Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Backdoor:Win32/poison.E

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.09.2014, 11:46   #1
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Hallo,

ich habe folgendes Problem.

Ich scanne meinen PC mit den beiden Programmen: Malwarebytes und Microsoft Security Essentials.

Es zeigt jedesmal an, dass ich diese Bedrohung habe: Backdoor:Win32/poison.E

Ich setze sie in Quarantäne bzw. lasse es bereinigen, aber nach jedem Neustart ist das Programm (oder Malware) wieder da?

Wie kann ich das dauerhaft entfernen ohne den Computer wieder neu aufsetzen zu müssen?
Und warum habe ich das Programm? Ist Microsoft Security Essentials kein guter Schutz?


Wenn jetzt die Frage nach logfiles etc. kommt, bitte genau erklären, dass ich dies umsetzen undposten kann.

Vielen Dank für die Hilfe.

Alt 10.09.2014, 11:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.09.2014, 11:54   #3
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Okay, habe beides erledigt.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Newstyle (administrator) on PC-NEWSTYLE1 on 10-09-2014 12:50:24
Running from C:\Users\Newstyle02\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Audols AG) C:\Users\Newstyle02\AppData\Local\Temp\TaskingServices.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
(Acronis) D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
() D:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe
(Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() D:\Program Files (x86)\Steganos Safe 11\fredirstarter.exe
(ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Users\Newstyle02\Downloads\msert.exe
(Microsoft Corporation) C:\Users\Newstyle02\Downloads\msert.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_152_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-09-08] (Acronis)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570688 2010-09-02] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5514296 2010-09-08] (Acronis)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SAFE2009 HotKeys] => D:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe [25088 2009-08-04] ()
HKLM-x32\...\Run: [SAFE2009 File Redirection Starter] => D:\Program Files (x86)\Steganos Safe 11\fredirstarter.exe [54272 2009-08-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-30909565-1317841775-1896212004-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-30909565-1317841775-1896212004-1000\...\Run: [Audiols] => C:\Users\Newstyle02\AppData\Local\Temp\TaskingServices.exe [36864 2013-12-28] (Audols AG) <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Newstyle02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 7.lnk
ShortcutTarget: TeamViewer 7.lnk -> C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (No File)
Startup: C:\Users\Newstyle02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8D500693CD7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.newstyle-import.de/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Winsock: Catalog9-x64 11 D:\Program Files (x86)\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 12 D:\Program Files (x86)\x64\vsocklib.dll File Not found ()
Tcpip\..\Interfaces\{094F77C6-5177-4823-9C72-A0ECF0D909BD}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{8D1FC954-D210-4B3C-8860-A7050ADC6076}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{ED77E88F-0309-433A-B95D-5B6AC2B66530}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Newstyle02\AppData\Roaming\Mozilla\Firefox\Profiles\y6v1s8ai.default-1387191695781
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 brmfrsmg; C:\Windows\system32\BrmfRsmg.exe [52736 2009-07-14] (Brother Industries, Ltd.)
R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S3 ufad-ws60; "D:\Program Files (x86)\vmware-ufad.exe" -d "D:\Program Files (x86)\\" -s ufad-p2v.xml

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [6144 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [14336 2009-06-10] (Brother Industries Ltd.)
S2 BsUDF; C:\Windows\SysWow64\Drivers\BsUDF.sys [275561 2001-03-07] (ahead software) [File not signed]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2011-09-21] (Highresolution Enterprises [www.highrez.co.uk])
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2007-10-11] (Softwareentwicklung Remus - ArchiCrypt )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 12:50 - 2014-09-10 12:50 - 00017501 _____ () C:\Users\Newstyle02\Downloads\FRST.txt
2014-09-10 12:50 - 2014-09-10 12:50 - 00000000 ____D () C:\FRST
2014-09-10 12:49 - 2014-09-10 12:49 - 02105344 _____ (Farbar) C:\Users\Newstyle02\Downloads\FRST64.exe
2014-09-10 12:25 - 2014-09-10 12:26 - 63320784 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-09-10 12:25 - 2014-09-10 12:26 - 31766208 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\Windows-KB890830-x64-V5.16.exe
2014-09-10 09:19 - 2014-09-10 09:19 - 00000000 ____D () C:\Users\Newstyle02\AppData\Roaming\Oracle
2014-09-10 09:13 - 2014-09-10 09:13 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-10 09:13 - 2014-09-10 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-10 09:13 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-10 09:09 - 2014-09-10 09:10 - 119053568 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\msert.exe
2014-09-10 09:03 - 2014-09-10 09:03 - 00347816 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\MicrosoftFixit.WinSecurity.LB.93337633985464.1.1.Run.exe
2014-08-29 11:24 - 2014-08-29 11:24 - 00000000 ____D () C:\Users\Newstyle02\AppData\Local\Adobe
2014-08-29 03:53 - 2014-08-29 03:53 - 00000000 ____D () C:\Windows\rescache
2014-08-28 12:24 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 12:24 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 12:24 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 15:14 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 15:14 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 15:14 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 15:14 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 15:13 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 15:13 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 15:13 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 15:13 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 15:13 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 15:13 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 15:13 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 15:13 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 15:13 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 15:13 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 11:57 - 2014-09-10 09:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 11:56 - 2014-08-27 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-27 11:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 11:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 14:34 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-19 14:34 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-19 14:34 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-19 14:34 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-19 14:34 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-19 14:34 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-19 14:34 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-19 14:34 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-19 14:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 14:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 14:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 14:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 14:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 14:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 14:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 14:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 14:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 14:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 14:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 14:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 14:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 14:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 14:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 14:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 14:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 14:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 14:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 14:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 14:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 14:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 14:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 14:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 14:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 14:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 14:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 14:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 14:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 14:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 14:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 14:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 14:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 14:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 14:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 14:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 14:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 14:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 14:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 14:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 14:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 14:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 14:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 14:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 14:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 14:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 14:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 14:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 14:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-19 14:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 14:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 14:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-19 14:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-19 14:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-19 14:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-19 14:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-19 14:33 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-19 14:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-19 14:33 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-19 14:33 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-19 14:33 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-19 14:33 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-19 14:33 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-19 14:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-19 14:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-19 14:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-19 14:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-19 14:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-19 14:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-19 14:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-19 14:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-19 14:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-19 14:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-19 14:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-19 14:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-19 14:32 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-19 14:32 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-19 14:32 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-19 14:32 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-19 14:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-19 14:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-19 14:32 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-19 14:32 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-19 14:32 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-19 14:32 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-19 14:32 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-19 14:32 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-19 14:32 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-19 14:32 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-19 14:32 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-19 14:32 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-19 14:32 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-19 14:32 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-19 14:32 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-19 14:32 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-19 14:32 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-19 14:32 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-14 12:59 - 2014-08-14 13:03 - 00000000 ____D () C:\Users\Newstyle02\Desktop\Maledieven Unterlagen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 12:50 - 2014-09-10 12:50 - 00017501 _____ () C:\Users\Newstyle02\Downloads\FRST.txt
2014-09-10 12:50 - 2014-09-10 12:50 - 00000000 ____D () C:\FRST
2014-09-10 12:49 - 2014-09-10 12:49 - 02105344 _____ (Farbar) C:\Users\Newstyle02\Downloads\FRST64.exe
2014-09-10 12:34 - 2012-04-13 10:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 12:26 - 2014-09-10 12:25 - 63320784 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-09-10 12:26 - 2014-09-10 12:25 - 31766208 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\Windows-KB890830-x64-V5.16.exe
2014-09-10 09:38 - 2014-08-27 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 09:34 - 2012-04-13 10:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 09:34 - 2012-04-13 10:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 09:34 - 2011-10-09 19:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 09:19 - 2014-09-10 09:19 - 00000000 ____D () C:\Users\Newstyle02\AppData\Roaming\Oracle
2014-09-10 09:18 - 2014-03-01 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-10 09:13 - 2014-09-10 09:13 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-10 09:13 - 2014-09-10 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-10 09:13 - 2014-03-01 12:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-10 09:12 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 09:12 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 09:10 - 2014-09-10 09:09 - 119053568 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\msert.exe
2014-09-10 09:10 - 2011-02-23 14:59 - 00701310 _____ () C:\Windows\system32\perfh007.dat
2014-09-10 09:10 - 2011-02-23 14:59 - 00150210 _____ () C:\Windows\system32\perfc007.dat
2014-09-10 09:10 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 09:08 - 2011-09-29 14:44 - 01721653 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 09:05 - 2011-12-16 19:02 - 00000332 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-09-10 09:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 09:05 - 2009-07-14 06:51 - 00101111 _____ () C:\Windows\setupact.log
2014-09-10 09:03 - 2014-09-10 09:03 - 00347816 _____ (Microsoft Corporation) C:\Users\Newstyle02\Downloads\MicrosoftFixit.WinSecurity.LB.93337633985464.1.1.Run.exe
2014-09-07 20:55 - 2011-11-03 13:07 - 00000000 ____D () C:\Users\Newstyle02\AppData\Local\CutePDF Writer
2014-08-29 13:01 - 2011-09-29 15:03 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-29 11:24 - 2014-08-29 11:24 - 00000000 ____D () C:\Users\Newstyle02\AppData\Local\Adobe
2014-08-29 03:53 - 2014-08-29 03:53 - 00000000 ____D () C:\Windows\rescache
2014-08-29 03:15 - 2009-07-14 06:45 - 00418968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 11:56 - 2014-08-27 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-27 11:56 - 2014-03-09 16:31 - 00000823 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-27 11:56 - 2014-03-09 16:31 - 00000000 ____D () C:\Users\Newstyle02\AppData\Roaming\Malwarebytes
2014-08-27 11:56 - 2014-03-09 16:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-26 15:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-23 04:07 - 2014-08-28 12:24 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:24 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:24 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 17:18 - 2012-07-12 09:04 - 00000000 ___RD () C:\Users\Newstyle02\Virtual Machines
2014-08-19 17:15 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-19 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-19 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-19 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 14:45 - 2011-10-07 12:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 14:39 - 2013-08-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-19 14:36 - 2013-03-13 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-19 14:36 - 2013-03-13 04:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-19 14:36 - 2013-03-13 04:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-19 14:34 - 2014-06-06 15:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 13:03 - 2014-08-14 12:59 - 00000000 ____D () C:\Users\Newstyle02\Desktop\Maledieven Unterlagen

Files to move or delete:
====================
C:\Users\Newstyle02\AppData\Local\Temp\TaskingServices.exe
C:\Users\Newstyle02\piii.exe


Some content of TEMP:
====================
C:\Users\Newstyle02\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Newstyle02\AppData\Local\Temp\SHSetup.exe
C:\Users\Newstyle02\AppData\Local\Temp\TaskingServices.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 03:46

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Newstyle at 2014-09-10 12:50:42
Running from C:\Users\Newstyle02\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5519 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CDH UI-Komponenten (CJ 15.1.3) (HKLM-x32\...\{1189838A-A3B9-4A30-8539-172D3FC9A248}_is1) (Version:  - )
CDH UI-Komponenten (CJ 16.2.3) (HKLM-x32\...\{1189838A-A3B9-4A30-8539-172D3FC9A249}_is1) (Version:  - )
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Crystal Reports XI Client Setup (HKLM-x32\...\{9B240E3B-0740-4255-BF4E-355812A6B0F7}) (Version: 1.0.0.0 - CDH GmbH)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
EURACOM (HKLM-x32\...\EURACOM) (Version:  - )
Euraconf R4 - Build 433 (HKLM-x32\...\Euraconf R4_is1) (Version: Build 433 - ET-Soft)
FileZilla Client 3.8.0 (HKCU\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Glary Utilities 2.40.0.1326 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.40.0.1326 - Glarysoft Ltd)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
InCD (ahead software) (HKLM-x32\...\InCD!UninstallKey) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.0 - Heiko Schröder)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PDF24 Creator 5.0.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.1.0 - Prolific Technology INC)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Steganos Safe 11 (HKLM-x32\...\{AC5CEC91-F421-4D5F-86EA-5D51E815B8EC}) (Version: 11.0.5 - Steganos GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.6 - uvnc bvba)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XnView 1.98.2 (HKLM-x32\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16870BB4-30CA-4D18-AC0E-4225E89C14FF} - \WPD\SqmUpload_S-1-5-21-30909565-1317841775-1896212004-500 No Task File <==== ATTENTION
Task: {4413422B-D0AD-489C-8D06-16D2C5CC52CB} - System32\Tasks\Newstyle2 => D:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: {59EFCEA9-F8DA-419D-9ECE-0F8DA53CCC5C} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {7C79D422-C019-4CDB-B50D-10247D6A1D38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {8DB60F67-44E8-4BD6-8443-405300FFA15C} - System32\Tasks\Newstyle4 => D:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: {95505B6F-AF62-4D99-8828-2C61DEBF2271} - System32\Tasks\GlaryInitialize => D:\Program Files (x86)\Glary Utilities\initialize.exe [2011-12-08] (Glarysoft Ltd)
Task: {9822507E-92DD-4490-A1B8-0DA4EC046EB9} - System32\Tasks\Newstyle NBAgent 5 4 => D:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {B523BC3F-EA67-431D-90ED-2F7B70183128} - System32\Tasks\Newstyle3 => D:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: {E2A91EB4-2799-439A-AEE6-19C70513975C} - System32\Tasks\Newstyle => D:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => D:\Program Files (x86)\Glary Utilities\initialize.exe

==================== Loaded Modules (whitelisted) =============

2011-10-10 12:54 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () D:\Program Files\Unlocker\UnlockerCOM.dll
2011-10-19 17:19 - 2011-05-28 22:05 - 00164864 _____ () D:\Program Files\WinRAR\rarext.dll
2009-08-04 16:31 - 2009-08-04 16:31 - 00025088 _____ () D:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe
2009-08-04 16:31 - 2009-08-04 16:31 - 00054272 _____ () D:\Program Files (x86)\Steganos Safe 11\fredirstarter.exe
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 00:38 - 2014-07-23 00:38 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-01 12:17 - 2014-07-25 12:52 - 00018856 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
2014-08-19 17:40 - 2014-08-19 17:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e1dca04e43d05aff13c672a916b3e8ef\IsdiInterop.ni.dll
2011-09-19 09:58 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2014 09:07:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2014 08:52:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 04:39:42 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 09:21:27 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 05:45:09 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 10:58:24 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 10:58:21 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 10:58:15 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 10:58:13 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/08/2014 10:52:44 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.


System errors:
=============
Error: (09/10/2014 09:37:56 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/10/2014 09:33:04 AM) (Source: DCOM) (EventID: 10016) (User: PC-NEWSTYLE1)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}PC-NEWSTYLE1NewstyleS-1-5-21-30909565-1317841775-1896212004-1000LocalHost (unter Verwendung von LRPC)

Error: (09/10/2014 09:33:03 AM) (Source: DCOM) (EventID: 10016) (User: PC-NEWSTYLE1)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}PC-NEWSTYLE1NewstyleS-1-5-21-30909565-1317841775-1896212004-1000LocalHost (unter Verwendung von LRPC)

Error: (09/10/2014 09:09:36 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/10/2014 09:06:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/10/2014 09:05:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/10/2014 09:05:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BsUDF" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/10/2014 09:05:42 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\BsUDF.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/10/2014 08:51:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/10/2014 08:50:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (09/10/2014 09:07:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2014 08:52:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 04:39:42 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 09:21:27 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 05:45:09 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 10:58:24 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 10:58:21 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 10:58:15 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 10:58:13 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 

Error: (09/08/2014 10:52:44 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: 


CodeIntegrity Errors:
===================================
  Date: 2014-08-26 12:41:10.890
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-26 12:11:05.236
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-26 11:40:54.061
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-26 10:56:20.455
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-25 23:37:03.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-24 14:05:17.360
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-24 13:17:20.862
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 15:29:22.828
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 13:45:46.660
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 13:39:20.255
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8169.43 MB
Available physical RAM: 4168.8 MB
Total Pagefile: 9050.43 MB
Available Pagefile: 4664.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.9 GB) (Free:3.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:568.16 GB) NTFS
Drive f: () (Network) (Total:931.51 GB) (Free:568.16 GB) NTFS
Drive z: () (Network) (Total:930.9 GB) (Free:522.07 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 5B7D44B9)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A4C5A133)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 11.09.2014, 11:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Logfile von dem Fund bitte noch.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.09.2014, 11:16   #5
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Danke.

Ich soll beides machen?

Oder erst das erste und dann den log file posten und dann auf Antwort warten und dann die zweite Aktion?


Alt 12.09.2014, 07:06   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



immer alles machen was ich poste. wenn ich es getrennt haben möchte poste ich es auch getrennt
__________________
--> Backdoor:Win32/poison.E

Alt 02.01.2015, 11:06   #7
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Danke und Entschuldigung...ich war jetzt lange krank, wollte mich jetzt auf das stürzen, aber leider funktioniert der Link bei Kaspersky für den TDSSKILLER nicht mehr...

Ich habe zweimal gescannt.
1. SCAN:
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
Malwarebytes | Free Anti-Malware & Internet Security Software

Database version: v2015.01.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Newstyle :: PC-NEWSTYLE1 [administrator]

02.01.2015 11:35:36
mbar-log-2015-01-02 (11-35-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 387239
Time elapsed: 5 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKU\S-1-5-21-30909565-1317841775-1896212004-1000\SOFTWARE\VB AND VBA PROGRAM SETTINGS\SrvID (Malware.Trace) -> Delete on reboot. [3764e21034557bbb4c6aeb3406fe748c]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Newstyle02\AppData\Roaming\Microsoft\Windows\Acctres.exe (Trojan.Agent.HWIGen) -> Delete on reboot. [8417c0327910ee489a3df7e2f90802fe]
C:\Users\Newstyle02\AppData\Roaming\Microsoft\Windows\Templates\takshost.exe (Spyware.Pony) -> Delete on reboot. [6a31a94907821b1b98d4e8f7bb49f10f]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

2. SCAN
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
Malwarebytes | Free Anti-Malware & Internet Security Software

Database version: v2015.01.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Newstyle :: PC-NEWSTYLE1 [administrator]

02.01.2015 11:43:17
mbar-log-2015-01-02 (11-43-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 387194
Time elapsed: 4 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

So habe mir TDSSKIller bei CHIP.de geholt:

Hier der Scan, es wurde ein Rootkit gefunden.

12:02:20.0318 0x0514 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:02:27.0959 0x0514 ============================================================
12:02:27.0959 0x0514 Current date / time: 2015/01/02 12:02:27.0959
12:02:27.0959 0x0514 SystemInfo:
12:02:27.0959 0x0514
12:02:27.0959 0x0514 OS Version: 6.1.7601 ServicePack: 1.0
12:02:27.0959 0x0514 Product type: Workstation
12:02:27.0959 0x0514 ComputerName: PC-NEWSTYLE1
12:02:27.0959 0x0514 UserName: Newstyle
12:02:27.0959 0x0514 Windows directory: C:\Windows
12:02:27.0959 0x0514 System windows directory: C:\Windows
12:02:27.0959 0x0514 Running under WOW64
12:02:27.0959 0x0514 Processor architecture: Intel x64
12:02:27.0959 0x0514 Number of processors: 8
12:02:27.0959 0x0514 Page size: 0x1000
12:02:27.0959 0x0514 Boot type: Normal boot
12:02:27.0959 0x0514 ============================================================
12:02:28.0009 0x0514 KLMD registered as C:\Windows\system32\drivers\89430844.sys
12:02:28.0089 0x0514 System UUID: {D4A20A34-24FD-AF19-9937-4144955D52FD}
12:02:28.0379 0x0514 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:28.0399 0x0514 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:28.0409 0x0514 ============================================================
12:02:28.0409 0x0514 \Device\Harddisk0\DR0:
12:02:28.0409 0x0514 MBR partitions:
12:02:28.0409 0x0514 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
12:02:28.0409 0x0514 \Device\Harddisk1\DR1:
12:02:28.0409 0x0514 MBR partitions:
12:02:28.0409 0x0514 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:02:28.0409 0x0514 ============================================================
12:02:28.0409 0x0514 C: <-> \Device\Harddisk0\DR0\Partition1
12:02:28.0429 0x0514 D: <-> \Device\Harddisk1\DR1\Partition1
12:02:28.0429 0x0514 ============================================================
12:02:28.0429 0x0514 Initialize success
12:02:28.0429 0x0514 ============================================================
12:03:48.0420 0x0ff0 ============================================================
12:03:48.0420 0x0ff0 Scan started
12:03:48.0420 0x0ff0 Mode: Manual; SigCheck; TDLFS;
12:03:48.0420 0x0ff0 ============================================================
12:03:48.0420 0x0ff0 KSN ping started
12:03:51.0180 0x0ff0 KSN ping finished: true
12:03:51.0510 0x0ff0 ================ Scan system memory ========================
12:03:51.0510 0x0ff0 System memory - ok
12:03:51.0510 0x0ff0 ================ Scan services =============================
12:03:51.0540 0x0ff0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:03:51.0580 0x0ff0 1394ohci - ok
12:03:51.0590 0x0ff0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:03:51.0600 0x0ff0 ACPI - ok
12:03:51.0610 0x0ff0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:03:51.0620 0x0ff0 AcpiPmi - ok
12:03:51.0650 0x0ff0 [ 0786A8818B4AA3C2A6588633EAB11AB1, 73A6E444BF2F64A49637BE40D50A0BE8B494E224D5C95B89D1D0C08960ABFD0A ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:03:51.0670 0x0ff0 AcrSch2Svc - ok
12:03:51.0680 0x0ff0 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:03:51.0680 0x0ff0 AdobeARMservice - ok
12:03:51.0700 0x0ff0 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:03:51.0720 0x0ff0 AdobeFlashPlayerUpdateSvc - ok
12:03:51.0730 0x0ff0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:03:51.0750 0x0ff0 adp94xx - ok
12:03:51.0760 0x0ff0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:03:51.0770 0x0ff0 adpahci - ok
12:03:51.0780 0x0ff0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:03:51.0790 0x0ff0 adpu320 - ok
12:03:51.0800 0x0ff0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:03:51.0820 0x0ff0 AeLookupSvc - ok
12:03:51.0830 0x0ff0 [ 3CB8A6BB25EB8B8D5E56123B52DF9412, 83DEAC0EE384C68A45B6AF059A2850E01CC683E2E1BF0D6D8059E491BBEB2D36 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
12:03:51.0840 0x0ff0 afcdp - ok
12:03:51.0930 0x0ff0 [ E6E182BDAAD59CEE0339F0474A558015, 7AF97DA7112215B50E1B202A6FC04BA5CB452C8AECDFDAF6ED573E22BBCAB38C ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:03:52.0000 0x0ff0 afcdpsrv - ok
12:03:52.0010 0x0ff0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:03:52.0030 0x0ff0 AFD - ok
12:03:52.0030 0x0ff0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:03:52.0040 0x0ff0 agp440 - ok
12:03:52.0040 0x0ff0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:03:52.0060 0x0ff0 ALG - ok
12:03:52.0060 0x0ff0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:03:52.0070 0x0ff0 aliide - ok
12:03:52.0070 0x0ff0 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:03:52.0090 0x0ff0 AMD External Events Utility - ok
12:03:52.0090 0x0ff0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:03:52.0100 0x0ff0 amdide - ok
12:03:52.0100 0x0ff0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:03:52.0110 0x0ff0 AmdK8 - ok
12:03:52.0380 0x0ff0 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:03:52.0690 0x0ff0 amdkmdag - ok
12:03:52.0720 0x0ff0 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:03:52.0740 0x0ff0 amdkmdap - ok
12:03:52.0740 0x0ff0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:03:52.0750 0x0ff0 AmdPPM - ok
12:03:52.0750 0x0ff0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:03:52.0760 0x0ff0 amdsata - ok
12:03:52.0770 0x0ff0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:03:52.0780 0x0ff0 amdsbs - ok
12:03:52.0780 0x0ff0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:03:52.0790 0x0ff0 amdxata - ok
12:03:52.0790 0x0ff0 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:03:52.0800 0x0ff0 AppID - ok
12:03:52.0800 0x0ff0 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:03:52.0810 0x0ff0 AppIDSvc - ok
12:03:52.0820 0x0ff0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:03:52.0830 0x0ff0 Appinfo - ok
12:03:52.0830 0x0ff0 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:03:52.0840 0x0ff0 Apple Mobile Device - ok
12:03:52.0850 0x0ff0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:03:52.0860 0x0ff0 AppMgmt - ok
12:03:52.0860 0x0ff0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:03:52.0870 0x0ff0 arc - ok
12:03:52.0880 0x0ff0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:03:52.0880 0x0ff0 arcsas - ok
12:03:52.0900 0x0ff0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:52.0910 0x0ff0 aspnet_state - ok
12:03:52.0910 0x0ff0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:03:52.0930 0x0ff0 AsyncMac - ok
12:03:52.0930 0x0ff0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:03:52.0940 0x0ff0 atapi - ok
12:03:52.0950 0x0ff0 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:03:52.0960 0x0ff0 AtiHDAudioService - ok
12:03:52.0970 0x0ff0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:03:52.0990 0x0ff0 AudioEndpointBuilder - ok
12:03:53.0010 0x0ff0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:03:53.0020 0x0ff0 AudioSrv - ok
12:03:53.0030 0x0ff0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:03:53.0050 0x0ff0 AxInstSV - ok
12:03:53.0060 0x0ff0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:03:53.0080 0x0ff0 b06bdrv - ok
12:03:53.0090 0x0ff0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:03:53.0110 0x0ff0 b57nd60a - ok
12:03:53.0110 0x0ff0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:03:53.0120 0x0ff0 BDESVC - ok
12:03:53.0130 0x0ff0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:03:53.0150 0x0ff0 Beep - ok
12:03:53.0160 0x0ff0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:03:53.0190 0x0ff0 BFE - ok
12:03:53.0210 0x0ff0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:03:53.0250 0x0ff0 BITS - ok
12:03:53.0260 0x0ff0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:03:53.0270 0x0ff0 blbdrive - ok
12:03:53.0280 0x0ff0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:03:53.0290 0x0ff0 Bonjour Service - ok
12:03:53.0300 0x0ff0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:03:53.0300 0x0ff0 bowser - ok
12:03:53.0310 0x0ff0 [ 198FD5F1F7B978F42E84AD0FFE07888D, 7DEDCE165AC47F36DE16BF71D3514AD2CCF51DFC50B5FC1AC4ACB39FB34FD874 ] brfilt C:\Windows\system32\Drivers\Brfilt.sys
12:03:53.0320 0x0ff0 brfilt - ok
12:03:53.0320 0x0ff0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:03:53.0330 0x0ff0 BrFiltLo - ok
12:03:53.0330 0x0ff0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:03:53.0340 0x0ff0 BrFiltUp - ok
12:03:53.0340 0x0ff0 brmfrsmg - ok
12:03:53.0350 0x0ff0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:03:53.0360 0x0ff0 Browser - ok
12:03:53.0370 0x0ff0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:03:53.0380 0x0ff0 Brserid - ok
12:03:53.0380 0x0ff0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\Drivers\BrSerWdm.sys
12:03:53.0390 0x0ff0 BrSerWdm - ok
12:03:53.0400 0x0ff0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\Drivers\BrUsbMdm.sys
12:03:53.0410 0x0ff0 BrUsbMdm - ok
12:03:53.0410 0x0ff0 [ 2E179D13705142EC4F338607AD8A9EAB, AE4384ED0A4ACCD99EAEC3A9C5405316B11839EEB596D42507602146B34A8462 ] BrUsbScn C:\Windows\system32\Drivers\BrUsbScn.sys
12:03:53.0420 0x0ff0 BrUsbScn - ok
12:03:53.0420 0x0ff0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:03:53.0430 0x0ff0 BrUsbSer - ok
12:03:53.0430 0x0ff0 BsUDF - ok
12:03:53.0430 0x0ff0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:03:53.0450 0x0ff0 BTHMODEM - ok
12:03:53.0450 0x0ff0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:03:53.0470 0x0ff0 bthserv - ok
12:03:53.0480 0x0ff0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:03:53.0500 0x0ff0 cdfs - ok
12:03:53.0510 0x0ff0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:03:53.0520 0x0ff0 cdrom - ok
12:03:53.0520 0x0ff0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:03:53.0540 0x0ff0 CertPropSvc - ok
12:03:53.0540 0x0ff0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:03:53.0550 0x0ff0 circlass - ok
12:03:53.0560 0x0ff0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:03:53.0580 0x0ff0 CLFS - ok
12:03:53.0580 0x0ff0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:53.0590 0x0ff0 clr_optimization_v2.0.50727_32 - ok
12:03:53.0600 0x0ff0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:03:53.0600 0x0ff0 clr_optimization_v2.0.50727_64 - ok
12:03:53.0610 0x0ff0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:03:53.0620 0x0ff0 clr_optimization_v4.0.30319_32 - ok
12:03:53.0630 0x0ff0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:03:53.0640 0x0ff0 clr_optimization_v4.0.30319_64 - ok
12:03:53.0640 0x0ff0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:03:53.0650 0x0ff0 CmBatt - ok
12:03:53.0650 0x0ff0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:03:53.0660 0x0ff0 cmdide - ok
12:03:53.0670 0x0ff0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:03:53.0690 0x0ff0 CNG - ok
12:03:53.0700 0x0ff0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:03:53.0700 0x0ff0 Compbatt - ok
12:03:53.0710 0x0ff0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:03:53.0720 0x0ff0 CompositeBus - ok
12:03:53.0720 0x0ff0 COMSysApp - ok
12:03:53.0720 0x0ff0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:03:53.0730 0x0ff0 crcdisk - ok
12:03:53.0730 0x0ff0 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:03:53.0750 0x0ff0 CryptSvc - ok
12:03:53.0760 0x0ff0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:03:53.0780 0x0ff0 CSC - ok
12:03:53.0800 0x0ff0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:03:53.0830 0x0ff0 CscService - ok
12:03:53.0840 0x0ff0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:03:53.0870 0x0ff0 DcomLaunch - ok
12:03:53.0880 0x0ff0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:03:53.0910 0x0ff0 defragsvc - ok
12:03:53.0920 0x0ff0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:03:53.0940 0x0ff0 DfsC - ok
12:03:53.0950 0x0ff0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:03:53.0960 0x0ff0 Dhcp - ok
12:03:53.0970 0x0ff0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:03:53.0990 0x0ff0 discache - ok
12:03:53.0990 0x0ff0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:03:54.0000 0x0ff0 Disk - ok
12:03:54.0000 0x0ff0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:03:54.0010 0x0ff0 dmvsc - ok
12:03:54.0020 0x0ff0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:03:54.0030 0x0ff0 Dnscache - ok
12:03:54.0040 0x0ff0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:03:54.0070 0x0ff0 dot3svc - ok
12:03:54.0070 0x0ff0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:03:54.0100 0x0ff0 DPS - ok
12:03:54.0100 0x0ff0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:03:54.0110 0x0ff0 drmkaud - ok
12:03:54.0130 0x0ff0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:03:54.0150 0x0ff0 DXGKrnl - ok
12:03:54.0160 0x0ff0 [ EAFCB4551836FF44EE775CEDDFA7A77E, 5C01EC0EA6B5B04C51F39EA3B22E1A06F47CB88470A667937C56D4A3BCC19309 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
12:03:54.0170 0x0ff0 e1cexpress - ok
12:03:54.0180 0x0ff0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:03:54.0200 0x0ff0 EapHost - ok
12:03:54.0280 0x0ff0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:03:54.0360 0x0ff0 ebdrv - ok
12:03:54.0370 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:03:54.0380 0x0ff0 EFS - ok
12:03:54.0390 0x0ff0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:03:54.0420 0x0ff0 ehRecvr - ok
12:03:54.0430 0x0ff0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:03:54.0440 0x0ff0 ehSched - ok
12:03:54.0450 0x0ff0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:03:54.0470 0x0ff0 elxstor - ok
12:03:54.0470 0x0ff0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:03:54.0480 0x0ff0 ErrDev - ok
12:03:54.0490 0x0ff0 [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
12:03:54.0490 0x0ff0 EsgScanner - ok
12:03:54.0500 0x0ff0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:03:54.0530 0x0ff0 EventSystem - ok
12:03:54.0540 0x0ff0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:03:54.0560 0x0ff0 exfat - ok
12:03:54.0570 0x0ff0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:03:54.0590 0x0ff0 fastfat - ok
12:03:54.0610 0x0ff0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:03:54.0630 0x0ff0 Fax - ok
12:03:54.0640 0x0ff0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:03:54.0640 0x0ff0 fdc - ok
12:03:54.0650 0x0ff0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:03:54.0670 0x0ff0 fdPHost - ok
12:03:54.0670 0x0ff0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:03:54.0690 0x0ff0 FDResPub - ok
12:03:54.0690 0x0ff0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:03:54.0700 0x0ff0 FileInfo - ok
12:03:54.0700 0x0ff0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:03:54.0730 0x0ff0 Filetrace - ok
12:03:54.0730 0x0ff0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:03:54.0740 0x0ff0 flpydisk - ok
12:03:54.0750 0x0ff0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:03:54.0760 0x0ff0 FltMgr - ok
12:03:54.0790 0x0ff0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:03:54.0820 0x0ff0 FontCache - ok
12:03:54.0830 0x0ff0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:54.0830 0x0ff0 FontCache3.0.0.0 - ok
12:03:54.0840 0x0ff0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:03:54.0840 0x0ff0 FsDepends - ok
12:03:54.0850 0x0ff0 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:03:54.0850 0x0ff0 fssfltr - ok
12:03:54.0890 0x0ff0 [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:03:54.0930 0x0ff0 fsssvc - ok
12:03:54.0930 0x0ff0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:03:54.0940 0x0ff0 Fs_Rec - ok
12:03:54.0940 0x0ff0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:03:54.0960 0x0ff0 fvevol - ok
12:03:54.0960 0x0ff0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:03:54.0970 0x0ff0 gagp30kx - ok
12:03:54.0970 0x0ff0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:03:54.0980 0x0ff0 GEARAspiWDM - ok
12:03:55.0000 0x0ff0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:03:55.0030 0x0ff0 gpsvc - ok
12:03:55.0040 0x0ff0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:03:55.0040 0x0ff0 hcw85cir - ok
12:03:55.0060 0x0ff0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:03:55.0070 0x0ff0 HdAudAddService - ok
12:03:55.0080 0x0ff0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:03:55.0090 0x0ff0 HDAudBus - ok
12:03:55.0090 0x0ff0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:03:55.0100 0x0ff0 HidBatt - ok
12:03:55.0110 0x0ff0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:03:55.0120 0x0ff0 HidBth - ok
12:03:55.0120 0x0ff0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:03:55.0130 0x0ff0 HidIr - ok
12:03:55.0130 0x0ff0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:03:55.0160 0x0ff0 hidserv - ok
12:03:55.0160 0x0ff0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:03:55.0170 0x0ff0 HidUsb - ok
12:03:55.0170 0x0ff0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:03:55.0190 0x0ff0 hkmsvc - ok
12:03:55.0200 0x0ff0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:03:55.0210 0x0ff0 HomeGroupListener - ok
12:03:55.0220 0x0ff0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:03:55.0230 0x0ff0 HomeGroupProvider - ok
12:03:55.0240 0x0ff0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:03:55.0240 0x0ff0 HpSAMD - ok
12:03:55.0260 0x0ff0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:03:55.0300 0x0ff0 HTTP - ok
12:03:55.0300 0x0ff0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:03:55.0310 0x0ff0 hwpolicy - ok
12:03:55.0310 0x0ff0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:03:55.0320 0x0ff0 i8042prt - ok
12:03:55.0340 0x0ff0 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:03:55.0350 0x0ff0 iaStor - ok
12:03:55.0360 0x0ff0 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:03:55.0360 0x0ff0 IAStorDataMgrSvc - ok
12:03:55.0370 0x0ff0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:03:55.0390 0x0ff0 iaStorV - ok
12:03:55.0410 0x0ff0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:03:55.0440 0x0ff0 idsvc - ok
12:03:55.0450 0x0ff0 IEEtwCollectorService - ok
12:03:55.0450 0x0ff0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:03:55.0460 0x0ff0 iirsp - ok
12:03:55.0480 0x0ff0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:03:55.0510 0x0ff0 IKEEXT - ok
12:03:55.0510 0x0ff0 [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64 C:\Windows\system32\Drivers\inpoutx64.sys
12:03:55.0520 0x0ff0 inpoutx64 - ok
12:03:55.0580 0x0ff0 [ A5F7CEF8A939EBE270462EDEFD629F20, 889AB15BB3027C3350449776158579C9916F1CCA2B278FEB50E23D599366FDFA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:03:55.0660 0x0ff0 IntcAzAudAddService - ok
12:03:55.0670 0x0ff0 [ D7B978F4504D3DA95A21002863D0E7EE, 17B4B4F9334EF874FF7DF30C63D4541142DD0324F842050AC755B170F46C3159 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:03:55.0680 0x0ff0 Intel(R) PROSet Monitoring Service - ok
12:03:55.0680 0x0ff0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:03:55.0690 0x0ff0 intelide - ok
12:03:55.0690 0x0ff0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:03:55.0700 0x0ff0 intelppm - ok
12:03:55.0700 0x0ff0 [ E45575812630B049CE0F679D87561A4D, 2645B87960DAA51295530ECF5518E5872B17520293068E7DEA064FEAE3884E87 ] ioatdma1 C:\Windows\System32\Drivers\qd162x64.sys
12:03:55.0710 0x0ff0 ioatdma1 - ok
12:03:55.0710 0x0ff0 [ 2C23820DD9E81199E60F553EB50BC449, AF3847AD90A79E9D22DC67F4ED52B1D3FAF7C6420D60F2044C1FB49FD338BB70 ] ioatdma2 C:\Windows\System32\Drivers\qd262x64.sys
12:03:55.0720 0x0ff0 ioatdma2 - ok
12:03:55.0720 0x0ff0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:03:55.0750 0x0ff0 IPBusEnum - ok
12:03:55.0750 0x0ff0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:03:55.0770 0x0ff0 IpFilterDriver - ok
12:03:55.0790 0x0ff0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:03:55.0810 0x0ff0 iphlpsvc - ok
12:03:55.0810 0x0ff0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:03:55.0820 0x0ff0 IPMIDRV - ok
12:03:55.0830 0x0ff0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:03:55.0850 0x0ff0 IPNAT - ok
12:03:55.0870 0x0ff0 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:03:55.0890 0x0ff0 iPod Service - ok
12:03:55.0890 0x0ff0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:03:55.0900 0x0ff0 IRENUM - ok
12:03:55.0900 0x0ff0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:03:55.0910 0x0ff0 isapnp - ok
12:03:55.0920 0x0ff0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:03:55.0930 0x0ff0 iScsiPrt - ok
12:03:55.0930 0x0ff0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:03:55.0940 0x0ff0 kbdclass - ok
12:03:55.0940 0x0ff0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:03:55.0950 0x0ff0 kbdhid - ok
12:03:55.0950 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:03:55.0960 0x0ff0 KeyIso - ok
12:03:55.0970 0x0ff0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:03:55.0970 0x0ff0 KSecDD - ok
12:03:55.0980 0x0ff0 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:03:55.0990 0x0ff0 KSecPkg - ok
12:03:55.0990 0x0ff0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:03:56.0010 0x0ff0 ksthunk - ok
12:03:56.0020 0x0ff0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:03:56.0050 0x0ff0 KtmRm - ok
12:03:56.0060 0x0ff0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:03:56.0080 0x0ff0 LanmanServer - ok
12:03:56.0090 0x0ff0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:03:56.0110 0x0ff0 LanmanWorkstation - ok
12:03:56.0120 0x0ff0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:03:56.0140 0x0ff0 lltdio - ok
12:03:56.0150 0x0ff0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:03:56.0181 0x0ff0 lltdsvc - ok
12:03:56.0181 0x0ff0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:03:56.0201 0x0ff0 lmhosts - ok
12:03:56.0211 0x0ff0 [ 5456DE5A8E11EDBD68BF19C70B0A8F58, 49CD27A3AE33D98FDD30CD28B6F29F165FF305D64ADABA624786E66662D82C87 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:03:56.0221 0x0ff0 LMS - ok
12:03:56.0231 0x0ff0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:03:56.0241 0x0ff0 LSI_FC - ok
12:03:56.0241 0x0ff0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:03:56.0251 0x0ff0 LSI_SAS - ok
12:03:56.0251 0x0ff0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:03:56.0261 0x0ff0 LSI_SAS2 - ok
12:03:56.0271 0x0ff0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:03:56.0281 0x0ff0 LSI_SCSI - ok
12:03:56.0281 0x0ff0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:03:56.0311 0x0ff0 luafv - ok
12:03:56.0311 0x0ff0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:03:56.0321 0x0ff0 Mcx2Svc - ok
12:03:56.0321 0x0ff0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:03:56.0331 0x0ff0 megasas - ok
12:03:56.0341 0x0ff0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:03:56.0351 0x0ff0 MegaSR - ok
12:03:56.0361 0x0ff0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:03:56.0361 0x0ff0 MEIx64 - ok
12:03:56.0371 0x0ff0 [ 8D0E52F36A153D099DE7D5A1E233FAC7, 8E908122262C54E166F2E4D0B5C91EEC94E1B231B221B0841CDD932DD8B1B782 ] mf C:\Windows\system32\DRIVERS\mf.sys
12:03:56.0381 0x0ff0 mf - ok
12:03:56.0381 0x0ff0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:03:56.0401 0x0ff0 MMCSS - ok
12:03:56.0411 0x0ff0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:03:56.0431 0x0ff0 Modem - ok
12:03:56.0431 0x0ff0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:03:56.0441 0x0ff0 monitor - ok
12:03:56.0451 0x0ff0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:03:56.0451 0x0ff0 mouclass - ok
12:03:56.0461 0x0ff0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:03:56.0461 0x0ff0 mouhid - ok
12:03:56.0471 0x0ff0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:03:56.0481 0x0ff0 mountmgr - ok
12:03:56.0481 0x0ff0 [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:03:56.0491 0x0ff0 MozillaMaintenance - ok
12:03:56.0501 0x0ff0 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:03:56.0511 0x0ff0 MpFilter - ok
12:03:56.0521 0x0ff0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:03:56.0531 0x0ff0 mpio - ok
12:03:56.0531 0x0ff0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:03:56.0551 0x0ff0 mpsdrv - ok
12:03:56.0571 0x0ff0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:03:56.0611 0x0ff0 MpsSvc - ok
12:03:56.0621 0x0ff0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:03:56.0631 0x0ff0 MRxDAV - ok
12:03:56.0631 0x0ff0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:03:56.0641 0x0ff0 mrxsmb - ok
12:03:56.0651 0x0ff0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:03:56.0671 0x0ff0 mrxsmb10 - ok
12:03:56.0671 0x0ff0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:03:56.0681 0x0ff0 mrxsmb20 - ok
12:03:56.0681 0x0ff0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:03:56.0691 0x0ff0 msahci - ok
12:03:56.0701 0x0ff0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:03:56.0711 0x0ff0 msdsm - ok
12:03:56.0711 0x0ff0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:03:56.0721 0x0ff0 MSDTC - ok
12:03:56.0731 0x0ff0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:03:56.0751 0x0ff0 Msfs - ok
12:03:56.0751 0x0ff0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:03:56.0771 0x0ff0 mshidkmdf - ok
12:03:56.0781 0x0ff0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:03:56.0781 0x0ff0 msisadrv - ok
12:03:56.0791 0x0ff0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:03:56.0811 0x0ff0 MSiSCSI - ok
12:03:56.0821 0x0ff0 msiserver - ok
12:03:56.0821 0x0ff0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:03:56.0841 0x0ff0 MSKSSRV - ok
12:03:56.0841 0x0ff0 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:03:56.0851 0x0ff0 MsMpSvc - ok
12:03:56.0851 0x0ff0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:03:56.0871 0x0ff0 MSPCLOCK - ok
12:03:56.0881 0x0ff0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:03:56.0901 0x0ff0 MSPQM - ok
12:03:56.0911 0x0ff0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:03:56.0921 0x0ff0 MsRPC - ok
12:03:56.0921 0x0ff0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:03:56.0931 0x0ff0 mssmbios - ok
12:03:56.0931 0x0ff0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:03:56.0951 0x0ff0 MSTEE - ok
12:03:56.0951 0x0ff0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:03:56.0961 0x0ff0 MTConfig - ok
12:03:56.0971 0x0ff0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:03:56.0971 0x0ff0 Mup - ok
12:03:56.0991 0x0ff0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:03:57.0021 0x0ff0 napagent - ok
12:03:57.0031 0x0ff0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:03:57.0051 0x0ff0 NativeWifiP - ok
12:03:57.0071 0x0ff0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:03:57.0091 0x0ff0 NDIS - ok
12:03:57.0101 0x0ff0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:03:57.0121 0x0ff0 NdisCap - ok
12:03:57.0121 0x0ff0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:03:57.0141 0x0ff0 NdisTapi - ok
12:03:57.0141 0x0ff0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:03:57.0171 0x0ff0 Ndisuio - ok
12:03:57.0171 0x0ff0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:03:57.0201 0x0ff0 NdisWan - ok
12:03:57.0201 0x0ff0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:03:57.0221 0x0ff0 NDProxy - ok
12:03:57.0221 0x0ff0 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
12:03:57.0231 0x0ff0 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
12:03:59.0921 0x0ff0 Detect skipped due to KSN trusted
12:03:59.0921 0x0ff0 Netaapl - ok
12:03:59.0931 0x0ff0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:03:59.0951 0x0ff0 NetBIOS - ok
12:03:59.0961 0x0ff0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:03:59.0981 0x0ff0 NetBT - ok
12:03:59.0991 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:03:59.0991 0x0ff0 Netlogon - ok
12:04:00.0001 0x0ff0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:04:00.0031 0x0ff0 Netman - ok
12:04:00.0041 0x0ff0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:04:00.0051 0x0ff0 NetMsmqActivator - ok
12:04:00.0061 0x0ff0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:04:00.0061 0x0ff0 NetPipeActivator - ok
12:04:00.0081 0x0ff0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:04:00.0111 0x0ff0 netprofm - ok
12:04:00.0111 0x0ff0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:04:00.0121 0x0ff0 NetTcpActivator - ok
12:04:00.0131 0x0ff0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:04:00.0141 0x0ff0 NetTcpPortSharing - ok
12:04:00.0141 0x0ff0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:04:00.0151 0x0ff0 nfrd960 - ok
12:04:00.0151 0x0ff0 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:04:00.0161 0x0ff0 NisDrv - ok
12:04:00.0171 0x0ff0 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:04:00.0181 0x0ff0 NisSrv - ok
12:04:00.0191 0x0ff0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:04:00.0211 0x0ff0 NlaSvc - ok
12:04:00.0211 0x0ff0 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
12:04:00.0221 0x0ff0 NPF - ok
12:04:00.0221 0x0ff0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:04:00.0241 0x0ff0 Npfs - ok
12:04:00.0251 0x0ff0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:04:00.0271 0x0ff0 nsi - ok
12:04:00.0271 0x0ff0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:04:00.0291 0x0ff0 nsiproxy - ok
12:04:00.0341 0x0ff0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:04:00.0371 0x0ff0 Ntfs - ok
12:04:00.0381 0x0ff0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:04:00.0401 0x0ff0 Null - ok
12:04:00.0401 0x0ff0 [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:04:00.0411 0x0ff0 nusb3hub - ok
12:04:00.0421 0x0ff0 [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:04:00.0431 0x0ff0 nusb3xhc - ok
12:04:00.0431 0x0ff0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:04:00.0441 0x0ff0 nvraid - ok
12:04:00.0451 0x0ff0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:04:00.0461 0x0ff0 nvstor - ok
12:04:00.0471 0x0ff0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:04:00.0481 0x0ff0 nv_agp - ok
12:04:00.0481 0x0ff0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:04:00.0491 0x0ff0 ohci1394 - ok
12:04:00.0501 0x0ff0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:04:00.0501 0x0ff0 ose - ok
12:04:00.0621 0x0ff0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:04:00.0741 0x0ff0 osppsvc - ok
12:04:00.0751 0x0ff0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:04:00.0771 0x0ff0 p2pimsvc - ok
12:04:00.0781 0x0ff0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:04:00.0801 0x0ff0 p2psvc - ok
12:04:00.0801 0x0ff0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:04:00.0811 0x0ff0 Parport - ok
12:04:00.0811 0x0ff0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:04:00.0821 0x0ff0 partmgr - ok
12:04:00.0831 0x0ff0 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:04:00.0841 0x0ff0 PcaSvc - ok
12:04:00.0851 0x0ff0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:04:00.0861 0x0ff0 pci - ok
12:04:00.0861 0x0ff0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:04:00.0871 0x0ff0 pciide - ok
12:04:00.0871 0x0ff0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:04:00.0881 0x0ff0 pcmcia - ok
12:04:00.0891 0x0ff0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:04:00.0901 0x0ff0 pcw - ok
12:04:00.0911 0x0ff0 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:04:00.0931 0x0ff0 PEAUTH - ok
12:04:00.0961 0x0ff0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:04:01.0001 0x0ff0 PeerDistSvc - ok
12:04:01.0021 0x0ff0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:04:01.0031 0x0ff0 PerfHost - ok
12:04:01.0061 0x0ff0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:04:01.0111 0x0ff0 pla - ok
12:04:01.0121 0x0ff0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:04:01.0141 0x0ff0 PlugPlay - ok
12:04:01.0141 0x0ff0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:04:01.0151 0x0ff0 PNRPAutoReg - ok
12:04:01.0161 0x0ff0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:04:01.0171 0x0ff0 PNRPsvc - ok
12:04:01.0181 0x0ff0 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:04:01.0181 0x0ff0 Point64 - ok
12:04:01.0201 0x0ff0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:04:01.0231 0x0ff0 PolicyAgent - ok
12:04:01.0241 0x0ff0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:04:01.0261 0x0ff0 Power - ok
12:04:01.0271 0x0ff0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:04:01.0291 0x0ff0 PptpMiniport - ok
12:04:01.0291 0x0ff0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:04:01.0301 0x0ff0 Processor - ok
12:04:01.0311 0x0ff0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:04:01.0321 0x0ff0 ProfSvc - ok
12:04:01.0321 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:04:01.0331 0x0ff0 ProtectedStorage - ok
12:04:01.0341 0x0ff0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:04:01.0361 0x0ff0 Psched - ok
12:04:01.0401 0x0ff0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:04:01.0451 0x0ff0 ql2300 - ok
12:04:01.0451 0x0ff0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:04:01.0461 0x0ff0 ql40xx - ok
12:04:01.0471 0x0ff0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:04:01.0491 0x0ff0 QWAVE - ok
12:04:01.0491 0x0ff0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:04:01.0501 0x0ff0 QWAVEdrv - ok
12:04:01.0501 0x0ff0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:04:01.0531 0x0ff0 RasAcd - ok
12:04:01.0531 0x0ff0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:04:01.0551 0x0ff0 RasAgileVpn - ok
12:04:01.0561 0x0ff0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:04:01.0581 0x0ff0 RasAuto - ok
12:04:01.0591 0x0ff0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:04:01.0611 0x0ff0 Rasl2tp - ok
12:04:01.0621 0x0ff0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:04:01.0651 0x0ff0 RasMan - ok
12:04:01.0651 0x0ff0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:04:01.0681 0x0ff0 RasPppoe - ok
12:04:01.0681 0x0ff0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:04:01.0701 0x0ff0 RasSstp - ok
12:04:01.0711 0x0ff0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:04:01.0741 0x0ff0 rdbss - ok
12:04:01.0751 0x0ff0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:04:01.0761 0x0ff0 rdpbus - ok
12:04:01.0761 0x0ff0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:04:01.0781 0x0ff0 RDPCDD - ok
12:04:01.0791 0x0ff0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:04:01.0801 0x0ff0 RDPDR - ok
12:04:01.0801 0x0ff0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:04:01.0821 0x0ff0 RDPENCDD - ok
12:04:01.0821 0x0ff0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:04:01.0841 0x0ff0 RDPREFMP - ok
12:04:01.0851 0x0ff0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:04:01.0861 0x0ff0 RdpVideoMiniport - ok
12:04:01.0861 0x0ff0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:04:01.0871 0x0ff0 RDPWD - ok
12:04:01.0881 0x0ff0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:04:01.0891 0x0ff0 rdyboost - ok
12:04:01.0901 0x0ff0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:04:01.0921 0x0ff0 RemoteAccess - ok
12:04:01.0931 0x0ff0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:04:01.0951 0x0ff0 RemoteRegistry - ok
12:04:01.0961 0x0ff0 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
12:04:01.0961 0x0ff0 rpcapd - ok
12:04:01.0971 0x0ff0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:04:01.0991 0x0ff0 RpcEptMapper - ok
12:04:01.0991 0x0ff0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:04:02.0001 0x0ff0 RpcLocator - ok
12:04:02.0021 0x0ff0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:04:02.0041 0x0ff0 RpcSs - ok
12:04:02.0051 0x0ff0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:04:02.0071 0x0ff0 rspndr - ok
12:04:02.0081 0x0ff0 [ 2E7D1CA91D62501713C9D6E6704395C6, 823D9D9CC0971732D9121B67C534E30A78C83869594E4CCA91FCC0BE743610EF ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:04:02.0091 0x0ff0 RTHDMIAzAudService - ok
12:04:02.0101 0x0ff0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:04:02.0101 0x0ff0 s3cap - ok
12:04:02.0101 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:04:02.0111 0x0ff0 SamSs - ok
12:04:02.0121 0x0ff0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:04:02.0121 0x0ff0 sbp2port - ok
12:04:02.0131 0x0ff0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:04:02.0161 0x0ff0 SCardSvr - ok
12:04:02.0161 0x0ff0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:04:02.0181 0x0ff0 scfilter - ok
12:04:02.0211 0x0ff0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:04:02.0261 0x0ff0 Schedule - ok
12:04:02.0261 0x0ff0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:04:02.0291 0x0ff0 SCPolicySvc - ok
12:04:02.0291 0x0ff0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:04:02.0311 0x0ff0 SDRSVC - ok
12:04:02.0311 0x0ff0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:04:02.0331 0x0ff0 secdrv - ok
12:04:02.0341 0x0ff0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:04:02.0361 0x0ff0 seclogon - ok
12:04:02.0361 0x0ff0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:04:02.0381 0x0ff0 SENS - ok
12:04:02.0391 0x0ff0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:04:02.0401 0x0ff0 SensrSvc - ok
12:04:02.0401 0x0ff0 [ 052D4299E72FFFCCD9A168ADCDF5C450, 5A0BD695C166BCF57DFE71BAC7E745005A6D575F885E720EA070B791781BAE4B ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
12:04:02.0411 0x0ff0 Ser2pl - ok
12:04:02.0421 0x0ff0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:04:02.0431 0x0ff0 Serenum - ok
12:04:02.0431 0x0ff0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:04:02.0441 0x0ff0 Serial - ok
12:04:02.0441 0x0ff0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:04:02.0451 0x0ff0 sermouse - ok
12:04:02.0461 0x0ff0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:04:02.0521 0x0ff0 SessionEnv - ok
12:04:02.0531 0x0ff0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:04:02.0531 0x0ff0 sffdisk - ok
12:04:02.0541 0x0ff0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:04:02.0551 0x0ff0 sffp_mmc - ok
12:04:02.0551 0x0ff0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:04:02.0561 0x0ff0 sffp_sd - ok
12:04:02.0561 0x0ff0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:04:02.0571 0x0ff0 sfloppy - ok
12:04:02.0581 0x0ff0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:04:02.0611 0x0ff0 SharedAccess - ok
12:04:02.0621 0x0ff0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:04:02.0651 0x0ff0 ShellHWDetection - ok
12:04:02.0651 0x0ff0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:04:02.0661 0x0ff0 SiSRaid2 - ok
12:04:02.0661 0x0ff0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:04:02.0671 0x0ff0 SiSRaid4 - ok
12:04:02.0681 0x0ff0 [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER C:\Windows\Sleen1664.sys
12:04:02.0691 0x0ff0 SLEE_16_DRIVER - ok
12:04:02.0691 0x0ff0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:04:02.0711 0x0ff0 Smb - ok
12:04:02.0721 0x0ff0 [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:04:02.0741 0x0ff0 snapman - ok
12:04:02.0741 0x0ff0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:04:02.0751 0x0ff0 SNMPTRAP - ok
12:04:02.0751 0x0ff0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:04:02.0761 0x0ff0 spldr - ok
12:04:02.0771 0x0ff0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:04:02.0791 0x0ff0 Spooler - ok
12:04:02.0881 0x0ff0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:04:02.0991 0x0ff0 sppsvc - ok
12:04:03.0001 0x0ff0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:04:03.0021 0x0ff0 sppuinotify - ok
12:04:03.0041 0x0ff0 [ 5F242E1A03ACA19044BC55F9C0DA747B, D913BA9C63AFD9AD482681A25FF5E2BC629CDF2CE193EE4B1517CEA2934BAB3B ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
12:04:03.0071 0x0ff0 SpyHunter 4 Service - ok
12:04:03.0081 0x0ff0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:04:03.0101 0x0ff0 srv - ok
12:04:03.0111 0x0ff0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:04:03.0131 0x0ff0 srv2 - ok
12:04:03.0131 0x0ff0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:04:03.0151 0x0ff0 srvnet - ok
12:04:03.0151 0x0ff0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:04:03.0181 0x0ff0 SSDPSRV - ok
12:04:03.0181 0x0ff0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:04:03.0211 0x0ff0 SstpSvc - ok
12:04:03.0211 0x0ff0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:04:03.0221 0x0ff0 stexstor - ok
12:04:03.0221 0x0ff0 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
12:04:03.0231 0x0ff0 StillCam - ok
12:04:03.0241 0x0ff0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:04:03.0271 0x0ff0 stisvc - ok
12:04:03.0271 0x0ff0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:04:03.0281 0x0ff0 storflt - ok
12:04:03.0281 0x0ff0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:04:03.0291 0x0ff0 StorSvc - ok
12:04:03.0291 0x0ff0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:04:03.0301 0x0ff0 storvsc - ok
12:04:03.0301 0x0ff0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:04:03.0311 0x0ff0 swenum - ok
12:04:03.0321 0x0ff0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:04:03.0361 0x0ff0 swprv - ok
12:04:03.0401 0x0ff0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:04:03.0461 0x0ff0 SysMain - ok
12:04:03.0461 0x0ff0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:04:03.0481 0x0ff0 TabletInputService - ok
12:04:03.0481 0x0ff0 [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
12:04:03.0491 0x0ff0 taphss6 - ok
12:04:03.0501 0x0ff0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:04:03.0521 0x0ff0 TapiSrv - ok
12:04:03.0531 0x0ff0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:04:03.0551 0x0ff0 TBS - ok
12:04:03.0591 0x0ff0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:04:03.0631 0x0ff0 Tcpip - ok
12:04:03.0671 0x0ff0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:04:03.0701 0x0ff0 TCPIP6 - ok
12:04:03.0711 0x0ff0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:04:03.0721 0x0ff0 tcpipreg - ok
12:04:03.0721 0x0ff0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:04:03.0731 0x0ff0 TDPIPE - ok
12:04:03.0761 0x0ff0 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
12:04:03.0801 0x0ff0 tdrpman273 - ok
12:04:03.0801 0x0ff0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:04:03.0811 0x0ff0 TDTCP - ok
12:04:03.0811 0x0ff0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:04:03.0821 0x0ff0 tdx - ok
12:04:03.0921 0x0ff0 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:04:04.0011 0x0ff0 TeamViewer9 - ok
12:04:04.0011 0x0ff0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:04:04.0021 0x0ff0 TermDD - ok
12:04:04.0041 0x0ff0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:04:04.0061 0x0ff0 TermService - ok
12:04:04.0061 0x0ff0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:04:04.0071 0x0ff0 Themes - ok
12:04:04.0081 0x0ff0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:04:04.0101 0x0ff0 THREADORDER - ok
12:04:04.0121 0x0ff0 [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
12:04:04.0151 0x0ff0 timounter - ok
12:04:04.0161 0x0ff0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:04:04.0181 0x0ff0 TrkWks - ok
12:04:04.0191 0x0ff0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:04:04.0211 0x0ff0 TrustedInstaller - ok
12:04:04.0211 0x0ff0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:04:04.0221 0x0ff0 tssecsrv - ok
12:04:04.0231 0x0ff0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:04:04.0231 0x0ff0 TsUsbFlt - ok
12:04:04.0241 0x0ff0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:04:04.0241 0x0ff0 TsUsbGD - ok
12:04:04.0251 0x0ff0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:04:04.0271 0x0ff0 tunnel - ok
12:04:04.0281 0x0ff0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:04:04.0281 0x0ff0 uagp35 - ok
12:04:04.0291 0x0ff0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:04:04.0321 0x0ff0 udfs - ok
12:04:04.0351 0x0ff0 ufad-ws60 - ok
12:04:04.0361 0x0ff0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:04:04.0371 0x0ff0 UI0Detect - ok
12:04:04.0371 0x0ff0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:04:04.0381 0x0ff0 uliagpkx - ok
12:04:04.0381 0x0ff0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:04:04.0391 0x0ff0 umbus - ok
12:04:04.0401 0x0ff0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:04:04.0401 0x0ff0 UmPass - ok
12:04:04.0411 0x0ff0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:04:04.0431 0x0ff0 UmRdpService - ok
12:04:04.0491 0x0ff0 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 D:\Program Files\Unlocker\UnlockerDriver5.sys
12:04:04.0501 0x0ff0 UnlockerDriver5 - ok
12:04:04.0561 0x0ff0 [ D87FB12563F65088B1904871D86E5164, 5B8D42EFE897342EF501A93AAF264BDA8C1350C08DFD3EF11FC12016BD4676C2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:04:04.0611 0x0ff0 UNS - ok
12:04:04.0621 0x0ff0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:04:04.0651 0x0ff0 upnphost - ok
12:04:04.0661 0x0ff0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:04:04.0671 0x0ff0 USBAAPL64 - ok
12:04:04.0671 0x0ff0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:04:04.0681 0x0ff0 usbccgp - ok
12:04:04.0691 0x0ff0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:04:04.0701 0x0ff0 usbcir - ok
12:04:04.0701 0x0ff0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:04:04.0711 0x0ff0 usbehci - ok
12:04:04.0721 0x0ff0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:04:04.0731 0x0ff0 usbhub - ok
12:04:04.0741 0x0ff0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:04:04.0741 0x0ff0 usbohci - ok
12:04:04.0751 0x0ff0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:04:04.0761 0x0ff0 usbprint - ok
12:04:04.0761 0x0ff0 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:04:04.0771 0x0ff0 usbscan - ok
12:04:04.0781 0x0ff0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:04:04.0781 0x0ff0 USBSTOR - ok
12:04:04.0791 0x0ff0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:04:04.0801 0x0ff0 usbuhci - ok
12:04:04.0801 0x0ff0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:04:04.0821 0x0ff0 UxSms - ok
12:04:04.0821 0x0ff0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:04:04.0831 0x0ff0 VaultSvc - ok
12:04:04.0841 0x0ff0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:04:04.0841 0x0ff0 vdrvroot - ok
12:04:04.0861 0x0ff0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:04:04.0891 0x0ff0 vds - ok
12:04:04.0901 0x0ff0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:04:04.0901 0x0ff0 vga - ok
12:04:04.0911 0x0ff0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:04:04.0931 0x0ff0 VgaSave - ok
12:04:04.0941 0x0ff0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:04:04.0951 0x0ff0 vhdmp - ok
12:04:04.0961 0x0ff0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:04:04.0961 0x0ff0 viaide - ok
12:04:04.0971 0x0ff0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:04:04.0981 0x0ff0 vmbus - ok
12:04:04.0981 0x0ff0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:04:04.0991 0x0ff0 VMBusHID - ok
12:04:04.0991 0x0ff0 [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
12:04:05.0001 0x0ff0 VMnetAdapter - ok
12:04:05.0001 0x0ff0 [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
12:04:05.0011 0x0ff0 VMnetBridge - ok
12:04:05.0011 0x0ff0 [ 1DC8427979A1646D6B9FAE32F3C4A27A, F410E340CE84531A548ABAE99AA38EE2BAB137F309E92C9955ECB98327902C86 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
12:04:05.0021 0x0ff0 VMnetuserif - ok
12:04:05.0021 0x0ff0 VMware NAT Service - ok
12:04:05.0031 0x0ff0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:04:05.0031 0x0ff0 volmgr - ok
12:04:05.0051 0x0ff0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:04:05.0061 0x0ff0 volmgrx - ok
12:04:05.0071 0x0ff0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:04:05.0081 0x0ff0 volsnap - ok
12:04:05.0091 0x0ff0 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
12:04:05.0101 0x0ff0 vpcbus - ok
12:04:05.0111 0x0ff0 [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
12:04:05.0121 0x0ff0 vpcnfltr - ok
12:04:05.0121 0x0ff0 [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
12:04:05.0131 0x0ff0 vpcusb - ok
12:04:05.0141 0x0ff0 [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
12:04:05.0161 0x0ff0 vpcvmm - ok
12:04:05.0161 0x0ff0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:04:05.0171 0x0ff0 vsmraid - ok
12:04:05.0211 0x0ff0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:04:05.0271 0x0ff0 VSS - ok
12:04:05.0281 0x0ff0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:04:05.0291 0x0ff0 vwifibus - ok
12:04:05.0301 0x0ff0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:04:05.0331 0x0ff0 W32Time - ok
12:04:05.0331 0x0ff0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:04:05.0341 0x0ff0 WacomPen - ok
12:04:05.0351 0x0ff0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:04:05.0371 0x0ff0 WANARP - ok
12:04:05.0371 0x0ff0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:04:05.0391 0x0ff0 Wanarpv6 - ok
12:04:05.0431 0x0ff0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:04:05.0481 0x0ff0 wbengine - ok
12:04:05.0481 0x0ff0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:04:05.0501 0x0ff0 WbioSrvc - ok
12:04:05.0511 0x0ff0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:04:05.0531 0x0ff0 wcncsvc - ok
12:04:05.0541 0x0ff0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:04:05.0551 0x0ff0 WcsPlugInService - ok
12:04:05.0551 0x0ff0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:04:05.0561 0x0ff0 Wd - ok
12:04:05.0581 0x0ff0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:04:05.0601 0x0ff0 Wdf01000 - ok
12:04:05.0611 0x0ff0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:04:05.0641 0x0ff0 WdiServiceHost - ok
12:04:05.0641 0x0ff0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:04:05.0651 0x0ff0 WdiSystemHost - ok
12:04:05.0661 0x0ff0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:04:05.0671 0x0ff0 WebClient - ok
12:04:05.0681 0x0ff0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:04:05.0711 0x0ff0 Wecsvc - ok
12:04:05.0711 0x0ff0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:04:05.0741 0x0ff0 wercplsupport - ok
12:04:05.0741 0x0ff0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:04:05.0771 0x0ff0 WerSvc - ok
12:04:05.0771 0x0ff0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:04:05.0791 0x0ff0 WfpLwf - ok
12:04:05.0791 0x0ff0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:04:05.0801 0x0ff0 WIMMount - ok
12:04:05.0801 0x0ff0 WinDefend - ok
12:04:05.0811 0x0ff0 WinHttpAutoProxySvc - ok
12:04:05.0821 0x0ff0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:04:05.0841 0x0ff0 Winmgmt - ok
12:04:05.0881 0x0ff0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:04:05.0931 0x0ff0 WinRM - ok
12:04:05.0941 0x0ff0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:04:05.0951 0x0ff0 WinUsb - ok
12:04:05.0971 0x0ff0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:04:06.0001 0x0ff0 Wlansvc - ok
12:04:06.0001 0x0ff0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:04:06.0011 0x0ff0 wlcrasvc - ok
12:04:06.0061 0x0ff0 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:04:06.0101 0x0ff0 wlidsvc - ok
12:04:06.0111 0x0ff0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:04:06.0121 0x0ff0 WmiAcpi - ok
12:04:06.0121 0x0ff0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:04:06.0141 0x0ff0 wmiApSrv - ok
12:04:06.0141 0x0ff0 WMPNetworkSvc - ok
12:04:06.0141 0x0ff0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:04:06.0151 0x0ff0 WPCSvc - ok
12:04:06.0161 0x0ff0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:04:06.0181 0x0ff0 WPDBusEnum - ok
12:04:06.0181 0x0ff0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:04:06.0201 0x0ff0 ws2ifsl - ok
12:04:06.0211 0x0ff0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:04:06.0221 0x0ff0 wscsvc - ok
12:04:06.0231 0x0ff0 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:04:06.0231 0x0ff0 WSDPrintDevice - ok
12:04:06.0241 0x0ff0 WSearch - ok
12:04:06.0281 0x0ff0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:04:06.0341 0x0ff0 wuauserv - ok
12:04:06.0351 0x0ff0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:04:06.0361 0x0ff0 WudfPf - ok
12:04:06.0361 0x0ff0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:04:06.0371 0x0ff0 WUDFRd - ok
12:04:06.0381 0x0ff0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:04:06.0391 0x0ff0 wudfsvc - ok
12:04:06.0401 0x0ff0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:04:06.0411 0x0ff0 WwanSvc - ok
12:04:06.0411 0x0ff0 ================ Scan global ===============================
12:04:06.0421 0x0ff0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:04:06.0431 0x0ff0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:04:06.0441 0x0ff0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:04:06.0441 0x0ff0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:04:06.0451 0x0ff0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:04:06.0461 0x0ff0 [ Global ] - ok
12:04:06.0461 0x0ff0 ================ Scan MBR ==================================
12:04:06.0461 0x0ff0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:04:06.0531 0x0ff0 \Device\Harddisk0\DR0 - ok
12:04:06.0551 0x0ff0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:04:06.0601 0x0ff0 \Device\Harddisk1\DR1 - ok
12:04:06.0601 0x0ff0 ================ Scan VBR ==================================
12:04:06.0601 0x0ff0 [ BBD2DA6C3A0F5467D9933265D79A326E ] \Device\Harddisk0\DR0\Partition1
12:04:06.0601 0x0ff0 \Device\Harddisk0\DR0\Partition1 - ok
12:04:06.0601 0x0ff0 [ 60849A2F00EE928639C4965694C334F1 ] \Device\Harddisk1\DR1\Partition1
12:04:06.0641 0x0ff0 \Device\Harddisk1\DR1\Partition1 - ok
12:04:06.0641 0x0ff0 ================ Scan generic autorun ======================
12:04:06.0951 0x0ff0 [ 10E268B0D4AA2ECED79BE1A327A16A61, 460AF4A72F44F2EC3C726353BADA4294BB3736FA1131C83D9AFDCF1F318FD60F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:04:07.0151 0x0ff0 RTHDVCPL - ok
12:04:07.0221 0x0ff0 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:04:07.0261 0x0ff0 IntelliPoint - ok
12:04:07.0271 0x0ff0 [ 0F498556C6BC1EF32D3FE163B6DB8DF9, 2E63AC954E0E2E691DE3C3897ADE013D5B2BC3D7806BC699D87CF513B6B8A79C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
12:04:07.0281 0x0ff0 Acronis Scheduler2 Service - ok
12:04:07.0311 0x0ff0 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
12:04:07.0341 0x0ff0 MSC - ok
12:04:07.0351 0x0ff0 [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:04:07.0351 0x0ff0 NUSB3MON - ok
12:04:07.0361 0x0ff0 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:04:07.0371 0x0ff0 IAStorIcon - ok
12:04:07.0381 0x0ff0 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:04:07.0381 0x0ff0 APSDaemon - ok
12:04:07.0441 0x0ff0 [ C9A1BAB728B27E5C032D5C55C99FFA62, 7EDBD593C7F93D2214B8F1BF209B7F50EE8E4F699B80956D42D02AE551BCB454 ] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
12:04:07.0491 0x0ff0 SAOB Monitor - ok
12:04:07.0661 0x0ff0 [ 01605C995B9F6D948370B9FFE451DF7F, D2F29BB3C3CBEDA92E512423F640959277F8C5C8B0F75EE11B2E6BFD706516DB ] D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
12:04:07.0751 0x0ff0 TrueImageMonitor.exe - ok
12:04:07.0841 0x0ff0 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:04:07.0871 0x0ff0 StartCCC - ok
12:04:07.0901 0x0ff0 [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] D:\Program Files (x86)\iTunes\iTunesHelper.exe
12:04:07.0911 0x0ff0 iTunesHelper - ok
12:04:07.0931 0x0ff0 [ D223F40FE9DBBE7CD3205C16F2E286FF, 2A1B4A8D9ABAFCCEA9FA1325D7524F9DFC70586D745C5F9E2EDF74B2792D51EB ] D:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe
12:04:07.0931 0x0ff0 SAFE2009 HotKeys - detected UnsignedFile.Multi.Generic ( 1 )
12:04:10.0702 0x0ff0 Detect skipped due to KSN trusted
12:04:10.0702 0x0ff0 SAFE2009 HotKeys - ok
12:04:10.0712 0x0ff0 [ 52CD1A752F287B597186C897AB20511B, 809E7B48F13EDA91E84C4332C438C06C15E6B8F940BBF14E82583C94F9B5F0FD ] D:\Program Files (x86)\Steganos Safe 11\fredirstarter.exe
12:04:10.0722 0x0ff0 SAFE2009 File Redirection Starter - detected UnsignedFile.Multi.Generic ( 1 )
12:04:13.0392 0x0ff0 Detect skipped due to KSN trusted
12:04:13.0392 0x0ff0 SAFE2009 File Redirection Starter - ok
12:04:13.0402 0x0ff0 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:04:13.0412 0x0ff0 SunJavaUpdateSched - ok
12:04:13.0432 0x0ff0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:04:13.0472 0x0ff0 Sidebar - ok
12:04:13.0482 0x0ff0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:04:13.0492 0x0ff0 mctadmin - ok
12:04:13.0512 0x0ff0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:04:13.0542 0x0ff0 Sidebar - ok
12:04:13.0542 0x0ff0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:04:13.0552 0x0ff0 mctadmin - ok
12:04:13.0612 0x0ff0 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
12:04:13.0662 0x0ff0 HP Officejet 6500 E710n-z (NET) - ok
12:04:13.0682 0x0ff0 [ 072AF015A49F1AEDE4F7E4B900821D86, 199E2DC2A7B4C5D4A589E28642D5264935FF1935F51A26E9FD0CE9FAF25FEC80 ] C:\Users\Newstyle02\AppData\Local\Temp\TaskingServices.exe
12:04:13.0692 0x0ff0 Audiols - detected UnsignedFile.Multi.Generic ( 1 )
12:04:16.0523 0x0ff0 Audiols ( UnsignedFile.Multi.Generic ) - warning
12:04:19.0283 0x0ff0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:04:19.0283 0x0ff0 Win FW state via NFP2: enabled
12:04:22.0003 0x0ff0 ============================================================
12:04:22.0003 0x0ff0 Scan finished
12:04:22.0003 0x0ff0 ============================================================
12:04:22.0003 0x091c Detected object count: 1
12:04:22.0003 0x091c Actual detected object count: 1
12:05:14.0288 0x091c Audiols ( UnsignedFile.Multi.Generic ) - skipped by user
12:05:14.0288 0x091c Audiols ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 02.01.2015, 11:11   #8
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Dann auf DELETE geklickt und dann kam das heraus:

12:09:17.0058 0x0ed4 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:09:19.0059 0x0ed4 ============================================================
12:09:19.0059 0x0ed4 Current date / time: 2015/01/02 12:09:19.0059
12:09:19.0059 0x0ed4 SystemInfo:
12:09:19.0059 0x0ed4
12:09:19.0059 0x0ed4 OS Version: 6.1.7601 ServicePack: 1.0
12:09:19.0059 0x0ed4 Product type: Workstation
12:09:19.0059 0x0ed4 ComputerName: PC-NEWSTYLE1
12:09:19.0059 0x0ed4 UserName: Newstyle
12:09:19.0059 0x0ed4 Windows directory: C:\Windows
12:09:19.0059 0x0ed4 System windows directory: C:\Windows
12:09:19.0059 0x0ed4 Running under WOW64
12:09:19.0059 0x0ed4 Processor architecture: Intel x64
12:09:19.0059 0x0ed4 Number of processors: 8
12:09:19.0059 0x0ed4 Page size: 0x1000
12:09:19.0059 0x0ed4 Boot type: Normal boot
12:09:19.0059 0x0ed4 ============================================================
12:09:19.0059 0x0ed4 BG loaded
12:09:19.0189 0x0ed4 System UUID: {D4A20A34-24FD-AF19-9937-4144955D52FD}
12:09:19.0539 0x0ed4 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:19.0539 0x0ed4 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:20.0350 0x0ed4 ============================================================
12:09:20.0350 0x0ed4 \Device\Harddisk0\DR0:
12:09:20.0350 0x0ed4 MBR partitions:
12:09:20.0350 0x0ed4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
12:09:20.0350 0x0ed4 \Device\Harddisk1\DR1:
12:09:20.0350 0x0ed4 MBR partitions:
12:09:20.0350 0x0ed4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:09:20.0350 0x0ed4 ============================================================
12:09:20.0350 0x0ed4 C: <-> \Device\Harddisk0\DR0\Partition1
12:09:20.0365 0x0ed4 D: <-> \Device\Harddisk1\DR1\Partition1
12:09:20.0365 0x0ed4 ============================================================
12:09:20.0365 0x0ed4 Initialize success
12:09:20.0365 0x0ed4 ============================================================
12:09:27.0979 0x1578 ============================================================
12:09:27.0979 0x1578 Scan started
12:09:27.0979 0x1578 Mode: Manual; SigCheck; TDLFS;
12:09:27.0979 0x1578 ============================================================
12:09:27.0979 0x1578 KSN ping started
12:09:30.0698 0x1578 KSN ping finished: true
12:09:31.0103 0x1578 ================ Scan system memory ========================
12:09:31.0103 0x1578 System memory - ok
12:09:31.0103 0x1578 ================ Scan services =============================
12:09:31.0135 0x1578 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:09:31.0166 0x1578 1394ohci - ok
12:09:31.0181 0x1578 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:09:31.0197 0x1578 ACPI - ok
12:09:31.0197 0x1578 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:09:31.0213 0x1578 AcpiPmi - ok
12:09:31.0244 0x1578 [ 0786A8818B4AA3C2A6588633EAB11AB1, 73A6E444BF2F64A49637BE40D50A0BE8B494E224D5C95B89D1D0C08960ABFD0A ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:09:31.0259 0x1578 AcrSch2Svc - ok
12:09:31.0259 0x1578 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:09:31.0291 0x1578 AdobeARMservice - ok
12:09:31.0306 0x1578 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:09:31.0322 0x1578 AdobeFlashPlayerUpdateSvc - ok
12:09:31.0337 0x1578 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:09:31.0353 0x1578 adp94xx - ok
12:09:31.0369 0x1578 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:09:31.0384 0x1578 adpahci - ok
12:09:31.0384 0x1578 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:09:31.0400 0x1578 adpu320 - ok
12:09:31.0400 0x1578 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:09:31.0431 0x1578 AeLookupSvc - ok
12:09:31.0431 0x1578 [ 3CB8A6BB25EB8B8D5E56123B52DF9412, 83DEAC0EE384C68A45B6AF059A2850E01CC683E2E1BF0D6D8059E491BBEB2D36 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
12:09:31.0447 0x1578 afcdp - ok
12:09:31.0540 0x1578 [ E6E182BDAAD59CEE0339F0474A558015, 7AF97DA7112215B50E1B202A6FC04BA5CB452C8AECDFDAF6ED573E22BBCAB38C ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:09:31.0603 0x1578 afcdpsrv - ok
12:09:31.0618 0x1578 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:09:31.0634 0x1578 AFD - ok
12:09:31.0649 0x1578 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:09:31.0649 0x1578 agp440 - ok
12:09:31.0649 0x1578 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:09:31.0665 0x1578 ALG - ok
12:09:31.0665 0x1578 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:09:31.0681 0x1578 aliide - ok
12:09:31.0681 0x1578 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:09:31.0696 0x1578 AMD External Events Utility - ok
12:09:31.0696 0x1578 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:09:31.0712 0x1578 amdide - ok
12:09:31.0712 0x1578 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:09:31.0727 0x1578 AmdK8 - ok
12:09:32.0008 0x1578 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:09:32.0180 0x1578 amdkmdag - ok
12:09:32.0211 0x1578 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:09:32.0227 0x1578 amdkmdap - ok
12:09:32.0227 0x1578 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:09:32.0242 0x1578 AmdPPM - ok
12:09:32.0242 0x1578 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:09:32.0258 0x1578 amdsata - ok
12:09:32.0258 0x1578 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:09:32.0273 0x1578 amdsbs - ok
12:09:32.0273 0x1578 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:09:32.0273 0x1578 amdxata - ok
12:09:32.0289 0x1578 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:09:32.0289 0x1578 AppID - ok
12:09:32.0305 0x1578 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:09:32.0305 0x1578 AppIDSvc - ok
12:09:32.0305 0x1578 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:09:32.0320 0x1578 Appinfo - ok
12:09:32.0320 0x1578 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:09:32.0336 0x1578 Apple Mobile Device - ok
12:09:32.0336 0x1578 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:09:32.0351 0x1578 AppMgmt - ok
12:09:32.0351 0x1578 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:09:32.0367 0x1578 arc - ok
12:09:32.0367 0x1578 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:09:32.0383 0x1578 arcsas - ok
12:09:32.0398 0x1578 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:09:32.0414 0x1578 aspnet_state - ok
12:09:32.0414 0x1578 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:09:32.0429 0x1578 AsyncMac - ok
12:09:32.0429 0x1578 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:09:32.0445 0x1578 atapi - ok
12:09:32.0445 0x1578 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:09:32.0461 0x1578 AtiHDAudioService - ok
12:09:32.0476 0x1578 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:09:32.0492 0x1578 AudioEndpointBuilder - ok
12:09:32.0507 0x1578 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:09:32.0523 0x1578 AudioSrv - ok
12:09:32.0523 0x1578 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:09:32.0539 0x1578 AxInstSV - ok
12:09:32.0554 0x1578 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:09:32.0570 0x1578 b06bdrv - ok
12:09:32.0585 0x1578 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:09:32.0601 0x1578 b57nd60a - ok
12:09:32.0601 0x1578 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:09:32.0617 0x1578 BDESVC - ok
12:09:32.0617 0x1578 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:09:32.0648 0x1578 Beep - ok
12:09:32.0663 0x1578 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:09:32.0679 0x1578 BFE - ok
12:09:32.0695 0x1578 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:09:32.0741 0x1578 BITS - ok
12:09:32.0741 0x1578 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:09:32.0757 0x1578 blbdrive - ok
12:09:32.0773 0x1578 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:09:32.0788 0x1578 Bonjour Service - ok
12:09:32.0788 0x1578 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:09:32.0788 0x1578 bowser - ok
12:09:32.0804 0x1578 [ 198FD5F1F7B978F42E84AD0FFE07888D, 7DEDCE165AC47F36DE16BF71D3514AD2CCF51DFC50B5FC1AC4ACB39FB34FD874 ] brfilt C:\Windows\system32\Drivers\Brfilt.sys
12:09:32.0804 0x1578 brfilt - ok
12:09:32.0804 0x1578 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:09:32.0819 0x1578 BrFiltLo - ok
12:09:32.0819 0x1578 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:09:32.0835 0x1578 BrFiltUp - ok
12:09:32.0835 0x1578 brmfrsmg - ok
12:09:32.0835 0x1578 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:09:32.0851 0x1578 Browser - ok
12:09:32.0851 0x1578 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:09:32.0866 0x1578 Brserid - ok
12:09:32.0866 0x1578 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\Drivers\BrSerWdm.sys
12:09:32.0882 0x1578 BrSerWdm - ok
12:09:32.0882 0x1578 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\Drivers\BrUsbMdm.sys
12:09:32.0897 0x1578 BrUsbMdm - ok
12:09:32.0897 0x1578 [ 2E179D13705142EC4F338607AD8A9EAB, AE4384ED0A4ACCD99EAEC3A9C5405316B11839EEB596D42507602146B34A8462 ] BrUsbScn C:\Windows\system32\Drivers\BrUsbScn.sys
12:09:32.0913 0x1578 BrUsbScn - ok
12:09:32.0913 0x1578 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:09:32.0913 0x1578 BrUsbSer - ok
12:09:32.0929 0x1578 BsUDF - ok
12:09:32.0929 0x1578 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:09:32.0944 0x1578 BTHMODEM - ok
12:09:32.0944 0x1578 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:09:32.0960 0x1578 bthserv - ok
12:09:32.0975 0x1578 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:09:32.0991 0x1578 cdfs - ok
12:09:33.0007 0x1578 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:09:33.0007 0x1578 cdrom - ok
12:09:33.0022 0x1578 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:09:33.0038 0x1578 CertPropSvc - ok
12:09:33.0038 0x1578 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:09:33.0053 0x1578 circlass - ok
12:09:33.0069 0x1578 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:09:33.0069 0x1578 CLFS - ok
12:09:33.0085 0x1578 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:09:33.0085 0x1578 clr_optimization_v2.0.50727_32 - ok
12:09:33.0100 0x1578 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:09:33.0100 0x1578 clr_optimization_v2.0.50727_64 - ok
12:09:33.0116 0x1578 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:09:33.0147 0x1578 clr_optimization_v4.0.30319_32 - ok
12:09:33.0147 0x1578 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:09:33.0163 0x1578 clr_optimization_v4.0.30319_64 - ok
12:09:33.0163 0x1578 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:09:33.0178 0x1578 CmBatt - ok
12:09:33.0178 0x1578 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:09:33.0178 0x1578 cmdide - ok
12:09:33.0194 0x1578 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:09:33.0225 0x1578 CNG - ok
12:09:33.0225 0x1578 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:09:33.0225 0x1578 Compbatt - ok
12:09:33.0241 0x1578 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:09:33.0241 0x1578 CompositeBus - ok
12:09:33.0241 0x1578 COMSysApp - ok
12:09:33.0256 0x1578 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:09:33.0256 0x1578 crcdisk - ok
12:09:33.0256 0x1578 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:09:33.0272 0x1578 CryptSvc - ok
12:09:33.0287 0x1578 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:09:33.0303 0x1578 CSC - ok
12:09:33.0319 0x1578 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:09:33.0334 0x1578 CscService - ok
12:09:33.0350 0x1578 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:09:33.0381 0x1578 DcomLaunch - ok
12:09:33.0397 0x1578 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:09:33.0428 0x1578 defragsvc - ok
12:09:33.0428 0x1578 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:09:33.0443 0x1578 DfsC - ok
12:09:33.0459 0x1578 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:09:33.0475 0x1578 Dhcp - ok
12:09:33.0475 0x1578 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:09:33.0490 0x1578 discache - ok
12:09:33.0506 0x1578 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:09:33.0506 0x1578 Disk - ok
12:09:33.0506 0x1578 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:09:33.0521 0x1578 dmvsc - ok
12:09:33.0521 0x1578 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:09:33.0537 0x1578 Dnscache - ok
12:09:33.0537 0x1578 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:09:33.0568 0x1578 dot3svc - ok
12:09:33.0568 0x1578 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:09:33.0599 0x1578 DPS - ok
12:09:33.0599 0x1578 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:09:33.0615 0x1578 drmkaud - ok
12:09:33.0631 0x1578 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:09:33.0646 0x1578 DXGKrnl - ok
12:09:33.0662 0x1578 [ EAFCB4551836FF44EE775CEDDFA7A77E, 5C01EC0EA6B5B04C51F39EA3B22E1A06F47CB88470A667937C56D4A3BCC19309 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
12:09:33.0662 0x1578 e1cexpress - ok
12:09:33.0677 0x1578 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:09:33.0693 0x1578 EapHost - ok
12:09:33.0771 0x1578 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:09:33.0849 0x1578 ebdrv - ok
12:09:33.0865 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:09:33.0865 0x1578 EFS - ok
12:09:33.0896 0x1578 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:09:33.0911 0x1578 ehRecvr - ok
12:09:33.0911 0x1578 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:09:33.0927 0x1578 ehSched - ok
12:09:33.0943 0x1578 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:09:33.0958 0x1578 elxstor - ok
12:09:33.0974 0x1578 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:09:33.0974 0x1578 ErrDev - ok
12:09:33.0974 0x1578 [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
12:09:33.0989 0x1578 EsgScanner - ok
12:09:34.0005 0x1578 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:09:34.0036 0x1578 EventSystem - ok
12:09:34.0036 0x1578 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:09:34.0067 0x1578 exfat - ok
12:09:34.0067 0x1578 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:09:34.0099 0x1578 fastfat - ok
12:09:34.0114 0x1578 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:09:34.0130 0x1578 Fax - ok
12:09:34.0130 0x1578 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:09:34.0145 0x1578 fdc - ok
12:09:34.0145 0x1578 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:09:34.0177 0x1578 fdPHost - ok
12:09:34.0177 0x1578 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:09:34.0192 0x1578 FDResPub - ok
12:09:34.0192 0x1578 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:09:34.0208 0x1578 FileInfo - ok
12:09:34.0208 0x1578 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:09:34.0223 0x1578 Filetrace - ok
12:09:34.0239 0x1578 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:09:34.0239 0x1578 flpydisk - ok
12:09:34.0255 0x1578 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:09:34.0255 0x1578 FltMgr - ok
12:09:34.0286 0x1578 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:09:34.0317 0x1578 FontCache - ok
12:09:34.0317 0x1578 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:09:34.0333 0x1578 FontCache3.0.0.0 - ok
12:09:34.0333 0x1578 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:09:34.0333 0x1578 FsDepends - ok
12:09:34.0333 0x1578 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:09:34.0348 0x1578 fssfltr - ok
12:09:34.0379 0x1578 [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:09:34.0426 0x1578 fsssvc - ok
12:09:34.0426 0x1578 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:09:34.0426 0x1578 Fs_Rec - ok
12:09:34.0442 0x1578 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:09:34.0457 0x1578 fvevol - ok
12:09:34.0457 0x1578 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:09:34.0457 0x1578 gagp30kx - ok
12:09:34.0473 0x1578 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:09:34.0473 0x1578 GEARAspiWDM - ok
12:09:34.0489 0x1578 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:09:34.0520 0x1578 gpsvc - ok
12:09:34.0520 0x1578 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:09:34.0535 0x1578 hcw85cir - ok
12:09:34.0551 0x1578 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:09:34.0567 0x1578 HdAudAddService - ok
12:09:34.0567 0x1578 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:09:34.0582 0x1578 HDAudBus - ok
12:09:34.0582 0x1578 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:09:34.0582 0x1578 HidBatt - ok
12:09:34.0598 0x1578 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:09:34.0613 0x1578 HidBth - ok
12:09:34.0613 0x1578 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:09:34.0613 0x1578 HidIr - ok
12:09:34.0629 0x1578 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:09:34.0645 0x1578 hidserv - ok
12:09:34.0645 0x1578 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:09:34.0660 0x1578 HidUsb - ok
12:09:34.0660 0x1578 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:09:34.0676 0x1578 hkmsvc - ok
12:09:34.0691 0x1578 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:09:34.0707 0x1578 HomeGroupListener - ok
12:09:34.0707 0x1578 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:09:34.0723 0x1578 HomeGroupProvider - ok
12:09:34.0723 0x1578 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:09:34.0723 0x1578 HpSAMD - ok
12:09:34.0738 0x1578 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:09:34.0769 0x1578 HTTP - ok
12:09:34.0785 0x1578 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:09:34.0785 0x1578 hwpolicy - ok
12:09:34.0785 0x1578 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:09:34.0801 0x1578 i8042prt - ok
12:09:34.0816 0x1578 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:09:34.0832 0x1578 iaStor - ok
12:09:34.0832 0x1578 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:09:34.0832 0x1578 IAStorDataMgrSvc - ok
12:09:34.0847 0x1578 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:09:34.0863 0x1578 iaStorV - ok
12:09:34.0894 0x1578 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:09:34.0925 0x1578 idsvc - ok
12:09:34.0925 0x1578 IEEtwCollectorService - ok
12:09:34.0925 0x1578 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:09:34.0925 0x1578 iirsp - ok
12:09:34.0957 0x1578 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:09:34.0972 0x1578 IKEEXT - ok
12:09:34.0988 0x1578 [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64 C:\Windows\system32\Drivers\inpoutx64.sys
12:09:34.0988 0x1578 inpoutx64 - ok
12:09:35.0066 0x1578 [ A5F7CEF8A939EBE270462EDEFD629F20, 889AB15BB3027C3350449776158579C9916F1CCA2B278FEB50E23D599366FDFA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:09:35.0113 0x1578 IntcAzAudAddService - ok
12:09:35.0128 0x1578 [ D7B978F4504D3DA95A21002863D0E7EE, 17B4B4F9334EF874FF7DF30C63D4541142DD0324F842050AC755B170F46C3159 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:09:35.0128 0x1578 Intel(R) PROSet Monitoring Service - ok
12:09:35.0128 0x1578 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:09:35.0144 0x1578 intelide - ok
12:09:35.0144 0x1578 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:09:35.0144 0x1578 intelppm - ok
12:09:35.0159 0x1578 [ E45575812630B049CE0F679D87561A4D, 2645B87960DAA51295530ECF5518E5872B17520293068E7DEA064FEAE3884E87 ] ioatdma1 C:\Windows\System32\Drivers\qd162x64.sys
12:09:35.0159 0x1578 ioatdma1 - ok
12:09:35.0159 0x1578 [ 2C23820DD9E81199E60F553EB50BC449, AF3847AD90A79E9D22DC67F4ED52B1D3FAF7C6420D60F2044C1FB49FD338BB70 ] ioatdma2 C:\Windows\System32\Drivers\qd262x64.sys
12:09:35.0175 0x1578 ioatdma2 - ok
12:09:35.0175 0x1578 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:09:35.0191 0x1578 IPBusEnum - ok
12:09:35.0206 0x1578 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:09:35.0222 0x1578 IpFilterDriver - ok
12:09:35.0237 0x1578 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:09:35.0253 0x1578 iphlpsvc - ok
12:09:35.0269 0x1578 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:09:35.0269 0x1578 IPMIDRV - ok
12:09:35.0269 0x1578 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:09:35.0300 0x1578 IPNAT - ok
12:09:35.0315 0x1578 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:09:35.0331 0x1578 iPod Service - ok
12:09:35.0331 0x1578 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:09:35.0347 0x1578 IRENUM - ok
12:09:35.0347 0x1578 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:09:35.0362 0x1578 isapnp - ok
12:09:35.0362 0x1578 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:09:35.0378 0x1578 iScsiPrt - ok
12:09:35.0378 0x1578 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:09:35.0393 0x1578 kbdclass - ok
12:09:35.0393 0x1578 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:09:35.0393 0x1578 kbdhid - ok
12:09:35.0409 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:09:35.0409 0x1578 KeyIso - ok
12:09:35.0409 0x1578 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:09:35.0425 0x1578 KSecDD - ok
12:09:35.0425 0x1578 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:09:35.0440 0x1578 KSecPkg - ok
12:09:35.0440 0x1578 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:09:35.0456 0x1578 ksthunk - ok
12:09:35.0471 0x1578 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:09:35.0503 0x1578 KtmRm - ok
12:09:35.0503 0x1578 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:09:35.0534 0x1578 LanmanServer - ok
12:09:35.0534 0x1578 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:09:35.0565 0x1578 LanmanWorkstation - ok
12:09:35.0565 0x1578 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:09:35.0581 0x1578 lltdio - ok
12:09:35.0596 0x1578 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:09:35.0627 0x1578 lltdsvc - ok
12:09:35.0627 0x1578 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:09:35.0643 0x1578 lmhosts - ok
12:09:35.0659 0x1578 [ 5456DE5A8E11EDBD68BF19C70B0A8F58, 49CD27A3AE33D98FDD30CD28B6F29F165FF305D64ADABA624786E66662D82C87 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:09:35.0674 0x1578 LMS - ok
12:09:35.0674 0x1578 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:09:35.0690 0x1578 LSI_FC - ok
12:09:35.0690 0x1578 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:09:35.0690 0x1578 LSI_SAS - ok
12:09:35.0705 0x1578 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:09:35.0705 0x1578 LSI_SAS2 - ok
12:09:35.0721 0x1578 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:09:35.0721 0x1578 LSI_SCSI - ok
12:09:35.0721 0x1578 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:09:35.0752 0x1578 luafv - ok
12:09:35.0752 0x1578 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:09:35.0768 0x1578 Mcx2Svc - ok
12:09:35.0768 0x1578 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:09:35.0783 0x1578 megasas - ok
12:09:35.0783 0x1578 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:09:35.0799 0x1578 MegaSR - ok
12:09:35.0799 0x1578 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:09:35.0815 0x1578 MEIx64 - ok
12:09:35.0815 0x1578 [ 8D0E52F36A153D099DE7D5A1E233FAC7, 8E908122262C54E166F2E4D0B5C91EEC94E1B231B221B0841CDD932DD8B1B782 ] mf C:\Windows\system32\DRIVERS\mf.sys
12:09:35.0830 0x1578 mf - ok
12:09:35.0830 0x1578 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:09:35.0846 0x1578 MMCSS - ok
12:09:35.0861 0x1578 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:09:35.0877 0x1578 Modem - ok
12:09:35.0877 0x1578 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:09:35.0893 0x1578 monitor - ok
12:09:35.0893 0x1578 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:09:35.0908 0x1578 mouclass - ok
12:09:35.0908 0x1578 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:09:35.0908 0x1578 mouhid - ok
12:09:35.0908 0x1578 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:09:35.0924 0x1578 mountmgr - ok
12:09:35.0924 0x1578 [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:09:35.0939 0x1578 MozillaMaintenance - ok
12:09:35.0939 0x1578 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:09:35.0955 0x1578 MpFilter - ok
12:09:35.0971 0x1578 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:09:35.0971 0x1578 mpio - ok
12:09:35.0971 0x1578 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:09:36.0002 0x1578 mpsdrv - ok
12:09:36.0017 0x1578 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:09:36.0049 0x1578 MpsSvc - ok
12:09:36.0049 0x1578 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:09:36.0064 0x1578 MRxDAV - ok
12:09:36.0064 0x1578 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:09:36.0080 0x1578 mrxsmb - ok
12:09:36.0095 0x1578 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:09:36.0095 0x1578 mrxsmb10 - ok
12:09:36.0111 0x1578 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:09:36.0111 0x1578 mrxsmb20 - ok
12:09:36.0111 0x1578 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:09:36.0127 0x1578 msahci - ok
12:09:36.0127 0x1578 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:09:36.0142 0x1578 msdsm - ok
12:09:36.0142 0x1578 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:09:36.0158 0x1578 MSDTC - ok
12:09:36.0158 0x1578 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:09:36.0173 0x1578 Msfs - ok
12:09:36.0189 0x1578 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:09:36.0205 0x1578 mshidkmdf - ok
12:09:36.0205 0x1578 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:09:36.0220 0x1578 msisadrv - ok
12:09:36.0220 0x1578 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:09:36.0251 0x1578 MSiSCSI - ok
12:09:36.0251 0x1578 msiserver - ok
12:09:36.0251 0x1578 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:09:36.0267 0x1578 MSKSSRV - ok
12:09:36.0283 0x1578 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:09:36.0595 0x1578 MsMpSvc - ok
12:09:36.0595 0x1578 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:09:36.0610 0x1578 MSPCLOCK - ok
12:09:36.0610 0x1578 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:09:36.0641 0x1578 MSPQM - ok
12:09:36.0641 0x1578 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:09:36.0657 0x1578 MsRPC - ok
12:09:36.0657 0x1578 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:09:36.0673 0x1578 mssmbios - ok
12:09:36.0673 0x1578 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:09:36.0688 0x1578 MSTEE - ok
12:09:36.0704 0x1578 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:09:36.0704 0x1578 MTConfig - ok
12:09:36.0704 0x1578 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:09:36.0719 0x1578 Mup - ok
12:09:36.0735 0x1578 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:09:36.0766 0x1578 napagent - ok
12:09:36.0766 0x1578 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:09:36.0782 0x1578 NativeWifiP - ok
12:09:36.0813 0x1578 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:09:36.0829 0x1578 NDIS - ok
12:09:36.0829 0x1578 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:09:36.0860 0x1578 NdisCap - ok
12:09:36.0860 0x1578 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:09:36.0875 0x1578 NdisTapi - ok
12:09:36.0891 0x1578 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:09:36.0907 0x1578 Ndisuio - ok
12:09:36.0907 0x1578 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:09:36.0938 0x1578 NdisWan - ok
12:09:36.0938 0x1578 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:09:36.0969 0x1578 NDProxy - ok
12:09:36.0969 0x1578 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
12:09:36.0969 0x1578 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
12:09:39.0668 0x1578 Detect skipped due to KSN trusted
12:09:39.0668 0x1578 Netaapl - ok
12:09:39.0683 0x1578 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:09:39.0699 0x1578 NetBIOS - ok
12:09:39.0699 0x1578 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:09:39.0730 0x1578 NetBT - ok
12:09:39.0730 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:09:39.0746 0x1578 Netlogon - ok
12:09:39.0746 0x1578 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:09:39.0777 0x1578 Netman - ok
12:09:39.0777 0x1578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:39.0793 0x1578 NetMsmqActivator - ok
12:09:39.0808 0x1578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:39.0808 0x1578 NetPipeActivator - ok
12:09:39.0824 0x1578 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:09:39.0855 0x1578 netprofm - ok
12:09:39.0855 0x1578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:39.0871 0x1578 NetTcpActivator - ok
12:09:39.0871 0x1578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:39.0871 0x1578 NetTcpPortSharing - ok
12:09:39.0886 0x1578 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:09:39.0886 0x1578 nfrd960 - ok
12:09:39.0886 0x1578 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:09:39.0902 0x1578 NisDrv - ok
12:09:39.0917 0x1578 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:09:39.0917 0x1578 NisSrv - ok
12:09:39.0933 0x1578 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:09:39.0949 0x1578 NlaSvc - ok
12:09:39.0949 0x1578 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
12:09:39.0964 0x1578 NPF - ok
12:09:39.0964 0x1578 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:09:39.0980 0x1578 Npfs - ok
12:09:39.0995 0x1578 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:09:40.0011 0x1578 nsi - ok
12:09:40.0011 0x1578 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:09:40.0042 0x1578 nsiproxy - ok
12:09:40.0089 0x1578 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:09:40.0136 0x1578 Ntfs - ok
12:09:40.0136 0x1578 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:09:40.0151 0x1578 Null - ok
12:09:40.0167 0x1578 [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:09:40.0167 0x1578 nusb3hub - ok
12:09:40.0167 0x1578 [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:09:40.0183 0x1578 nusb3xhc - ok
12:09:40.0198 0x1578 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:09:40.0198 0x1578 nvraid - ok
12:09:40.0214 0x1578 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:09:40.0214 0x1578 nvstor - ok
12:09:40.0229 0x1578 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:09:40.0229 0x1578 nv_agp - ok
12:09:40.0229 0x1578 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:09:40.0245 0x1578 ohci1394 - ok
12:09:40.0245 0x1578 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:09:40.0261 0x1578 ose - ok
12:09:40.0370 0x1578 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:09:40.0495 0x1578 osppsvc - ok
12:09:40.0510 0x1578 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:09:40.0526 0x1578 p2pimsvc - ok
12:09:40.0541 0x1578 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:09:40.0557 0x1578 p2psvc - ok
12:09:40.0557 0x1578 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:09:40.0573 0x1578 Parport - ok
12:09:40.0573 0x1578 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:09:40.0588 0x1578 partmgr - ok
12:09:40.0588 0x1578 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:09:40.0604 0x1578 PcaSvc - ok
12:09:40.0604 0x1578 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:09:40.0619 0x1578 pci - ok
12:09:40.0619 0x1578 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:09:40.0619 0x1578 pciide - ok
12:09:40.0635 0x1578 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:09:40.0651 0x1578 pcmcia - ok
12:09:40.0651 0x1578 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:09:40.0651 0x1578 pcw - ok
12:09:40.0666 0x1578 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:09:40.0682 0x1578 PEAUTH - ok
12:09:40.0729 0x1578 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:09:40.0760 0x1578 PeerDistSvc - ok
12:09:40.0791 0x1578 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:09:40.0807 0x1578 PerfHost - ok
12:09:40.0838 0x1578 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:09:40.0885 0x1578 pla - ok
12:09:40.0900 0x1578 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:09:40.0947 0x1578 PlugPlay - ok
12:09:40.0947 0x1578 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:09:40.0963 0x1578 PNRPAutoReg - ok
12:09:40.0978 0x1578 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:09:40.0978 0x1578 PNRPsvc - ok
12:09:40.0994 0x1578 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:09:40.0994 0x1578 Point64 - ok
12:09:41.0009 0x1578 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:09:41.0041 0x1578 PolicyAgent - ok
12:09:41.0041 0x1578 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:09:41.0072 0x1578 Power - ok
12:09:41.0072 0x1578 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:09:41.0087 0x1578 PptpMiniport - ok
12:09:41.0103 0x1578 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:09:41.0103 0x1578 Processor - ok
12:09:41.0119 0x1578 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:09:41.0134 0x1578 ProfSvc - ok
12:09:41.0134 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:09:41.0134 0x1578 ProtectedStorage - ok
12:09:41.0150 0x1578 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:09:41.0165 0x1578 Psched - ok
12:09:41.0212 0x1578 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:09:41.0243 0x1578 ql2300 - ok
12:09:41.0259 0x1578 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:09:41.0275 0x1578 ql40xx - ok
12:09:41.0275 0x1578 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:09:41.0290 0x1578 QWAVE - ok
12:09:41.0290 0x1578 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:09:41.0306 0x1578 QWAVEdrv - ok
12:09:41.0306 0x1578 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:09:41.0337 0x1578 RasAcd - ok
12:09:41.0337 0x1578 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:09:41.0353 0x1578 RasAgileVpn - ok
12:09:41.0368 0x1578 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:09:41.0384 0x1578 RasAuto - ok
12:09:41.0384 0x1578 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:09:41.0415 0x1578 Rasl2tp - ok
12:09:41.0415 0x1578 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:09:41.0446 0x1578 RasMan - ok
12:09:41.0446 0x1578 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:09:41.0477 0x1578 RasPppoe - ok
12:09:41.0477 0x1578 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:09:41.0509 0x1578 RasSstp - ok
12:09:41.0509 0x1578 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:09:41.0540 0x1578 rdbss - ok
12:09:41.0540 0x1578 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:09:41.0555 0x1578 rdpbus - ok
12:09:41.0555 0x1578 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:09:41.0571 0x1578 RDPCDD - ok
12:09:41.0587 0x1578 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:09:41.0587 0x1578 RDPDR - ok
12:09:41.0587 0x1578 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:09:41.0618 0x1578 RDPENCDD - ok
12:09:41.0618 0x1578 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:09:41.0633 0x1578 RDPREFMP - ok
12:09:41.0649 0x1578 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:09:41.0649 0x1578 RdpVideoMiniport - ok
12:09:41.0665 0x1578 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:09:41.0665 0x1578 RDPWD - ok
12:09:41.0680 0x1578 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:09:41.0680 0x1578 rdyboost - ok
12:09:41.0696 0x1578 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:09:41.0711 0x1578 RemoteAccess - ok
12:09:41.0727 0x1578 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:09:41.0743 0x1578 RemoteRegistry - ok
12:09:41.0758 0x1578 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
12:09:41.0774 0x1578 rpcapd - ok
12:09:41.0789 0x1578 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:09:41.0805 0x1578 RpcEptMapper - ok
12:09:41.0805 0x1578 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:09:41.0821 0x1578 RpcLocator - ok
12:09:41.0836 0x1578 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:09:41.0867 0x1578 RpcSs - ok
12:09:41.0867 0x1578 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:09:41.0883 0x1578 rspndr - ok
12:09:41.0899 0x1578 [ 2E7D1CA91D62501713C9D6E6704395C6, 823D9D9CC0971732D9121B67C534E30A78C83869594E4CCA91FCC0BE743610EF ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:09:41.0914 0x1578 RTHDMIAzAudService - ok
12:09:41.0914 0x1578 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:09:41.0914 0x1578 s3cap - ok
12:09:41.0930 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:09:41.0930 0x1578 SamSs - ok
12:09:41.0930 0x1578 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:09:41.0945 0x1578 sbp2port - ok
12:09:41.0945 0x1578 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:09:41.0977 0x1578 SCardSvr - ok
12:09:41.0977 0x1578 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:09:42.0008 0x1578 scfilter - ok
12:09:42.0023 0x1578 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:09:42.0070 0x1578 Schedule - ok
12:09:42.0070 0x1578 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:09:42.0101 0x1578 SCPolicySvc - ok
12:09:42.0101 0x1578 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:09:42.0117 0x1578 SDRSVC - ok
12:09:42.0117 0x1578 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:09:42.0133 0x1578 secdrv - ok
12:09:42.0148 0x1578 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:09:42.0164 0x1578 seclogon - ok
12:09:42.0164 0x1578 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:09:42.0195 0x1578 SENS - ok
12:09:42.0195 0x1578 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:09:42.0211 0x1578 SensrSvc - ok
12:09:42.0211 0x1578 [ 052D4299E72FFFCCD9A168ADCDF5C450, 5A0BD695C166BCF57DFE71BAC7E745005A6D575F885E720EA070B791781BAE4B ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
12:09:42.0226 0x1578 Ser2pl - ok
12:09:42.0226 0x1578 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:09:42.0226 0x1578 Serenum - ok
12:09:42.0242 0x1578 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:09:42.0242 0x1578 Serial - ok
12:09:42.0257 0x1578 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:09:42.0257 0x1578 sermouse - ok
12:09:42.0273 0x1578 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:09:42.0289 0x1578 SessionEnv - ok
12:09:42.0289 0x1578 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:09:42.0304 0x1578 sffdisk - ok
12:09:42.0304 0x1578 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:09:42.0320 0x1578 sffp_mmc - ok
12:09:42.0320 0x1578 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:09:42.0320 0x1578 sffp_sd - ok
12:09:42.0335 0x1578 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:09:42.0335 0x1578 sfloppy - ok
12:09:42.0351 0x1578 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:09:42.0382 0x1578 SharedAccess - ok
12:09:42.0382 0x1578 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:09:42.0413 0x1578 ShellHWDetection - ok
12:09:42.0413 0x1578 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:09:42.0429 0x1578 SiSRaid2 - ok
12:09:42.0429 0x1578 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:09:42.0445 0x1578 SiSRaid4 - ok
12:09:42.0445 0x1578 [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER C:\Windows\Sleen1664.sys
12:09:42.0460 0x1578 SLEE_16_DRIVER - ok
12:09:42.0460 0x1578 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:09:42.0491 0x1578 Smb - ok
12:09:42.0491 0x1578 [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:09:42.0507 0x1578 snapman - ok
12:09:42.0507 0x1578 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:09:42.0523 0x1578 SNMPTRAP - ok
12:09:42.0523 0x1578 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:09:42.0523 0x1578 spldr - ok
12:09:42.0538 0x1578 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:09:42.0554 0x1578 Spooler - ok
12:09:42.0647 0x1578 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:09:42.0757 0x1578 sppsvc - ok
12:09:42.0757 0x1578 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:09:42.0788 0x1578 sppuinotify - ok
12:09:42.0803 0x1578 [ 5F242E1A03ACA19044BC55F9C0DA747B, D913BA9C63AFD9AD482681A25FF5E2BC629CDF2CE193EE4B1517CEA2934BAB3B ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
12:09:42.0850 0x1578 SpyHunter 4 Service - ok
12:09:42.0866 0x1578 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:09:42.0881 0x1578 srv - ok
12:09:42.0897 0x1578 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:09:42.0913 0x1578 srv2 - ok
12:09:42.0913 0x1578 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:09:42.0928 0x1578 srvnet - ok
12:09:42.0928 0x1578 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:09:42.0959 0x1578 SSDPSRV - ok
12:09:42.0959 0x1578 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:09:42.0975 0x1578 SstpSvc - ok
12:09:42.0975 0x1578 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:09:42.0991 0x1578 stexstor - ok
12:09:42.0991 0x1578 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
12:09:43.0006 0x1578 StillCam - ok
12:09:43.0022 0x1578 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:09:43.0037 0x1578 stisvc - ok
12:09:43.0037 0x1578 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:09:43.0053 0x1578 storflt - ok
12:09:43.0053 0x1578 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:09:43.0053 0x1578 StorSvc - ok
12:09:43.0069 0x1578 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:09:43.0069 0x1578 storvsc - ok
12:09:43.0069 0x1578 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:09:43.0084 0x1578 swenum - ok
12:09:43.0084 0x1578 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:09:43.0131 0x1578 swprv - ok
12:09:43.0178 0x1578 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:09:43.0225 0x1578 SysMain - ok
12:09:43.0240 0x1578 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:09:43.0240 0x1578 TabletInputService - ok
12:09:43.0256 0x1578 [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
12:09:43.0256 0x1578 taphss6 - ok
12:09:43.0271 0x1578 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:09:43.0287 0x1578 TapiSrv - ok
12:09:43.0303 0x1578 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:09:43.0318 0x1578 TBS - ok
12:09:43.0349 0x1578 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:09:43.0396 0x1578 Tcpip - ok
12:09:43.0427 0x1578 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:09:43.0474 0x1578 TCPIP6 - ok
12:09:43.0474 0x1578 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:09:43.0490 0x1578 tcpipreg - ok
12:09:43.0490 0x1578 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:09:43.0490 0x1578 TDPIPE - ok
12:09:43.0521 0x1578 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
12:09:43.0568 0x1578 tdrpman273 - ok
12:09:43.0568 0x1578 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:09:43.0568 0x1578 TDTCP - ok
12:09:43.0583 0x1578 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:09:43.0583 0x1578 tdx - ok
12:09:43.0693 0x1578 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:09:43.0911 0x1578 TeamViewer9 - ok
12:09:43.0927 0x1578 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:09:43.0927 0x1578 TermDD - ok
12:09:43.0942 0x1578 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:09:43.0958 0x1578 TermService - ok
12:09:43.0973 0x1578 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:09:43.0973 0x1578 Themes - ok
12:09:43.0973 0x1578 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:09:44.0005 0x1578 THREADORDER - ok
12:09:44.0036 0x1578 [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
12:09:44.0051 0x1578 timounter - ok
12:09:44.0067 0x1578 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:09:44.0083 0x1578 TrkWks - ok
12:09:44.0098 0x1578 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:09:44.0114 0x1578 TrustedInstaller - ok
12:09:44.0114 0x1578 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:09:44.0129 0x1578 tssecsrv - ok
12:09:44.0129 0x1578 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:09:44.0145 0x1578 TsUsbFlt - ok
12:09:44.0145 0x1578 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:09:44.0145 0x1578 TsUsbGD - ok
12:09:44.0161 0x1578 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:09:44.0176 0x1578 tunnel - ok
12:09:44.0176 0x1578 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:09:44.0192 0x1578 uagp35 - ok
12:09:44.0192 0x1578 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:09:44.0223 0x1578 udfs - ok
12:09:44.0254 0x1578 ufad-ws60 - ok
12:09:44.0270 0x1578 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:09:44.0270 0x1578 UI0Detect - ok
12:09:44.0270 0x1578 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:09:44.0285 0x1578 uliagpkx - ok
12:09:44.0285 0x1578 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:09:44.0301 0x1578 umbus - ok
12:09:44.0301 0x1578 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:09:44.0301 0x1578 UmPass - ok
12:09:44.0317 0x1578 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:09:44.0332 0x1578 UmRdpService - ok
12:09:44.0379 0x1578 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 D:\Program Files\Unlocker\UnlockerDriver5.sys
12:09:44.0379 0x1578 UnlockerDriver5 - ok
12:09:44.0441 0x1578 [ D87FB12563F65088B1904871D86E5164, 5B8D42EFE897342EF501A93AAF264BDA8C1350C08DFD3EF11FC12016BD4676C2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:09:44.0519 0x1578 UNS - ok
12:09:44.0519 0x1578 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:09:44.0551 0x1578 upnphost - ok
12:09:44.0551 0x1578 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:09:44.0566 0x1578 USBAAPL64 - ok
12:09:44.0566 0x1578 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:09:44.0582 0x1578 usbccgp - ok
12:09:44.0582 0x1578 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:09:44.0597 0x1578 usbcir - ok
12:09:44.0597 0x1578 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:09:44.0613 0x1578 usbehci - ok
12:09:44.0613 0x1578 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:09:44.0629 0x1578 usbhub - ok
12:09:44.0629 0x1578 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:09:44.0644 0x1578 usbohci - ok
12:09:44.0644 0x1578 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:09:44.0660 0x1578 usbprint - ok
12:09:44.0660 0x1578 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:09:44.0675 0x1578 usbscan - ok
12:09:44.0675 0x1578 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:09:44.0675 0x1578 USBSTOR - ok
12:09:44.0691 0x1578 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:09:44.0691 0x1578 usbuhci - ok
12:09:44.0691 0x1578 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:09:44.0722 0x1578 UxSms - ok
12:09:44.0722 0x1578 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:09:44.0722 0x1578 VaultSvc - ok
12:09:44.0738 0x1578 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:09:44.0738 0x1578 vdrvroot - ok
12:09:44.0753 0x1578 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:09:44.0785 0x1578 vds - ok
12:09:44.0785 0x1578 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:09:44.0800 0x1578 vga - ok
12:09:44.0800 0x1578 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:09:44.0831 0x1578 VgaSave - ok
12:09:44.0831 0x1578 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:09:44.0847 0x1578 vhdmp - ok
12:09:44.0847 0x1578 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:09:44.0847 0x1578 viaide - ok
12:09:44.0863 0x1578 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:09:44.0878 0x1578 vmbus - ok
12:09:44.0878 0x1578 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:09:44.0878 0x1578 VMBusHID - ok
12:09:44.0894 0x1578 [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
12:09:44.0894 0x1578 VMnetAdapter - ok
12:09:44.0894 0x1578 [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
12:09:44.0894 0x1578 VMnetBridge - ok
12:09:44.0909 0x1578 [ 1DC8427979A1646D6B9FAE32F3C4A27A, F410E340CE84531A548ABAE99AA38EE2BAB137F309E92C9955ECB98327902C86 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
12:09:44.0909 0x1578 VMnetuserif - ok
12:09:44.0909 0x1578 VMware NAT Service - ok
12:09:44.0909 0x1578 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:09:44.0925 0x1578 volmgr - ok
12:09:44.0941 0x1578 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:09:44.0956 0x1578 volmgrx - ok
12:09:44.0956 0x1578 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:09:44.0972 0x1578 volsnap - ok
12:09:44.0987 0x1578 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
12:09:44.0987 0x1578 vpcbus - ok
12:09:45.0003 0x1578 [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
12:09:45.0003 0x1578 vpcnfltr - ok
12:09:45.0003 0x1578 [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
12:09:45.0019 0x1578 vpcusb - ok
12:09:45.0034 0x1578 [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
12:09:45.0050 0x1578 vpcvmm - ok
12:09:45.0050 0x1578 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:09:45.0065 0x1578 vsmraid - ok
12:09:45.0097 0x1578 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:09:45.0159 0x1578 VSS - ok
12:09:45.0159 0x1578 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:09:45.0175 0x1578 vwifibus - ok
12:09:45.0190 0x1578 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:09:45.0221 0x1578 W32Time - ok
12:09:45.0221 0x1578 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:09:45.0221 0x1578 WacomPen - ok
12:09:45.0237 0x1578 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:09:45.0253 0x1578 WANARP - ok
12:09:45.0253 0x1578 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:09:45.0284 0x1578 Wanarpv6 - ok
12:09:45.0315 0x1578 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:09:45.0362 0x1578 wbengine - ok
12:09:45.0362 0x1578 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:09:45.0377 0x1578 WbioSrvc - ok
12:09:45.0393 0x1578 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:09:45.0409 0x1578 wcncsvc - ok
12:09:45.0424 0x1578 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:09:45.0424 0x1578 WcsPlugInService - ok
12:09:45.0424 0x1578 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:09:45.0440 0x1578 Wd - ok
12:09:45.0455 0x1578 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:09:45.0487 0x1578 Wdf01000 - ok
12:09:45.0487 0x1578 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:09:45.0502 0x1578 WdiServiceHost - ok
12:09:45.0502 0x1578 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:09:45.0518 0x1578 WdiSystemHost - ok
12:09:45.0518 0x1578 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:09:45.0533 0x1578 WebClient - ok
12:09:45.0549 0x1578 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:09:45.0580 0x1578 Wecsvc - ok
12:09:45.0580 0x1578 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:09:45.0596 0x1578 wercplsupport - ok
12:09:45.0611 0x1578 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:09:45.0627 0x1578 WerSvc - ok
12:09:45.0627 0x1578 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:09:45.0658 0x1578 WfpLwf - ok
12:09:45.0658 0x1578 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:09:45.0658 0x1578 WIMMount - ok
12:09:45.0658 0x1578 WinDefend - ok
12:09:45.0674 0x1578 WinHttpAutoProxySvc - ok
12:09:45.0674 0x1578 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:09:45.0705 0x1578 Winmgmt - ok
12:09:45.0752 0x1578 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:09:45.0783 0x1578 WinRM - ok
12:09:45.0799 0x1578 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:09:45.0814 0x1578 WinUsb - ok
12:09:45.0830 0x1578 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:09:45.0861 0x1578 Wlansvc - ok
12:09:45.0861 0x1578 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:09:45.0861 0x1578 wlcrasvc - ok
12:09:45.0923 0x1578 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:09:45.0970 0x1578 wlidsvc - ok
12:09:45.0970 0x1578 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:09:46.0001 0x1578 WmiAcpi - ok
12:09:46.0001 0x1578 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:09:46.0017 0x1578 wmiApSrv - ok
12:09:46.0017 0x1578 WMPNetworkSvc - ok
12:09:46.0017 0x1578 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:09:46.0033 0x1578 WPCSvc - ok
12:09:46.0033 0x1578 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:09:46.0048 0x1578 WPDBusEnum - ok
12:09:46.0048 0x1578 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:09:46.0064 0x1578 ws2ifsl - ok
12:09:46.0079 0x1578 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:09:46.0095 0x1578 wscsvc - ok
12:09:46.0095 0x1578 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:09:46.0095 0x1578 WSDPrintDevice - ok
12:09:46.0111 0x1578 WSearch - ok
12:09:46.0157 0x1578 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:09:46.0204 0x1578 wuauserv - ok
12:09:46.0204 0x1578 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:09:46.0220 0x1578 WudfPf - ok
12:09:46.0220 0x1578 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:09:46.0235 0x1578 WUDFRd - ok
12:09:46.0235 0x1578 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:09:46.0251 0x1578 wudfsvc - ok
12:09:46.0251 0x1578 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:09:46.0267 0x1578 WwanSvc - ok
12:09:46.0267 0x1578 ================ Scan global ===============================
12:09:46.0282 0x1578 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:09:46.0282 0x1578 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:09:46.0298 0x1578 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:09:46.0298 0x1578 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:09:46.0313 0x1578 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:09:46.0313 0x1578 [ Global ] - ok
12:09:46.0313 0x1578 ================ Scan MBR ==================================
12:09:46.0313 0x1578 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:09:46.0469 0x1578 \Device\Harddisk0\DR0 - ok
12:09:46.0485 0x1578 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:09:46.0532 0x1578 \Device\Harddisk1\DR1 - ok
12:09:46.0532 0x1578 ================ Scan VBR ==================================
12:09:46.0532 0x1578 [ BBD2DA6C3A0F5467D9933265D79A326E ] \Device\Harddisk0\DR0\Partition1
12:09:46.0532 0x1578 \Device\Harddisk0\DR0\Partition1 - ok
12:09:46.0547 0x1578 [ 60849A2F00EE928639C4965694C334F1 ] \Device\Harddisk1\DR1\Partition1
12:09:46.0579 0x1578 \Device\Harddisk1\DR1\Partition1 - ok
12:09:46.0579 0x1578 ================ Scan generic autorun ======================
12:09:46.0891 0x1578 [ 10E268B0D4AA2ECED79BE1A327A16A61, 460AF4A72F44F2EC3C726353BADA4294BB3736FA1131C83D9AFDCF1F318FD60F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:09:47.0093 0x1578 RTHDVCPL - ok
12:09:47.0156 0x1578 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:09:47.0203 0x1578 IntelliPoint - ok
12:09:47.0203 0x1578 [ 0F498556C6BC1EF32D3FE163B6DB8DF9, 2E63AC954E0E2E691DE3C3897ADE013D5B2BC3D7806BC699D87CF513B6B8A79C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
12:09:47.0218 0x1578 Acronis Scheduler2 Service - ok
12:09:47.0249 0x1578 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
12:09:47.0281 0x1578 MSC - ok
12:09:47.0281 0x1578 [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:09:47.0296 0x1578 NUSB3MON - ok
12:09:47.0296 0x1578 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:09:47.0312 0x1578 IAStorIcon - ok
12:09:47.0312 0x1578 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:09:47.0312 0x1578 APSDaemon - ok
12:09:47.0374 0x1578 [ C9A1BAB728B27E5C032D5C55C99FFA62, 7EDBD593C7F93D2214B8F1BF209B7F50EE8E4F699B80956D42D02AE551BCB454 ] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
12:09:47.0421 0x1578 SAOB Monitor - ok
12:09:47.0967 0x1578 [ 01605C995B9F6D948370B9FFE451DF7F, D2F29BB3C3CBEDA92E512423F640959277F8C5C8B0F75EE11B2E6BFD706516DB ] D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
12:09:48.0061 0x1578 TrueImageMonitor.exe - ok
12:09:48.0263 0x1578 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:09:48.0295 0x1578 StartCCC - ok
12:09:48.0341 0x1578 [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] D:\Program Files (x86)\iTunes\iTunesHelper.exe
12:09:48.0341 0x1578 iTunesHelper - ok
12:09:48.0373 0x1578 [ D223F40FE9DBBE7CD3205C16F2E286FF, 2A1B4A8D9ABAFCCEA9FA1325D7524F9DFC70586D745C5F9E2EDF74B2792D51EB ] D:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe
12:09:48.0388 0x1578 SAFE2009 HotKeys - detected UnsignedFile.Multi.Generic ( 1 )
12:09:51.0196 0x1578 Detect skipped due to KSN trusted
12:09:51.0196 0x1578 SAFE2009 HotKeys - ok
12:09:51.0227 0x1578 [ 52CD1A752F287B597186C897AB20511B, 809E7B48F13EDA91E84C4332C438C06C15E6B8F940BBF14E82583C94F9B5F0FD ] D:\Program Files (x86)\Steganos Safe 11\fredirstarter.exe
12:09:51.0227 0x1578 SAFE2009 File Redirection Starter - detected UnsignedFile.Multi.Generic ( 1 )
12:09:54.0145 0x1578 Detect skipped due to KSN trusted
12:09:54.0145 0x1578 SAFE2009 File Redirection Starter - ok
12:09:54.0145 0x1578 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:09:54.0160 0x1578 SunJavaUpdateSched - ok
12:09:54.0176 0x1578 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:09:54.0207 0x1578 Sidebar - ok
12:09:54.0207 0x1578 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:09:54.0223 0x1578 mctadmin - ok
12:09:54.0254 0x1578 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:09:54.0269 0x1578 Sidebar - ok
12:09:54.0285 0x1578 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:09:54.0285 0x1578 mctadmin - ok
12:09:54.0347 0x1578 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
12:09:54.0394 0x1578 HP Officejet 6500 E710n-z (NET) - ok
12:09:54.0425 0x1578 Audiols - ok
12:09:54.0425 0x1578 Waiting for KSN requests completion. In queue: 6
12:09:55.0439 0x1578 Waiting for KSN requests completion. In queue: 6
12:09:56.0453 0x1578 Waiting for KSN requests completion. In queue: 6
12:09:57.0467 0x1578 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:09:57.0483 0x1578 Win FW state via NFP2: enabled
12:10:00.0260 0x1578 ============================================================
12:10:00.0260 0x1578 Scan finished
12:10:00.0260 0x1578 ============================================================
12:10:00.0260 0x156c Detected object count: 0
12:10:00.0260 0x156c Actual detected object count: 0

Alt 02.01.2015, 12:58   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.01.2015, 21:30   #10
Neuling1
 
Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Code:
ATTFilter
ComboFix 15-01-02.01 - Newstyle 02.01.2015  22:20:04.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8169.4909 [GMT 1:00]
ausgeführt von:: c:\users\Newstyle02\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
c:\users\Newstyle02\4.0
c:\users\Newstyle02\AppData\Local\pcc.exe
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-02 bis 2015-01-02  ))))))))))))))))))))))))))))))
.
.
2015-01-02 16:28 . 2015-01-02 16:28	--------	d-----w-	c:\programdata\Sony
2015-01-02 16:28 . 2015-01-02 16:28	--------	d-----w-	c:\program files (x86)\Sony
2015-01-02 15:42 . 2015-01-02 15:42	--------	d-----w-	c:\program files\iPod
2015-01-02 15:42 . 2015-01-02 15:42	--------	d-----w-	c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-02 15:42 . 2015-01-02 15:42	--------	d-----w-	c:\program files\iTunes
2015-01-02 11:08 . 2015-01-02 11:08	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-01-02 10:35 . 2015-01-02 11:24	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-02 10:08 . 2014-12-02 10:26	11870360	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E62D5707-D68A-4B55-B99E-560648CAEFD3}\mpengine.dll
2015-01-01 02:26 . 2014-09-17 01:30	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A26B411-1F5B-4E50-8620-F510479071B0}\gapaengine.dll
2015-01-01 02:26 . 2014-12-02 10:26	11870360	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-18 02:37 . 2014-12-13 05:09	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-18 02:37 . 2014-12-13 03:33	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-10 02:19 . 2014-12-10 02:19	--------	d-----w-	c:\windows\system32\appraiser
2014-12-10 02:01 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-10 02:01 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-10 01:33 . 2014-12-04 02:50	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-10 01:33 . 2014-12-04 02:50	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-10 01:33 . 2014-12-04 02:44	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-10 01:33 . 2014-12-01 23:28	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-12-10 01:33 . 2014-12-04 02:50	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-10 01:33 . 2014-12-04 02:50	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-10 01:33 . 2014-12-04 02:50	227328	----a-w-	c:\windows\system32\aepdu.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-02 11:12 . 2014-08-27 09:57	135384	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-02 11:12 . 2014-08-27 09:56	96472	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-02 10:03 . 2012-04-13 08:01	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-02 10:03 . 2011-10-09 17:35	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 02:02 . 2011-09-29 13:03	112710672	----a-w-	c:\windows\system32\MRT.exe
2014-11-19 03:31 . 2014-11-19 03:31	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2014-11-11 03:08 . 2014-11-19 02:25	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 02:25	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 02:25	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 02:25	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-10-30 11:25 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-25 01:57 . 2014-11-12 12:31	77824	----a-w-	c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 12:31	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 12:31	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 12:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 12:32	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 12:32	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 12:31	3241984	----a-w-	c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 12:32	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 12:32	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 12:32	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 12:32	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 12:31	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 12:32	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 12:32	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 12:32	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 12:31	3198976	----a-w-	c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 6500 E710n-z (NET)"="c:\program files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"SAOB Monitor"="c:\program files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-09-02 2570688]
"TrueImageMonitor.exe"="d:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-09-08 5514296]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SAFE2009 HotKeys"="d:\program files (x86)\Steganos Safe 11\SteganosHotKeyService.exe" [2009-08-04 25088]
"SAFE2009 File Redirection Starter"="d:\program files (x86)\Steganos Safe 11\fredirstarter.exe" [2009-08-04 54272]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
c:\users\Newstyle02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6500 E710n-z\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN18T330VJ05JW;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
"PDFPrint"=d:\program files (x86)\PDF24\pdf24.exe
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 BsUDF;BsUDF; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 brfilt;Brother MFC-Filtertreiber;c:\windows\system32\Drivers\Brfilt.sys;c:\windows\SYSNATIVE\Drivers\Brfilt.sys [x]
R3 BrUsbScn;Brother MFC-Scannertreiber (USB);c:\windows\system32\Drivers\BrUsbScn.sys;c:\windows\SYSNATIVE\Drivers\BrUsbScn.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 SLEE_16_DRIVER;Steganos Live Encryption Engine 16 [Driver];c:\windows\Sleen1664.sys;c:\windows\Sleen1664.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 brmfrsmg;Brother Resource manager service;c:\windows\system32\BrmfRsmg.exe;c:\windows\SYSNATIVE\BrmfRsmg.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 inpoutx64;inpoutx64;c:\windows\system32\Drivers\inpoutx64.sys;c:\windows\SYSNATIVE\Drivers\inpoutx64.sys [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 10:03]
.
2015-01-02 c:\windows\Tasks\GlaryInitialize.job
- d:\program files (x86)\Glary Utilities\initialize.exe [2011-12-16 08:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-09-08 391296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.newstyle-import.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{094F77C6-5177-4823-9C72-A0ECF0D909BD}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{8D1FC954-D210-4B3C-8860-A7050ADC6076}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{ED77E88F-0309-433A-B95D-5B6AC2B66530}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Newstyle02\AppData\Roaming\Mozilla\Firefox\Profiles\y6v1s8ai.default-1387191695781\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\Newstyle02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 7.lnk - c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe
SafeBoot-02758509.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-Locked - (no file)
AddRemove-Adobe Photoshop 6.0 - c:\windows\ISUN0407.EXE
AddRemove-Adobe SVG Viewer - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-02  22:27:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-02 21:27
.
Vor Suchlauf: 382.119.936 Bytes frei
Nach Suchlauf: 812.724.224 Bytes frei
.
- - End Of File - - 830CE55FAF52903B27DBB0729288AA87
         
Danke für die Antworten. Ich dachte der PC wäre schon bereinigt gewesen, weil er nichts mehr angezeigt hat.

Alt 03.01.2015, 10:47   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Backdoor:Win32/poison.E - Standard

Backdoor:Win32/poison.E



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Backdoor:Win32/poison.E
aufsetzen, backdoor, bedrohung, computer, dauerhaft, entferne, entfernen, erklären, essen, folge, folgendes, frage, guter, logfiles, malwarebytes, microsoft, neustart, programme, programmen, quarantäne, scan, scanne, schutz, security, warum, win



Ähnliche Themen: Backdoor:Win32/poison.E


  1. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  2. Exploit.Script.Generic, Exploit.JS.Pdfka.gfa, Backdoor.Win32.ZAccess.ypw, Backdoor.Win32.ZAccess.yqi, Trojan.Win32.Miner.dw und weitere
    Log-Analyse und Auswertung - 02.10.2012 (7)
  3. Backdoor.Win32.ZAccess.mbg und Trojan.Win32.Small.bmph
    Log-Analyse und Auswertung - 10.07.2012 (28)
  4. Backdoor:Win32/Cbot.B - Trojan:Win32/FakeSysdef
    Log-Analyse und Auswertung - 04.05.2011 (32)
  5. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  6. Backdoor:Win32/IRCbot.gen!M und Win32/Oficla.V
    Plagegeister aller Art und deren Bekämpfung - 27.10.2010 (1)
  7. Backdoor via Antivir entdeckt: BDS.Poison.ifn
    Log-Analyse und Auswertung - 31.05.2010 (19)
  8. verseuchte .exe ausgeführt (poison.backdoor)
    Log-Analyse und Auswertung - 10.03.2010 (5)
  9. BDS/Poison.awur
    Plagegeister aller Art und deren Bekämpfung - 07.12.2009 (0)
  10. Backdoor.Win32.Poison.ajns
    Plagegeister aller Art und deren Bekämpfung - 28.07.2009 (1)
  11. Backdoor.Win32.Rbot!IK und Win32.SuspectCrc!IK 1
    Plagegeister aller Art und deren Bekämpfung - 14.07.2009 (4)
  12. Backdoor.Win32.Agent.tpi und Packed.Win32.Black.a
    Plagegeister aller Art und deren Bekämpfung - 07.12.2008 (4)
  13. eventuell noch trojaner? Trojan-PSW.Win32.Delf.cqp, Backdoor.Win32.Poison.jmo
    Log-Analyse und Auswertung - 21.11.2008 (0)
  14. BDS/Poison.ktr
    Plagegeister aller Art und deren Bekämpfung - 19.10.2008 (20)
  15. BDS/Poison.ktr
    Mülltonne - 09.10.2008 (0)
  16. Poison Ivy befallen
    Mülltonne - 17.07.2008 (1)
  17. Trojan.Win32.Sphinx.a+Backdoor.Win32.agent.zq+HJT-log
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)

Zum Thema Backdoor:Win32/poison.E - Hallo, ich habe folgendes Problem. Ich scanne meinen PC mit den beiden Programmen: Malwarebytes und Microsoft Security Essentials. Es zeigt jedesmal an, dass ich diese Bedrohung habe: Backdoor:Win32/poison.E Ich setze - Backdoor:Win32/poison.E...
Archiv
Du betrachtest: Backdoor:Win32/poison.E auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.