Neuer Postbank Trojaner. Wie muss ich vorgehen?

deeprybka · 13.11.2014, 23:34

Sorry, ohne Logs kann ich schlecht helfen. Entweder posten oder anhängen.

Zitat:

Ich ging zur Systemsteuerung und dann zu Anmeldeinformationen und fand fremde Eingänge,

?

Einhorn66 · 14.11.2014, 00:00

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Visuellspektrum B.E (administrator) on VISUELLSPEKTRUM on 09-11-2014 22:36:55
Running from C:\Users\Visuellspektrum B.E\Desktop
Loaded Profile: Visuellspektrum B.E (Available profiles: Visuellspektrum B.E & Andere User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Dell) C:\Users\Visuellspektrum B.E\AppData\Local\Apps\2.0\4Y2M6VA0.Z2E\0X0RCQQN.7AZ\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Windows Net) C:\Users\Visuellspektrum B.E\AppData\Roaming\Windows Net Data\net.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(America Online, Inc.) C:\Program Files (x86)\Common Files\AOL\1376658552\ee\aolsoftware.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\iTunesHelper.exe
(APN LLC.) C:\Users\Visuellspektrum B.E\AppData\Local\VNT\vntldr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [friends] => C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\root_ca.exe [289792 2014-10-28] (Firetrust)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [202192 2013-11-08] (APN LLC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKLM-x32\...\RunOnce: [DSUpdateLauncher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [161088 2010-07-21] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36125760 2013-12-18] (ooVoo LLC)
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [DellSystemDetect] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [uqdfumrw] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe [103424 2014-10-14] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [tionkcrz] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe [103424 2014-10-15] (CJSC "Computing Forces") <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [ifoxxwzr] => C:\Users\Visuellspektrum B.E\AppData\Local\Jnrik\thhsexwzr.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [tfwywndb] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Rmcevfwq\ierwweewndb.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [liyezfcu] => C:\Users\Visuellspektrum B.E\AppData\Local\Hxnfs\ebxecdxzfcu.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [hffgquir] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Gamxoeew\uqrfiquir.exe <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [xlazimaw] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Woiadfgj\pwarfaimaw.exe [92160 2014-11-07] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [explorer64login] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Explorer64\explorer64login.exe [100352 2014-11-08] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [win] => C:\Users\Visuellspektrum B.E\AppData\Local\Win\win.exe [100352 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [chrome64wave] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Chrome64\chrome64wave.exe [72704 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [system64-print32] => C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe [100352 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [perl32runner32] => C:\Users\Visuellspektrum B.E\AppData\Local\Perl32\perl32runner32.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\RunOnce: [Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\RunOnce: [Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Andere User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Visuellspektrum B.E\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
URLSearchHook: HKCU - (No Name) - {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN18303927224961151&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {13674696-600A-44DD-A8F8-E801732B1483} URL = 
SearchScopes: HKCU - {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN18303927224961151&UM=2
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Web Check -> {E155F23C-9931-47c6-A619-20E6FCA86D75} -> C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default
FF NewTab: about:blank
FF DefaultSearchEngine: Conduit Search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&CUI=UN97404443626523320&UM=2&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: Conduit Search

FF Homepage: about:home
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN97404443626523320&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4203832084-4009304635-2263003785-1000: @microsoft.com/Office on Demand;version=1 -> C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4203832084-4009304635-2263003785-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Visuellspektrum B.E\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\Web Search.xml
FF Extension: Freemium DE  - C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\Extensions\{e66f4171-0f28-4599-a595-58b840522f7e} [2014-02-06]
FF Extension: Test Pilot - C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: Web Check - C:\Program Files (x86)\Web Check\WebCheck.xpi [2013-08-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3311336&SearchSource=48&CUI=UN37841013473063414&UM=2&sspv=&UP=SP8F63F67C-7FA9-4AE1-A908-C911C255F7B6
CHR StartupUrls: Default -> "chrome-search://local-ntp/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (McAfee Security Scan+) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [aaaainelhcgoinheohbeolppeofibjlh] - C:\ProgramData\AskPartnerNetwork\Toolbar\OVO2V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx [2013-08-12]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-01]
CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Visuellspektrum B.E\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 sign_in_information; C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\wobble_correction.exe [162304 2014-10-13] (Company 'gora-sah') [File not signed]
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] () [File not signed]
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S1 bjdkpcji; \??\C:\Windows\system32\drivers\bjdkpcji.sys [X]
S1 bpjnxbfz; \??\C:\Windows\system32\drivers\bpjnxbfz.sys [X]
S1 cypvewap; \??\C:\Windows\system32\drivers\cypvewap.sys [X]
S1 ireyrvls; \??\C:\Windows\system32\drivers\ireyrvls.sys [X]
S1 jdghtads; \??\C:\Windows\system32\drivers\jdghtads.sys [X]
S1 kwyjdkfc; \??\C:\Windows\system32\drivers\kwyjdkfc.sys [X]
S1 logxmmoa; \??\C:\Windows\system32\drivers\logxmmoa.sys [X]
S1 mbcrpyut; \??\C:\Windows\system32\drivers\mbcrpyut.sys [X]
S1 mznekkmt; \??\C:\Windows\system32\drivers\mznekkmt.sys [X]
S1 rvqhafqh; \??\C:\Windows\system32\drivers\rvqhafqh.sys [X]
S1 uzdhxgpw; \??\C:\Windows\system32\drivers\uzdhxgpw.sys [X]
S1 vparxfrs; \??\C:\Windows\system32\drivers\vparxfrs.sys [X]
S1 wrccyqbi; \??\C:\Windows\system32\drivers\wrccyqbi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 22:36 - 2014-11-09 22:38 - 00031542 _____ () C:\Users\Visuellspektrum B.E\Desktop\FRST.txt
2014-11-09 22:36 - 2014-11-09 22:37 - 00000000 ____D () C:\FRST
2014-11-09 22:36 - 2014-11-09 22:35 - 02116096 _____ (Farbar) C:\Users\Visuellspektrum B.E\Desktop\FRST64.exe
2014-11-09 22:35 - 2014-11-09 22:35 - 02116096 _____ (Farbar) C:\Users\Visuellspektrum B.E\Downloads\FRST64.exe
2014-11-09 19:24 - 2014-11-09 21:59 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\Nico Mak Computing
2014-11-09 18:37 - 2014-11-09 18:45 - 00000000 ____D () C:\Program Files (x86)\AOL 9.0 VRb
2014-11-09 16:27 - 2014-11-09 16:27 - 00000000 _____ () C:\autoexec.bat
2014-11-09 01:16 - 2014-11-09 01:20 - 00000000 ____D () C:\Program Files (x86)\AOL 9.0 VRa
2014-11-08 18:41 - 2014-11-08 18:41 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Update-driver64
2014-11-07 21:02 - 2014-11-07 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-11-07 20:49 - 2014-11-07 20:49 - 01055936 _____ (Adobe) C:\Users\Gast\Downloads\install_flashplayer15x32axau_mssa_aaa_aih.exe
2014-11-07 09:09 - 2014-11-07 09:09 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Win-client
2014-11-07 08:46 - 2014-11-07 09:19 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Pbnwnsklmo
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 _____ () C:\Windows\SysWOW64\sho8838.tmp
2014-11-05 23:05 - 2014-11-05 23:05 - 00895352 _____ () C:\Users\Visuellspektrum B.E\Downloads\Download.exe
2014-11-04 12:29 - 2014-11-07 08:46 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Iiuuemu
2014-10-30 16:47 - 2014-10-30 16:47 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Perl32-frame
2014-10-30 16:18 - 2014-11-03 15:54 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Updatetree
2014-10-29 23:36 - 2014-11-09 17:32 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Explorer32
2014-10-29 17:36 - 2014-11-02 23:05 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Pdypbbnl
2014-10-29 11:11 - 2014-10-29 11:11 - 01055936 _____ (Adobe) C:\Users\Visuellspektrum B.E\Downloads\install_flashplayer15x32axau_ltr5x64d_awc_aih.exe
2014-10-28 23:54 - 2014-10-28 23:54 - 00093162 _____ () C:\Users\Visuellspektrum B.E\Documents\Seminar 08.11.14.zip
2014-10-28 23:54 - 2014-10-28 23:54 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Seminar 08.11.14
2014-10-25 20:14 - 2014-11-09 17:55 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Office2014
2014-10-24 12:54 - 2014-11-09 17:56 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Winupdate-dll
2014-10-24 11:43 - 2014-10-28 14:46 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Chrome64
2014-10-24 07:13 - 2014-10-24 15:08 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Chromeframe32
2014-10-23 20:43 - 2014-10-23 20:43 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Script32print32
2014-10-22 18:38 - 2014-11-08 20:24 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64
2014-10-22 08:10 - 2014-10-23 20:43 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Flash64-help64
2014-10-21 21:35 - 2014-10-30 20:32 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\System64
2014-10-21 19:39 - 2014-10-29 14:49 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Vtshrfohn
2014-10-21 18:58 - 2014-11-09 17:51 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32-reg
2014-10-21 13:02 - 2014-10-21 13:02 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Windlls32
2014-10-21 08:08 - 2014-10-21 08:08 - 00093190 _____ () C:\Users\Visuellspektrum B.E\Documents\Seminar08.11.14.zip
2014-10-21 08:08 - 2014-10-21 08:08 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Seminar08.11.14
2014-10-20 00:53 - 2014-11-09 10:52 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Perl32
2014-10-20 00:32 - 2014-11-08 23:15 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\System64
2014-10-20 00:32 - 2014-11-04 23:34 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Chrome64
2014-10-19 22:55 - 2014-11-06 19:54 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Win
2014-10-19 01:50 - 2014-10-19 01:50 - 00880272 _____ (Google Inc.) C:\Users\Visuellspektrum B.E\Downloads\ChromeSetup (1).exe
2014-10-18 00:03 - 2014-11-09 17:51 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Update-print64
2014-10-17 21:41 - 2014-10-29 18:33 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Win
2014-10-17 20:00 - 2014-10-20 00:34 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Xkwc
2014-10-17 19:49 - 2014-10-17 20:00 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Fuqfir
2014-10-16 21:07 - 2014-10-22 18:38 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Explorer64
2014-10-16 17:51 - 2014-10-30 00:28 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Perl32
2014-10-16 14:04 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 14:04 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 14:04 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 14:04 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 14:04 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 14:04 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 14:04 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 14:04 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 14:04 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 14:04 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:04 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 14:04 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 14:04 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:04 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 14:04 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 14:04 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 14:04 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 14:04 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 14:04 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 14:04 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 14:04 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 14:04 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 14:03 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 14:03 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 14:03 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 14:03 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 14:03 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 14:03 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 14:03 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 14:03 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:03 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 14:03 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 14:03 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 14:03 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:03 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 14:03 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 14:03 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 14:03 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 14:03 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 14:03 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 14:03 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:03 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:03 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 14:03 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 14:03 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 14:03 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 14:03 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 14:03 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 14:03 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 14:03 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 14:03 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 14:03 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 14:03 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 14:03 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 14:03 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:03 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 14:03 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 14:03 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 14:03 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 14:03 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 14:03 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 14:03 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 14:03 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 14:03 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 14:03 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 14:03 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 14:03 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 14:03 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 14:03 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-16 14:02 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 14:02 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 14:02 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 14:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 14:02 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 14:02 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 12:53 - 2014-10-15 12:53 - 00632646 _____ () C:\Users\Visuellspektrum B.E\Documents\BrittaEngischbb.zip
2014-10-15 12:53 - 2014-10-15 12:53 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\BrittaEngischbb
2014-10-15 08:03 - 2014-11-04 23:57 - 00000000 ____D () C:\ProgramData\ula
2014-10-15 07:00 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Rmcevfwq
2014-10-14 22:15 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Hxnfs
2014-10-14 22:03 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Jnrik
2014-10-14 22:02 - 2014-10-14 22:02 - 00144785 _____ () C:\Users\Visuellspektrum B.E\Documents\Ausgleich14.10.2014-RechnungsstelleGiroPayGmbH.zip
2014-10-14 22:02 - 2014-10-14 22:02 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Ausgleich14.10.2014-RechnungsstelleGiroPayGmbH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 22:13 - 2012-04-04 14:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 21:55 - 2013-08-23 11:09 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 21:41 - 2013-10-06 13:39 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-11-09 21:37 - 2013-10-07 13:15 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\Deployment
2014-11-09 21:37 - 2013-08-23 11:09 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 21:27 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:27 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:24 - 2009-07-14 18:58 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 21:24 - 2009-07-14 18:58 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 21:24 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 21:23 - 2009-07-14 06:10 - 01356381 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 21:19 - 2011-01-03 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 21:19 - 2011-01-03 18:34 - 00305456 _____ () C:\Windows\PFRO.log
2014-11-09 21:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 21:19 - 2009-07-14 05:51 - 00147229 _____ () C:\Windows\setupact.log
2014-11-09 21:09 - 2012-05-24 13:59 - 00001194 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4203832084-4009304635-2263003785-1000UA.job
2014-11-09 19:01 - 2014-07-11 09:41 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 18:59 - 2013-08-23 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 18:51 - 2013-08-16 14:14 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\AOL
2014-11-09 18:51 - 2013-08-16 14:13 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\AOL
2014-11-09 18:44 - 2013-08-16 14:14 - 00000959 _____ () C:\Users\Public\Desktop\AOL 9.0 VR.lnk
2014-11-09 18:44 - 2013-08-16 14:14 - 00000957 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL 9.0.lnk
2014-11-09 18:43 - 2013-08-16 14:11 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-11-09 18:43 - 2009-07-14 03:34 - 00000524 _____ () C:\Windows\win.ini
2014-11-09 18:37 - 2011-11-26 10:20 - 00000000 ____D () C:\ProgramData\AOL
2014-11-09 16:27 - 2011-01-07 12:15 - 00000000 ____D () C:\Users\Visuellspektrum B.E
2014-11-09 15:14 - 2011-04-16 09:00 - 00072192 ___SH () C:\Users\Visuellspektrum B.E\Thumbs.db
2014-11-09 11:07 - 2013-10-07 13:28 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-09 01:26 - 2011-10-01 11:35 - 00003382 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4203832084-4009304635-2263003785-1000
2014-11-09 01:26 - 2011-10-01 11:35 - 00003276 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4203832084-4009304635-2263003785-1000
2014-11-09 00:09 - 2012-05-24 13:59 - 00001172 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4203832084-4009304635-2263003785-1000Core.job
2014-11-07 21:00 - 2012-06-21 01:07 - 00000000 ____D () C:\Users\Andere User\Desktop\jenni fük
2014-11-07 20:47 - 2013-04-24 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-06 00:09 - 2011-04-14 21:00 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\Skype
2014-11-05 23:34 - 2011-01-04 02:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-05 23:34 - 2011-01-04 01:59 - 00000000 ____D () C:\ProgramData\Skype
2014-10-30 12:25 - 2011-10-01 11:34 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 19:40 - 2011-10-30 11:58 - 00134384 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-25 19:55 - 2013-10-15 19:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-21 19:38 - 2011-01-07 13:44 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\VirtualStore
2014-10-19 01:50 - 2013-08-23 11:09 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 01:50 - 2013-08-23 11:09 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 00:52 - 2014-05-06 22:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 13:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 11:44 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 11:43 - 2009-07-14 05:45 - 00518840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:37 - 2014-09-12 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 17:57 - 2013-11-14 11:11 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\nikken
2014-10-16 14:11 - 2013-08-16 13:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 14:00 - 2011-04-12 17:52 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Woiadfgj\pwarfaimaw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Explorer64\explorer64login.exe
C:\Users\Public\AlexaNSISPlugin.6584.dll


Some content of TEMP:
====================
C:\Users\Andere User\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4B52.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4C73.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4CAD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\683A.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\872D.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\AcsInstall.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\BackupSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\BC11.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\DAE6.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\DealsPluginROW.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\FDAF.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\i0wan1na.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer11x32au_mssa_aih.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer11x32_mssa_au_aih.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer12x32ax_gtba_chra_dy_aaa_aih[1].exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\IWantThis.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\MSNCEB7.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nscC7A8.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nscCFD2.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsm634A.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsmA1CD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsp73A7.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsx588E.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsxC3CE.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\offercast.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\rcpsetup_26034.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\RoxioBurn_0180_MPI_180B57E_RXD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_ (1).exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_ (2).exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SHSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SPSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SPStub.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\tbFree.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\tiptoi-install.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\uninst1.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\_isDE91.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 21:39

==================== End Of Log ============================

--- --- ---

--- --- ---

es gab zuviele seite, daher wurde es nicht übertragen. hab dann hier per # eingefügt, kopiert..dann stück für stück nachgeschickt. hoffe es klappt nun..:-)

deeprybka · 14.11.2014, 00:06

Naja, wenn Du wirklich bereinigen willst...dann machen wir so weiter:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Einhorn66 · 14.11.2014, 00:36

Ich soll Skpi wählen...hier gibt's 3 zum Anklicken Skip / Copy to quarantine / Delete

also klicke ich Skip

deeprybka · 14.11.2014, 00:38

So ist es...

Einhorn66 · 14.11.2014, 00:51

Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 234,9 KB groß. was nun....

deeprybka · 14.11.2014, 00:52

Copy & paste

Einhorn66 · 14.11.2014, 00:57

00:27:02.0493 0x14a8 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
00:27:06.0108 0x14a8 ============================================================
00:27:06.0108 0x14a8 Current date / time: 2014/11/14 00:27:06.0108
00:27:06.0108 0x14a8 SystemInfo:
00:27:06.0108 0x14a8
00:27:06.0108 0x14a8 OS Version: 6.1.7601 ServicePack: 1.0
00:27:06.0108 0x14a8 Product type: Workstation
00:27:06.0108 0x14a8 ComputerName: VISUELLSPEKTRUM
00:27:06.0108 0x14a8 UserName: Visuellspektrum B.E
00:27:06.0108 0x14a8 Windows directory: C:\Windows
00:27:06.0108 0x14a8 System windows directory: C:\Windows
00:27:06.0108 0x14a8 Running under WOW64
00:27:06.0108 0x14a8 Processor architecture: Intel x64
00:27:06.0108 0x14a8 Number of processors: 8
00:27:06.0108 0x14a8 Page size: 0x1000
00:27:06.0108 0x14a8 Boot type: Normal boot
00:27:06.0108 0x14a8 ============================================================
00:27:06.0365 0x14a8 KLMD registered as C:\Windows\system32\drivers\45306180.sys
00:27:06.0880 0x14a8 System UUID: {1392FE88-96D1-62D4-112D-3696EAE75F54}
00:27:07.0919 0x14a8 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0:
00:27:07.0934 0x14a8 MBR partitions:
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 C: <-> \Device\Harddisk0\DR0\Partition2
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 Initialize success
00:27:07.0934 0x14a8 ============================================================
00:27:10.0918 0x2c6c ============================================================
00:27:10.0918 0x2c6c Scan started
00:27:10.0918 0x2c6c Mode: Manual;
00:27:10.0918 0x2c6c ============================================================
00:27:10.0918 0x2c6c KSN ping started
00:27:13.0368 0x2c6c KSN ping finished: true
00:27:14.0067 0x2c6c ================ Scan system memory ========================
00:27:14.0067 0x2c6c System memory - ok
00:27:14.0067 0x2c6c ================ Scan services =============================
00:27:14.0308 0x2c6c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:27:14.0324 0x2c6c 1394ohci - ok
00:27:14.0360 0x2c6c [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
00:27:14.0360 0x2c6c Acceler - ok
00:27:14.0453 0x2c6c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:27:14.0456 0x2c6c ACPI - ok
00:27:14.0487 0x2c6c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:27:14.0487 0x2c6c AcpiPmi - ok
00:27:14.0630 0x2c6c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:27:14.0630 0x2c6c AdobeARMservice - ok
00:27:14.0838 0x2c6c [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:27:14.0856 0x2c6c AdobeFlashPlayerUpdateSvc - ok
00:27:14.0903 0x2c6c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:27:14.0903 0x2c6c adp94xx - ok
00:27:14.0968 0x2c6c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:27:14.0968 0x2c6c adpahci - ok
00:27:14.0999 0x2c6c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:27:14.0999 0x2c6c adpu320 - ok
00:27:15.0030 0x2c6c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:27:15.0030 0x2c6c AeLookupSvc - ok
00:27:15.0126 0x2c6c [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
00:27:15.0126 0x2c6c AERTFilters - ok
00:27:15.0225 0x2c6c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
00:27:15.0240 0x2c6c AFD - ok
00:27:15.0258 0x2c6c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
00:27:15.0258 0x2c6c agp440 - ok
00:27:15.0321 0x2c6c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:27:15.0321 0x2c6c ALG - ok
00:27:15.0370 0x2c6c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
00:27:15.0370 0x2c6c aliide - ok
00:27:15.0433 0x2c6c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
00:27:15.0433 0x2c6c amdide - ok
00:27:15.0451 0x2c6c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:27:15.0451 0x2c6c AmdK8 - ok
00:27:15.0466 0x2c6c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:27:15.0466 0x2c6c AmdPPM - ok
00:27:15.0513 0x2c6c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:27:15.0513 0x2c6c amdsata - ok
00:27:15.0547 0x2c6c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:27:15.0547 0x2c6c amdsbs - ok
00:27:15.0578 0x2c6c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:27:15.0578 0x2c6c amdxata - ok
00:27:15.0677 0x2c6c [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
00:27:15.0677 0x2c6c AOL ACS - ok
00:27:15.0723 0x2c6c APNMCP - ok
00:27:15.0835 0x2c6c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
00:27:15.0835 0x2c6c AppID - ok
00:27:15.0884 0x2c6c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:27:15.0884 0x2c6c AppIDSvc - ok
00:27:15.0949 0x2c6c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
00:27:15.0949 0x2c6c Appinfo - ok
00:27:16.0061 0x2c6c [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:27:16.0061 0x2c6c Apple Mobile Device - ok
00:27:16.0077 0x2c6c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:27:16.0077 0x2c6c arc - ok
00:27:16.0092 0x2c6c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:27:16.0092 0x2c6c arcsas - ok
00:27:16.0256 0x2c6c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:27:16.0318 0x2c6c aspnet_state - ok
00:27:16.0334 0x2c6c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:27:16.0334 0x2c6c AsyncMac - ok
00:27:16.0383 0x2c6c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
00:27:16.0383 0x2c6c atapi - ok
00:27:16.0479 0x2c6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:27:16.0495 0x2c6c AudioEndpointBuilder - ok
00:27:16.0510 0x2c6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:27:16.0526 0x2c6c AudioSrv - ok
00:27:16.0622 0x2c6c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:27:16.0622 0x2c6c AxInstSV - ok
00:27:16.0687 0x2c6c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:27:16.0687 0x2c6c b06bdrv - ok
00:27:16.0718 0x2c6c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:27:16.0718 0x2c6c b57nd60a - ok
00:27:16.0749 0x2c6c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:27:16.0765 0x2c6c BDESVC - ok
00:27:16.0783 0x2c6c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:27:16.0783 0x2c6c Beep - ok
00:27:16.0861 0x2c6c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
00:27:16.0879 0x2c6c BFE - ok
00:27:16.0926 0x2c6c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
00:27:16.0957 0x2c6c BITS - ok
00:27:16.0991 0x2c6c bjdkpcji - ok
00:27:17.0006 0x2c6c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:27:17.0006 0x2c6c blbdrive - ok
00:27:17.0134 0x2c6c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:27:17.0134 0x2c6c Bonjour Service - ok
00:27:17.0183 0x2c6c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:27:17.0183 0x2c6c bowser - ok
00:27:17.0230 0x2c6c bpjnxbfz - ok
00:27:17.0261 0x2c6c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:27:17.0261 0x2c6c BrFiltLo - ok
00:27:17.0279 0x2c6c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:27:17.0279 0x2c6c BrFiltUp - ok
00:27:17.0310 0x2c6c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
00:27:17.0310 0x2c6c Browser - ok
00:27:17.0357 0x2c6c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:27:17.0357 0x2c6c Brserid - ok
00:27:17.0391 0x2c6c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:27:17.0391 0x2c6c BrSerWdm - ok
00:27:17.0406 0x2c6c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:27:17.0438 0x2c6c BrUsbSer - ok
00:27:17.0487 0x2c6c [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
00:27:17.0502 0x2c6c BrYNSvc - ok
00:27:17.0518 0x2c6c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:27:17.0518 0x2c6c BTHMODEM - ok
00:27:17.0599 0x2c6c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:27:17.0614 0x2c6c bthserv - ok
00:27:17.0630 0x2c6c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:27:17.0630 0x2c6c cdfs - ok
00:27:17.0679 0x2c6c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:27:17.0679 0x2c6c cdrom - ok
00:27:17.0741 0x2c6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
00:27:17.0757 0x2c6c CertPropSvc - ok
00:27:17.0773 0x2c6c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:27:17.0773 0x2c6c circlass - ok
00:27:17.0806 0x2c6c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:27:17.0822 0x2c6c CLFS - ok
00:27:17.0999 0x2c6c [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
00:27:18.0045 0x2c6c ClickToRunSvc - ok
00:27:18.0141 0x2c6c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:27:18.0141 0x2c6c clr_optimization_v2.0.50727_32 - ok
00:27:18.0191 0x2c6c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:27:18.0206 0x2c6c clr_optimization_v2.0.50727_64 - ok
00:27:18.0318 0x2c6c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:27:18.0365 0x2c6c clr_optimization_v4.0.30319_32 - ok
00:27:18.0383 0x2c6c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:27:18.0399 0x2c6c clr_optimization_v4.0.30319_64 - ok
00:27:18.0445 0x2c6c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:27:18.0445 0x2c6c CmBatt - ok
00:27:18.0510 0x26a8 Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
00:27:18.0510 0x2c6c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:27:18.0526 0x2c6c cmdide - ok
00:27:18.0573 0x2c6c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
00:27:18.0588 0x2c6c CNG - ok
00:27:18.0619 0x2c6c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:27:18.0619 0x2c6c Compbatt - ok
00:27:18.0666 0x2c6c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:27:18.0666 0x2c6c CompositeBus - ok
00:27:18.0682 0x2c6c COMSysApp - ok
00:27:18.0700 0x2c6c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:27:18.0700 0x2c6c crcdisk - ok
00:27:18.0747 0x2c6c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:27:18.0762 0x2c6c CryptSvc - ok
00:27:18.0794 0x2c6c [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:27:18.0794 0x2c6c CtClsFlt - ok
00:27:18.0939 0x2c6c [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:27:18.0955 0x2c6c cvhsvc - ok
00:27:18.0986 0x2c6c cypvewap - ok
00:27:19.0019 0x2c6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:27:19.0035 0x2c6c DcomLaunch - ok
00:27:19.0066 0x2c6c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:27:19.0082 0x2c6c defragsvc - ok
00:27:19.0116 0x2c6c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:27:19.0116 0x2c6c DfsC - ok
00:27:19.0131 0x2c6c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:27:19.0147 0x2c6c Dhcp - ok
00:27:19.0162 0x2c6c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:27:19.0162 0x2c6c discache - ok
00:27:19.0209 0x2c6c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:27:19.0212 0x2c6c Disk - ok
00:27:19.0274 0x2c6c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:27:19.0290 0x2c6c Dnscache - ok
00:27:19.0401 0x2c6c [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
00:27:19.0401 0x2c6c DockLoginService - ok
00:27:19.0451 0x2c6c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
00:27:19.0466 0x2c6c dot3svc - ok
00:27:19.0482 0x2c6c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
00:27:19.0497 0x2c6c DPS - ok
00:27:19.0562 0x2c6c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:27:19.0562 0x2c6c drmkaud - ok
00:27:19.0630 0x2c6c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:27:19.0645 0x2c6c DXGKrnl - ok
00:27:19.0692 0x2c6c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:27:19.0692 0x2c6c EapHost - ok
00:27:19.0822 0x2c6c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:27:19.0884 0x2c6c ebdrv - ok
00:27:19.0918 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
00:27:19.0996 0x2c6c EFS - ok
00:27:20.0061 0x2c6c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:27:20.0077 0x2c6c ehRecvr - ok
00:27:20.0092 0x2c6c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:27:20.0108 0x2c6c ehSched - ok
00:27:20.0141 0x2c6c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:27:20.0157 0x2c6c elxstor - ok
00:27:20.0204 0x2c6c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:27:20.0219 0x2c6c ErrDev - ok
00:27:20.0256 0x2c6c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:27:20.0271 0x2c6c EventSystem - ok
00:27:20.0463 0x2c6c [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:27:20.0495 0x2c6c EvtEng - ok
00:27:20.0544 0x2c6c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:27:20.0544 0x2c6c exfat - ok
00:27:20.0575 0x2c6c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:27:20.0575 0x2c6c fastfat - ok
00:27:20.0640 0x2c6c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
00:27:20.0656 0x2c6c Fax - ok
00:27:20.0702 0x2c6c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:27:20.0702 0x2c6c fdc - ok
00:27:20.0721 0x2c6c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:27:20.0736 0x2c6c fdPHost - ok
00:27:20.0752 0x2c6c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:27:20.0752 0x2c6c FDResPub - ok
00:27:20.0767 0x2c6c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:27:20.0767 0x2c6c FileInfo - ok
00:27:20.0783 0x2c6c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:27:20.0783 0x2c6c Filetrace - ok
00:27:20.0799 0x2c6c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:27:20.0799 0x2c6c flpydisk - ok
00:27:20.0832 0x2c6c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:27:20.0848 0x2c6c FltMgr - ok
00:27:20.0895 0x2c6c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
00:27:20.0928 0x2c6c FontCache - ok
00:27:21.0006 0x2c6c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:27:21.0006 0x2c6c FontCache3.0.0.0 - ok
00:27:21.0087 0x2c6c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:27:21.0087 0x2c6c FsDepends - ok
00:27:21.0102 0x26a8 Object send P2P result: true
00:27:21.0121 0x2c6c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:27:21.0121 0x2c6c Fs_Rec - ok
00:27:21.0152 0x2c6c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:27:21.0152 0x2c6c fvevol - ok
00:27:21.0199 0x2c6c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:27:21.0199 0x2c6c gagp30kx - ok
00:27:21.0235 0x2c6c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:27:21.0235 0x2c6c GEARAspiWDM - ok
00:27:21.0297 0x2c6c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
00:27:21.0313 0x2c6c gpsvc - ok
00:27:21.0393 0x2c6c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:21.0409 0x2c6c gupdate - ok
00:27:21.0458 0x2c6c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:21.0458 0x2c6c gupdatem - ok
00:27:21.0489 0x2c6c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:27:21.0489 0x2c6c hcw85cir - ok
00:27:21.0570 0x2c6c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:27:21.0570 0x2c6c HDAudBus - ok
00:27:21.0601 0x2c6c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:27:21.0601 0x2c6c HECIx64 - ok
00:27:21.0619 0x2c6c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:27:21.0619 0x2c6c HidBatt - ok
00:27:21.0635 0x2c6c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:27:21.0650 0x2c6c HidBth - ok
00:27:21.0682 0x2c6c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:27:21.0682 0x2c6c HidIr - ok
00:27:21.0713 0x2c6c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:27:21.0715 0x2c6c hidserv - ok
00:27:21.0762 0x2c6c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:27:21.0762 0x2c6c HidUsb - ok
00:27:21.0809 0x2c6c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:27:21.0809 0x2c6c hkmsvc - ok
00:27:21.0843 0x2c6c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:27:21.0858 0x2c6c HomeGroupListener - ok
00:27:21.0889 0x2c6c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:27:21.0905 0x2c6c HomeGroupProvider - ok
00:27:21.0970 0x2c6c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:27:21.0970 0x2c6c HpSAMD - ok
00:27:22.0035 0x2c6c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:27:22.0050 0x2c6c HTTP - ok
00:27:22.0097 0x2c6c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:27:22.0097 0x2c6c hwpolicy - ok
00:27:22.0146 0x2c6c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:27:22.0146 0x2c6c i8042prt - ok
00:27:22.0243 0x2c6c [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:27:22.0243 0x2c6c iaStor - ok
00:27:22.0385 0x2c6c [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:27:22.0385 0x2c6c IAStorDataMgrSvc - ok
00:27:22.0401 0x2c6c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:27:22.0419 0x2c6c iaStorV - ok
00:27:22.0482 0x2c6c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:27:22.0513 0x2c6c idsvc - ok
00:27:22.0578 0x2c6c IEEtwCollectorService - ok
00:27:22.0609 0x2c6c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:27:22.0609 0x2c6c iirsp - ok
00:27:22.0656 0x2c6c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
00:27:22.0671 0x2c6c IKEEXT - ok
00:27:22.0796 0x2c6c [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:27:22.0845 0x2c6c IntcAzAudAddService - ok
00:27:22.0877 0x2c6c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
00:27:22.0892 0x2c6c intelide - ok
00:27:22.0926 0x2c6c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:27:22.0926 0x2c6c intelppm - ok
00:27:22.0957 0x2c6c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:27:22.0957 0x2c6c IPBusEnum - ok
00:27:23.0004 0x2c6c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:27:23.0019 0x2c6c IpFilterDriver - ok
00:27:23.0069 0x2c6c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:27:23.0084 0x2c6c iphlpsvc - ok
00:27:23.0118 0x2c6c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:27:23.0134 0x2c6c IPMIDRV - ok
00:27:23.0149 0x2c6c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:27:23.0165 0x2c6c IPNAT - ok
00:27:23.0243 0x2c6c [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:27:23.0258 0x2c6c iPod Service - ok
00:27:23.0290 0x2c6c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:27:23.0290 0x2c6c IRENUM - ok
00:27:23.0305 0x2c6c ireyrvls - ok
00:27:23.0336 0x2c6c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:27:23.0336 0x2c6c isapnp - ok
00:27:23.0399 0x2c6c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

E779, 440ECE9999FF17A70792E530A03A9D38F44C6245F06C47C988474E110C42168C ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
00:27:23.0464 0x2c6c JMCR - ok
00:27:23.0479 0x2c6c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
00:27:23.0479 0x2c6c kbdclass - ok
00:27:23.0511 0x2c6c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:27:23.0511 0x2c6c kbdhid - ok
00:27:23.0529 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
00:27:23.0529 0x2c6c KeyIso - ok
00:27:23.0560 0x2c6c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:27:23.0560 0x2c6c KSecDD - ok
00:27:23.0591 0x2c6c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:27:23.0591 0x2c6c KSecPkg - ok
00:27:23.0622 0x2c6c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:27:23.0622 0x2c6c ksthunk - ok
00:27:23.0669 0x2c6c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:27:23.0685 0x2c6c KtmRm - ok
00:27:23.0700 0x2c6c kwyjdkfc - ok
00:27:23.0750 0x2c6c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:27:23.0765 0x2c6c LanmanServer - ok
00:27:23.0812 0x2c6c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:27:23.0828 0x2c6c LanmanWorkstation - ok
00:27:23.0861 0x2c6c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:27:23.0861 0x2c6c lltdio - ok
00:27:23.0908 0x2c6c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:27:23.0908 0x2c6c lltdsvc - ok
00:27:23.0939 0x2c6c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:27:23.0939 0x2c6c lmhosts - ok
00:27:24.0002 0x2c6c [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:27:24.0017 0x2c6c LMS - ok
00:27:24.0048 0x2c6c logxmmoa - ok
00:27:24.0095 0x2c6c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:27:24.0095 0x2c6c LSI_FC - ok
00:27:24.0160 0x2c6c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:27:24.0176 0x2c6c LSI_SAS - ok
00:27:24.0225 0x2c6c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:27:24.0225 0x2c6c LSI_SAS2 - ok
00:27:24.0241 0x2c6c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:27:24.0256 0x2c6c LSI_SCSI - ok
00:27:24.0272 0x2c6c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:27:24.0272 0x2c6c luafv - ok
00:27:24.0303 0x2c6c mbcrpyut - ok
00:27:24.0433 0x2c6c [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
00:27:24.0448 0x2c6c McComponentHostService - ok
00:27:24.0495 0x2c6c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:27:24.0495 0x2c6c Mcx2Svc - ok
00:27:24.0511 0x2c6c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:27:24.0511 0x2c6c megasas - ok
00:27:24.0529 0x2c6c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:27:24.0529 0x2c6c MegaSR - ok
00:27:24.0719 0x2c6c [ 42D6DB8B6B340EBDA04C910D0C5CE51C, 00E6F36C3E4B5128A93932621DD935DEE4878C998E62CCB868A2E12701C119A2 ] microsoft_skydrive C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\capi2.exe
00:27:24.0862 0x2c6c microsoft_skydrive - ok
00:27:24.0893 0x2c6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:27:24.0893 0x2c6c MMCSS - ok
00:27:24.0926 0x2c6c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:27:24.0926 0x2c6c Modem - ok
00:27:24.0973 0x2c6c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:27:24.0973 0x2c6c monitor - ok
00:27:25.0004 0x2c6c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:27:25.0004 0x2c6c mouclass - ok
00:27:25.0054 0x2c6c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:27:25.0054 0x2c6c mouhid - ok
00:27:25.0119 0x2c6c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:27:25.0121 0x2c6c mountmgr - ok
00:27:25.0248 0x2c6c [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:27:25.0264 0x2c6c MpFilter - ok
00:27:25.0311 0x2c6c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
00:27:25.0311 0x2c6c mpio - ok
00:27:25.0521 0x2c6c [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKslcafc224f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7587C0C0-6B36-4747-8F64-DBB36113111E}\MpKslcafc224f.sys
00:27:25.0521 0x2c6c MpKslcafc224f - ok
00:27:25.0552 0x2c6c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:27:25.0552 0x2c6c mpsdrv - ok
00:27:25.0617 0x2c6c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:27:25.0648 0x2c6c MpsSvc - ok
00:27:25.0695 0x2c6c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:27:25.0695 0x2c6c MRxDAV - ok
00:27:25.0729 0x2c6c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:27:25.0729 0x2c6c mrxsmb - ok
00:27:25.0776 0x2c6c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:27:25.0776 0x2c6c mrxsmb10 - ok
00:27:25.0791 0x2c6c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:27:25.0791 0x2c6c mrxsmb20 - ok
00:27:25.0825 0x2c6c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
00:27:25.0825 0x2c6c msahci - ok
00:27:25.0841 0x2c6c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:27:25.0841 0x2c6c msdsm - ok
00:27:25.0872 0x2c6c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:27:25.0887 0x2c6c MSDTC - ok
00:27:25.0921 0x2c6c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:27:25.0921 0x2c6c Msfs - ok
00:27:25.0952 0x2c6c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:27:25.0952 0x2c6c mshidkmdf - ok
00:27:25.0968 0x2c6c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:27:25.0968 0x2c6c msisadrv - ok
00:27:26.0017 0x2c6c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:27:26.0017 0x2c6c MSiSCSI - ok
00:27:26.0017 0x2c6c msiserver - ok
00:27:26.0048 0x2c6c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:27:26.0048 0x2c6c MSKSSRV - ok
00:27:26.0160 0x2c6c [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:27:26.0160 0x2c6c MsMpSvc - ok
00:27:26.0191 0x2c6c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:27:26.0191 0x2c6c MSPCLOCK - ok
00:27:26.0191 0x2c6c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:27:26.0191 0x2c6c MSPQM - ok
00:27:26.0225 0x2c6c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:27:26.0241 0x2c6c MsRPC - ok
00:27:26.0287 0x2c6c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:27:26.0303 0x2c6c mssmbios - ok
00:27:26.0337 0x2c6c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:27:26.0337 0x2c6c MSTEE - ok
00:27:26.0384 0x2c6c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:27:26.0384 0x2c6c MTConfig - ok
00:27:26.0417 0x2c6c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:27:26.0417 0x2c6c Mup - ok
00:27:26.0511 0x2c6c [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:27:26.0511 0x2c6c MyWiFiDHCPDNS - ok
00:27:26.0545 0x2c6c mznekkmt - ok
00:27:26.0641 0x2c6c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
00:27:26.0656 0x2c6c napagent - ok
00:27:26.0719 0x2c6c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:27:26.0721 0x2c6c NativeWifiP - ok
00:27:26.0960 0x2c6c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
00:27:26.0991 0x2c6c NDIS - ok
00:27:27.0007 0x2c6c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:27:27.0007 0x2c6c NdisCap - ok
00:27:27.0072 0x2c6c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:27:27.0072 0x2c6c NdisTapi - ok
00:27:27.0103 0x2c6c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:27:27.0103 0x2c6c Ndisuio - ok
00:27:27.0155 0x2c6c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:27:27.0155 0x2c6c NdisWan - ok
00:27:27.0282 0x2c6c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:27:27.0298 0x2c6c NDProxy - ok
00:27:27.0298 0x2c6c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:27:27.0298 0x2c6c NetBIOS - ok
00:27:27.0363 0x2c6c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:27:27.0378 0x2c6c NetBT - ok
00:27:27.0394 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
00:27:27.0394 0x2c6c Netlogon - ok
00:27:27.0428 0x2c6c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:27:27.0443 0x2c6c Netman - ok
00:27:27.0524 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0555 0x2c6c NetMsmqActivator - ok
00:27:27.0570 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0586 0x2c6c NetPipeActivator - ok
00:27:27.0602 0x2c6c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:27:27.0620 0x2c6c netprofm - ok
00:27:27.0620 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0620 0x2c6c NetTcpActivator - ok
00:27:27.0635 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

3AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
00:27:28.0067 0x2c6c NETw5s64 - ok
00:27:28.0116 0x2c6c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:27:28.0116 0x2c6c nfrd960 - ok
00:27:28.0178 0x2c6c [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:27:28.0178 0x2c6c NisDrv - ok
00:27:28.0243 0x2c6c [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:27:28.0243 0x2c6c NisSrv - ok
00:27:28.0337 0x2c6c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:27:28.0339 0x2c6c NlaSvc - ok
00:27:28.0355 0x2c6c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:27:28.0370 0x2c6c Npfs - ok
00:27:28.0451 0x2c6c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:27:28.0451 0x2c6c nsi - ok
00:27:28.0482 0x2c6c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:27:28.0482 0x2c6c nsiproxy - ok
00:27:28.0563 0x2c6c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:27:28.0609 0x2c6c Ntfs - ok
00:27:28.0625 0x2c6c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:27:28.0628 0x2c6c Null - ok
00:27:28.0692 0x2c6c [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:27:28.0692 0x2c6c nusb3hub - ok
00:27:28.0726 0x2c6c [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:27:28.0726 0x2c6c nusb3xhc - ok
00:27:28.0757 0x2c6c [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:27:28.0773 0x2c6c NVHDA - ok
00:27:29.0178 0x2c6c [ 011F0596D167D073E6813AE88E7947A9, 2EF87754BE6477DAEF0B1C60C5BA5B6E038D2687EDCBE0A15B1A0862FF8D81BE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:27:29.0560 0x2c6c nvlddmkm - ok
00:27:29.0638 0x2c6c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:27:29.0638 0x2c6c nvraid - ok
00:27:29.0669 0x2c6c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:27:29.0669 0x2c6c nvstor - ok
00:27:29.0700 0x2c6c [ E72422F9C55078DFA298AC7AA0A87970, F6CB073B5BCD66E77BAF45E1FA3F8A6AE337728F7AE21FF53319669FA82A0C82 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:27:29.0700 0x2c6c nvsvc - ok
00:27:29.0778 0x2c6c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:27:29.0778 0x2c6c nv_agp - ok
00:27:29.0872 0x2c6c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:27:29.0872 0x2c6c odserv - ok
00:27:29.0903 0x2c6c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:27:29.0903 0x2c6c ohci1394 - ok
00:27:29.0965 0x2c6c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:27:29.0965 0x2c6c ose - ok
00:27:30.0199 0x2c6c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:27:30.0309 0x2c6c osppsvc - ok
00:27:30.0355 0x2c6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:27:30.0371 0x2c6c p2pimsvc - ok
00:27:30.0387 0x2c6c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:27:30.0402 0x2c6c p2psvc - ok
00:27:30.0433 0x2c6c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:27:30.0449 0x2c6c Parport - ok
00:27:30.0465 0x2c6c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:27:30.0465 0x2c6c partmgr - ok
00:27:30.0480 0x2c6c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:27:30.0480 0x2c6c PcaSvc - ok
00:27:30.0543 0x2c6c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:27:30.0543 0x2c6c pci - ok
00:27:30.0574 0x2c6c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:27:30.0574 0x2c6c pciide - ok
00:27:30.0605 0x2c6c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:27:30.0605 0x2c6c pcmcia - ok
00:27:30.0636 0x2c6c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:27:30.0636 0x2c6c pcw - ok
00:27:30.0652 0x2c6c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:27:30.0667 0x2c6c PEAUTH - ok
00:27:30.0761 0x2c6c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:27:30.0761 0x2c6c PerfHost - ok
00:27:30.0839 0x2c6c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:27:30.0870 0x2c6c pla - ok
00:27:30.0917 0x2c6c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:27:30.0917 0x2c6c PlugPlay - ok
00:27:30.0948 0x2c6c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:27:30.0948 0x2c6c PNRPAutoReg - ok
00:27:30.0979 0x2c6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:27:30.0979 0x2c6c PNRPsvc - ok
00:27:31.0011 0x2c6c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:27:31.0026 0x2c6c PolicyAgent - ok
00:27:31.0057 0x2c6c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:27:31.0057 0x2c6c Power - ok
00:27:31.0089 0x2c6c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:27:31.0104 0x2c6c PptpMiniport - ok
00:27:31.0135 0x2c6c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:27:31.0135 0x2c6c Processor - ok
00:27:31.0198 0x2c6c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
00:27:31.0198 0x2c6c ProfSvc - ok
00:27:31.0213 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:27:31.0213 0x2c6c ProtectedStorage - ok
00:27:31.0276 0x2c6c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:27:31.0291 0x2c6c Psched - ok
00:27:31.0323 0x2c6c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
00:27:31.0323 0x2c6c PxHlpa64 - ok
00:27:31.0354 0x2c6c [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
00:27:31.0354 0x2c6c qicflt - ok
00:27:31.0463 0x2c6c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:27:31.0494 0x2c6c ql2300 - ok
00:27:31.0510 0x2c6c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:27:31.0510 0x2c6c ql40xx - ok
00:27:31.0557 0x2c6c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:27:31.0572 0x2c6c QWAVE - ok
00:27:31.0572 0x2c6c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:27:31.0572 0x2c6c QWAVEdrv - ok
00:27:31.0588 0x2c6c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:27:31.0603 0x2c6c RasAcd - ok
00:27:31.0650 0x2c6c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:27:31.0650 0x2c6c RasAgileVpn - ok
00:27:31.0666 0x2c6c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:27:31.0666 0x2c6c RasAuto - ok
00:27:31.0697 0x2c6c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:27:31.0713 0x2c6c Rasl2tp - ok
00:27:31.0775 0x2c6c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:27:31.0791 0x2c6c RasMan - ok
00:27:31.0806 0x2c6c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:27:31.0806 0x2c6c RasPppoe - ok
00:27:31.0837 0x2c6c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:27:31.0837 0x2c6c RasSstp - ok
00:27:31.0900 0x2c6c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:27:31.0915 0x2c6c rdbss - ok
00:27:31.0931 0x2c6c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:27:31.0931 0x2c6c rdpbus - ok
00:27:31.0962 0x2c6c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:27:31.0962 0x2c6c RDPCDD - ok
00:27:32.0009 0x2c6c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:27:32.0009 0x2c6c RDPENCDD - ok
00:27:32.0025 0x2c6c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:27:32.0025 0x2c6c RDPREFMP - ok
00:27:32.0071 0x2c6c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:27:32.0087 0x2c6c RdpVideoMiniport - ok
00:27:32.0118 0x2c6c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:27:32.0134 0x2c6c RDPWD - ok
00:27:32.0181 0x2c6c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:27:32.0196 0x2c6c rdyboost - ok
00:27:32.0274 0x2c6c [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:27:32.0290 0x2c6c RegSrvc - ok
00:27:32.0321 0x2c6c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:27:32.0321 0x2c6c RemoteAccess - ok
00:27:32.0352 0x2c6c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:27:32.0368 0x2c6c RemoteRegistry - ok
00:27:32.0430 0x2c6c [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:27:32.0430 0x2c6c RimUsb - ok
00:27:32.0617 0x2c6c [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
00:27:32.0649 0x2c6c RoxMediaDB12OEM - ok
00:27:32.0695 0x2c6c [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
00:27:32.0695 0x2c6c RoxWatch12 - ok
00:27:32.0711 0x2c6c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:27:32.0727 0x2c6c RpcEptMapper - ok
00:27:32.0742 0x2c6c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:27:32.0742 0x2c6c RpcLocator - ok
00:27:32.0789 0x2c6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:27:32.0805 0x2c6c RpcSs - ok
00:27:32.0836 0x2c6c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:27:32.0836 0x2c6c rspndr - ok
00:27:32.0929 0x2c6c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:27:32.0945 0x2c6c RTL8167 - ok
00:27:32.0945 0x2c6c rvqhafqh - ok
00:27:32.0961 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
00:27:32.0961 0x2c6c SamSs - ok
00:27:32.0992 0x2c6c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:27:32.0992 0x2c6c sbp2port - ok
00:27:33.0054 0x2c6c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:27:33.0070 0x2c6c SCardSvr - ok
00:27:33.0085 0x2c6c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:27:33.0085 0x2c6c scfilter - ok
00:27:33.0148 0x2c6c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
00:27:33.0163 0x2c6c Schedule - ok
00:27:33.0195 0x2c6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:27:33.0210 0x2c6c SCPolicySvc - ok
00:27:33.0226 0x2c6c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
00:27:33.0241 0x2c6c sdbus - ok
00:27:33.0288 0x2c6c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:27:33.0304 0x2c6c SDRSVC - ok
00:27:33.0319 0x2c6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:27:33.0319 0x2c6c secdrv - ok
00:27:33.0351 0x2c6c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:27:33.0351 0x2c6c seclogon - ok
00:27:33.0366 0x2c6c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:27:33.0366 0x2c6c SENS - ok
00:27:33.0397 0x2c6c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:27:33.0397 0x2c6c SensrSvc - ok
00:27:33.0429 0x2c6c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:27:33.0429 0x2c6c Serenum - ok
00:27:33.0444 0x2c6c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:27:33.0444 0x2c6c Serial - ok
00:27:33.0522 0x2c6c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:27:33.0522 0x2c6c sermouse - ok
00:27:33.0569 0x2c6c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:27:33.0585 0x2c6c SessionEnv - ok
00:27:33.0600 0x2c6c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:27:33.0600 0x2c6c sffdisk - ok
00:27:33.0647 0x2c6c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:27:33.0647 0x2c6c sffp_mmc - ok
00:27:33.0663 0x2c6c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:27:33.0663 0x2c6c sffp_sd - ok
00:27:33.0694 0x2c6c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:27:33.0694 0x2c6c sfloppy - ok
00:27:33.0756 0x2c6c [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
00:27:33.0772 0x2c6c Sftfs - ok
00:27:33.0850 0x2c6c [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:27:33.0850 0x2c6c sftlist - ok
00:27:33.0881 0x2c6c [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:27:33.0897 0x2c6c Sftplay - ok
00:27:33.0912 0x2c6c [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:27:33.0912 0x2c6c Sftredir - ok
00:27:34.0021 0x2c6c [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:27:34.0037 0x2c6c SftService - ok
00:27:34.0053 0x2c6c [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
00:27:34.0068 0x2c6c Sftvol - ok
00:27:34.0099 0x2c6c [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:27:34.0115 0x2c6c sftvsa - ok
00:27:34.0287 0x2c6c [ E2266AFC49C3F48C02FE5B3FBA1E872D, FABC970301901B72BD8AE9EF88A058899CBFB16083F6FDDC8D24F53E8E6A4747 ] share C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\destination.exe
00:27:34.0287 0x2c6c share - ok
00:27:34.0365 0x2c6c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:27:34.0380 0x2c6c SharedAccess - ok
00:27:34.0427 0x2c6c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:27:34.0427 0x2c6c ShellHWDetection - ok
00:27:34.0474 0x2c6c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:27:34.0474 0x2c6c SiSRaid2 - ok
00:27:34.0489 0x2c6c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:27:34.0489 0x2c6c SiSRaid4 - ok
00:27:34.0599 0x2c6c [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:27:34.0599 0x2c6c SkypeUpdate - ok
00:27:34.0661 0x2c6c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:27:34.0661 0x2c6c Smb - ok
00:27:34.0708 0x2c6c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:27:34.0708 0x2c6c SNMPTRAP - ok
00:27:34.0739 0x2c6c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:27:34.0739 0x2c6c spldr - ok
00:27:34.0817 0x2c6c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:27:34.0817 0x2c6c Spooler - ok
00:27:34.0957 0x2c6c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:27:35.0051 0x2c6c sppsvc - ok
00:27:35.0067 0x2c6c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:27:35.0067 0x2c6c sppuinotify - ok
00:27:35.0098 0x2c6c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:27:35.0113 0x2c6c srv - ok
00:27:35.0129 0x2c6c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:27:35.0145 0x2c6c srv2 - ok
00:27:35.0160 0x2c6c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:27:35.0160 0x2c6c srvnet - ok
00:27:35.0207 0x2c6c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:27:35.0223 0x2c6c SSDPSRV - ok
00:27:35.0254 0x2c6c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:27:35.0254 0x2c6c SstpSvc - ok
00:27:35.0285 0x2c6c [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
00:27:35.0285 0x2c6c stdcfltn - ok
00:27:35.0394 0x2c6c [ C6539A0CB1EBFF488D3D4B070C4F17F8, F889F58BF2ABDAD91E814D7F72879EFA735F672E6B8BAC22D8B3E390D3D93926 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

00:27:35.0441 0x2c6c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:27:35.0441 0x2c6c stexstor - ok
00:27:35.0488 0x2c6c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
00:27:35.0488 0x2c6c StillCam - ok
00:27:35.0566 0x2c6c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:27:35.0581 0x2c6c stisvc - ok
00:27:35.0628 0x2c6c [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
00:27:35.0628 0x2c6c stllssvr - ok
00:27:35.0659 0x2c6c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
00:27:35.0659 0x2c6c swenum - ok
00:27:35.0691 0x2c6c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:27:35.0706 0x2c6c swprv - ok
00:27:35.0784 0x2c6c [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:27:35.0815 0x2c6c SynTP - ok
00:27:35.0893 0x2c6c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
00:27:35.0940 0x2c6c SysMain - ok
00:27:36.0018 0x2c6c [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
00:27:36.0034 0x2c6c SystemStoreService - ok
00:27:36.0096 0x2c6c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:27:36.0096 0x2c6c TabletInputService - ok
00:27:36.0127 0x2c6c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:27:36.0127 0x2c6c TapiSrv - ok
00:27:36.0159 0x2c6c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:27:36.0159 0x2c6c TBS - ok
00:27:36.0283 0x2c6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:27:36.0330 0x2c6c Tcpip - ok
00:27:36.0393 0x2c6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:27:36.0424 0x2c6c TCPIP6 - ok
00:27:36.0471 0x2c6c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:27:36.0471 0x2c6c tcpipreg - ok
00:27:36.0502 0x2c6c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:27:36.0502 0x2c6c TDPIPE - ok
00:27:36.0564 0x2c6c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:27:36.0564 0x2c6c TDTCP - ok
00:27:36.0595 0x2c6c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:27:36.0595 0x2c6c tdx - ok
00:27:36.0829 0x2c6c [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
00:27:36.0954 0x2c6c TeamViewer9 - ok
00:27:36.0985 0x2c6c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
00:27:36.0985 0x2c6c TermDD - ok
00:27:37.0032 0x2c6c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
00:27:37.0048 0x2c6c TermService - ok
00:27:37.0079 0x2c6c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:27:37.0079 0x2c6c Themes - ok
00:27:37.0110 0x2c6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:27:37.0110 0x2c6c THREADORDER - ok
00:27:37.0110 0x2c6c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:27:37.0126 0x2c6c TrkWks - ok
00:27:37.0219 0x2c6c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:27:37.0219 0x2c6c TrustedInstaller - ok
00:27:37.0251 0x2c6c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:27:37.0251 0x2c6c tssecsrv - ok
00:27:37.0360 0x2c6c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:27:37.0360 0x2c6c TsUsbFlt - ok
00:27:37.0407 0x2c6c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:27:37.0407 0x2c6c tunnel - ok
00:27:37.0453 0x2c6c [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:27:37.0453 0x2c6c TurboB - ok
00:27:37.0500 0x2c6c [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:27:37.0500 0x2c6c TurboBoost - ok
00:27:37.0563 0x2c6c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:27:37.0563 0x2c6c uagp35 - ok
00:27:37.0594 0x2c6c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:27:37.0609 0x2c6c udfs - ok
00:27:37.0625 0x2c6c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:27:37.0625 0x2c6c UI0Detect - ok
00:27:37.0687 0x2c6c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:27:37.0703 0x2c6c uliagpkx - ok
00:27:37.0734 0x2c6c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
00:27:37.0734 0x2c6c umbus - ok
00:27:37.0765 0x2c6c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:27:37.0765 0x2c6c UmPass - ok
00:27:37.0937 0x2c6c [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:27:37.0984 0x2c6c UNS - ok
00:27:38.0015 0x2c6c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:27:38.0031 0x2c6c upnphost - ok
00:27:38.0077 0x2c6c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:27:38.0077 0x2c6c USBAAPL64 - ok
00:27:38.0155 0x2c6c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:27:38.0155 0x2c6c usbaudio - ok
00:27:38.0202 0x2c6c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:27:38.0202 0x2c6c usbccgp - ok
00:27:38.0233 0x2c6c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:27:38.0233 0x2c6c usbcir - ok
00:27:38.0265 0x2c6c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:27:38.0265 0x2c6c usbehci - ok
00:27:38.0311 0x2c6c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:27:38.0327 0x2c6c usbhub - ok
00:27:38.0358 0x2c6c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:27:38.0358 0x2c6c usbohci - ok
00:27:38.0405 0x2c6c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:27:38.0405 0x2c6c usbprint - ok
00:27:38.0452 0x2c6c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:27:38.0467 0x2c6c USBSTOR - ok
00:27:38.0499 0x2c6c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:27:38.0499 0x2c6c usbuhci - ok
00:27:38.0530 0x2c6c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:27:38.0530 0x2c6c usbvideo - ok
00:27:38.0545 0x2c6c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:27:38.0545 0x2c6c UxSms - ok
00:27:38.0561 0x2c6c uzdhxgpw - ok
00:27:38.0577 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
00:27:38.0592 0x2c6c VaultSvc - ok
00:27:38.0639 0x2c6c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:27:38.0639 0x2c6c vdrvroot - ok
00:27:38.0686 0x2c6c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:27:38.0701 0x2c6c vds - ok
00:27:38.0717 0x2c6c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:27:38.0733 0x2c6c vga - ok
00:27:38.0733 0x2c6c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:27:38.0748 0x2c6c VgaSave - ok
00:27:38.0764 0x2c6c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:27:38.0764 0x2c6c vhdmp - ok
00:27:38.0811 0x2c6c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:27:38.0811 0x2c6c viaide - ok
00:27:38.0857 0x2c6c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:27:38.0857 0x2c6c volmgr - ok
00:27:38.0889 0x2c6c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:27:38.0904 0x2c6c volmgrx - ok
00:27:38.0920 0x2c6c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:27:38.0935 0x2c6c volsnap - ok
00:27:38.0935 0x2c6c vparxfrs - ok
00:27:38.0967 0x2c6c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:27:38.0982 0x2c6c vsmraid - ok
00:27:39.0045 0x2c6c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:27:39.0076 0x2c6c VSS - ok
00:27:39.0107 0x2c6c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:27:39.0107 0x2c6c vwifibus - ok
00:27:39.0107 0x2c6c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:27:39.0107 0x2c6c vwififlt - ok
00:27:39.0169 0x2c6c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:27:39.0185 0x2c6c vwifimp - ok
00:27:39.0232 0x2c6c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:27:39.0247 0x2c6c W32Time - ok
00:27:39.0263 0x2c6c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:27:39.0263 0x2c6c WacomPen - ok
00:27:39.0294 0x2c6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:27:39.0294 0x2c6c WANARP - ok
00:27:39.0310 0x2c6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:27:39.0310 0x2c6c Wanarpv6 - ok
00:27:39.0388 0x2c6c [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
00:27:39.0388 0x2c6c wanatw - ok
00:27:39.0481 0x2c6c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:27:39.0513 0x2c6c wbengine - ok
00:27:39.0544 0x2c6c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:27:39.0544 0x2c6c WbioSrvc - ok
00:27:39.0591 0x2c6c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:27:39.0591 0x2c6c wcncsvc - ok
00:27:39.0606 0x2c6c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:27:39.0622 0x2c6c WcsPlugInService - ok
00:27:39.0637 0x2c6c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:27:39.0637 0x2c6c Wd - ok
00:27:39.0684 0x2c6c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:27:39.0700 0x2c6c Wdf01000 - ok
00:27:39.0762 0x2c6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:27:39.0778 0x2c6c WdiServiceHost - ok
00:27:39.0778 0x2c6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:27:39.0793 0x2c6c WdiSystemHost - ok
00:27:39.0840 0x2c6c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
00:27:39.0856 0x2c6c WebClient - ok
00:27:39.0871 0x2c6c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:27:39.0871 0x2c6c Wecsvc - ok
00:27:39.0903 0x2c6c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:27:39.0903 0x2c6c wercplsupport - ok
00:27:39.0918 0x2c6c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:27:39.0918 0x2c6c WerSvc - ok
00:27:39.0949 0x2c6c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:27:39.0949 0x2c6c WfpLwf - ok
00:27:40.0027 0x2c6c [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:27:40.0027 0x2c6c WimFltr - ok
00:27:40.0043 0x2c6c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:27:40.0059 0x2c6c WIMMount - ok
00:27:40.0074 0x2c6c WinDefend - ok
00:27:40.0105 0x2c6c WinHttpAutoProxySvc - ok
00:27:40.0168 0x2c6c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:27:40.0183 0x2c6c Winmgmt - ok
00:27:40.0355 0x2c6c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
00:27:40.0402 0x2c6c WinRM - ok
00:27:40.0464 0x2c6c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:27:40.0464 0x2c6c WinUsb - ok
00:27:40.0527 0x2c6c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:27:40.0558 0x2c6c Wlansvc - ok
00:27:40.0714 0x2c6c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:27:40.0776 0x2c6c wlidsvc - ok
00:27:40.0792 0x2c6c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:27:40.0792 0x2c6c WmiAcpi - ok
00:27:40.0839 0x2c6c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:27:40.0839 0x2c6c wmiApSrv - ok
00:27:40.0870 0x2c6c WMPNetworkSvc - ok
00:27:40.0901 0x2c6c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:27:40.0901 0x2c6c WPCSvc - ok
00:27:40.0932 0x2c6c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:27:40.0932 0x2c6c WPDBusEnum - ok
00:27:40.0948 0x2c6c wrccyqbi - ok
00:27:40.0979 0x2c6c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:27:40.0979 0x2c6c ws2ifsl - ok
00:27:41.0010 0x2c6c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
00:27:41.0010 0x2c6c wscsvc - ok
00:27:41.0010 0x2c6c WSearch - ok
00:27:41.0135 0x2c6c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
00:27:41.0197 0x2c6c wuauserv - ok
00:27:41.0229 0x2c6c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:27:41.0229 0x2c6c WudfPf - ok
00:27:41.0291 0x2c6c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:27:41.0291 0x2c6c WUDFRd - ok
00:27:41.0322 0x2c6c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:27:41.0322 0x2c6c wudfsvc - ok
00:27:41.0353 0x2c6c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
00:27:41.0369 0x2c6c WwanSvc - ok
00:27:41.0385 0x2c6c ================ Scan global ===============================
00:27:41.0416 0x2c6c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:27:41.0447 0x2c6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:27:41.0463 0x2c6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:27:41.0494 0x2c6c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:27:41.0525 0x2c6c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:27:41.0525 0x2c6c [ Global ] - ok
00:27:41.0525 0x2c6c ================ Scan MBR ==================================
00:27:41.0541 0x2c6c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:27:41.0837 0x2c6c \Device\Harddisk0\DR0 - ok
00:27:41.0837 0x2c6c ================ Scan VBR ==================================
00:27:41.0837 0x2c6c [ C390E3589D88C13E2E4B367DD63B5E22 ] \Device\Harddisk0\DR0\Partition1
00:27:41.0837 0x2c6c \Device\Harddisk0\DR0\Partition1 - ok
00:27:41.0837 0x2c6c [ AEE47885D25CCB3430C6EE0DBCC87E6F ] \Device\Harddisk0\DR0\Partition2
00:27:41.0868 0x2c6c \Device\Harddisk0\DR0\Partition2 - ok
00:27:41.0868 0x2c6c ================ Scan generic autorun ======================
00:27:41.0868 0x2c6c SynTPEnh - ok
00:27:42.0149 0x2c6c [ AB729318BD85B82FC4313DCF5DA93C8E, 30677159794FB4D99787C1D795F5CA8E6C97CBE9BF8932E8E1AE2851497D1E37 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
00:27:42.0274 0x2c6c RTHDVCPL - ok
00:27:42.0367 0x2c6c [ 7EB0AE9D61C9CD6FCE90F0E69804487A, 43C5BCC02BC49A1A6A39B16BFAAC5FBBA1C5EAFB1A18BDE87ABB5B6F1B5D4D4F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:27:42.0414 0x2c6c RtHDVBg - ok
00:27:42.0414 0x2c6c NVHotkey - ok
00:27:42.0508 0x2c6c [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
00:27:42.0555 0x2c6c IntelWireless - ok
00:27:42.0679 0x2c6c [ 0AD61A3C844EEFE88780749E362D1E57, 5F2EF864827F65130B3292F49A2AFEC45006980D061978DAB31A6ECB1F2A0200 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
00:27:42.0742 0x2c6c QuickSet - ok
00:27:42.0804 0x2c6c [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
00:27:42.0820 0x2c6c FreeFallProtection - ok
00:27:42.0929 0x2c6c [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
00:27:42.0945 0x2c6c MSC - ok
00:27:43.0085 0x2c6c [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:43.0085 0x2c6c friends - ok
00:27:43.0132 0x2c6c [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:27:43.0147 0x2c6c NUSB3MON - ok
00:27:43.0210 0x2c6c [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
00:27:43.0210 0x2c6c IAStorIcon - ok
00:27:43.0319 0x2c6c [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
00:27:43.0335 0x2c6c ControlCenter3 - ok
00:27:43.0428 0x2c6c [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
00:27:43.0491 0x2c6c BrStsMon00 - ok
00:27:43.0569 0x2c6c [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
00:27:43.0600 0x2c6c BrMfcWnd - ok
00:27:43.0693 0x2c6c [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:27:43.0725 0x2c6c Adobe ARM - ok
00:27:43.0818 0x2c6c [ C482C535CBFEFE722EC1EB7F11F680A3, D7374A4BFEF274F7E33FDA40AA8ED8D8F78448E745A27032FE80475D5B1FAA63 ] C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe
00:27:43.0818 0x2c6c HostManager - ok
00:27:43.0818 0x2c6c ApnTBMon - ok
00:27:43.0865 0x2c6c [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:27:43.0881 0x2c6c APSDaemon - ok
00:27:43.0943 0x2c6c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:27:43.0959 0x2c6c SunJavaUpdateSched - ok
00:27:43.0990 0x2c6c [ A043F2DCB3DE6A01317FD7DDDAA53736, 7BF8BECC4AB5C21C5524F15EA3C5FF48EA2AE44AFCBADB443CFEBB72E2037A09 ] C:\Program Files (x86)\VNT\vntldr.exe
00:27:43.0990 0x2c6c VNT - ok
00:27:44.0099 0x2c6c [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:27:44.0099 0x2c6c QuickTime Task - ok
00:27:44.0177 0x2c6c [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\iTunesHelper.exe
00:27:44.0193 0x2c6c iTunesHelper - ok
00:27:44.0271 0x2c6c [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
00:27:44.0271 0x2c6c Launcher - ok
00:27:44.0317 0x2c6c [ B99C05C2C0AA671642962CBCCE138660, 3F17B69E226E15E216CCA07A5602529643B315C02C5CAB4C597DA948F105465E ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
00:27:44.0317 0x2c6c DSUpdateLauncher - ok
00:27:44.0411 0x2c6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:27:44.0427 0x2c6c Sidebar - ok
00:27:44.0458 0x2c6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:27:44.0473 0x2c6c mctadmin - ok
00:27:44.0489 0x2c6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:27:44.0520 0x2c6c Sidebar - ok
00:27:44.0520 0x2c6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:27:44.0536 0x2c6c mctadmin - ok
00:27:44.0551 0x2c6c ooVoo.exe - ok
00:27:44.0692 0x2c6c [ 40ADA4963225D142B831D0551151210E, 3E6DB8F6FBFED4CC81FA6BF8E4280F4B02A2BDBBD10396F2887412D1DF2137CE ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
00:27:44.0692 0x2c6c DellSystemDetect - ok
00:27:44.0848 0x2c6c [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
00:27:44.0848 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe. md5: 1F7E04F6CDF9F556BB7666D711E1474F, sha256: B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9
00:27:44.0879 0x2c6c uqdfumrw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:27:52.0196 0x2d5c Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:52.0274 0x2c6c uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:27:52.0274 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
00:27:54.0754 0x2d5c Object send P2P result: true
00:27:54.0832 0x2c6c Object send P2P result: true
00:27:57.0328 0x2c6c Have new async UDS detects: 1
00:27:57.0328 0x2c6c friends - detected UDS

angerousObject.Multi.Generic ( 0 )
00:27:57.0328 0x2c6c friends ( UDS

angerousObject.Multi.Generic ) - infected
00:27:57.0328 0x2c6c Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:59.0886 0x2c6c Object send P2P result: true
00:28:02.0367 0x2c6c [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
00:28:02.0382 0x2c6c tionkcrz - ok
00:28:02.0382 0x2c6c Have new async UDS detects: 1
00:28:02.0382 0x2c6c tionkcrz - detected UDS

angerousObject.Multi.Generic ( 0 )
00:28:02.0382 0x2c6c tionkcrz ( UDS

angerousObject.Multi.Generic ) - infected
00:28:02.0382 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
00:28:04.0972 0x2c6c Object send P2P result: true
00:28:07.0437 0x2c6c ifoxxwzr - ok
00:28:07.0452 0x2c6c tfwywndb - ok
00:28:07.0452 0x2c6c liyezfcu - ok
00:28:07.0468 0x2c6c hffgquir - ok
00:28:07.0530 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
00:28:07.0530 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:28:07.0530 0x2c6c system64-print32 - detected LockedFile.Multi.Generic ( 1 )
00:28:09.0995 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:28:09.0995 0x2c6c system64-print32 ( UDS

angerousObject.Multi.Generic ) - infected
00:28:09.0995 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
00:28:12.0554 0x2c6c Object send P2P result: true
00:28:15.0065 0x2c6c [ 4C4592B7490BFA070C9720FD7B0D9A93, 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC ] C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
00:28:15.0065 0x2c6c Suspicious file ( NoAccess ): C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe. md5: 4C4592B7490BFA070C9720FD7B0D9A93, sha256: 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC
00:28:15.0081 0x2c6c xlazimaw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:17.0514 0x2c6c xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:17.0514 0x2c6c Force sending object to P2P due to detect: C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
00:28:20.0073 0x2c6c Object send P2P result: true
00:28:22.0569 0x2c6c [ B492067250ABA2678B671313039D352B, 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:22.0569 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe. md5: B492067250ABA2678B671313039D352B, sha256: 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C
00:28:22.0584 0x2c6c chrome64wave - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:25.0049 0x2c6c Object required for P2P: [ B492067250ABA2678B671313039D352B ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:27.0623 0x2c6c Object send P2P result: true
00:28:27.0623 0x2c6c chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:27.0623 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:30.0213 0x2c6c Object send P2P result: true
00:28:32.0693 0x2c6c [ 02B7736BCF35092A37CCD521658379CD, 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
00:28:32.0693 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe. md5: 02B7736BCF35092A37CCD521658379CD, sha256: 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA
00:28:32.0709 0x2c6c perl32runner32 - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:35.0174 0x2c6c perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:35.0174 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
00:28:38.0138 0x2c6c Object send P2P result: true
00:28:40.0774 0x2c6c [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:40.0774 0x2c6c friends - ok
00:28:40.0774 0x2c6c Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:43.0426 0x2c6c Object send P2P result: true
00:28:43.0426 0x2c6c Have new async UDS detects: 1
00:28:43.0426 0x2c6c friends - detected UDS

angerousObject.Multi.Generic ( 0 )
00:28:43.0426 0x2c6c friends ( UDS

angerousObject.Multi.Generic ) - infected
00:28:43.0426 0x2c6c Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:45.0969 0x2c6c Object send P2P result: true
00:28:48.0527 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe
00:28:48.0527 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:28:48.0527 0x2c6c win - detected LockedFile.Multi.Generic ( 1 )
00:28:48.0527 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:28:48.0527 0x2c6c win ( UDS

angerousObject.Multi.Generic ) - infected
00:28:48.0527 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe
00:28:51.0678 0x2c6c Object send P2P result: true
00:29:06.0015 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
00:29:06.0030 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:29:06.0030 0x2c6c explorer64login - detected LockedFile.Multi.Generic ( 1 )
00:29:06.0030 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:29:06.0030 0x2c6c explorer64login ( UDS

angerousObject.Multi.Generic ) - infected
00:29:06.0030 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
00:29:11.0288 0x2c6c Object send P2P result: true
00:29:13.0877 0x2c6c [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
00:29:13.0893 0x2c6c Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok

00:29:13.0908 0x2c6c [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
00:29:13.0908 0x2c6c Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
00:29:14.0049 0x2c6c [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
00:29:14.0049 0x2c6c AOL Fast Start - ok
00:29:14.0127 0x2c6c [ 966FE904599B9A0F80EA498851180829, A95A67DF82FD40A0173C08919E7AB4B3CC207C8B8E07D850CC9C8AD0A44BF0CB ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
00:29:14.0142 0x2c6c GoogleChromeAutoLaunch_95998DA8AA06BA0E1CB0911F871E1ECB - ok
00:29:14.0142 0x2c6c [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
00:29:14.0142 0x2c6c AOL Fast Start - ok
00:29:14.0158 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:15.0172 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:16.0186 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:17.0216 0x2c6c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
00:29:17.0309 0x2c6c Win FW state via NFP2: enabled
00:29:19.0758 0x2c6c ============================================================
00:29:19.0758 0x2c6c Scan finished
00:29:19.0758 0x2c6c ============================================================
00:29:19.0774 0x1554 Detected object count: 10
00:29:19.0774 0x1554 Actual detected object count: 10
00:30:48.0523 0x1554 uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 tionkcrz ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 tionkcrz ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 system64-print32 ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 system64-print32 ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 win ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 win ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0538 0x1554 explorer64login ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0538 0x1554 explorer64login ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:31:23.0279 0x1848 Deinitialize success

fertig...

Einhorn66 · 14.11.2014, 01:01

Nun fall ch in die heia...muss morgen früh zur op...gucke danach rein

14.11.2014, 00:38	#5
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Neuer Postbank Trojaner. Wie muss ich vorgehen? So ist es... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

14.11.2014, 00:52	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Neuer Postbank Trojaner. Wie muss ich vorgehen? Copy & paste __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Neuer Postbank Trojaner. Wie muss ich vorgehen?

Plagegeister aller Art und deren Bekämpfung: Neuer Postbank Trojaner. Wie muss ich vorgehen?