Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Sparkasse Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.09.2014, 16:19   #1
DonBifteki
 
Sparkasse Trojaner - Standard

Sparkasse Trojaner



Hallo,
ich habe einen Rechner auf dem möglicherweise (oder recht sicher) ein Trojaner der Gattung Sparkasse drauf ist. Er gaukelte beim letzten Login eine falsche Überweisung vor, die bitte wieder zurücküberwiesen werden soll.

Die Sparkasse hat den Account gesperrt. Jetzt gehts daran den PC zu bereinigen.

Könnt Ihr mir hierbei helfen?

Vielen Dank!

Gruß,
DonBifteki

Alt 26.09.2014, 16:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Sparkasse Trojaner - Standard

Sparkasse Trojaner



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 26.09.2014, 16:31   #3
DonBifteki
 
Sparkasse Trojaner - Standard

Sparkasse Trojaner




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by c.schollenberger (administrator) on PC03 on 26-09-2014 16:30:18
Running from C:\Users\c.schollenberger\Desktop
Loaded Profile: c.schollenberger (Available profiles: AD-Admin & c.schollenberger & Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent GP\winagent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\lnssatt.exe
(AVM Berlin) C:\ken\kencli.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\Essentials\WseClientMonitorSvc.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\Essentials\EssentialsTrayApp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(AVM Berlin) C:\ken\kentbcli.exe
(Managed Antivirus) C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Loco-Soft Vertriebs GmbH) \\SRV01\LOCO\loco\locosoft.exe
(Loco-Soft Vertriebs GmbH) \\SRV01\LOCO\loco\locostrg.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EssentialsTrayApp] => C:\Windows\System32\Essentials\EssentialsTrayApp.exe [302592 2013-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KEN Taskbar Client] => c:\ken\kentbcli.exe [279864 2009-06-03] (AVM Berlin)
HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMTray.exe [3232152 2013-05-28] (Managed Antivirus)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=192.9.230.12:3128;https=192.9.230.12:3128;ftp=192.9.230.12:3128;socks=192.9.230.12:1080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x830D369BB5A1CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\..\Interfaces\{70395CA9-54D7-49B7-AC66-DB1F2499F0E8}: [NameServer] 192.9.230.10

FireFox:
========
FF ProfilePath: C:\Users\c.schollenberger\AppData\Roaming\Mozilla\Firefox\Profiles\29xttaqb.default
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\c.schollenberger\AppData\Roaming\Mozilla\Firefox\Profiles\29xttaqb.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-25]

Chrome: 
=======
CHR HomePage: Default -> 144D92C926C88B56591975566F87316C8ADF8B760ADE2F63A2850DCDF9C7B84D
CHR DefaultSearchKeyword: Default -> C56FD18543D44F0FEC03967DF61E72394B22D0EDD7546F1D101E09B8E263A7B1
CHR DefaultSearchProvider: Default -> 377679A279AA5A4D4081690EE9BB68A1A531D04D5FCC76390ED05D097C42BF20
CHR DefaultSearchURL: Default -> B34324190B3D800469EBE6E2BDEAD9A6CC8ACB4931B3AE1B77CB23362658B2D4
CHR Profile: C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google-Suche) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Kaspersky Protection) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-25]
CHR Extension: (Google Wallet) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Google Mail) - C:\Users\c.schollenberger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent GP\winagent.exe [8331264 2014-06-09] (Remote Monitoring) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 KEN Client Service; c:\ken\KENCLI.EXE [173368 2009-06-03] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 SBAMSvc; C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMSvc.exe [3681016 2013-05-28] (ThreatTrack Security, Inc.)
S3 ServiceProviderRegistry; C:\Windows\System32\Essentials\ProviderRegistryService.exe [34816 2013-08-22] (Microsoft Corporation)
S3 WseClientMgmtSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)
R3 WseClientMonitorSvc; C:\Windows\System32\Essentials\WseClientMonitorSvc.exe [39936 2013-08-22] (Microsoft Corporation)
S3 WseHealthSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)
S3 WseNtfSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2014-06-24] (GFI Software)
R3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-25] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-22] (Intel Corporation)
S3 MSICDSetup; \??\F:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 16:30 - 2014-09-26 16:30 - 00018404 _____ () C:\Users\c.schollenberger\Desktop\FRST.txt
2014-09-26 16:26 - 2014-09-26 16:05 - 02108928 _____ (Farbar) C:\Users\c.schollenberger\Desktop\FRST64.exe
2014-09-26 16:16 - 2014-09-26 16:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-26 16:13 - 2014-09-26 16:13 - 02347384 _____ (ESET) C:\Users\c.schollenberger\Downloads\esetsmartinstaller_deu.exe
2014-09-26 16:12 - 2014-09-26 16:15 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-26 16:11 - 2014-09-26 16:15 - 00000000 ____D () C:\Users\c.schollenberger\Desktop\mbar
2014-09-26 16:11 - 2014-09-26 16:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\c.schollenberger\Downloads\mbar-1.07.0.1012.exe
2014-09-26 16:05 - 2014-09-26 16:30 - 00000000 ____D () C:\FRST
2014-09-26 16:05 - 2014-09-26 16:06 - 00042320 _____ () C:\Users\c.schollenberger\Downloads\Addition.txt
2014-09-26 16:05 - 2014-09-26 16:06 - 00035712 _____ () C:\Users\c.schollenberger\Downloads\FRST.txt
2014-09-26 16:04 - 2014-09-26 16:05 - 02108928 _____ (Farbar) C:\Users\c.schollenberger\Downloads\FRST64.exe
2014-09-26 15:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-26 15:53 - 2014-09-26 15:59 - 00000000 ____D () C:\AdwCleaner
2014-09-26 15:53 - 2014-09-26 15:53 - 01373475 _____ () C:\Users\c.schollenberger\Downloads\AdwCleaner_3.310.exe
2014-09-26 15:52 - 2014-09-26 16:11 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-26 15:52 - 2014-09-26 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-26 15:52 - 2014-09-26 15:52 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-26 15:52 - 2014-09-26 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-26 15:52 - 2014-09-26 15:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-26 15:52 - 2014-09-26 15:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-26 15:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-26 15:52 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-26 15:51 - 2014-09-26 15:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\c.schollenberger\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-25 18:39 - 2014-09-25 18:39 - 00000004 ____H () C:\ProgramData\cm-lock
2014-09-25 18:38 - 2014-09-25 18:38 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-25 18:38 - 2014-09-25 18:38 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Roaming\Mozilla
2014-09-25 18:38 - 2014-09-25 18:38 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Local\Mozilla
2014-09-25 18:37 - 2014-09-25 18:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 18:37 - 2014-09-25 18:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-25 18:37 - 2014-09-25 18:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 18:35 - 2014-09-26 15:40 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 18:35 - 2014-09-25 18:43 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 18:35 - 2014-09-25 18:35 - 00004126 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-25 18:35 - 2014-09-25 18:35 - 00003874 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-25 18:35 - 2014-09-25 18:35 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 18:35 - 2014-09-25 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 18:30 - 2014-09-25 18:30 - 41402448 _____ (Google Inc.) C:\Users\c.schollenberger\Downloads\ChromeStandaloneSetup_37.0.2062.124.exe
2014-09-25 18:18 - 2014-09-25 18:18 - 00001196 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-25 18:18 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-25 18:17 - 2014-09-25 18:22 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-25 18:17 - 2014-09-25 18:22 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-25 18:17 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-25 18:16 - 2014-09-25 18:16 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Local\Deployment
2014-09-25 18:16 - 2014-09-25 18:16 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Local\Apps\2.0
2014-09-25 18:13 - 2014-09-25 18:16 - 176562784 _____ () C:\Users\c.schollenberger\Downloads\kis15.0.0.463de_6506.exe
2014-09-24 10:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 10:11 - 2014-09-23 10:11 - 00000000 ____D () C:\Windows\Sun
2014-09-23 10:04 - 2014-09-23 10:04 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-23 10:04 - 2014-09-23 10:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-23 10:04 - 2014-09-23 10:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-23 10:04 - 2014-09-23 10:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-23 10:04 - 2014-09-23 10:04 - 00000000 ____D () C:\ProgramData\Sun
2014-09-23 10:04 - 2014-09-23 10:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-23 10:04 - 2014-09-23 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-23 10:04 - 2014-09-23 10:04 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-11 03:07 - 2014-08-15 17:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:07 - 2014-08-15 17:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-11 03:07 - 2014-08-15 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:07 - 2014-08-15 17:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-11 03:07 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:07 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-11 03:07 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:07 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:07 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-11 03:06 - 2014-08-15 17:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:06 - 2014-08-15 17:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:06 - 2014-08-15 17:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:06 - 2014-08-15 17:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:06 - 2014-08-15 17:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:06 - 2014-08-15 17:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 03:06 - 2014-08-15 17:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:06 - 2014-08-15 17:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:06 - 2014-08-15 17:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:06 - 2014-08-15 17:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:06 - 2014-08-15 17:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-11 03:06 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:06 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:06 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:06 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:06 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:06 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 03:06 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:06 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:06 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:06 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-11 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 08:20 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 08:20 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 08:20 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 08:20 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:20 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:20 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:20 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:20 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:20 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 08:20 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 08:20 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-29 03:15 - 2014-08-29 03:15 - 00001190 _____ () C:\Windows\SysWOW64\ServiceConfig.xml
2014-08-28 05:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 05:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 05:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 16:27 - 2014-07-17 13:56 - 00000000 ____D () C:\Users\c.schollenberger\Documents\Outlook-Dateien
2014-09-26 16:02 - 2014-07-21 15:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-26 15:58 - 2014-07-25 20:00 - 00000000 ____D () C:\Program Files (x86)\Advanced Monitoring Agent GP
2014-09-26 15:04 - 2014-07-17 13:38 - 00000152 _____ () C:\Windows\system32\config\netlogon.ftl
2014-09-26 14:38 - 2014-07-17 12:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-26 08:43 - 2009-07-14 06:51 - 00030845 _____ () C:\Windows\setupact.log
2014-09-26 06:05 - 2014-07-25 20:15 - 00000000 ____D () C:\Windows\Patches
2014-09-26 06:05 - 2014-07-16 09:08 - 01713301 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 18:46 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 18:46 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 18:43 - 2014-07-17 01:03 - 00702372 _____ () C:\Windows\system32\perfh007.dat
2014-09-25 18:43 - 2014-07-17 01:03 - 00150012 _____ () C:\Windows\system32\perfc007.dat
2014-09-25 18:43 - 2009-07-14 07:13 - 01626952 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 18:39 - 2014-07-21 15:20 - 00000000 ____D () C:\Program Files\Google
2014-09-25 18:39 - 2014-07-16 12:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-25 18:39 - 2010-11-21 05:47 - 00039758 _____ () C:\Windows\PFRO.log
2014-09-25 18:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 18:36 - 2014-07-21 12:22 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Local\CrashDumps
2014-09-25 18:35 - 2014-07-17 13:51 - 00000000 ____D () C:\Users\c.schollenberger\AppData\Local\Google
2014-09-24 06:02 - 2014-07-21 15:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 06:02 - 2014-07-21 15:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 06:02 - 2014-07-21 15:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 10:02 - 2014-07-16 12:32 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-23 10:01 - 2014-07-21 15:20 - 00000000 ____D () C:\ProgramData\Google
2014-09-17 13:12 - 2014-07-18 10:21 - 00000000 ____D () C:\FBA32
2014-09-17 12:41 - 2014-07-18 10:21 - 00000802 _____ () C:\Windows\FBAReg.ini
2014-09-17 12:27 - 2014-07-16 12:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 09:07 - 2014-07-25 20:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9 Host.lnk
2014-09-11 07:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2014-09-11 03:06 - 2014-07-17 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:06 - 2014-07-16 09:55 - 01600496 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:06 - 2014-07-16 09:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:00 - 2014-07-16 11:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 03:00 - 2014-07-16 09:38 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-29 03:15 - 2009-07-14 06:45 - 00350320 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 00:47

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by c.schollenberger at 2014-09-26 16:05:44
Running from C:\Users\c.schollenberger\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Managed Antivirus Managed Antivirus (Enabled - Up to date) {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Managed Antivirus Managed Antivirus (Enabled - Up to date) {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Monitoring Agent GP (HKCU\...\Advanced Monitoring Agent GP) (Version: 1.0.0 - Remote Monitoring Services)
Advanced Monitoring Agent GP (x32 Version: 1.0 - InstallAware Software Corporation) Hidden
Advanced Monitoring Agent GP (x32 Version: 1.0.0 - Remote Monitoring Services) Hidden
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{3C378793-5288-0165-FCA4-D319D5E4A490}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AVM KEN! (HKLM-x32\...\AVM KEN!) (Version:  - )
Brother MFL-Pro Suite DCP-7045N (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CodeMeter Runtime Kit Reduced v5.10c (HKLM\...\{69144DAA-8182-4FA6-B4B5-0146C58BFC29}) (Version: 5.10.1241.503 - WIBU-SYSTEMS AG)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Ford Bank Aktuell (HKLM-x32\...\{500B0DAC-BCC9-442E-A74E-3AA76BC7E80D}) (Version: 1.000 - FCE Bank plc)
Ford Bank Aktuell Server (HKLM-x32\...\{B755A1AC-0578-4332-9A55-89FC514A6BBB}) (Version: 1.000 - FCE Bank Plc.)
GFI LanGuard 11 Agent (x32 Version: 11.0.2012.0717 - GFI Software Ltd) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Managed Antivirus (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 6.2.5528 - GFI Software)
Managed Antivirus (x32 Version: 6.2.5528 - GFI Software) Hidden
MC light (HKLM-x32\...\MC light) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
TeamViewer 9 Host (HKLM-x32\...\TeamViewer 9 Host) (Version: 9.0.32494 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-09-2014 22:00:00 Geplanter Prüfpunkt
23-09-2014 08:01:45 Removed Java(TM) 6 Update 45 (64-bit)
23-09-2014 08:04:37 Installed Java 7 Update 67
25-09-2014 01:00:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05E0E7B9-673C-4625-9238-6AAF35616F29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-25] (Google Inc.)
Task: {19749AF9-BAD1-4FF4-963C-F235D7C7110D} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Health Definition Update => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: {401B2C59-5650-4950-88C6-13A06846FAC6} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: {41993B59-4D36-44D8-AA7F-27233767F704} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Alert Evaluations => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: {54467C34-DAAE-4127-AAD5-2BB7306D3144} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Add-in Management => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: {8A480D8A-060D-41A6-AB22-17D841328C36} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\VPN Routes Repair => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: {C71018E6-BA23-46ED-B039-FB7808F7C347} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {CBBF1F89-68AE-403E-955E-892B688D3723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-25] (Google Inc.)
Task: {DCCE9010-0E1A-45CF-8F1E-51A01AA2458C} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\RDP Group Configuration => C:\Windows\System32\Essentials\RunTask.exe [2013-08-22] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2012-07-17 17:20 - 2012-07-17 17:20 - 00305520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\apistrings.dll
2012-07-17 17:24 - 2012-07-17 17:24 - 00159600 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\modlop.dll
2012-07-23 14:32 - 2012-07-23 14:32 - 00099184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\httpserverattplugin.dll
2013-05-23 16:05 - 2013-05-23 16:05 - 02021240 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\crmimodule.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00208752 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\patchautodownload.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-07-17 16:37 - 2014-07-17 16:37 - 00422000 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\remediationattplugin.dll
2013-01-21 14:05 - 2013-01-21 14:05 - 00183672 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\scanmngsys.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00049520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\schedcompactdb.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00054640 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\schedupdates.dll
2014-07-25 21:13 - 2014-06-20 06:08 - 00192376 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\Definitions\libBase64.dll
2014-07-25 21:13 - 2014-06-20 06:08 - 00180088 _____ () C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\Definitions\libMachoUniv.dll
2014-07-17 14:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-09-25 18:35 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 18:35 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 18:35 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 18:35 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 18:35 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Admin (S-1-5-21-3149638142-3949571830-2565295863-1000 - Enabled - Status: OK) => C:\Users\Admin
Administrator (S-1-5-21-3149638142-3949571830-2565295863-500 - Disabled - Status: Degraded)
Gast (S-1-5-21-3149638142-3949571830-2565295863-501 - Disabled - Status: Degraded)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2014 00:08:19 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {272a1ddd-c070-476e-9dd6-8cb6ae9079e3}

Error: (09/25/2014 06:39:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 06:39:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ec68
ID des fehlerhaften Prozesses: 0x4c0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3

Error: (09/25/2014 06:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0x2618
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:36:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0x29f4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:35:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0x28c0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0x1e5c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:08:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0x1db0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:08:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0xb24
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/25/2014 06:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04000380
ID des fehlerhaften Prozesses: 0xde8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3


System errors:
=============
Error: (09/25/2014 06:40:34 PM) (Source: SMSvcHost 4.0.0.0) (EventID: 8) (User: NT-AUTORITÄT)
Description: Fehler beim Verteilen eines duplizierten Sockets: Dieses Handle geht jetzt im Prozess verloren.

ID: 3644

Quelle: System.ServiceModel.Activation.TcpWorkerProcess/39086322

Ausnahme: System.ServiceModel.ServiceActivationException: Fehler beim Duplizieren eines Sockets. Weitere Informationen finden Sie in der inneren Ausnahme. ---> System.Net.Sockets.SocketException: Ein ungültiges Argument wurde angegeben
   bei System.Net.Sockets.Socket.DuplicateAndClose(Int32 targetProcessId)
   bei System.ServiceModel.Channels.SocketConnection.DuplicateAndClose(Int32 targetProcessId)
   bei System.ServiceModel.Activation.TcpWorkerProcess.DuplicateConnection(ListenerSessionConnection session)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   bei System.ServiceModel.Activation.WorkerProcess.EndDispatchSession(IAsyncResult result)
 
Prozessname: SMSvcHost

Prozess-ID: 1900

Error: (09/25/2014 06:39:18 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (09/25/2014 06:39:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (09/25/2014 06:39:14 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne SCHOLLENBERGER aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (09/25/2014 06:14:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2014 11:59:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 51. Der interne Fehlerstatus lautet: 900.

Error: (09/11/2014 03:24:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (09/11/2014 03:24:41 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne SCHOLLENBERGER aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (09/02/2014 09:47:22 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 51. Der interne Fehlerstatus lautet: 900.

Error: (08/29/2014 03:20:27 AM) (Source: SMSvcHost 4.0.0.0) (EventID: 8) (User: NT-AUTORITÄT)
Description: Fehler beim Verteilen eines duplizierten Sockets: Dieses Handle geht jetzt im Prozess verloren.

ID: 1200

Quelle: System.ServiceModel.Activation.TcpWorkerProcess/39086322

Ausnahme: System.ServiceModel.ServiceActivationException: Fehler beim Duplizieren eines Sockets. Weitere Informationen finden Sie in der inneren Ausnahme. ---> System.Net.Sockets.SocketException: Ein ungültiges Argument wurde angegeben
   bei System.Net.Sockets.Socket.DuplicateAndClose(Int32 targetProcessId)
   bei System.ServiceModel.Channels.SocketConnection.DuplicateAndClose(Int32 targetProcessId)
   bei System.ServiceModel.Activation.TcpWorkerProcess.DuplicateConnection(ListenerSessionConnection session)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   bei System.ServiceModel.Activation.WorkerProcess.EndDispatchSession(IAsyncResult result)
 
Prozessname: SMSvcHost

Prozess-ID: 1756


Microsoft Office Sessions:
=========================
Error: (09/26/2014 00:08:19 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {272a1ddd-c070-476e-9dd6-8cb6ae9079e3}

Error: (09/25/2014 06:39:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 06:39:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000000ec684c001cfd8df3da27030C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe7d960ce7-44d2-11e4-b4aa-f8bc127ab14e

Error: (09/25/2014 06:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c000000504000380261801cfd8ded5b6ab8dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown17b1dfad-44d2-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:36:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c00000050400038029f401cfd8ded565f37dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown13880c1d-44d2-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:35:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c00000050400038028c001cfd8dec1dae63dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown00ba827d-44d2-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c0000005040003801e5c01cfd8dc37f2676dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown766d4e6d-44cf-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:08:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c0000005040003801db001cfd8daf4e460adC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown397f6cfd-44ce-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:08:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c000000504000380b2401cfd8daef3106edC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown329f530d-44ce-11e4-b4bf-f8bc127ab14e

Error: (09/25/2014 06:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868unknown0.0.0.000000000c000000504000380de801cfd8daee89f17dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown2d6c9afd-44ce-11e4-b4bf-f8bc127ab14e


CodeIntegrity Errors:
===================================
  Date: 2014-09-26 00:35:29.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-26 00:35:29.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-26 00:35:29.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-26 00:35:29.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-26 00:35:29.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-26 00:35:29.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-22 00:32:59.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-22 00:32:59.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-22 00:32:59.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-22 00:32:55.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8144.77 MB
Available physical RAM: 5580.18 MB
Total Pagefile: 16287.72 MB
Available Pagefile: 13070.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:60.68 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.47 GB) (Free:924.13 GB) NTFS
Drive m: (DATA) (Network) (Total:1640.16 GB) (Free:1136.05 GB) NTFS
Drive r: (DATA) (Network) (Total:1640.16 GB) (Free:1136.05 GB) NTFS
Drive x: (DATA) (Network) (Total:1640.16 GB) (Free:1136.05 GB) NTFS
Drive y: (DATA) (Network) (Total:1640.16 GB) (Free:1136.05 GB) NTFS
Drive z: (DATA) (Network) (Total:1640.16 GB) (Free:1136.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 24237847)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: B2A3B598)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 26.09.2014, 20:39   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Sparkasse Trojaner - Standard

Sparkasse Trojaner



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.09.2014, 22:26   #5
DonBifteki
 
Sparkasse Trojaner - Standard

Sparkasse Trojaner



Alles klar,

hier das Ergebnis.

Code:
ATTFilter
22:23:34.0934 0x116c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:23:42.0861 0x116c  ============================================================
22:23:42.0861 0x116c  Current date / time: 2014/09/26 22:23:42.0861
22:23:42.0861 0x116c  SystemInfo:
22:23:42.0861 0x116c  
22:23:42.0861 0x116c  OS Version: 6.1.7601 ServicePack: 1.0
22:23:42.0861 0x116c  Product type: Workstation
22:23:42.0861 0x116c  ComputerName: PC03
22:23:42.0861 0x116c  UserName: c.schollenberger
22:23:42.0861 0x116c  Windows directory: C:\Windows
22:23:42.0861 0x116c  System windows directory: C:\Windows
22:23:42.0861 0x116c  Running under WOW64
22:23:42.0861 0x116c  Processor architecture: Intel x64
22:23:42.0861 0x116c  Number of processors: 4
22:23:42.0861 0x116c  Page size: 0x1000
22:23:42.0861 0x116c  Boot type: Normal boot
22:23:42.0861 0x116c  ============================================================
22:23:43.0115 0x116c  KLMD registered as C:\Windows\system32\drivers\64912036.sys
22:23:43.0260 0x116c  System UUID: {6159A5F7-7C76-FAA9-24EC-59F22475077E}
22:23:43.0708 0x116c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:23:49.0197 0x116c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:23:49.0268 0x116c  ============================================================
22:23:49.0268 0x116c  \Device\Harddisk0\DR0:
22:23:49.0268 0x116c  MBR partitions:
22:23:49.0268 0x116c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:23:49.0268 0x116c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF62000
22:23:49.0268 0x116c  \Device\Harddisk1\DR1:
22:23:49.0269 0x116c  MBR partitions:
22:23:49.0269 0x116c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x746F2000
22:23:49.0269 0x116c  ============================================================
22:23:49.0270 0x116c  C: <-> \Device\Harddisk0\DR0\Partition2
22:23:49.0289 0x116c  D: <-> \Device\Harddisk1\DR1\Partition1
22:23:49.0289 0x116c  ============================================================
22:23:49.0290 0x116c  Initialize success
22:23:49.0290 0x116c  ============================================================
22:24:29.0693 0x0a40  ============================================================
22:24:29.0693 0x0a40  Scan started
22:24:29.0693 0x0a40  Mode: Manual; SigCheck; TDLFS; 
22:24:29.0693 0x0a40  ============================================================
22:24:29.0693 0x0a40  KSN ping started
22:24:32.0410 0x0a40  KSN ping finished: true
22:24:32.0842 0x0a40  ================ Scan system memory ========================
22:24:32.0842 0x0a40  System memory - ok
22:24:32.0842 0x0a40  ================ Scan services =============================
22:24:32.0877 0x0a40  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:24:32.0921 0x0a40  1394ohci - ok
22:24:32.0931 0x0a40  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:24:32.0943 0x0a40  ACPI - ok
22:24:32.0946 0x0a40  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:24:32.0962 0x0a40  AcpiPmi - ok
22:24:32.0966 0x0a40  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:24:33.0204 0x0a40  AdobeARMservice - ok
22:24:33.0228 0x0a40  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:24:33.0237 0x0a40  AdobeFlashPlayerUpdateSvc - ok
22:24:33.0246 0x0a40  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:24:33.0261 0x0a40  adp94xx - ok
22:24:33.0268 0x0a40  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:24:33.0280 0x0a40  adpahci - ok
22:24:33.0284 0x0a40  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:24:33.0294 0x0a40  adpu320 - ok
22:24:33.0421 0x0a40  [ CB2C7FC11AF1F31A9823C0F19AF399F8, 4907BFD95C50D40E8EE72633E499125AF69462216402AFAE83E1C50531C481FD ] Advanced Monitoring Agent C:\Program Files (x86)\Advanced Monitoring Agent GP\winagent.exe
22:24:33.0569 0x0a40  Advanced Monitoring Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:24:35.0855 0x0a40  Detect skipped due to KSN trusted
22:24:35.0856 0x0a40  Advanced Monitoring Agent - ok
22:24:35.0861 0x0a40  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:24:35.0911 0x0a40  AeLookupSvc - ok
22:24:35.0921 0x0a40  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:24:35.0939 0x0a40  AFD - ok
22:24:35.0942 0x0a40  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:24:35.0951 0x0a40  agp440 - ok
22:24:35.0954 0x0a40  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:24:35.0965 0x0a40  ALG - ok
22:24:35.0968 0x0a40  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:24:35.0975 0x0a40  aliide - ok
22:24:35.0980 0x0a40  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:24:36.0272 0x0a40  AMD External Events Utility - ok
22:24:36.0275 0x0a40  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:24:36.0283 0x0a40  amdide - ok
22:24:36.0286 0x0a40  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:24:36.0296 0x0a40  AmdK8 - ok
22:24:36.0498 0x0a40  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:24:37.0212 0x0a40  amdkmdag - ok
22:24:37.0234 0x0a40  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:24:37.0512 0x0a40  amdkmdap - ok
22:24:37.0516 0x0a40  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:24:37.0526 0x0a40  AmdPPM - ok
22:24:37.0530 0x0a40  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:24:37.0538 0x0a40  amdsata - ok
22:24:37.0544 0x0a40  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:24:37.0554 0x0a40  amdsbs - ok
22:24:37.0557 0x0a40  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:24:37.0564 0x0a40  amdxata - ok
22:24:37.0568 0x0a40  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:24:37.0616 0x0a40  AppID - ok
22:24:37.0620 0x0a40  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:24:37.0642 0x0a40  AppIDSvc - ok
22:24:37.0646 0x0a40  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:24:37.0656 0x0a40  Appinfo - ok
22:24:37.0662 0x0a40  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:24:37.0674 0x0a40  AppMgmt - ok
22:24:37.0678 0x0a40  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:24:37.0686 0x0a40  arc - ok
22:24:37.0690 0x0a40  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:24:37.0698 0x0a40  arcsas - ok
22:24:37.0709 0x0a40  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:24:37.0718 0x0a40  aspnet_state - ok
22:24:37.0720 0x0a40  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:24:37.0741 0x0a40  AsyncMac - ok
22:24:37.0744 0x0a40  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:24:37.0751 0x0a40  atapi - ok
22:24:37.0756 0x0a40  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:24:37.0881 0x0a40  AtiHDAudioService - ok
22:24:37.0893 0x0a40  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:24:37.0925 0x0a40  AudioEndpointBuilder - ok
22:24:37.0937 0x0a40  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:24:37.0968 0x0a40  AudioSrv - ok
22:24:37.0977 0x0a40  [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
22:24:37.0994 0x0a40  AVP15.0.0 - ok
22:24:37.0998 0x0a40  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:24:38.0016 0x0a40  AxInstSV - ok
22:24:38.0026 0x0a40  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:24:38.0042 0x0a40  b06bdrv - ok
22:24:38.0049 0x0a40  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:24:38.0063 0x0a40  b57nd60a - ok
22:24:38.0067 0x0a40  [ AAA12FAA1CA4374D1F4FA3949C36E8FC, D4FE2FBDBDB365C5B5CCEFD164504ADD59637C1D8E6C51E7B664556013A7EE1A ] BackupReader    C:\Windows\system32\DRIVERS\BackupReader.sys
22:24:38.0078 0x0a40  BackupReader - ok
22:24:38.0083 0x0a40  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:24:38.0094 0x0a40  BDESVC - ok
22:24:38.0096 0x0a40  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:24:38.0118 0x0a40  Beep - ok
22:24:38.0131 0x0a40  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:24:38.0152 0x0a40  BFE - ok
22:24:38.0167 0x0a40  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:24:38.0204 0x0a40  BITS - ok
22:24:38.0207 0x0a40  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:24:38.0217 0x0a40  blbdrive - ok
22:24:38.0221 0x0a40  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:24:38.0230 0x0a40  bowser - ok
22:24:38.0232 0x0a40  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:24:38.0243 0x0a40  BrFiltLo - ok
22:24:38.0246 0x0a40  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:24:38.0259 0x0a40  BrFiltUp - ok
22:24:38.0264 0x0a40  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:24:38.0275 0x0a40  Browser - ok
22:24:38.0281 0x0a40  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:24:38.0296 0x0a40  Brserid - ok
22:24:38.0299 0x0a40  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:24:38.0310 0x0a40  BrSerWdm - ok
22:24:38.0312 0x0a40  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:24:38.0323 0x0a40  BrUsbMdm - ok
22:24:38.0326 0x0a40  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:24:38.0335 0x0a40  BrUsbSer - ok
22:24:38.0338 0x0a40  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:24:38.0349 0x0a40  BTHMODEM - ok
22:24:38.0353 0x0a40  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:24:38.0375 0x0a40  bthserv - ok
22:24:38.0378 0x0a40  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:24:38.0400 0x0a40  cdfs - ok
22:24:38.0404 0x0a40  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:24:38.0415 0x0a40  cdrom - ok
22:24:38.0419 0x0a40  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:24:38.0441 0x0a40  CertPropSvc - ok
22:24:38.0444 0x0a40  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:24:38.0454 0x0a40  circlass - ok
22:24:38.0462 0x0a40  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:24:38.0474 0x0a40  CLFS - ok
22:24:38.0479 0x0a40  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:24:38.0487 0x0a40  clr_optimization_v2.0.50727_32 - ok
22:24:38.0492 0x0a40  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:24:38.0501 0x0a40  clr_optimization_v2.0.50727_64 - ok
22:24:38.0514 0x0a40  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:24:38.0524 0x0a40  clr_optimization_v4.0.30319_32 - ok
22:24:38.0528 0x0a40  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:24:38.0538 0x0a40  clr_optimization_v4.0.30319_64 - ok
22:24:38.0540 0x0a40  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:24:38.0551 0x0a40  CmBatt - ok
22:24:38.0553 0x0a40  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:24:38.0560 0x0a40  cmdide - ok
22:24:38.0569 0x0a40  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:24:38.0586 0x0a40  CNG - ok
22:24:38.0635 0x0a40  [ CB4B3A89CE06627EDA603E5AD74F564B, FE16935B0CBD356A6074EE3E5A5E505BAA7DB06DBD04E20FA84025D86BDD2842 ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
22:24:38.0684 0x0a40  CodeMeter.exe - ok
22:24:38.0689 0x0a40  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:24:38.0696 0x0a40  Compbatt - ok
22:24:38.0699 0x0a40  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:24:38.0711 0x0a40  CompositeBus - ok
22:24:38.0712 0x0a40  COMSysApp - ok
22:24:38.0737 0x0a40  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:24:39.0226 0x0a40  cphs - ok
22:24:39.0228 0x0a40  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:24:39.0235 0x0a40  crcdisk - ok
22:24:39.0241 0x0a40  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:24:39.0253 0x0a40  CryptSvc - ok
22:24:39.0263 0x0a40  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:24:39.0282 0x0a40  CSC - ok
22:24:39.0295 0x0a40  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:24:39.0316 0x0a40  CscService - ok
22:24:39.0327 0x0a40  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:24:39.0358 0x0a40  DcomLaunch - ok
22:24:39.0365 0x0a40  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:24:39.0393 0x0a40  defragsvc - ok
22:24:39.0396 0x0a40  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:24:39.0426 0x0a40  DfsC - ok
22:24:39.0433 0x0a40  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:24:39.0448 0x0a40  Dhcp - ok
22:24:39.0451 0x0a40  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:24:39.0474 0x0a40  discache - ok
22:24:39.0477 0x0a40  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:24:39.0484 0x0a40  Disk - ok
22:24:39.0487 0x0a40  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
22:24:39.0497 0x0a40  dmvsc - ok
22:24:39.0502 0x0a40  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:24:39.0514 0x0a40  Dnscache - ok
22:24:39.0520 0x0a40  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:24:39.0545 0x0a40  dot3svc - ok
22:24:39.0549 0x0a40  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:24:39.0572 0x0a40  DPS - ok
22:24:39.0574 0x0a40  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:24:39.0584 0x0a40  drmkaud - ok
22:24:39.0601 0x0a40  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:24:39.0623 0x0a40  DXGKrnl - ok
22:24:39.0628 0x0a40  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:24:39.0651 0x0a40  EapHost - ok
22:24:39.0701 0x0a40  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:24:39.0768 0x0a40  ebdrv - ok
22:24:39.0773 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
22:24:39.0783 0x0a40  EFS - ok
22:24:39.0796 0x0a40  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:24:39.0818 0x0a40  ehRecvr - ok
22:24:39.0823 0x0a40  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:24:39.0834 0x0a40  ehSched - ok
22:24:39.0844 0x0a40  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:24:39.0858 0x0a40  elxstor - ok
22:24:39.0861 0x0a40  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:24:39.0869 0x0a40  ErrDev - ok
22:24:39.0880 0x0a40  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:24:39.0907 0x0a40  EventSystem - ok
22:24:39.0913 0x0a40  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:24:39.0937 0x0a40  exfat - ok
22:24:39.0943 0x0a40  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:24:39.0967 0x0a40  fastfat - ok
22:24:39.0979 0x0a40  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:24:40.0001 0x0a40  Fax - ok
22:24:40.0004 0x0a40  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:24:40.0013 0x0a40  fdc - ok
22:24:40.0016 0x0a40  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:24:40.0037 0x0a40  fdPHost - ok
22:24:40.0039 0x0a40  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:24:40.0061 0x0a40  FDResPub - ok
22:24:40.0065 0x0a40  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:24:40.0072 0x0a40  FileInfo - ok
22:24:40.0075 0x0a40  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:24:40.0096 0x0a40  Filetrace - ok
22:24:40.0099 0x0a40  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:24:40.0107 0x0a40  flpydisk - ok
22:24:40.0113 0x0a40  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:24:40.0124 0x0a40  FltMgr - ok
22:24:40.0143 0x0a40  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:24:40.0174 0x0a40  FontCache - ok
22:24:40.0177 0x0a40  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:24:40.0185 0x0a40  FontCache3.0.0.0 - ok
22:24:40.0188 0x0a40  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:24:40.0195 0x0a40  FsDepends - ok
22:24:40.0197 0x0a40  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:24:40.0204 0x0a40  Fs_Rec - ok
22:24:40.0209 0x0a40  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:24:40.0220 0x0a40  fvevol - ok
22:24:40.0224 0x0a40  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:24:40.0231 0x0a40  gagp30kx - ok
22:24:40.0234 0x0a40  [ 4EA5458FCA8518344686C543749365B1, 52D4D2392C80A4C57C74B09FE04E9DFF6CB01521F03132EB7523BE52B8BF7A50 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
22:24:40.0242 0x0a40  gfiark - ok
22:24:40.0245 0x0a40  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
22:24:40.0252 0x0a40  gfibto - ok
22:24:40.0255 0x0a40  [ 16A23FF8621929ADC5B18DCCD5E206EE, 6204E3110503F76DC5970FDBD7340CE1265EE57196759E4D4DB187BAF119FF22 ] gfiutil         C:\Windows\system32\drivers\gfiutil.sys
22:24:40.0263 0x0a40  gfiutil - ok
22:24:40.0270 0x0a40  [ 548D44670C10A350D092F4BB1F6B036E, E60D37B044B856104023A03A25A00600DCF6668A608BF82D54C40999FD94EDDE ] gfi_lanss11_attservice C:\PROGRA~2\ADVANC~1\patchman\lnssatt.exe
22:24:40.0279 0x0a40  gfi_lanss11_attservice - ok
22:24:40.0294 0x0a40  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:24:40.0330 0x0a40  gpsvc - ok
22:24:40.0335 0x0a40  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:40.0342 0x0a40  gupdate - ok
22:24:40.0345 0x0a40  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:40.0351 0x0a40  gupdatem - ok
22:24:40.0353 0x0a40  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:24:40.0363 0x0a40  hcw85cir - ok
22:24:40.0370 0x0a40  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:24:40.0386 0x0a40  HdAudAddService - ok
22:24:40.0390 0x0a40  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:24:40.0402 0x0a40  HDAudBus - ok
22:24:40.0404 0x0a40  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:24:40.0414 0x0a40  HidBatt - ok
22:24:40.0418 0x0a40  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:24:40.0429 0x0a40  HidBth - ok
22:24:40.0432 0x0a40  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:24:40.0443 0x0a40  HidIr - ok
22:24:40.0447 0x0a40  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:24:40.0469 0x0a40  hidserv - ok
22:24:40.0472 0x0a40  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:24:40.0480 0x0a40  HidUsb - ok
22:24:40.0484 0x0a40  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:24:40.0506 0x0a40  hkmsvc - ok
22:24:40.0512 0x0a40  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:24:40.0525 0x0a40  HomeGroupListener - ok
22:24:40.0530 0x0a40  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:24:40.0541 0x0a40  HomeGroupProvider - ok
22:24:40.0545 0x0a40  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:24:40.0552 0x0a40  HpSAMD - ok
22:24:40.0565 0x0a40  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:24:40.0599 0x0a40  HTTP - ok
22:24:40.0602 0x0a40  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:24:40.0608 0x0a40  hwpolicy - ok
22:24:40.0612 0x0a40  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:24:40.0621 0x0a40  i8042prt - ok
22:24:40.0631 0x0a40  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:24:40.0644 0x0a40  iaStorV - ok
22:24:40.0659 0x0a40  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:24:40.0681 0x0a40  idsvc - ok
22:24:40.0740 0x0a40  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:24:41.0014 0x0a40  igfx - ok
22:24:41.0024 0x0a40  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
22:24:41.0331 0x0a40  igfxCUIService1.0.0.0 - ok
22:24:41.0334 0x0a40  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:24:41.0341 0x0a40  iirsp - ok
22:24:41.0356 0x0a40  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:24:41.0381 0x0a40  IKEEXT - ok
22:24:41.0385 0x0a40  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:24:41.0393 0x0a40  intelide - ok
22:24:41.0396 0x0a40  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:24:41.0406 0x0a40  intelppm - ok
22:24:41.0410 0x0a40  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:24:41.0434 0x0a40  IPBusEnum - ok
22:24:41.0437 0x0a40  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:24:41.0460 0x0a40  IpFilterDriver - ok
22:24:41.0470 0x0a40  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:24:41.0489 0x0a40  iphlpsvc - ok
22:24:41.0493 0x0a40  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:24:41.0503 0x0a40  IPMIDRV - ok
22:24:41.0507 0x0a40  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:24:41.0530 0x0a40  IPNAT - ok
22:24:41.0533 0x0a40  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:24:41.0544 0x0a40  IRENUM - ok
22:24:41.0546 0x0a40  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:24:41.0554 0x0a40  isapnp - ok
22:24:41.0560 0x0a40  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:24:41.0570 0x0a40  iScsiPrt - ok
22:24:41.0578 0x0a40  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
22:24:41.0590 0x0a40  iusb3hub - ok
22:24:41.0604 0x0a40  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:24:41.0622 0x0a40  iusb3xhc - ok
22:24:41.0626 0x0a40  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:24:41.0633 0x0a40  kbdclass - ok
22:24:41.0635 0x0a40  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:24:41.0646 0x0a40  kbdhid - ok
22:24:41.0651 0x0a40  [ B72B03E4A3B407A5B1F42922A554A321, 071DD973937648BC77A03196A0A3567C1DFE0C00D770B8B08D6F6AE9CA3734A9 ] KEN Client Service c:\ken\KENCLI.EXE
22:24:41.0663 0x0a40  KEN Client Service - ok
22:24:41.0665 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
22:24:41.0673 0x0a40  KeyIso - ok
22:24:41.0682 0x0a40  [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
22:24:41.0706 0x0a40  kl1 - ok
22:24:41.0711 0x0a40  [ D02B93716FCC770821964272B6604517, 058BF8439D4009867BAA10089423BB5CC762A4B7F193E0EA84E00D42698A9AFE ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
22:24:41.0723 0x0a40  klflt - ok
22:24:41.0730 0x0a40  [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
22:24:41.0745 0x0a40  klhk - ok
22:24:41.0760 0x0a40  [ FE72450279320E5A8470B8862C7AFE41, B73E91AF671D70EA60C10422842427AB6341EFBDF73200326E14B2FD38AF6EB6 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
22:24:41.0790 0x0a40  KLIF - ok
22:24:41.0793 0x0a40  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
22:24:41.0804 0x0a40  KLIM6 - ok
22:24:41.0806 0x0a40  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
22:24:41.0816 0x0a40  klkbdflt - ok
22:24:41.0819 0x0a40  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
22:24:41.0826 0x0a40  klmouflt - ok
22:24:41.0828 0x0a40  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
22:24:41.0835 0x0a40  klpd - ok
22:24:41.0838 0x0a40  [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
22:24:41.0849 0x0a40  kltdi - ok
22:24:41.0854 0x0a40  [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
22:24:41.0868 0x0a40  kneps - ok
22:24:41.0871 0x0a40  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:24:41.0879 0x0a40  KSecDD - ok
22:24:41.0884 0x0a40  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:24:41.0893 0x0a40  KSecPkg - ok
22:24:41.0895 0x0a40  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:24:41.0917 0x0a40  ksthunk - ok
22:24:41.0925 0x0a40  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:24:41.0954 0x0a40  KtmRm - ok
22:24:41.0960 0x0a40  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:24:41.0985 0x0a40  LanmanServer - ok
22:24:41.0989 0x0a40  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:24:42.0011 0x0a40  LanmanWorkstation - ok
22:24:42.0015 0x0a40  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:24:42.0038 0x0a40  lltdio - ok
22:24:42.0045 0x0a40  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:24:42.0072 0x0a40  lltdsvc - ok
22:24:42.0075 0x0a40  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:24:42.0097 0x0a40  lmhosts - ok
22:24:42.0102 0x0a40  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:24:42.0111 0x0a40  LSI_FC - ok
22:24:42.0114 0x0a40  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:24:42.0123 0x0a40  LSI_SAS - ok
22:24:42.0126 0x0a40  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:24:42.0134 0x0a40  LSI_SAS2 - ok
22:24:42.0138 0x0a40  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:24:42.0146 0x0a40  LSI_SCSI - ok
22:24:42.0150 0x0a40  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:24:42.0173 0x0a40  luafv - ok
22:24:42.0176 0x0a40  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:24:42.0186 0x0a40  MBAMProtector - ok
22:24:42.0215 0x0a40  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:24:42.0247 0x0a40  MBAMScheduler - ok
22:24:42.0265 0x0a40  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:24:42.0285 0x0a40  MBAMService - ok
22:24:42.0289 0x0a40  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:24:42.0297 0x0a40  MBAMSwissArmy - ok
22:24:42.0300 0x0a40  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:24:42.0308 0x0a40  MBAMWebAccessControl - ok
22:24:42.0311 0x0a40  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:24:42.0322 0x0a40  Mcx2Svc - ok
22:24:42.0325 0x0a40  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:24:42.0335 0x0a40  megasas - ok
22:24:42.0343 0x0a40  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:24:42.0354 0x0a40  MegaSR - ok
22:24:42.0358 0x0a40  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
22:24:42.0369 0x0a40  MEIx64 - ok
22:24:42.0372 0x0a40  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:24:42.0395 0x0a40  MMCSS - ok
22:24:42.0398 0x0a40  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:24:42.0420 0x0a40  Modem - ok
22:24:42.0423 0x0a40  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:24:42.0433 0x0a40  monitor - ok
22:24:42.0436 0x0a40  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:24:42.0444 0x0a40  mouclass - ok
22:24:42.0446 0x0a40  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:24:42.0455 0x0a40  mouhid - ok
22:24:42.0458 0x0a40  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:24:42.0466 0x0a40  mountmgr - ok
22:24:42.0470 0x0a40  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:24:42.0483 0x0a40  MozillaMaintenance - ok
22:24:42.0488 0x0a40  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:24:42.0497 0x0a40  mpio - ok
22:24:42.0500 0x0a40  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:24:42.0521 0x0a40  mpsdrv - ok
22:24:42.0536 0x0a40  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:24:42.0571 0x0a40  MpsSvc - ok
22:24:42.0576 0x0a40  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:24:42.0586 0x0a40  MRxDAV - ok
22:24:42.0591 0x0a40  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:24:42.0602 0x0a40  mrxsmb - ok
22:24:42.0608 0x0a40  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:24:42.0622 0x0a40  mrxsmb10 - ok
22:24:42.0626 0x0a40  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:24:42.0635 0x0a40  mrxsmb20 - ok
22:24:42.0638 0x0a40  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:24:42.0646 0x0a40  msahci - ok
22:24:42.0650 0x0a40  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:24:42.0659 0x0a40  msdsm - ok
22:24:42.0663 0x0a40  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:24:42.0674 0x0a40  MSDTC - ok
22:24:42.0678 0x0a40  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:24:42.0700 0x0a40  Msfs - ok
22:24:42.0702 0x0a40  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:24:42.0723 0x0a40  mshidkmdf - ok
22:24:42.0725 0x0a40  MSICDSetup - ok
22:24:42.0727 0x0a40  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:24:42.0734 0x0a40  msisadrv - ok
22:24:42.0738 0x0a40  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:24:42.0762 0x0a40  MSiSCSI - ok
22:24:42.0764 0x0a40  msiserver - ok
22:24:42.0766 0x0a40  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:24:42.0787 0x0a40  MSKSSRV - ok
22:24:42.0790 0x0a40  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:24:42.0810 0x0a40  MSPCLOCK - ok
22:24:42.0812 0x0a40  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:24:42.0833 0x0a40  MSPQM - ok
22:24:42.0841 0x0a40  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:24:42.0852 0x0a40  MsRPC - ok
22:24:42.0856 0x0a40  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:24:42.0863 0x0a40  mssmbios - ok
22:24:42.0865 0x0a40  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:24:42.0886 0x0a40  MSTEE - ok
22:24:42.0889 0x0a40  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:24:42.0898 0x0a40  MTConfig - ok
22:24:42.0902 0x0a40  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:24:42.0909 0x0a40  Mup - ok
22:24:42.0918 0x0a40  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:24:42.0948 0x0a40  napagent - ok
22:24:42.0955 0x0a40  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:24:42.0972 0x0a40  NativeWifiP - ok
22:24:42.0989 0x0a40  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:24:43.0010 0x0a40  NDIS - ok
22:24:43.0013 0x0a40  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:24:43.0034 0x0a40  NdisCap - ok
22:24:43.0037 0x0a40  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:24:43.0058 0x0a40  NdisTapi - ok
22:24:43.0060 0x0a40  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:24:43.0081 0x0a40  Ndisuio - ok
22:24:43.0085 0x0a40  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:24:43.0108 0x0a40  NdisWan - ok
22:24:43.0111 0x0a40  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:24:43.0132 0x0a40  NDProxy - ok
22:24:43.0135 0x0a40  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:24:43.0156 0x0a40  NetBIOS - ok
22:24:43.0162 0x0a40  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:24:43.0187 0x0a40  NetBT - ok
22:24:43.0189 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
22:24:43.0197 0x0a40  Netlogon - ok
22:24:43.0205 0x0a40  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:24:43.0232 0x0a40  Netman - ok
22:24:43.0243 0x0a40  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:43.0252 0x0a40  NetMsmqActivator - ok
22:24:43.0256 0x0a40  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:43.0265 0x0a40  NetPipeActivator - ok
22:24:43.0274 0x0a40  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:24:43.0303 0x0a40  netprofm - ok
22:24:43.0307 0x0a40  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:43.0315 0x0a40  NetTcpActivator - ok
22:24:43.0319 0x0a40  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:43.0328 0x0a40  NetTcpPortSharing - ok
22:24:43.0331 0x0a40  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:24:43.0338 0x0a40  nfrd960 - ok
22:24:43.0344 0x0a40  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:24:43.0358 0x0a40  NlaSvc - ok
22:24:43.0361 0x0a40  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:24:43.0383 0x0a40  Npfs - ok
22:24:43.0385 0x0a40  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:24:43.0407 0x0a40  nsi - ok
22:24:43.0409 0x0a40  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:24:43.0430 0x0a40  nsiproxy - ok
22:24:43.0458 0x0a40  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:24:43.0491 0x0a40  Ntfs - ok
22:24:43.0495 0x0a40  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:24:43.0516 0x0a40  Null - ok
22:24:43.0519 0x0a40  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
22:24:43.0528 0x0a40  nusb3hub - ok
22:24:43.0533 0x0a40  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
22:24:43.0544 0x0a40  nusb3xhc - ok
22:24:43.0549 0x0a40  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:24:43.0560 0x0a40  nvraid - ok
22:24:43.0564 0x0a40  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:24:43.0573 0x0a40  nvstor - ok
22:24:43.0577 0x0a40  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:24:43.0586 0x0a40  nv_agp - ok
22:24:43.0589 0x0a40  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:24:43.0599 0x0a40  ohci1394 - ok
22:24:43.0604 0x0a40  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:24:43.0612 0x0a40  ose - ok
22:24:43.0689 0x0a40  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:24:43.0780 0x0a40  osppsvc - ok
22:24:43.0792 0x0a40  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:24:43.0808 0x0a40  p2pimsvc - ok
22:24:43.0816 0x0a40  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:24:43.0833 0x0a40  p2psvc - ok
22:24:43.0837 0x0a40  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:24:43.0847 0x0a40  Parport - ok
22:24:43.0850 0x0a40  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:24:43.0858 0x0a40  partmgr - ok
22:24:43.0863 0x0a40  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:24:43.0877 0x0a40  PcaSvc - ok
22:24:43.0882 0x0a40  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:24:43.0891 0x0a40  pci - ok
22:24:43.0894 0x0a40  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:24:43.0900 0x0a40  pciide - ok
22:24:43.0905 0x0a40  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:24:43.0916 0x0a40  pcmcia - ok
22:24:43.0919 0x0a40  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:24:43.0926 0x0a40  pcw - ok
22:24:43.0937 0x0a40  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:24:43.0969 0x0a40  PEAUTH - ok
22:24:43.0992 0x0a40  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:24:44.0026 0x0a40  PeerDistSvc - ok
22:24:44.0048 0x0a40  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:24:44.0058 0x0a40  PerfHost - ok
22:24:44.0084 0x0a40  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:24:44.0132 0x0a40  pla - ok
22:24:44.0142 0x0a40  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:24:44.0159 0x0a40  PlugPlay - ok
22:24:44.0162 0x0a40  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:24:44.0171 0x0a40  PNRPAutoReg - ok
22:24:44.0178 0x0a40  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:24:44.0192 0x0a40  PNRPsvc - ok
22:24:44.0202 0x0a40  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:24:44.0232 0x0a40  PolicyAgent - ok
22:24:44.0238 0x0a40  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:24:44.0262 0x0a40  Power - ok
22:24:44.0265 0x0a40  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:24:44.0287 0x0a40  PptpMiniport - ok
22:24:44.0290 0x0a40  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:24:44.0300 0x0a40  Processor - ok
22:24:44.0306 0x0a40  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:24:44.0318 0x0a40  ProfSvc - ok
22:24:44.0320 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:24:44.0328 0x0a40  ProtectedStorage - ok
22:24:44.0333 0x0a40  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:24:44.0355 0x0a40  Psched - ok
22:24:44.0380 0x0a40  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:24:44.0409 0x0a40  ql2300 - ok
22:24:44.0414 0x0a40  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:24:44.0423 0x0a40  ql40xx - ok
22:24:44.0429 0x0a40  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:24:44.0444 0x0a40  QWAVE - ok
22:24:44.0447 0x0a40  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:24:44.0458 0x0a40  QWAVEdrv - ok
22:24:44.0461 0x0a40  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:24:44.0481 0x0a40  RasAcd - ok
22:24:44.0484 0x0a40  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:24:44.0506 0x0a40  RasAgileVpn - ok
22:24:44.0510 0x0a40  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:24:44.0533 0x0a40  RasAuto - ok
22:24:44.0537 0x0a40  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:24:44.0559 0x0a40  Rasl2tp - ok
22:24:44.0567 0x0a40  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:24:44.0594 0x0a40  RasMan - ok
22:24:44.0598 0x0a40  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:24:44.0621 0x0a40  RasPppoe - ok
22:24:44.0624 0x0a40  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:24:44.0646 0x0a40  RasSstp - ok
22:24:44.0652 0x0a40  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:24:44.0678 0x0a40  rdbss - ok
22:24:44.0681 0x0a40  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:24:44.0691 0x0a40  rdpbus - ok
22:24:44.0694 0x0a40  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:24:44.0715 0x0a40  RDPCDD - ok
22:24:44.0722 0x0a40  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:24:44.0732 0x0a40  RDPDR - ok
22:24:44.0735 0x0a40  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:24:44.0757 0x0a40  RDPENCDD - ok
22:24:44.0760 0x0a40  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:24:44.0781 0x0a40  RDPREFMP - ok
22:24:44.0785 0x0a40  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:24:44.0796 0x0a40  RdpVideoMiniport - ok
22:24:44.0801 0x0a40  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:24:44.0813 0x0a40  RDPWD - ok
22:24:44.0818 0x0a40  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:24:44.0828 0x0a40  rdyboost - ok
22:24:44.0832 0x0a40  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:24:44.0854 0x0a40  RemoteAccess - ok
22:24:44.0859 0x0a40  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:24:44.0883 0x0a40  RemoteRegistry - ok
22:24:44.0887 0x0a40  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:24:44.0909 0x0a40  RpcEptMapper - ok
22:24:44.0911 0x0a40  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:24:44.0920 0x0a40  RpcLocator - ok
22:24:44.0930 0x0a40  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:24:44.0960 0x0a40  RpcSs - ok
22:24:44.0964 0x0a40  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:24:44.0987 0x0a40  rspndr - ok
22:24:45.0002 0x0a40  [ 22B27E5BFBAB2B5ED3BB5ABBE7D1E341, D56D3BA061FB7DB1414CB14537E9FE17907095C050FC674FFC38C8D8CA5B426B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:24:45.0032 0x0a40  RTL8167 - ok
22:24:45.0035 0x0a40  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:24:45.0045 0x0a40  s3cap - ok
22:24:45.0048 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
22:24:45.0056 0x0a40  SamSs - ok
22:24:45.0115 0x0a40  [ A6E96F850A2863978375E546F78DEA6E, 9A1C51678752ADFFB8960D653D7449452BF29D7662948A79327C3C74837E8F2D ] SBAMSvc         C:\PROGRA~2\ADVANC~1\managedav\SBAMSvc.exe
22:24:45.0216 0x0a40  SBAMSvc - ok
22:24:45.0223 0x0a40  [ 8B913D432C6D150CB4CC0328D11E2AEC, EBCA08D79DD8DA3D3850D23B048F91A3F0080B4D6888BF3F9E743B382E9E0500 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
22:24:45.0231 0x0a40  sbapifs - ok
22:24:45.0235 0x0a40  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:24:45.0244 0x0a40  sbp2port - ok
22:24:45.0249 0x0a40  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:24:45.0274 0x0a40  SCardSvr - ok
22:24:45.0277 0x0a40  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:24:45.0300 0x0a40  scfilter - ok
22:24:45.0319 0x0a40  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:24:45.0360 0x0a40  Schedule - ok
22:24:45.0365 0x0a40  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:24:45.0385 0x0a40  SCPolicySvc - ok
22:24:45.0390 0x0a40  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:24:45.0402 0x0a40  SDRSVC - ok
22:24:45.0404 0x0a40  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:24:45.0425 0x0a40  secdrv - ok
22:24:45.0428 0x0a40  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:24:45.0449 0x0a40  seclogon - ok
22:24:45.0452 0x0a40  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:24:45.0475 0x0a40  SENS - ok
22:24:45.0478 0x0a40  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:24:45.0488 0x0a40  SensrSvc - ok
22:24:45.0490 0x0a40  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:24:45.0501 0x0a40  Serenum - ok
22:24:45.0506 0x0a40  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:24:45.0517 0x0a40  Serial - ok
22:24:45.0519 0x0a40  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:24:45.0529 0x0a40  sermouse - ok
22:24:45.0536 0x0a40  [ 71A4BFE920625143884AE5D01BC9D23A, 8DF8DA13F47F9DC2F0E4D905225B5C4B8413EC3214D27BE1C38201E5A37EBC6B ] ServiceProviderRegistry C:\Windows\System32\Essentials\ProviderRegistryService.exe
22:24:45.0547 0x0a40  ServiceProviderRegistry - ok
22:24:45.0551 0x0a40  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:24:45.0575 0x0a40  SessionEnv - ok
22:24:45.0577 0x0a40  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:24:45.0589 0x0a40  sffdisk - ok
22:24:45.0591 0x0a40  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:24:45.0602 0x0a40  sffp_mmc - ok
22:24:45.0605 0x0a40  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:24:45.0616 0x0a40  sffp_sd - ok
22:24:45.0618 0x0a40  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:24:45.0628 0x0a40  sfloppy - ok
22:24:45.0636 0x0a40  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:24:45.0665 0x0a40  SharedAccess - ok
22:24:45.0673 0x0a40  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:24:45.0702 0x0a40  ShellHWDetection - ok
22:24:45.0705 0x0a40  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:24:45.0713 0x0a40  SiSRaid2 - ok
22:24:45.0716 0x0a40  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:24:45.0724 0x0a40  SiSRaid4 - ok
22:24:45.0728 0x0a40  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:24:45.0751 0x0a40  Smb - ok
22:24:45.0756 0x0a40  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:24:45.0766 0x0a40  SNMPTRAP - ok
22:24:45.0768 0x0a40  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:24:45.0776 0x0a40  spldr - ok
22:24:45.0787 0x0a40  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:24:45.0807 0x0a40  Spooler - ok
22:24:45.0863 0x0a40  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:24:45.0951 0x0a40  sppsvc - ok
22:24:45.0957 0x0a40  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:24:45.0980 0x0a40  sppuinotify - ok
22:24:45.0989 0x0a40  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:24:46.0005 0x0a40  srv - ok
22:24:46.0013 0x0a40  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:24:46.0028 0x0a40  srv2 - ok
22:24:46.0033 0x0a40  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:24:46.0045 0x0a40  srvnet - ok
22:24:46.0051 0x0a40  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:24:46.0075 0x0a40  SSDPSRV - ok
22:24:46.0078 0x0a40  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:24:46.0101 0x0a40  SstpSvc - ok
22:24:46.0103 0x0a40  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:24:46.0111 0x0a40  stexstor - ok
22:24:46.0122 0x0a40  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:24:46.0144 0x0a40  stisvc - ok
22:24:46.0148 0x0a40  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:24:46.0155 0x0a40  storflt - ok
22:24:46.0158 0x0a40  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
22:24:46.0167 0x0a40  StorSvc - ok
22:24:46.0170 0x0a40  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:24:46.0177 0x0a40  storvsc - ok
22:24:46.0179 0x0a40  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:24:46.0186 0x0a40  swenum - ok
22:24:46.0196 0x0a40  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:24:46.0228 0x0a40  swprv - ok
22:24:46.0257 0x0a40  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:24:46.0301 0x0a40  SysMain - ok
22:24:46.0306 0x0a40  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:24:46.0320 0x0a40  TabletInputService - ok
22:24:46.0327 0x0a40  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:24:46.0354 0x0a40  TapiSrv - ok
22:24:46.0358 0x0a40  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:24:46.0381 0x0a40  TBS - ok
22:24:46.0412 0x0a40  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:24:46.0449 0x0a40  Tcpip - ok
22:24:46.0482 0x0a40  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:24:46.0515 0x0a40  TCPIP6 - ok
22:24:46.0521 0x0a40  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:24:46.0530 0x0a40  tcpipreg - ok
22:24:46.0533 0x0a40  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:24:46.0543 0x0a40  TDPIPE - ok
22:24:46.0545 0x0a40  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:24:46.0555 0x0a40  TDTCP - ok
22:24:46.0559 0x0a40  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:24:46.0581 0x0a40  tdx - ok
22:24:46.0656 0x0a40  [ 2DEBAD33C1030C548338CB2D91F74B94, 83D00B5516F59F92DFEC0E7DB1048285221E9FFEA3C34BF4FCAF8CC1A84D9CF1 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
22:24:47.0179 0x0a40  TeamViewer9 - ok
22:24:47.0186 0x0a40  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:24:47.0193 0x0a40  TermDD - ok
22:24:47.0205 0x0a40  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:24:47.0239 0x0a40  TermService - ok
22:24:47.0242 0x0a40  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:24:47.0255 0x0a40  Themes - ok
22:24:47.0258 0x0a40  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:24:47.0281 0x0a40  THREADORDER - ok
22:24:47.0285 0x0a40  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:24:47.0311 0x0a40  TrkWks - ok
22:24:47.0315 0x0a40  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:24:47.0339 0x0a40  TrustedInstaller - ok
22:24:47.0343 0x0a40  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:24:47.0351 0x0a40  tssecsrv - ok
22:24:47.0354 0x0a40  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:24:47.0364 0x0a40  TsUsbFlt - ok
22:24:47.0367 0x0a40  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:24:47.0376 0x0a40  TsUsbGD - ok
22:24:47.0380 0x0a40  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:24:47.0402 0x0a40  tunnel - ok
22:24:47.0405 0x0a40  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:24:47.0412 0x0a40  uagp35 - ok
22:24:47.0419 0x0a40  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:24:47.0447 0x0a40  udfs - ok
22:24:47.0454 0x0a40  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:24:47.0463 0x0a40  UI0Detect - ok
22:24:47.0466 0x0a40  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:24:47.0474 0x0a40  uliagpkx - ok
22:24:47.0477 0x0a40  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:24:47.0486 0x0a40  umbus - ok
22:24:47.0489 0x0a40  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:24:47.0498 0x0a40  UmPass - ok
22:24:47.0504 0x0a40  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:24:47.0518 0x0a40  UmRdpService - ok
22:24:47.0525 0x0a40  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:24:47.0555 0x0a40  upnphost - ok
22:24:47.0559 0x0a40  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:24:47.0570 0x0a40  usbccgp - ok
22:24:47.0574 0x0a40  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:24:47.0585 0x0a40  usbcir - ok
22:24:47.0588 0x0a40  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:24:47.0598 0x0a40  usbehci - ok
22:24:47.0605 0x0a40  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:24:47.0620 0x0a40  usbhub - ok
22:24:47.0623 0x0a40  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:24:47.0632 0x0a40  usbohci - ok
22:24:47.0635 0x0a40  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:24:47.0645 0x0a40  usbprint - ok
22:24:47.0648 0x0a40  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:24:47.0657 0x0a40  usbscan - ok
22:24:47.0660 0x0a40  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:24:47.0670 0x0a40  USBSTOR - ok
22:24:47.0673 0x0a40  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:24:47.0683 0x0a40  usbuhci - ok
22:24:47.0685 0x0a40  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:24:47.0708 0x0a40  UxSms - ok
22:24:47.0711 0x0a40  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
22:24:47.0719 0x0a40  VaultSvc - ok
22:24:47.0722 0x0a40  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:24:47.0729 0x0a40  vdrvroot - ok
22:24:47.0740 0x0a40  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:24:47.0770 0x0a40  vds - ok
22:24:47.0774 0x0a40  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:24:47.0783 0x0a40  vga - ok
22:24:47.0786 0x0a40  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:24:47.0807 0x0a40  VgaSave - ok
22:24:47.0812 0x0a40  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:24:47.0822 0x0a40  vhdmp - ok
22:24:47.0825 0x0a40  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:24:47.0832 0x0a40  viaide - ok
22:24:47.0837 0x0a40  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:24:47.0847 0x0a40  vmbus - ok
22:24:47.0850 0x0a40  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:24:47.0858 0x0a40  VMBusHID - ok
22:24:47.0862 0x0a40  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:24:47.0869 0x0a40  volmgr - ok
22:24:47.0876 0x0a40  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:24:47.0889 0x0a40  volmgrx - ok
22:24:47.0896 0x0a40  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:24:47.0907 0x0a40  volsnap - ok
22:24:47.0911 0x0a40  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:24:47.0920 0x0a40  vsmraid - ok
22:24:47.0947 0x0a40  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:24:48.0003 0x0a40  VSS - ok
22:24:48.0007 0x0a40  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:24:48.0017 0x0a40  vwifibus - ok
22:24:48.0025 0x0a40  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:24:48.0056 0x0a40  W32Time - ok
22:24:48.0060 0x0a40  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:24:48.0070 0x0a40  WacomPen - ok
22:24:48.0073 0x0a40  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:24:48.0096 0x0a40  WANARP - ok
22:24:48.0099 0x0a40  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:24:48.0120 0x0a40  Wanarpv6 - ok
22:24:48.0145 0x0a40  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:24:48.0183 0x0a40  wbengine - ok
22:24:48.0190 0x0a40  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:24:48.0205 0x0a40  WbioSrvc - ok
22:24:48.0213 0x0a40  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:24:48.0231 0x0a40  wcncsvc - ok
22:24:48.0234 0x0a40  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:24:48.0244 0x0a40  WcsPlugInService - ok
22:24:48.0247 0x0a40  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:24:48.0254 0x0a40  Wd - ok
22:24:48.0268 0x0a40  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:24:48.0287 0x0a40  Wdf01000 - ok
22:24:48.0291 0x0a40  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:24:48.0315 0x0a40  WdiServiceHost - ok
22:24:48.0318 0x0a40  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:24:48.0332 0x0a40  WdiSystemHost - ok
22:24:48.0338 0x0a40  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:24:48.0351 0x0a40  WebClient - ok
22:24:48.0357 0x0a40  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:24:48.0384 0x0a40  Wecsvc - ok
22:24:48.0387 0x0a40  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:24:48.0411 0x0a40  wercplsupport - ok
22:24:48.0414 0x0a40  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:24:48.0437 0x0a40  WerSvc - ok
22:24:48.0439 0x0a40  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:24:48.0460 0x0a40  WfpLwf - ok
22:24:48.0462 0x0a40  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:24:48.0469 0x0a40  WIMMount - ok
22:24:48.0471 0x0a40  WinDefend - ok
22:24:48.0474 0x0a40  WinHttpAutoProxySvc - ok
22:24:48.0482 0x0a40  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:24:48.0509 0x0a40  Winmgmt - ok
22:24:48.0541 0x0a40  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:24:48.0601 0x0a40  WinRM - ok
22:24:48.0607 0x0a40  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:24:48.0618 0x0a40  WinUsb - ok
22:24:48.0634 0x0a40  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:24:48.0662 0x0a40  Wlansvc - ok
22:24:48.0665 0x0a40  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:24:48.0674 0x0a40  WmiAcpi - ok
22:24:48.0680 0x0a40  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:24:48.0693 0x0a40  wmiApSrv - ok
22:24:48.0695 0x0a40  WMPNetworkSvc - ok
22:24:48.0697 0x0a40  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:24:48.0706 0x0a40  WPCSvc - ok
22:24:48.0710 0x0a40  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:24:48.0724 0x0a40  WPDBusEnum - ok
22:24:48.0726 0x0a40  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:24:48.0747 0x0a40  ws2ifsl - ok
22:24:48.0751 0x0a40  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:24:48.0764 0x0a40  wscsvc - ok
22:24:48.0766 0x0a40  WSearch - ok
22:24:48.0771 0x0a40  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseClientMgmtSvc C:\Windows\System32\Essentials\SharedServiceHost.exe
22:24:48.0779 0x0a40  WseClientMgmtSvc - ok
22:24:48.0782 0x0a40  [ 353B9F34A8530616815378627A4B1D81, 5D5584D83572354E1013B93066896C30EEB2A5CB21093360716CA58BA73BF76B ] WseClientMonitorSvc C:\Windows\System32\Essentials\WseClientMonitorSvc.exe
22:24:48.0790 0x0a40  WseClientMonitorSvc - ok
22:24:48.0792 0x0a40  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseHealthSvc    C:\Windows\System32\Essentials\SharedServiceHost.exe
22:24:48.0799 0x0a40  WseHealthSvc - ok
22:24:48.0801 0x0a40  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseNtfSvc       C:\Windows\System32\Essentials\SharedServiceHost.exe
22:24:48.0808 0x0a40  WseNtfSvc - ok
22:24:48.0848 0x0a40  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:24:48.0896 0x0a40  wuauserv - ok
22:24:48.0901 0x0a40  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:24:48.0911 0x0a40  WudfPf - ok
22:24:48.0916 0x0a40  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:24:48.0926 0x0a40  WUDFRd - ok
22:24:48.0930 0x0a40  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:24:48.0940 0x0a40  wudfsvc - ok
22:24:48.0945 0x0a40  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:24:48.0958 0x0a40  WwanSvc - ok
22:24:48.0960 0x0a40  ================ Scan global ===============================
22:24:48.0963 0x0a40  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:24:48.0968 0x0a40  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:24:48.0977 0x0a40  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:24:48.0982 0x0a40  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:24:48.0990 0x0a40  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:24:48.0994 0x0a40  [ Global ] - ok
22:24:48.0994 0x0a40  ================ Scan MBR ==================================
22:24:48.0996 0x0a40  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:24:49.0070 0x0a40  \Device\Harddisk0\DR0 - ok
22:24:49.0072 0x0a40  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
22:24:49.0185 0x0a40  \Device\Harddisk1\DR1 - ok
22:24:49.0185 0x0a40  ================ Scan VBR ==================================
22:24:49.0187 0x0a40  [ E3086F04DCD62EE159717B8622326E48 ] \Device\Harddisk0\DR0\Partition1
22:24:49.0188 0x0a40  \Device\Harddisk0\DR0\Partition1 - ok
22:24:49.0189 0x0a40  [ 468CC7A204CE21AC1F90C4AD19981D69 ] \Device\Harddisk0\DR0\Partition2
22:24:49.0190 0x0a40  \Device\Harddisk0\DR0\Partition2 - ok
22:24:49.0192 0x0a40  [ DC281213872883F6F99FB3AC4C199232 ] \Device\Harddisk1\DR1\Partition1
22:24:49.0236 0x0a40  \Device\Harddisk1\DR1\Partition1 - ok
22:24:49.0236 0x0a40  ================ Scan generic autorun ======================
22:24:49.0242 0x0a40  [ 34451239FC0755F8F6D1459338944E4E, 2C07D2884E75C832ABC85D3A0B3200138D2B92C468679A02F951A10EB0A265C0 ] C:\Windows\System32\Essentials\EssentialsTrayApp.exe
22:24:49.0255 0x0a40  EssentialsTrayApp - ok
22:24:49.0271 0x0a40  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:24:49.0291 0x0a40  Adobe ARM - ok
22:24:49.0310 0x0a40  [ 16598A9758F386F82D2C447C70C95D10, 0A698135EFC195C359702AA76897B9C67712FDE0A54B51587134B65510B154ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:24:49.0338 0x0a40  StartCCC - ok
22:24:49.0358 0x0a40  [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
22:24:49.0382 0x0a40  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
22:24:51.0785 0x0a40  Detect skipped due to KSN trusted
22:24:51.0785 0x0a40  BrMfcWnd - ok
22:24:51.0788 0x0a40  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
22:24:51.0795 0x0a40  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
22:24:54.0894 0x0a40  Detect skipped due to KSN trusted
22:24:54.0894 0x0a40  ControlCenter3 - ok
22:24:54.0900 0x0a40  [ 01FF3102F7D87F1ECF66F437084A5B60, BB6FB963FCC04FA23A87397F0C3422962D698DD22C49CF1FD07DFE81F85429BB ] c:\ken\kentbcli.exe
22:24:54.0908 0x0a40  KEN Taskbar Client - ok
22:24:54.0958 0x0a40  [ 3A15A0F4CEBE9CA46E4812888E992F84, 046DF2C0845C974D4EA6310AE357D3EC9DF23F587D4B2CA058E67DBE3410545F ] C:\PROGRA~2\ADVANC~1\managedav\SBAMTray.exe
22:24:55.0045 0x0a40  SBAMTray - ok
22:24:55.0052 0x0a40  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:24:55.0067 0x0a40  SunJavaUpdateSched - ok
22:24:55.0086 0x0a40  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:24:55.0120 0x0a40  Sidebar - ok
22:24:55.0124 0x0a40  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:24:55.0137 0x0a40  mctadmin - ok
22:24:55.0157 0x0a40  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:24:55.0185 0x0a40  Sidebar - ok
22:24:55.0188 0x0a40  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:24:55.0201 0x0a40  mctadmin - ok
22:24:55.0220 0x0a40  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:24:55.0250 0x0a40  Sidebar - ok
22:24:55.0253 0x0a40  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:24:55.0266 0x0a40  mctadmin - ok
22:24:55.0266 0x0a40  Waiting for KSN requests completion. In queue: 9
22:24:56.0266 0x0a40  Waiting for KSN requests completion. In queue: 9
22:24:57.0266 0x0a40  Waiting for KSN requests completion. In queue: 9
22:24:58.0345 0x0a40  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
22:24:58.0345 0x0a40  AV detected via SS2: Managed Antivirus Managed Antivirus, C:\PROGRA~2\ADVANC~1\managedav\SBAMWSC.EXE (  ), 0x41000 ( enabled : updated )
22:24:58.0348 0x0a40  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
22:25:00.0720 0x0a40  ============================================================
22:25:00.0720 0x0a40  Scan finished
22:25:00.0720 0x0a40  ============================================================
22:25:00.0725 0x11b4  Detected object count: 0
22:25:00.0725 0x11b4  Actual detected object count: 0
         


Alt 27.09.2014, 20:19   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Sparkasse Trojaner - Standard

Sparkasse Trojaner



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Sparkasse Trojaner

Antwort

Themen zu Sparkasse Trojaner
account, bereinige, der interne fehlerstatus lautet: 252, falsche, hierbei, login, möglicherweise, rechner, recht, sparkasse, sparkasse trojaner, troja, trojane, trojaner, Überweisung



Ähnliche Themen: Sparkasse Trojaner


  1. Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 13.11.2014 (11)
  2. Trojaner von Sparkasse
    Log-Analyse und Auswertung - 24.10.2012 (15)
  3. Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (6)
  4. Sparkasse Trojaner?
    Log-Analyse und Auswertung - 11.07.2012 (3)
  5. Sparkasse Trojaner TAN
    Log-Analyse und Auswertung - 16.03.2012 (4)
  6. Sparkasse TAN Trojaner - Sparkasse Allgäu - Abfrage von 25 TAN
    Plagegeister aller Art und deren Bekämpfung - 27.11.2011 (45)
  7. Sparkasse TAN Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 21.06.2011 (15)
  8. Sparkasse TAN Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (13)
  9. Sparkasse 20 TAN Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.02.2011 (12)
  10. 20 Tan Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 02.02.2011 (3)
  11. Sparkasse 40 TAN Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.11.2010 (13)
  12. 20 TAN Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (23)
  13. 20 Tan Trojaner Sparkasse usw.
    Plagegeister aller Art und deren Bekämpfung - 27.10.2010 (1)
  14. Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 26.10.2010 (1)
  15. 20 TAN Trojaner Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (19)
  16. 20 Tan Trojaner - Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 14.10.2010 (31)
  17. Trojaner/ 40 Tans Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 11.08.2010 (22)

Zum Thema Sparkasse Trojaner - Hallo, ich habe einen Rechner auf dem möglicherweise (oder recht sicher) ein Trojaner der Gattung Sparkasse drauf ist. Er gaukelte beim letzten Login eine falsche Überweisung vor, die bitte wieder - Sparkasse Trojaner...
Archiv
Du betrachtest: Sparkasse Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.