0313 0x1270  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:35:44.0329 0x1270  Wdf01000 - ok
17:35:44.0345 0x1270  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:35:44.0345 0x1270  WdiServiceHost - ok
17:35:44.0360 0x1270  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:35:44.0360 0x1270  WdiSystemHost - ok
17:35:44.0391 0x1270  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
17:35:44.0391 0x1270  WebClient - ok
17:35:44.0407 0x1270  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:35:44.0423 0x1270  Wecsvc - ok
17:35:44.0454 0x1270  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:35:44.0454 0x1270  wercplsupport - ok
17:35:44.0485 0x1270  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:35:44.0485 0x1270  WerSvc - ok
17:35:44.0532 0x1270  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:35:44.0547 0x1270  WinDefend - ok
17:35:44.0563 0x1270  WinHttpAutoProxySvc - ok
17:35:44.0594 0x1270  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:35:44.0610 0x1270  Winmgmt - ok
17:35:44.0688 0x1270  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:35:44.0719 0x1270  WinRM - ok
17:35:44.0766 0x1270  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:35:44.0781 0x1270  Wlansvc - ok
17:35:44.0813 0x1270  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:35:44.0813 0x1270  WmiAcpi - ok
17:35:44.0844 0x1270  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:35:44.0844 0x1270  wmiApSrv - ok
17:35:44.0922 0x1270  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:35:44.0953 0x1270  WMPNetworkSvc - ok
17:35:44.0969 0x1270  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:35:44.0969 0x1270  WPCSvc - ok
17:35:45.0000 0x1270  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:35:45.0000 0x1270  WPDBusEnum - ok
17:35:45.0031 0x1270  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:35:45.0047 0x1270  WpdUsb - ok
17:35:45.0140 0x1270  [ FFB823D0043D93F3CF3BFFBA6CA355B1, 14E87395638CE16C2FAEA771BCFB39EC2446B3478B057EB2955656B12ED5783E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:35:45.0156 0x1270  WPFFontCache_v0400 - ok
17:35:45.0171 0x1270  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:35:45.0187 0x1270  ws2ifsl - ok
17:35:45.0203 0x1270  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:35:45.0203 0x1270  wscsvc - ok
17:35:45.0234 0x1270  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:35:45.0249 0x1270  WSDPrintDevice - ok
17:35:45.0249 0x1270  WSearch - ok
17:35:45.0359 0x1270  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:35:45.0437 0x1270  wuauserv - ok
17:35:45.0468 0x1270  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:35:45.0468 0x1270  WudfPf - ok
17:35:45.0483 0x1270  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:35:45.0483 0x1270  WUDFRd - ok
17:35:45.0515 0x1270  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:35:45.0515 0x1270  wudfsvc - ok
17:35:45.0561 0x1270  [ 9EEA6D029FEF5F3016D089B1A603837D, 0DB78D89A64B0C6C98E4E4454692EB7A51B0B3B1FA54CECB74D5B55AE7BEF4C9 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
17:35:45.0577 0x1270  xnacc - ok
17:35:45.0608 0x1270  ================ Scan global ===============================
17:35:45.0624 0x1270  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:35:45.0655 0x1270  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:35:45.0686 0x1270  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:35:45.0733 0x1270  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
17:35:45.0733 0x1270  [ Global ] - ok
17:35:45.0733 0x1270  ================ Scan MBR ==================================
17:35:45.0749 0x1270  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:35:46.0419 0x1270  \Device\Harddisk0\DR0 - ok
17:35:46.0419 0x1270  ================ Scan VBR ==================================
17:35:46.0435 0x1270  [ 5DF0987EFBD5010923356661CF128B72 ] \Device\Harddisk0\DR0\Partition1
17:35:46.0451 0x1270  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
17:35:46.0451 0x1270  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
17:35:48.0947 0x1270  [ 1248824FD45314F26240684228F77D75 ] \Device\Harddisk0\DR0\Partition2
17:35:48.0978 0x1270  \Device\Harddisk0\DR0\Partition2 - ok
17:35:48.0978 0x1270  [ 72504E5F40EF4603C237026427522DEE ] \Device\Harddisk0\DR0\Partition3
17:35:48.0993 0x1270  \Device\Harddisk0\DR0\Partition3 - ok
17:35:48.0993 0x1270  ================ Scan generic autorun ======================
17:35:49.0212 0x1270  [ FBAFC1D9EDAF771707C6250A146F4911, 944EBC6A53DDCB1B27AE499B37F990823732450D7CD3AB84A23C31B46D05F2F3 ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:35:49.0493 0x1270  Launch LCore - ok
17:35:49.0555 0x1270  [ C456658AF90F42BE3CDF1048F9CDB5CA, CA59B715F38A7FFC002860937EC819EC916119775F3FA7D644B88EE225C675EA ] C:\Windows\system32\WpcUmi.exe
17:35:49.0555 0x1270  WPCUMI - ok
17:35:49.0633 0x1270  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:35:49.0649 0x1270  avgnt - ok
17:35:49.0914 0x1270  [ CD501835CE93AD1031E87D1963D01F59, A4252905EC0BB1B64B89F374C4F11F2238A16891102427AABA59333E11364537 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:35:49.0929 0x1270  StartCCC - ok
17:35:50.0039 0x1270  [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
17:35:50.0039 0x1270  Avira Systray - ok
17:35:50.0117 0x1270  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:35:50.0117 0x1270  SunJavaUpdateSched - ok
17:35:50.0834 0x1270  [ 46661D154E19D0AFB3B9155CA040776C, C290D791080189841DE65A0C19ED75DFF4A4DDF25B921C96BB69253C6757F3A0 ] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
17:35:51.0115 0x1270  Messenger (Yahoo!) - ok
17:35:51.0209 0x1270  [ A46635F817FC97242444458AE12CDCEF, 7A49820953AE3FC7493FE0D0E32B0E57AAC701C20EB01C753A2813E96A327D04 ] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
17:35:51.0224 0x1270  HydraVisionDesktopManager - ok
17:35:51.0240 0x1270  Skype - ok
17:35:51.0505 0x1270  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
17:35:51.0833 0x1270  Akamai NetSession Interface - ok
17:35:51.0926 0x1270  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:35:51.0973 0x1270  Sidebar - ok
17:35:51.0973 0x1270  WindowsWelcomeCenter - ok
17:35:51.0973 0x1270  Waiting for KSN requests completion. In queue: 10
17:35:52.0987 0x1270  Waiting for KSN requests completion. In queue: 10
17:35:54.0001 0x1270  Waiting for KSN requests completion. In queue: 10
17:35:55.0031 0x1270  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
17:35:55.0031 0x1270  Win FW state via NFP2: enabled
17:35:57.0527 0x1270  ============================================================
17:35:57.0527 0x1270  Scan finished
17:35:57.0527 0x1270  ============================================================
17:35:57.0527 0x05b8  Detected object count: 1
17:35:57.0527 0x05b8  Actual detected object count: 1
17:36:12.0148 0x05b8  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
17:36:12.0195 0x05b8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
17:36:12.0210 0x05b8  \Device\Harddisk0\DR0\Partition1 - ok
17:36:12.0210 0x05b8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure 
17:36:13.0224 0x05b8  KLMD registered as C:\Windows\system32\drivers\89913392.sys
17:36:17.0068 0x0204  Deinitialize success
         
TDSSKiller.3.0.0.40_27.08.2014_17.38.40_log:
Code:
ATTFilter
17:38:40.0405 0x0f48  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:38:40.0511 0x0f48  ============================================================
17:38:40.0511 0x0f48  Current date / time: 2014/08/27 17:38:40.0511
17:38:40.0511 0x0f48  SystemInfo:
17:38:40.0511 0x0f48  
17:38:40.0511 0x0f48  OS Version: 6.0.6002 ServicePack: 2.0
17:38:40.0511 0x0f48  Product type: Workstation
17:38:40.0511 0x0f48  ComputerName: SEBASTIAN
17:38:40.0511 0x0f48  UserName: Basti
17:38:40.0511 0x0f48  Windows directory: C:\Windows
17:38:40.0511 0x0f48  System windows directory: C:\Windows
17:38:40.0511 0x0f48  Processor architecture: Intel x86
17:38:40.0511 0x0f48  Number of processors: 4
17:38:40.0511 0x0f48  Page size: 0x1000
17:38:40.0511 0x0f48  Boot type: Normal boot
17:38:40.0511 0x0f48  ============================================================
17:38:40.0513 0x0f48  BG loaded
17:38:40.0786 0x0f48  System UUID: {10CC0392-1777-4CA9-6AE3-1AA01B0BB5E0}
17:38:41.0782 0x0f48  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:38:41.0798 0x0f48  ============================================================
17:38:41.0798 0x0f48  \Device\Harddisk0\DR0:
17:38:41.0808 0x0f48  MBR partitions:
17:38:41.0808 0x0f48  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA9CD000
17:38:41.0808 0x0f48  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA9CD800, BlocksNum 0x186A0000
17:38:41.0808 0x0f48  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2306D800, BlocksNum 0x17317000
17:38:41.0808 0x0f48  ============================================================
17:38:41.0949 0x0f48  C: <-> \Device\Harddisk0\DR0\Partition1
17:38:42.0005 0x0f48  D: <-> \Device\Harddisk0\DR0\Partition2
17:38:42.0393 0x0f48  E: <-> \Device\Harddisk0\DR0\Partition3
17:38:42.0393 0x0f48  ============================================================
17:38:42.0393 0x0f48  Initialize success
17:38:42.0393 0x0f48  ============================================================
17:41:17.0078 0x0f04  Deinitialize success
         
Du siehst mich übrigens verhalten tanzen, denn seit dem Neustart habe ich keine iexplorer.exen mehr gesehn. Ein wenig betrüblich stimmt mich aber, dass mein Browser (Palemoon) nun konstant 10-20% der CPU-Leistung für sich beansprucht, obwohl nur das Forum hier offen ist. (Sind zwar noch andere Tabs offen, aber alle ungeladen, folglich sollte da nichts zukommen, oder?)
Nunja, ich harre der Dinge, die da kommen.

Edit: ein kurzer Test (auch auf meinem Laptop) zeigt, dass die Auslastung tatsächlich von der Antwortseite eures Forums kommt.

Alt 28.08.2014, 07:48   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Dann jetzt bitte einen frischen Scan mit FRST und TDSSKiller machen und beide logfiles posten
__________________

__________________

Alt 28.08.2014, 13:56   #18
plopptop
 
Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Dein Wunsch sei mir Befehl.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-08-2014
Ran by Basti (administrator) on SEBASTIAN on 28-08-2014 14:47:26
Running from C:\Users\Basti\Desktop
Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(VMware, Inc.) E:\Progs\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(ESRI) E:\Steffi\License10.2\bin\ARCGIS.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [4375320 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6497592 2012-01-04] (Yahoo! Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-02-15] (AMD)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE99003D041BFCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} hxxp://dl.pplive.com/PluginSetup.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Basti\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ExHentai Easy - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2012-08-12]
FF Extension: Greasemonkey - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-02-13]
FF Extension: Firebug - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-02-15]
FF Extension: ProxTube - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\ich@maltegoetz.de.xpi [2014-08-16]
FF Extension: Status-4-Evar - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\status4evar@caligonstudios.com.xpi [2012-02-15]
FF Extension: YouTube quality manager - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\youtubequality@rzll.xpi [2012-03-10]
FF Extension: NoScript - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-02-15]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-07]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR DefaultSearchURL: Default -> {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-09]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-09]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; E:\Steffi\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2014-07-24] (Flexera Software LLC)
R2 mi-raysat_3dsmax2013_32; D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe [86016 2011-09-15] () [File not signed]
S3 MySQL; E:\Uni\Datenbanken\my.ini [8934 2011-12-12] () [File not signed]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 VMAuthdService; E:\Progs\VMware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-14] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-02-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-08] (DT Soft Ltd)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-02-20] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-18] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-24] (Avira GmbH)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-08-15] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [23832 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 14:47 - 2014-08-28 14:47 - 00023482 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-27 17:36 - 2014-08-27 17:36 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-26 17:04 - 2014-08-26 17:04 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Basti\Desktop\tdsskiller.exe
2014-08-25 20:35 - 2014-08-25 20:35 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-25 20:35 - 2014-08-25 20:35 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-25 20:25 - 2014-08-25 20:29 - 00918952 _____ (Oracle Corporation) C:\Users\Basti\Downloads\jxpiinstall.exe
2014-08-25 16:09 - 2014-08-25 16:10 - 00002605 _____ () C:\Users\Basti\Desktop\FSS.txt
2014-08-25 16:08 - 2014-08-25 16:08 - 00415232 _____ (Farbar) C:\Users\Basti\Desktop\FSS.exe
2014-08-23 10:20 - 2014-08-23 10:20 - 00000990 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-08-23 10:13 - 2014-08-23 10:13 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-08-22 22:44 - 2014-08-23 10:56 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-08-22 22:38 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner
2014-08-22 22:28 - 2014-08-28 14:47 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-08-22 01:24 - 2014-08-22 01:24 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-21 22:10 - 2014-08-21 22:10 - 00018314 _____ () C:\Users\Basti\Desktop\avira.txt
2014-08-21 22:05 - 2014-08-21 22:05 - 00134170 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-08-21 22:04 - 2014-08-21 22:05 - 00044563 _____ () C:\Users\Basti\Desktop\FRSTalt.txt
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:59 - 2014-08-21 21:48 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:50 - 2014-08-21 21:53 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-21 21:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:30 - 2014-08-20 23:56 - 00000000 ____D () C:\Qoobox
2014-08-20 23:30 - 2014-08-20 23:53 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-20 23:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-20 23:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 15:05 - 2014-08-28 14:47 - 01095168 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 15:05 - 2014-08-19 14:53 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 15:05 - 2014-08-19 14:52 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-19 15:01 - 2014-08-28 14:47 - 00000000 ____D () C:\FRST
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:26 - 2011-06-21 06:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:01 - 2014-08-17 14:02 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-16 22:02 - 2014-08-16 22:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 06:24 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 06:24 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 06:24 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 06:24 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 06:09 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 06:09 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 06:09 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 06:09 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 06:09 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 06:09 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 06:09 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 06:09 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 06:09 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 06:08 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 06:08 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 06:08 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 06:08 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:08 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 06:08 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 06:05 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 06:05 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-29 12:48 - 2014-07-29 12:52 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 14:48 - 2014-08-28 14:47 - 00023482 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-28 14:47 - 2014-08-22 22:28 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-08-28 14:47 - 2014-08-19 15:05 - 01095168 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-28 14:47 - 2014-08-19 15:01 - 00000000 ____D () C:\FRST
2014-08-28 14:44 - 2010-03-18 15:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-08-28 14:42 - 2012-11-01 20:45 - 00000000 ____D () C:\ProgramData\VMware
2014-08-28 14:41 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 14:41 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-28 14:41 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 17:55 - 2006-11-02 15:00 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-27 17:55 - 2006-11-02 14:51 - 01247510 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 17:37 - 2006-11-02 14:46 - 00328504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 17:36 - 2014-08-27 17:36 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-26 17:04 - 2014-08-26 17:04 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Basti\Desktop\tdsskiller.exe
2014-08-25 20:35 - 2014-08-25 20:35 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-25 20:35 - 2014-08-25 20:35 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-25 20:35 - 2014-08-25 20:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-25 20:35 - 2013-01-19 01:52 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-25 20:35 - 2013-01-19 01:52 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-25 20:29 - 2014-08-25 20:25 - 00918952 _____ (Oracle Corporation) C:\Users\Basti\Downloads\jxpiinstall.exe
2014-08-25 20:25 - 2012-09-08 18:11 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-08-25 20:25 - 2012-07-18 08:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-08-25 16:10 - 2014-08-25 16:09 - 00002605 _____ () C:\Users\Basti\Desktop\FSS.txt
2014-08-25 16:08 - 2014-08-25 16:08 - 00415232 _____ (Farbar) C:\Users\Basti\Desktop\FSS.exe
2014-08-25 15:59 - 2006-11-02 14:59 - 00666748 _____ () C:\Windows\PFRO.log
2014-08-23 11:01 - 2010-03-07 19:47 - 00002032 _____ () C:\Users\Basti\AppData\Local\d3d9caps.dat
2014-08-23 10:56 - 2014-08-22 22:44 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-08-23 10:20 - 2014-08-23 10:20 - 00000990 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-08-23 10:13 - 2014-08-23 10:13 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-08-22 22:39 - 2014-08-22 22:38 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner
2014-08-22 22:33 - 2012-07-29 18:33 - 00466766 _____ () C:\Windows\system32\perfh011.dat
2014-08-22 22:33 - 2012-07-29 18:33 - 00145430 _____ () C:\Windows\system32\perfc011.dat
2014-08-22 22:33 - 2006-11-02 12:33 - 02371800 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-22 01:24 - 2014-08-22 01:24 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-22 01:24 - 2014-03-13 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-22 01:24 - 2014-02-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-22 01:24 - 2013-03-24 10:19 - 00000000 ____D () C:\Program Files\Avira
2014-08-21 22:10 - 2014-08-21 22:10 - 00018314 _____ () C:\Users\Basti\Desktop\avira.txt
2014-08-21 22:05 - 2014-08-21 22:05 - 00134170 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-08-21 22:05 - 2014-08-21 22:04 - 00044563 _____ () C:\Users\Basti\Desktop\FRSTalt.txt
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:53 - 2014-08-21 21:50 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:53 - 2012-02-04 03:28 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-21 21:48 - 2014-08-21 21:59 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-20 23:56 - 2014-08-20 23:30 - 00000000 ____D () C:\Qoobox
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-08-20 23:53 - 2014-08-20 23:30 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:47 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-19 14:55 - 2010-03-07 19:47 - 00000000 ____D () C:\Users\Basti
2014-08-19 14:53 - 2014-08-19 15:05 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 14:52 - 2014-08-19 15:05 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-18 15:08 - 2013-07-04 13:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.purple
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:04 - 2010-04-21 11:52 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\mIRC
2014-08-17 14:02 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-17 09:21 - 2010-03-18 15:19 - 00000000 ____D () C:\ProgramData\Skype
2014-08-17 09:15 - 2014-04-13 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-16 22:03 - 2014-08-16 22:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-16 17:25 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-08-16 17:24 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 17:03 - 2013-07-04 13:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\gtk-2.0
2014-08-14 22:09 - 2013-03-24 10:19 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 15:12 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 06:32 - 2010-03-18 16:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 06:31 - 2013-07-17 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 06:26 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 13:40 - 2010-03-18 15:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ICQ
2014-08-04 21:20 - 2013-10-21 23:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-07-29 16:43 - 2014-07-26 12:06 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-29 15:01 - 2010-03-13 12:39 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-07-29 12:55 - 2014-07-26 11:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-29 12:52 - 2014-07-29 12:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-29 12:50 - 2014-07-26 11:43 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-29 12:48 - 2012-04-12 00:19 - 00000000 ____D () C:\ProgramData\FLEXnet

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\temp\AsLM.dll
C:\Users\Basti\AppData\Local\temp\avgnt.exe
C:\Users\Basti\AppData\Local\temp\install_flashplayer14x32_mssd_aaa_aih.exe
C:\Users\Basti\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-28 14:48

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 28.08.2014, 13:56   #19
plopptop
 
Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Und weil meine Logs so groß und mächtig sind, gibts für den TDSSKiller nen extra Post ...

TDSSKiller:
Code:
ATTFilter
14:51:07.0582 0x14a8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:51:19.0392 0x14a8  ============================================================
14:51:19.0392 0x14a8  Current date / time: 2014/08/28 14:51:19.0391
14:51:19.0392 0x14a8  SystemInfo:
14:51:19.0392 0x14a8  
14:51:19.0392 0x14a8  OS Version: 6.0.6002 ServicePack: 2.0
14:51:19.0392 0x14a8  Product type: Workstation
14:51:19.0392 0x14a8  ComputerName: SEBASTIAN
14:51:19.0392 0x14a8  UserName: Basti
14:51:19.0392 0x14a8  Windows directory: C:\Windows
14:51:19.0392 0x14a8  System windows directory: C:\Windows
14:51:19.0392 0x14a8  Processor architecture: Intel x86
14:51:19.0392 0x14a8  Number of processors: 4
14:51:19.0392 0x14a8  Page size: 0x1000
14:51:19.0392 0x14a8  Boot type: Normal boot
14:51:19.0392 0x14a8  ============================================================
14:51:20.0496 0x14a8  KLMD registered as C:\Windows\system32\drivers\35204800.sys
14:51:20.0614 0x14a8  System UUID: {10CC0392-1777-4CA9-6AE3-1AA01B0BB5E0}
14:51:21.0268 0x14a8  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:51:21.0270 0x14a8  ============================================================
14:51:21.0270 0x14a8  \Device\Harddisk0\DR0:
14:51:21.0270 0x14a8  MBR partitions:
14:51:21.0270 0x14a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA9CD000
14:51:21.0270 0x14a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA9CD800, BlocksNum 0x186A0000
14:51:21.0270 0x14a8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2306D800, BlocksNum 0x17317000
14:51:21.0270 0x14a8  ============================================================
14:51:21.0302 0x14a8  C: <-> \Device\Harddisk0\DR0\Partition1
14:51:21.0333 0x14a8  D: <-> \Device\Harddisk0\DR0\Partition2
14:51:21.0368 0x14a8  E: <-> \Device\Harddisk0\DR0\Partition3
14:51:21.0368 0x14a8  ============================================================
14:51:21.0369 0x14a8  Initialize success
14:51:21.0369 0x14a8  ============================================================
14:51:30.0728 0x16f4  ============================================================
14:51:30.0728 0x16f4  Scan started
14:51:30.0728 0x16f4  Mode: Manual; 
14:51:30.0728 0x16f4  ============================================================
14:51:30.0728 0x16f4  KSN ping started
14:51:33.0137 0x16f4  KSN ping finished: true
14:51:33.0870 0x16f4  ================ Scan system memory ========================
14:51:33.0870 0x16f4  System memory - ok
14:51:33.0870 0x16f4  ================ Scan services =============================
14:51:33.0998 0x16f4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:51:34.0005 0x16f4  ACPI - ok
14:51:34.0091 0x16f4  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:51:34.0102 0x16f4  adp94xx - ok
14:51:34.0137 0x16f4  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:51:34.0145 0x16f4  adpahci - ok
14:51:34.0161 0x16f4  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:51:34.0165 0x16f4  adpu160m - ok
14:51:34.0188 0x16f4  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:51:34.0192 0x16f4  adpu320 - ok
14:51:34.0238 0x16f4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:51:34.0240 0x16f4  AeLookupSvc - ok
14:51:34.0272 0x16f4  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
14:51:34.0280 0x16f4  AFD - ok
14:51:34.0316 0x16f4  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:51:34.0318 0x16f4  agp440 - ok
14:51:34.0337 0x16f4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:51:34.0339 0x16f4  aic78xx - ok
14:51:34.0364 0x16f4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
14:51:34.0366 0x16f4  ALG - ok
14:51:34.0382 0x16f4  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:51:34.0383 0x16f4  aliide - ok
14:51:34.0424 0x16f4  [ DE697CA5522739901B17D60E18A48B57, 89C526BEDF5678047A8C0BDFA75FACA308F708B8FE3D3F0AC5A6BE20D27C76EA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:51:34.0430 0x16f4  AMD External Events Utility - ok
14:51:34.0462 0x16f4  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:51:34.0464 0x16f4  amdagp - ok
14:51:34.0473 0x16f4  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:51:34.0474 0x16f4  amdide - ok
14:51:34.0493 0x16f4  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
14:51:34.0494 0x16f4  AmdK7 - ok
14:51:34.0506 0x16f4  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:51:34.0508 0x16f4  AmdK8 - ok
14:51:34.0994 0x16f4  [ A5DE11C167222FB7F73588530F851784, 6847841BD121923BAB5CB118F5477696233F2A14789D99A1C7F528164BFC101B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:51:35.0425 0x16f4  amdkmdag - ok
14:51:35.0508 0x16f4  [ 354D38ECA8452AB6D3489CAD80BCFF25, 7A296CABC9EE6CB6CB9AA4CFBFBFB1BDC2E26E944D27E3C9BEDA30C979F2C794 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:51:35.0523 0x16f4  amdkmdap - ok
14:51:35.0601 0x16f4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:51:35.0613 0x16f4  AntiVirSchedulerService - ok
14:51:35.0641 0x16f4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:51:35.0652 0x16f4  AntiVirService - ok
14:51:35.0684 0x16f4  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
14:51:35.0686 0x16f4  Appinfo - ok
14:51:35.0722 0x16f4  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:51:35.0727 0x16f4  AppMgmt - ok
14:51:35.0755 0x16f4  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
14:51:35.0758 0x16f4  arc - ok
14:51:35.0893 0x16f4  [ E9FA6D1240CAE3FEB3EE333195863C2B, 7DD9F8B36DBAE40CA9726BB2BDE9D41DC2C3E80AB6AAE15E76894F199395B1C5 ] ArcGIS License Manager E:\Steffi\License10.2\bin\lmgrd.exe
14:51:35.0933 0x16f4  ArcGIS License Manager - ok
14:51:35.0959 0x16f4  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:51:35.0961 0x16f4  arcsas - ok
14:51:36.0042 0x16f4  [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:51:36.0044 0x16f4  aspnet_state - ok
14:51:36.0075 0x16f4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:36.0076 0x16f4  AsyncMac - ok
14:51:36.0100 0x16f4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
14:51:36.0101 0x16f4  atapi - ok
14:51:36.0132 0x16f4  [ DDCF63069542F513F3A26FA060F84B4C, 6E3B82065A4C33679AB8E1AE5B054EE3B1F352368FCF1D1486DE29610BC80EAA ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
14:51:36.0134 0x16f4  AtiHDAudioService - ok
14:51:36.0176 0x16f4  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
14:51:36.0184 0x16f4  atksgt - ok
14:51:36.0224 0x16f4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:51:36.0234 0x16f4  AudioEndpointBuilder - ok
14:51:36.0247 0x16f4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:51:36.0256 0x16f4  Audiosrv - ok
14:51:36.0276 0x16f4  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:51:36.0279 0x16f4  avgntflt - ok
14:51:36.0307 0x16f4  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:51:36.0311 0x16f4  avipbb - ok
14:51:36.0363 0x16f4  [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
14:51:36.0367 0x16f4  Avira.OE.ServiceHost - ok
14:51:36.0377 0x16f4  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:51:36.0379 0x16f4  avkmgr - ok
14:51:36.0413 0x16f4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:51:36.0414 0x16f4  Beep - ok
14:51:36.0452 0x16f4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
14:51:36.0462 0x16f4  BFE - ok
14:51:36.0519 0x16f4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
14:51:36.0544 0x16f4  BITS - ok
14:51:36.0551 0x16f4  blbdrive - ok
14:51:36.0575 0x16f4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:51:36.0578 0x16f4  bowser - ok
14:51:36.0606 0x16f4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:51:36.0607 0x16f4  BrFiltLo - ok
14:51:36.0623 0x16f4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:51:36.0624 0x16f4  BrFiltUp - ok
14:51:36.0650 0x16f4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
14:51:36.0653 0x16f4  Browser - ok
14:51:36.0670 0x16f4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:51:36.0672 0x16f4  Brserid - ok
14:51:36.0687 0x16f4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:51:36.0689 0x16f4  BrSerWdm - ok
14:51:36.0700 0x16f4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:51:36.0701 0x16f4  BrUsbMdm - ok
14:51:36.0709 0x16f4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:51:36.0710 0x16f4  BrUsbSer - ok
14:51:36.0725 0x16f4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:51:36.0727 0x16f4  BTHMODEM - ok
14:51:36.0758 0x16f4  catchme - ok
14:51:36.0791 0x16f4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:51:36.0793 0x16f4  cdfs - ok
14:51:36.0814 0x16f4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:51:36.0817 0x16f4  cdrom - ok
14:51:36.0852 0x16f4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
14:51:36.0854 0x16f4  CertPropSvc - ok
14:51:36.0874 0x16f4  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:51:36.0875 0x16f4  circlass - ok
14:51:36.0913 0x16f4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
14:51:36.0921 0x16f4  CLFS - ok
14:51:36.0968 0x16f4  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:51:36.0970 0x16f4  clr_optimization_v2.0.50727_32 - ok
14:51:37.0011 0x16f4  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:51:37.0015 0x16f4  clr_optimization_v4.0.30319_32 - ok
14:51:37.0037 0x16f4  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:51:37.0038 0x16f4  cmdide - ok
14:51:37.0059 0x16f4  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:51:37.0060 0x16f4  Compbatt - ok
14:51:37.0067 0x16f4  COMSysApp - ok
14:51:37.0085 0x16f4  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:51:37.0086 0x16f4  crcdisk - ok
14:51:37.0102 0x16f4  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
14:51:37.0104 0x16f4  Crusoe - ok
14:51:37.0139 0x16f4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:51:37.0144 0x16f4  CryptSvc - ok
14:51:37.0171 0x16f4  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC             C:\Windows\system32\drivers\csc.sys
14:51:37.0182 0x16f4  CSC - ok
14:51:37.0222 0x16f4  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService      C:\Windows\System32\cscsvc.dll
14:51:37.0236 0x16f4  CscService - ok
14:51:37.0259 0x16f4  [ FFC5377AA2C1A3F5B18F359F661E76C8, BEC4574ABCFF5B5261395B09AD6C14BEC75C603812ABB8C1786C434C84A102F4 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
14:51:37.0261 0x16f4  ctxusbm - ok
14:51:37.0302 0x16f4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:51:37.0319 0x16f4  DcomLaunch - ok
14:51:37.0343 0x16f4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:51:37.0345 0x16f4  DfsC - ok
14:51:37.0488 0x16f4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
14:51:37.0554 0x16f4  DFSR - ok
14:51:37.0597 0x16f4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:51:37.0604 0x16f4  Dhcp - ok
14:51:37.0636 0x16f4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
14:51:37.0638 0x16f4  disk - ok
14:51:37.0661 0x16f4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:51:37.0665 0x16f4  Dnscache - ok
14:51:37.0690 0x16f4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
14:51:37.0695 0x16f4  dot3svc - ok
14:51:37.0724 0x16f4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
14:51:37.0729 0x16f4  DPS - ok
14:51:37.0761 0x16f4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:51:37.0761 0x16f4  drmkaud - ok
14:51:37.0795 0x16f4  [ 555E54AC2F601A8821CEF58961653991, C094E4BE6903D73C45BEEA21B8E0B65FB94178FF99927640C2C2792F46D543A0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:51:37.0801 0x16f4  dtsoftbus01 - ok
14:51:37.0848 0x16f4  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:51:37.0866 0x16f4  DXGKrnl - ok
14:51:37.0923 0x16f4  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
14:51:37.0927 0x16f4  E1G60 - ok
14:51:37.0950 0x16f4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
14:51:37.0953 0x16f4  EapHost - ok
14:51:37.0975 0x16f4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:51:37.0979 0x16f4  Ecache - ok
14:51:38.0029 0x16f4  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:51:38.0038 0x16f4  ehRecvr - ok
14:51:38.0068 0x16f4  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
14:51:38.0072 0x16f4  ehSched - ok
14:51:38.0114 0x16f4  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
14:51:38.0115 0x16f4  ehstart - ok
14:51:38.0185 0x16f4  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:51:38.0194 0x16f4  elxstor - ok
14:51:38.0248 0x16f4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:51:38.0266 0x16f4  EMDMgmt - ok
14:51:38.0310 0x16f4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
14:51:38.0319 0x16f4  EventSystem - ok
14:51:38.0353 0x16f4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:51:38.0357 0x16f4  exfat - ok
14:51:38.0377 0x16f4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:51:38.0381 0x16f4  fastfat - ok
14:51:38.0423 0x16f4  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
14:51:38.0438 0x16f4  Fax - ok
14:51:38.0465 0x16f4  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:51:38.0466 0x16f4  fdc - ok
14:51:38.0485 0x16f4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
14:51:38.0487 0x16f4  fdPHost - ok
14:51:38.0496 0x16f4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:51:38.0499 0x16f4  FDResPub - ok
14:51:38.0523 0x16f4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:51:38.0526 0x16f4  FileInfo - ok
14:51:38.0540 0x16f4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:51:38.0541 0x16f4  Filetrace - ok
14:51:38.0621 0x16f4  [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:51:38.0650 0x16f4  FLEXnet Licensing Service - ok
14:51:38.0676 0x16f4  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:51:38.0678 0x16f4  flpydisk - ok
14:51:38.0700 0x16f4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:51:38.0705 0x16f4  FltMgr - ok
14:51:38.0773 0x16f4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
14:51:38.0798 0x16f4  FontCache - ok
14:51:38.0839 0x16f4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:51:38.0841 0x16f4  FontCache3.0.0.0 - ok
14:51:38.0864 0x16f4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:51:38.0865 0x16f4  Fs_Rec - ok
14:51:38.0883 0x16f4  [ FECF4C2E42440A8D132BF94EEE3C3FC9, 38CA8707AABB4513FF3E4FD4FFA7D1117D3FE2224897ACC65DD55B207498B7C6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:51:38.0888 0x16f4  fvevol - ok
14:51:38.0905 0x16f4  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:51:38.0907 0x16f4  gagp30kx - ok
14:51:38.0982 0x16f4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
14:51:39.0001 0x16f4  gpsvc - ok
14:51:39.0024 0x16f4  [ 7898E20A298105CC3EA1A7BAA695ACFC, 25A1C0B4DD2294966B1FB6F2D2F42628D4EA07C4A4CA5B8C742CCA3E6442254B ] hcmon           C:\Windows\system32\drivers\hcmon.sys
14:51:39.0026 0x16f4  hcmon - ok
14:51:39.0056 0x16f4  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:51:39.0063 0x16f4  HdAudAddService - ok
14:51:39.0111 0x16f4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:51:39.0128 0x16f4  HDAudBus - ok
14:51:39.0154 0x16f4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:51:39.0155 0x16f4  HidBth - ok
14:51:39.0166 0x16f4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:51:39.0167 0x16f4  HidIr - ok
14:51:39.0182 0x16f4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
14:51:39.0185 0x16f4  hidserv - ok
14:51:39.0210 0x16f4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:51:39.0211 0x16f4  HidUsb - ok
14:51:39.0228 0x16f4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:51:39.0232 0x16f4  hkmsvc - ok
14:51:39.0251 0x16f4  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:51:39.0253 0x16f4  HpCISSs - ok
14:51:39.0275 0x16f4  [ 37B1A74B7950F0B30BF575D85E997CF7, 8B3B45A2BF602D9CEDE98BC107F84AC6470D3DD9C1070B60B3D7E6B88CD009D9 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
14:51:39.0279 0x16f4  HPSIService - ok
14:51:39.0315 0x16f4  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:51:39.0326 0x16f4  HTTP - ok
14:51:39.0353 0x16f4  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:51:39.0355 0x16f4  i2omp - ok
14:51:39.0388 0x16f4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:51:39.0390 0x16f4  i8042prt - ok
14:51:39.0413 0x16f4  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:51:39.0419 0x16f4  iaStorV - ok
14:51:39.0489 0x16f4  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:51:39.0513 0x16f4  idsvc - ok
14:51:39.0547 0x16f4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:51:39.0548 0x16f4  iirsp - ok
14:51:39.0584 0x16f4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:51:39.0597 0x16f4  IKEEXT - ok
14:51:39.0615 0x16f4  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:51:39.0616 0x16f4  intelide - ok
14:51:39.0645 0x16f4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:51:39.0647 0x16f4  intelppm - ok
14:51:39.0675 0x16f4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:51:39.0679 0x16f4  IPBusEnum - ok
14:51:39.0704 0x16f4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:51:39.0706 0x16f4  IpFilterDriver - ok
14:51:39.0732 0x16f4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:51:39.0739 0x16f4  iphlpsvc - ok
14:51:39.0743 0x16f4  IpInIp - ok
14:51:39.0772 0x16f4  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:51:39.0774 0x16f4  IPMIDRV - ok
14:51:39.0800 0x16f4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:51:39.0804 0x16f4  IPNAT - ok
14:51:39.0821 0x16f4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:51:39.0822 0x16f4  IRENUM - ok
14:51:39.0837 0x16f4  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:51:39.0838 0x16f4  isapnp - ok
14:51:39.0878 0x16f4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:51:39.0883 0x16f4  iScsiPrt - ok
14:51:39.0904 0x16f4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:51:39.0905 0x16f4  iteatapi - ok
14:51:39.0920 0x16f4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:51:39.0922 0x16f4  iteraid - ok
14:51:39.0944 0x16f4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:51:39.0945 0x16f4  kbdclass - ok
14:51:39.0962 0x16f4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:51:39.0963 0x16f4  kbdhid - ok
14:51:39.0985 0x16f4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
14:51:39.0987 0x16f4  KeyIso - ok
14:51:40.0020 0x16f4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:51:40.0033 0x16f4  KSecDD - ok
14:51:40.0073 0x16f4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:51:40.0084 0x16f4  KtmRm - ok
14:51:40.0111 0x16f4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:51:40.0117 0x16f4  LanmanServer - ok
14:51:40.0144 0x16f4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:51:40.0151 0x16f4  LanmanWorkstation - ok
14:51:40.0186 0x16f4  [ 170E7093A77AD586F3A012A3DB651D94, 43A7C3BFBEC8FB255AB2B77C2A9705777EF6607F6BF0E8F2664766116EAAD536 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
14:51:40.0188 0x16f4  LGBusEnum - ok
14:51:40.0201 0x16f4  [ FC57B9EA6DC9CD4C5488A8F803F0A3C0, 577DFF1E042317AF9316DD347B401054478C493F1EA43DE39E9FF002DCA84113 ] LGPBTDD         C:\Windows\system32\Drivers\LGPBTDD.sys
14:51:40.0202 0x16f4  LGPBTDD - ok
14:51:40.0224 0x16f4  [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
14:51:40.0225 0x16f4  LGVirHid - ok
14:51:40.0259 0x16f4  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
14:51:40.0260 0x16f4  lirsgt - ok
14:51:40.0289 0x16f4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:51:40.0291 0x16f4  lltdio - ok
14:51:40.0313 0x16f4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:51:40.0320 0x16f4  lltdsvc - ok
14:51:40.0343 0x16f4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:51:40.0345 0x16f4  lmhosts - ok
14:51:40.0369 0x16f4  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:51:40.0371 0x16f4  LSI_FC - ok
14:51:40.0384 0x16f4  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:51:40.0386 0x16f4  LSI_SAS - ok
14:51:40.0408 0x16f4  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:51:40.0410 0x16f4  LSI_SCSI - ok
14:51:40.0433 0x16f4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:51:40.0436 0x16f4  luafv - ok
14:51:40.0454 0x16f4  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:51:40.0458 0x16f4  Mcx2Svc - ok
14:51:40.0474 0x16f4  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:51:40.0475 0x16f4  megasas - ok
14:51:40.0612 0x16f4  [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2013_32 D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
14:51:40.0614 0x16f4  mi-raysat_3dsmax2013_32 - ok
14:51:40.0639 0x16f4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
14:51:40.0642 0x16f4  MMCSS - ok
14:51:40.0666 0x16f4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
14:51:40.0668 0x16f4  Modem - ok
14:51:40.0689 0x16f4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:51:40.0691 0x16f4  monitor - ok
14:51:40.0711 0x16f4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:51:40.0712 0x16f4  mouclass - ok
14:51:40.0721 0x16f4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:51:40.0722 0x16f4  mouhid - ok
14:51:40.0745 0x16f4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:51:40.0747 0x16f4  MountMgr - ok
14:51:40.0784 0x16f4  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:51:40.0787 0x16f4  MozillaMaintenance - ok
14:51:40.0824 0x16f4  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:51:40.0827 0x16f4  mpio - ok
14:51:40.0850 0x16f4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:51:40.0853 0x16f4  mpsdrv - ok
14:51:40.0892 0x16f4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:51:40.0905 0x16f4  MpsSvc - ok
14:51:40.0920 0x16f4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:51:40.0921 0x16f4  Mraid35x - ok
14:51:40.0944 0x16f4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:51:40.0948 0x16f4  MRxDAV - ok
14:51:40.0971 0x16f4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:51:40.0975 0x16f4  mrxsmb - ok
14:51:40.0997 0x16f4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:51:41.0003 0x16f4  mrxsmb10 - ok
14:51:41.0010 0x16f4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:51:41.0013 0x16f4  mrxsmb20 - ok
14:51:41.0042 0x16f4  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
14:51:41.0043 0x16f4  msahci - ok
14:51:41.0071 0x16f4  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:51:41.0074 0x16f4  msdsm - ok
14:51:41.0097 0x16f4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
14:51:41.0102 0x16f4  MSDTC - ok
14:51:41.0121 0x16f4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:51:41.0122 0x16f4  Msfs - ok
14:51:41.0151 0x16f4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:51:41.0152 0x16f4  msisadrv - ok
14:51:41.0177 0x16f4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:51:41.0181 0x16f4  MSiSCSI - ok
14:51:41.0185 0x16f4  msiserver - ok
14:51:41.0203 0x16f4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:51:41.0204 0x16f4  MSKSSRV - ok
14:51:41.0221 0x16f4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:51:41.0222 0x16f4  MSPCLOCK - ok
14:51:41.0235 0x16f4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:51:41.0236 0x16f4  MSPQM - ok
14:51:41.0262 0x16f4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:51:41.0268 0x16f4  MsRPC - ok
14:51:41.0284 0x16f4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:51:41.0285 0x16f4  mssmbios - ok
14:51:41.0335 0x16f4  MSSQL$SQLEXPRESS - ok
14:51:41.0371 0x16f4  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:51:41.0373 0x16f4  MSSQLServerADHelper100 - ok
14:51:41.0397 0x16f4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:51:41.0398 0x16f4  MSTEE - ok
14:51:41.0415 0x16f4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:51:41.0417 0x16f4  Mup - ok
14:51:41.0484 0x16f4  MySQL - ok
14:51:41.0524 0x16f4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
14:51:41.0535 0x16f4  napagent - ok
14:51:41.0561 0x16f4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:51:41.0566 0x16f4  NativeWifiP - ok
14:51:41.0617 0x16f4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:51:41.0632 0x16f4  NDIS - ok
14:51:41.0653 0x16f4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:51:41.0654 0x16f4  NdisTapi - ok
14:51:41.0675 0x16f4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:51:41.0676 0x16f4  Ndisuio - ok
14:51:41.0700 0x16f4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:51:41.0704 0x16f4  NdisWan - ok
14:51:41.0728 0x16f4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:51:41.0731 0x16f4  NDProxy - ok
14:51:41.0737 0x16f4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:51:41.0739 0x16f4  NetBIOS - ok
14:51:41.0761 0x16f4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:51:41.0766 0x16f4  netbt - ok
14:51:41.0777 0x16f4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
14:51:41.0779 0x16f4  Netlogon - ok
14:51:41.0808 0x16f4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
14:51:41.0818 0x16f4  Netman - ok
14:51:41.0859 0x16f4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:51:41.0863 0x16f4  NetMsmqActivator - ok
14:51:41.0871 0x16f4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:51:41.0876 0x16f4  NetPipeActivator - ok
14:51:41.0902 0x16f4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
14:51:41.0911 0x16f4  netprofm - ok
14:51:41.0955 0x16f4  [ 0DA6B9A40EEF9F3EEDE12BC634FACAB7, 8A97C8E3B52FBECF694CDF7A6F8C04DE683D596A1E23F343D30FE0E403F60174 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
14:51:41.0971 0x16f4  netr28u - ok
14:51:41.0979 0x16f4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:51:41.0984 0x16f4  NetTcpActivator - ok
14:51:41.0992 0x16f4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:51:41.0996 0x16f4  NetTcpPortSharing - ok
14:51:42.0015 0x16f4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:51:42.0017 0x16f4  nfrd960 - ok
14:51:42.0047 0x16f4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:51:42.0054 0x16f4  NlaSvc - ok
14:51:42.0089 0x16f4  [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU      C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:51:42.0092 0x16f4  NMSAccessU - ok
14:51:42.0108 0x16f4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:51:42.0110 0x16f4  Npfs - ok
14:51:42.0136 0x16f4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
14:51:42.0139 0x16f4  nsi - ok
14:51:42.0157 0x16f4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:51:42.0158 0x16f4  nsiproxy - ok
14:51:42.0225 0x16f4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:51:42.0254 0x16f4  Ntfs - ok
14:51:42.0274 0x16f4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
14:51:42.0275 0x16f4  ntrigdigi - ok
14:51:42.0317 0x16f4  nTuneService - ok
14:51:42.0337 0x16f4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
14:51:42.0338 0x16f4  Null - ok
14:51:42.0342 0x16f4  nvlddmkm - ok
14:51:42.0357 0x16f4  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:51:42.0360 0x16f4  nvraid - ok
14:51:42.0374 0x16f4  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:51:42.0375 0x16f4  nvstor - ok
14:51:42.0396 0x16f4  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:51:42.0399 0x16f4  nv_agp - ok
14:51:42.0403 0x16f4  NwlnkFlt - ok
14:51:42.0408 0x16f4  NwlnkFwd - ok
14:51:42.0491 0x16f4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:51:42.0502 0x16f4  odserv - ok
14:51:42.0537 0x16f4  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
14:51:42.0539 0x16f4  ohci1394 - ok
14:51:42.0555 0x16f4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:51:42.0559 0x16f4  ose - ok
14:51:42.0605 0x16f4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:51:42.0627 0x16f4  p2pimsvc - ok
14:51:42.0651 0x16f4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:51:42.0671 0x16f4  p2psvc - ok
14:51:42.0703 0x16f4  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:51:42.0706 0x16f4  Parport - ok
14:51:42.0730 0x16f4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:51:42.0732 0x16f4  partmgr - ok
14:51:42.0738 0x16f4  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:51:42.0739 0x16f4  Parvdm - ok
14:51:42.0764 0x16f4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:51:42.0767 0x16f4  PcaSvc - ok
14:51:42.0797 0x16f4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
14:51:42.0802 0x16f4  pci - ok
14:51:42.0816 0x16f4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
14:51:42.0817 0x16f4  pciide - ok
14:51:42.0845 0x16f4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:51:42.0850 0x16f4  pcmcia - ok
14:51:42.0903 0x16f4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:51:42.0930 0x16f4  PEAUTH - ok
14:51:43.0017 0x16f4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
14:51:43.0066 0x16f4  pla - ok
14:51:43.0098 0x16f4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:51:43.0107 0x16f4  PlugPlay - ok
14:51:43.0146 0x16f4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:51:43.0166 0x16f4  PNRPAutoReg - ok
14:51:43.0191 0x16f4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:51:43.0210 0x16f4  PNRPsvc - ok
14:51:43.0241 0x16f4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:51:43.0253 0x16f4  PolicyAgent - ok
14:51:43.0271 0x16f4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:51:43.0274 0x16f4  PptpMiniport - ok
14:51:43.0292 0x16f4  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
14:51:43.0294 0x16f4  Processor - ok
14:51:43.0316 0x16f4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
14:51:43.0322 0x16f4  ProfSvc - ok
14:51:43.0335 0x16f4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
14:51:43.0337 0x16f4  ProtectedStorage - ok
14:51:43.0361 0x16f4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:51:43.0364 0x16f4  PSched - ok
14:51:43.0425 0x16f4  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:51:43.0450 0x16f4  ql2300 - ok
14:51:43.0469 0x16f4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:51:43.0473 0x16f4  ql40xx - ok
14:51:43.0506 0x16f4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
14:51:43.0515 0x16f4  QWAVE - ok
14:51:43.0539 0x16f4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:51:43.0541 0x16f4  QWAVEdrv - ok
14:51:43.0564 0x16f4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:51:43.0565 0x16f4  RasAcd - ok
14:51:43.0599 0x16f4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
14:51:43.0604 0x16f4  RasAuto - ok
14:51:43.0620 0x16f4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:51:43.0623 0x16f4  Rasl2tp - ok
14:51:43.0648 0x16f4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
14:51:43.0658 0x16f4  RasMan - ok
14:51:43.0682 0x16f4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:51:43.0684 0x16f4  RasPppoe - ok
14:51:43.0707 0x16f4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:51:43.0710 0x16f4  RasSstp - ok
14:51:43.0737 0x16f4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:51:43.0744 0x16f4  rdbss - ok
14:51:43.0762 0x16f4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:51:43.0764 0x16f4  RDPCDD - ok
14:51:43.0789 0x16f4  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
14:51:43.0796 0x16f4  rdpdr - ok
14:51:43.0801 0x16f4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:51:43.0802 0x16f4  RDPENCDD - ok
14:51:43.0830 0x16f4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:51:43.0835 0x16f4  RDPWD - ok
14:51:43.0855 0x16f4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:51:43.0859 0x16f4  RemoteAccess - ok
14:51:43.0880 0x16f4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:51:43.0885 0x16f4  RemoteRegistry - ok
14:51:43.0901 0x16f4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
14:51:43.0904 0x16f4  RpcLocator - ok
14:51:43.0934 0x16f4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
14:51:43.0951 0x16f4  RpcSs - ok
14:51:43.0982 0x16f4  [ FD692C6FFADE58F7C4C3C3C9A0EC35BD, 0168F61220999B2D084EDEF87079C1970BC53A9AFE4241B08931F9408FF58013 ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
14:51:43.0989 0x16f4  RsFx0103 - ok
14:51:44.0008 0x16f4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:51:44.0011 0x16f4  rspndr - ok
14:51:44.0059 0x16f4  [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
14:51:44.0067 0x16f4  RTL8169 - ok
14:51:44.0076 0x16f4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
14:51:44.0078 0x16f4  SamSs - ok
14:51:44.0112 0x16f4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:51:44.0114 0x16f4  sbp2port - ok
14:51:44.0156 0x16f4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:51:44.0161 0x16f4  SCardSvr - ok
14:51:44.0203 0x16f4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
14:51:44.0223 0x16f4  Schedule - ok
14:51:44.0234 0x16f4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:51:44.0236 0x16f4  SCPolicySvc - ok
14:51:44.0261 0x16f4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:51:44.0267 0x16f4  SDRSVC - ok
14:51:44.0277 0x16f4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:51:44.0278 0x16f4  secdrv - ok
14:51:44.0304 0x16f4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
14:51:44.0307 0x16f4  seclogon - ok
14:51:44.0318 0x16f4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
14:51:44.0321 0x16f4  SENS - ok
14:51:44.0334 0x16f4  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:51:44.0335 0x16f4  Serenum - ok
14:51:44.0343 0x16f4  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:51:44.0345 0x16f4  Serial - ok
14:51:44.0362 0x16f4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:51:44.0364 0x16f4  sermouse - ok
14:51:44.0396 0x16f4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:51:44.0401 0x16f4  SessionEnv - ok
14:51:44.0420 0x16f4  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:51:44.0421 0x16f4  sffdisk - ok
14:51:44.0429 0x16f4  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:51:44.0430 0x16f4  sffp_mmc - ok
14:51:44.0440 0x16f4  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:51:44.0441 0x16f4  sffp_sd - ok
14:51:44.0457 0x16f4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:51:44.0458 0x16f4  sfloppy - ok
14:51:44.0493 0x16f4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:51:44.0502 0x16f4  SharedAccess - ok
14:51:44.0536 0x16f4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:51:44.0546 0x16f4  ShellHWDetection - ok
14:51:44.0569 0x16f4  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:51:44.0571 0x16f4  sisagp - ok
14:51:44.0599 0x16f4  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:51:44.0600 0x16f4  SiSRaid2 - ok
14:51:44.0614 0x16f4  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:51:44.0616 0x16f4  SiSRaid4 - ok
14:51:44.0817 0x16f4  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:51:44.0914 0x16f4  Skype C2C Service - ok
14:51:44.0968 0x16f4  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:51:44.0973 0x16f4  SkypeUpdate - ok
14:51:45.0133 0x16f4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
14:51:45.0243 0x16f4  slsvc - ok
14:51:45.0278 0x16f4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:51:45.0283 0x16f4  SLUINotify - ok
14:51:45.0305 0x16f4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:51:45.0308 0x16f4  Smb - ok
14:51:45.0330 0x16f4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:51:45.0333 0x16f4  SNMPTRAP - ok
14:51:45.0355 0x16f4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:51:45.0357 0x16f4  spldr - ok
14:51:45.0374 0x16f4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
14:51:45.0380 0x16f4  Spooler - ok
14:51:45.0428 0x16f4  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:51:45.0447 0x16f4  sptd - ok
14:51:45.0482 0x16f4  [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:51:45.0493 0x16f4  SQLAgent$SQLEXPRESS - ok
14:51:45.0540 0x16f4  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:51:45.0547 0x16f4  SQLBrowser - ok
14:51:45.0567 0x16f4  [ 637A0F23F9012358E92E6F99835494D1, 5399EF5C35D58B6902F470BF5F851C96CBD83CAD77658917C46867B91D7D9442 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:51:45.0570 0x16f4  SQLWriter - ok
14:51:45.0602 0x16f4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:51:45.0611 0x16f4  srv - ok
14:51:45.0640 0x16f4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:51:45.0644 0x16f4  srv2 - ok
14:51:45.0656 0x16f4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:51:45.0660 0x16f4  srvnet - ok
14:51:45.0684 0x16f4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:51:45.0691 0x16f4  SSDPSRV - ok
14:51:45.0710 0x16f4  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
14:51:45.0712 0x16f4  ssmdrv - ok
14:51:45.0744 0x16f4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:51:45.0749 0x16f4  SstpSvc - ok
14:51:45.0782 0x16f4  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
14:51:45.0782 0x16f4  StarOpen - ok
14:51:45.0794 0x16f4  Steam Client Service - ok
14:51:45.0828 0x16f4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
14:51:45.0844 0x16f4  stisvc - ok
14:51:45.0863 0x16f4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:51:45.0864 0x16f4  swenum - ok
14:51:45.0902 0x16f4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
14:51:45.0914 0x16f4  swprv - ok
14:51:45.0946 0x16f4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:51:45.0948 0x16f4  Symc8xx - ok
14:51:45.0963 0x16f4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:51:45.0964 0x16f4  Sym_hi - ok
14:51:45.0977 0x16f4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:51:45.0978 0x16f4  Sym_u3 - ok
14:51:46.0021 0x16f4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
14:51:46.0040 0x16f4  SysMain - ok
14:51:46.0065 0x16f4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:51:46.0070 0x16f4  TabletInputService - ok
14:51:46.0099 0x16f4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:51:46.0109 0x16f4  TapiSrv - ok
14:51:46.0129 0x16f4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
14:51:46.0133 0x16f4  TBS - ok
14:51:46.0186 0x16f4  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:51:46.0216 0x16f4  Tcpip - ok
14:51:46.0252 0x16f4  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:51:46.0277 0x16f4  Tcpip6 - ok
14:51:46.0303 0x16f4  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:51:46.0305 0x16f4  tcpipreg - ok
14:51:46.0323 0x16f4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:51:46.0324 0x16f4  TDPIPE - ok
14:51:46.0341 0x16f4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:51:46.0343 0x16f4  TDTCP - ok
14:51:46.0368 0x16f4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:51:46.0371 0x16f4  tdx - ok
14:51:46.0390 0x16f4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:51:46.0392 0x16f4  TermDD - ok
14:51:46.0428 0x16f4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
14:51:46.0445 0x16f4  TermService - ok
14:51:46.0469 0x16f4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
14:51:46.0478 0x16f4  Themes - ok
14:51:46.0488 0x16f4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:51:46.0491 0x16f4  THREADORDER - ok
14:51:46.0509 0x16f4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
14:51:46.0515 0x16f4  TrkWks - ok
14:51:46.0552 0x16f4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:51:46.0554 0x16f4  TrustedInstaller - ok
14:51:46.0584 0x16f4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:51:46.0585 0x16f4  tssecsrv - ok
14:51:46.0612 0x16f4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:51:46.0614 0x16f4  tunmp - ok
14:51:46.0652 0x16f4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:51:46.0653 0x16f4  tunnel - ok
14:51:46.0676 0x16f4  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:51:46.0678 0x16f4  uagp35 - ok
14:51:46.0700 0x16f4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:51:46.0707 0x16f4  udfs - ok
14:51:46.0738 0x16f4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:51:46.0742 0x16f4  UI0Detect - ok
14:51:46.0757 0x16f4  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:51:46.0760 0x16f4  uliagpkx - ok
14:51:46.0782 0x16f4  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:51:46.0789 0x16f4  uliahci - ok
14:51:46.0805 0x16f4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:51:46.0809 0x16f4  UlSata - ok
14:51:46.0850 0x16f4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:51:46.0854 0x16f4  ulsata2 - ok
14:51:46.0878 0x16f4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:51:46.0880 0x16f4  umbus - ok
14:51:46.0907 0x16f4  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:51:46.0916 0x16f4  UmRdpService - ok
14:51:46.0943 0x16f4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
14:51:46.0954 0x16f4  upnphost - ok
14:51:46.0986 0x16f4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:51:46.0989 0x16f4  usbccgp - ok
14:51:47.0014 0x16f4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:51:47.0016 0x16f4  usbcir - ok
14:51:47.0041 0x16f4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:51:47.0043 0x16f4  usbehci - ok
14:51:47.0061 0x16f4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:51:47.0067 0x16f4  usbhub - ok
14:51:47.0082 0x16f4  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:51:47.0083 0x16f4  usbohci - ok
14:51:47.0096 0x16f4  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:51:47.0097 0x16f4  usbprint - ok
14:51:47.0122 0x16f4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:51:47.0125 0x16f4  USBSTOR - ok
14:51:47.0133 0x16f4  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:51:47.0134 0x16f4  usbuhci - ok
14:51:47.0156 0x16f4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
14:51:47.0160 0x16f4  UxSms - ok
14:51:47.0195 0x16f4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
14:51:47.0210 0x16f4  vds - ok
14:51:47.0244 0x16f4  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:51:47.0245 0x16f4  vga - ok
14:51:47.0255 0x16f4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:51:47.0256 0x16f4  VgaSave - ok
14:51:47.0277 0x16f4  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:51:47.0279 0x16f4  viaagp - ok
14:51:47.0291 0x16f4  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
14:51:47.0293 0x16f4  ViaC7 - ok
14:51:47.0310 0x16f4  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:51:47.0311 0x16f4  viaide - ok
14:51:47.0369 0x16f4  [ 7171B884DA8BFB1CE5C8BAE46D993CB1, 41FDD5973D7F02F0C568041E959C13EF2EA42334683C718B7443FFC5810322E6 ] VMAuthdService  E:\Progs\VMware\vmware-authd.exe
14:51:47.0373 0x16f4  VMAuthdService - ok
14:51:47.0416 0x16f4  [ 753BD0240B6586ABA0D67A70B3EF44A0, 8D891A6632F4241A1C21BF3C9F29D2599F371E2C953A67594417700641153CAB ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
14:51:47.0419 0x16f4  vmci - ok
14:51:47.0446 0x16f4  [ DB38B7DDC2E5E0DB3984AAEE0BED93AF, 11B2C9CB02D63E9D65C304F86745A87DCA3B3E945D3074597E9E153E71B7C05B ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
14:51:47.0448 0x16f4  vmkbd - ok
14:51:47.0469 0x16f4  [ A267D2321ED281359D301BFEB8202652, 63D76585733C79657106A057B97FD371AEDF0564BE5AD4BA50EB8DE096F4F73B ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:51:47.0470 0x16f4  VMnetAdapter - ok
14:51:47.0482 0x16f4  [ 7A4BB278D7860551A716D46349492692, 8974205C0E4453EAF4CCA167EA052702CC1A3446CA9C7172510BF5AAE9D79207 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:51:47.0483 0x16f4  VMnetBridge - ok
14:51:47.0507 0x16f4  [ 03A7980C30E9F00F1EAC752612DC80CE, 5EAC5FCEFE6663B53B6BE3DB5D048020D254A398BE4F1A355F2E9AB26E3A6A9B ] VMnetDHCP       C:\Windows\system32\vmnetdhcp.exe
14:51:47.0521 0x16f4  VMnetDHCP - ok
14:51:47.0528 0x16f4  [ F804B83C419F4D60458C19F9FA7C4253, CF77E6D136B16ADA22234A69B8750F1184655B360B3E370F88544473AD3B0B1E ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
14:51:47.0530 0x16f4  VMnetuserif - ok
14:51:47.0542 0x16f4  [ F88896A06172D58978D108F5DFE728D4, 2252E1620F6D8DEFB3DD4DFA7F4052A37C37E2651466BF13E6D64DAC612B151B ] VMparport       C:\Windows\system32\Drivers\VMparport.sys
14:51:47.0543 0x16f4  VMparport - ok
14:51:47.0589 0x16f4  [ AFB10AD9AA91D2F70C9F0E6BDA0D119B, 3321A9600CB284E25EAC909A44D3039C7330D398A48AAE2CEDDCFD5C5E438456 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
14:51:47.0590 0x16f4  vmusb - ok
14:51:47.0652 0x16f4  [ A77A76DD2773616651121B7EFA5948C1, 533A975CE23165EEDBC2A4B080A9FBEAE0648DC86A6E698A485C5ACF42D74824 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
14:51:47.0676 0x16f4  VMUSBArbService - ok
14:51:47.0710 0x16f4  [ F1D29D9C5DB9C144769F5CD7212BE555, 7FB533F79DF5AF8650D15E19C2B84E75BA2384AF82770DFDAA062A66DC277FD2 ] VMware NAT Service C:\Windows\system32\vmnat.exe
14:51:47.0727 0x16f4  VMware NAT Service - ok
14:51:47.0735 0x16f4  [ 168CEE789DB3B6C2432059AAC8C8D933, DAEB18382D9AB5C371C067846F04FC4619723942B710A632D242A4B53E2A0DD4 ] vmx86           C:\Windows\system32\Drivers\vmx86.sys
14:51:47.0738 0x16f4  vmx86 - ok
14:51:47.0750 0x16f4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:51:47.0753 0x16f4  volmgr - ok
14:51:47.0785 0x16f4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:51:47.0795 0x16f4  volmgrx - ok
14:51:47.0826 0x16f4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:51:47.0832 0x16f4  volsnap - ok
14:51:47.0857 0x16f4  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:51:47.0861 0x16f4  vsmraid - ok
14:51:47.0881 0x16f4  [ C78C6BC9C3A65256B7A96B478C16278F, 11E98B1ACD998D83C69F342839F58E2CA1158FDE99EA0451C793A7FD98054E6F ] vsock           C:\Windows\system32\drivers\vsock.sys
14:51:47.0883 0x16f4  vsock - ok
14:51:47.0950 0x16f4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
14:51:47.0986 0x16f4  VSS - ok
14:51:48.0009 0x16f4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
14:51:48.0021 0x16f4  W32Time - ok
14:51:48.0039 0x16f4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:51:48.0040 0x16f4  WacomPen - ok
14:51:48.0062 0x16f4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:51:48.0065 0x16f4  Wanarp - ok
14:51:48.0070 0x16f4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:51:48.0073 0x16f4  Wanarpv6 - ok
14:51:48.0122 0x16f4  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine        C:\Windows\system32\wbengine.exe
14:51:48.0155 0x16f4  wbengine - ok
14:51:48.0197 0x16f4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:51:48.0214 0x16f4  wcncsvc - ok
14:51:48.0235 0x16f4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:51:48.0240 0x16f4  WcsPlugInService - ok
14:51:48.0269 0x16f4  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
14:51:48.0270 0x16f4  Wd - ok
14:51:48.0313 0x16f4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:51:48.0328 0x16f4  Wdf01000 - ok
14:51:48.0351 0x16f4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:51:48.0356 0x16f4  WdiServiceHost - ok
14:51:48.0361 0x16f4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:51:48.0367 0x16f4  WdiSystemHost - ok
14:51:48.0393 0x16f4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
14:51:48.0402 0x16f4  WebClient - ok
14:51:48.0418 0x16f4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:51:48.0426 0x16f4  Wecsvc - ok
14:51:48.0452 0x16f4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:51:48.0457 0x16f4  wercplsupport - ok
14:51:48.0485 0x16f4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:51:48.0492 0x16f4  WerSvc - ok
14:51:48.0544 0x16f4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:51:48.0552 0x16f4  WinDefend - ok
14:51:48.0560 0x16f4  WinHttpAutoProxySvc - ok
14:51:48.0606 0x16f4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:51:48.0613 0x16f4  Winmgmt - ok
14:51:48.0685 0x16f4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:51:48.0726 0x16f4  WinRM - ok
14:51:48.0772 0x16f4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:51:48.0788 0x16f4  Wlansvc - ok
14:51:48.0810 0x16f4  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:51:48.0811 0x16f4  WmiAcpi - ok
14:51:48.0841 0x16f4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:51:48.0846 0x16f4  wmiApSrv - ok
14:51:48.0921 0x16f4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:51:48.0951 0x16f4  WMPNetworkSvc - ok
14:51:48.0972 0x16f4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:51:48.0980 0x16f4  WPCSvc - ok
14:51:48.0999 0x16f4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:51:49.0004 0x16f4  WPDBusEnum - ok
14:51:49.0038 0x16f4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:51:49.0040 0x16f4  WpdUsb - ok
14:51:49.0125 0x16f4  [ FFB823D0043D93F3CF3BFFBA6CA355B1, 14E87395638CE16C2FAEA771BCFB39EC2446B3478B057EB2955656B12ED5783E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:51:49.0150 0x16f4  WPFFontCache_v0400 - ok
14:51:49.0167 0x16f4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:51:49.0169 0x16f4  ws2ifsl - ok
14:51:49.0188 0x16f4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
14:51:49.0192 0x16f4  wscsvc - ok
14:51:49.0215 0x16f4  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:51:49.0216 0x16f4  WSDPrintDevice - ok
14:51:49.0221 0x16f4  WSearch - ok
14:51:49.0320 0x16f4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:51:49.0386 0x16f4  wuauserv - ok
14:51:49.0418 0x16f4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:51:49.0421 0x16f4  WudfPf - ok
14:51:49.0436 0x16f4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:51:49.0442 0x16f4  WUDFRd - ok
14:51:49.0464 0x16f4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:51:49.0469 0x16f4  wudfsvc - ok
14:51:49.0523 0x16f4  [ 9EEA6D029FEF5F3016D089B1A603837D, 0DB78D89A64B0C6C98E4E4454692EB7A51B0B3B1FA54CECB74D5B55AE7BEF4C9 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
14:51:49.0538 0x16f4  xnacc - ok
14:51:49.0561 0x16f4  ================ Scan global ===============================
14:51:49.0579 0x16f4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
14:51:49.0608 0x16f4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
14:51:49.0635 0x16f4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
14:51:49.0681 0x16f4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
14:51:49.0690 0x16f4  [ Global ] - ok
14:51:49.0701 0x16f4  ================ Scan MBR ==================================
14:51:49.0706 0x16f4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:51:50.0399 0x16f4  \Device\Harddisk0\DR0 - ok
14:51:50.0399 0x16f4  ================ Scan VBR ==================================
14:51:50.0402 0x16f4  [ 10B3D7BDC4140AD68490570726D991A8 ] \Device\Harddisk0\DR0\Partition1
14:51:50.0410 0x16f4  \Device\Harddisk0\DR0\Partition1 - ok
14:51:50.0413 0x16f4  [ 1248824FD45314F26240684228F77D75 ] \Device\Harddisk0\DR0\Partition2
14:51:50.0448 0x16f4  \Device\Harddisk0\DR0\Partition2 - ok
14:51:50.0451 0x16f4  [ 72504E5F40EF4603C237026427522DEE ] \Device\Harddisk0\DR0\Partition3
14:51:50.0470 0x16f4  \Device\Harddisk0\DR0\Partition3 - ok
14:51:50.0471 0x16f4  ================ Scan generic autorun ======================
14:51:50.0680 0x16f4  [ FBAFC1D9EDAF771707C6250A146F4911, 944EBC6A53DDCB1B27AE499B37F990823732450D7CD3AB84A23C31B46D05F2F3 ] C:\Program Files\Logitech Gaming Software\LCore.exe
14:51:50.0812 0x16f4  Launch LCore - ok
14:51:50.0853 0x16f4  [ C456658AF90F42BE3CDF1048F9CDB5CA, CA59B715F38A7FFC002860937EC819EC916119775F3FA7D644B88EE225C675EA ] C:\Windows\system32\WpcUmi.exe
14:51:50.0861 0x16f4  WPCUMI - ok
14:51:50.0941 0x16f4  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:51:50.0962 0x16f4  avgnt - ok
14:51:51.0044 0x16f4  [ CD501835CE93AD1031E87D1963D01F59, A4252905EC0BB1B64B89F374C4F11F2238A16891102427AABA59333E11364537 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:51:51.0062 0x16f4  StartCCC - ok
14:51:51.0097 0x16f4  [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
14:51:51.0102 0x16f4  Avira Systray - ok
14:51:51.0148 0x16f4  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:51:51.0156 0x16f4  SunJavaUpdateSched - ok
14:51:51.0458 0x16f4  [ 46661D154E19D0AFB3B9155CA040776C, C290D791080189841DE65A0C19ED75DFF4A4DDF25B921C96BB69253C6757F3A0 ] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
14:51:51.0699 0x16f4  Messenger (Yahoo!) - ok
14:51:51.0765 0x16f4  [ A46635F817FC97242444458AE12CDCEF, 7A49820953AE3FC7493FE0D0E32B0E57AAC701C20EB01C753A2813E96A327D04 ] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
14:51:51.0775 0x16f4  HydraVisionDesktopManager - ok
14:51:51.0794 0x16f4  Skype - ok
14:51:52.0052 0x16f4  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
14:51:52.0194 0x16f4  Akamai NetSession Interface - ok
14:51:52.0286 0x16f4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:51:52.0320 0x16f4  Sidebar - ok
14:51:52.0327 0x16f4  WindowsWelcomeCenter - ok
14:51:52.0328 0x16f4  Waiting for KSN requests completion. In queue: 321
14:51:53.0328 0x16f4  Waiting for KSN requests completion. In queue: 321
14:51:54.0328 0x16f4  Waiting for KSN requests completion. In queue: 9
14:51:55.0347 0x16f4  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
14:51:55.0353 0x16f4  Win FW state via NFP2: enabled
14:51:57.0784 0x16f4  ============================================================
14:51:57.0784 0x16f4  Scan finished
14:51:57.0784 0x16f4  ============================================================
14:51:57.0792 0x1394  Detected object count: 0
14:51:57.0792 0x1394  Actual detected object count: 0
14:52:34.0385 0x1738  Deinitialize success
         

Alt 29.08.2014, 08:56   #20
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.08.2014, 15:16   #21
plopptop
 
Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Yey. Vielen Dank für deine Hilfe. Allerdings hätte ich doch noch eine Frage: Ich wüsste nämlich zu gern, woher ich dieses Rootkit wahrscheinlich habe. Denn quasi alle deine Tipps sind Dinge, die ich eh schon befolge (ich benutze keinen IE [außer wenns nicht anders geht], ich falle nicht auf Click Baits, Phishing oder Scam rein [soweit ich das beurteilen kann ...] und mein System wird regelmäßig geupdatet), bis auf Java- und Flash-Updates, die ich eher unregelmäßig durchführe. Was hab ich also falsch gemacht?

Ansonsten noch einmal vielen Dank für deine Hilfe!

Alt 30.08.2014, 07:03   #22
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: iexplorer.exe startet eigenständig und belastet den PC - Standard

Vista: iexplorer.exe startet eigenständig und belastet den PC



Das ist nicht nachzuvollziehen, aber:

Zitat:
bis auf Java- und Flash-Updates, die ich eher unregelmäßig durchführe.
is schon mal sehr schlecht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Vista: iexplorer.exe startet eigenständig und belastet den PC
adobe, akamai, antivir, avg, avira, browser, cdburnerxp, computer, defender, fehlermeldung, hdd0(c:, helper, homepage, iexplorer.exe, mozilla, programm, prozesse, registry, required, rundll, scan, services.exe, software, starten, svchost.exe, system, usb, vista



Ähnliche Themen: Vista: iexplorer.exe startet eigenständig und belastet den PC


  1. Browser startet automatisch, Tabs öffnen sich eigenständig mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.10.2014 (13)
  2. cmd.exe belastet 30-40% der CPU-Auslastung
    Log-Analyse und Auswertung - 04.04.2014 (3)
  3. iexplorer.exe startet ungewollt im Hintergrund
    Log-Analyse und Auswertung - 28.09.2011 (1)
  4. iexplorer startet automatisch mehrere Prozesse im Hintergrund
    Log-Analyse und Auswertung - 03.04.2011 (34)
  5. iexplorer.exe startet selbstständig mehrere Prozesse im Hintergrund
    Log-Analyse und Auswertung - 25.03.2011 (27)
  6. iexplorer startet versteckt und öffnet popups
    Plagegeister aller Art und deren Bekämpfung - 24.06.2010 (1)
  7. Vista startet nur bis zum Ladebildschirm
    Log-Analyse und Auswertung - 03.06.2010 (1)
  8. Vista startet nicht
    Alles rund um Windows - 09.04.2010 (7)
  9. iexplorer.exe startet selbständig
    Plagegeister aller Art und deren Bekämpfung - 15.03.2010 (5)
  10. pc installiert und startet eigenständig Anwendungen
    Log-Analyse und Auswertung - 29.08.2008 (18)
  11. iexplorer.exe - startet von allein etc.
    Log-Analyse und Auswertung - 04.07.2007 (1)
  12. Internet Browser startet eigenständig
    Plagegeister aller Art und deren Bekämpfung - 05.01.2007 (1)
  13. Nach McAfee installation kein Desktop und Explorer.exe sowie IExplorer startet nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 01.12.2006 (6)
  14. IExplorer startet sehr langsam
    Log-Analyse und Auswertung - 23.11.2006 (1)
  15. Hilfe!IExplorer startet von selbst!!!
    Log-Analyse und Auswertung - 26.10.2005 (2)
  16. iExplorer startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 01.09.2005 (1)
  17. hilfe!! Iexplorer startet verdeckt......
    Plagegeister aller Art und deren Bekämpfung - 17.12.2004 (6)

Zum Thema Vista: iexplorer.exe startet eigenständig und belastet den PC - Ich hoffe, dass es nich angehackt war! *troll* TDSSKiller hat mir zwei Logs zugeworfen. Den Zeiten nacht wohl eins vor und eins nach dem Neustart. Ich geb sie dir mal - Vista: iexplorer.exe startet eigenständig und belastet den PC...
Archiv
Du betrachtest: Vista: iexplorer.exe startet eigenständig und belastet den PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.