Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Tastertur schreibt rückwärts / Desktop spielt verrückt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.01.2015, 16:13   #1
Dustoff
 
Tastertur schreibt rückwärts / Desktop spielt verrückt - Beitrag

Tastertur schreibt rückwärts / Desktop spielt verrückt



Guten Abend Zusammen,

ich bin neu hier im Forum. Also bitte seit nicht ganz so streng mit mir :-)

Ich habe folgendes Problem...nach unbestimmter Zeit spielt mein PC irgendwie verrückt.
Wenn ich im Browser oder sonst wo etwas schreiben will, schreibe ich plötzlich alles rückwärts (von rechts nach links) quasi in Spiegelschrift.

Weiterhin beobachte ich, das wenn ich irgendein Symbol auf dem Desktop anklicken,sich immer das Programm welches hinter dem in der Linken oberen Ecke befindliche Desktopsymbol verlinkt ist öffnet.

Einige Downloads werden nicht vollständig abgeschlossen...

Ich nutze Kaspersky, das Programm hat nichts gefunden. Ich habe bereits diverse andere Programme benutzt um meinen PC zu überprüfen. Kein Programm findet etwas...

Was könnte das sein?

Nach einem PC Neustart funktioniert dann meistens alles wieder nochmal bis auf unbestimmte Zeit.

Ich hoffe Ihr habt einen Tipp für mich.

Gruß
Stefan

Alt 29.01.2015, 16:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 29.01.2015, 17:20   #3
Dustoff
 
Tastertur schreibt rückwärts / Desktop spielt verrückt - Icon17

Tastertur schreibt rückwärts / Desktop spielt verrückt



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Stefan (administrator) on STEFAN-PC on 29-01-2015 18:17:15
Running from F:\Downloads
Loaded Profiles: Stefan (Available profiles: Stefan)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Spotify Ltd) C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Mad Catz) C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-11-05] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [X-55 Rhino] => C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe [86528 2014-04-11] (Mad Catz)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Run: [Spotify] => C:\Users\Stefan\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Run: [Spotify Web Helper] => C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\MountPoints2: {51d2c6ce-6504-11e4-b9d5-806e6f6e6963} - I:\DVDSetup.exe
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\MountPoints2: {e4c72d55-6513-11e4-b495-806e6f6e6963} - I:\dvdcheck.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-304583724-483401485-1721918428-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> H:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Media Hint - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\mediahint@jetpack.xpi [2014-11-18]
FF Extension: Password Exporter - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2014-11-05]
FF Extension: Adblock Plus - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-05]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 PAExec; C:\Windows\PAExec.exe [190464 2014-11-25] (Power Admin LLC) [File not signed]
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SkypeUpdate; H:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-20] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-11-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-20] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 Said2215; C:\Windows\System32\DRIVERS\Said2215.sys [25280 2014-03-06] (Saitek)
R3 Saida215; C:\Windows\System32\DRIVERS\Saida215.sys [25280 2014-03-06] (Saitek)
R3 SaiG2215; C:\Windows\System32\DRIVERS\SaiG2215.sys [179904 2014-03-06] (Saitek)
R3 SaiGa215; C:\Windows\System32\DRIVERS\SaiGa215.sys [179904 2014-03-06] (Saitek)
S3 SaiK0762; C:\Windows\System32\DRIVERS\SaiK0762.sys [179872 2014-08-05] (Saitek)
S3 SaiK0836; C:\Windows\System32\DRIVERS\SaiK0836.sys [131584 2008-09-12] (Saitek)
R3 SaiK2215; C:\Windows\System32\DRIVERS\SaiK2215.sys [179904 2014-03-06] (Saitek)
R3 SaiKa215; C:\Windows\System32\DRIVERS\SaiKa215.sys [179904 2014-03-06] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24040 2014-03-06] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [51560 2014-03-06] (Saitek)
S3 MSICDSetup; \??\I:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\I:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 18:17 - 2015-01-29 18:17 - 00000000 ____D () C:\FRST
2015-01-29 17:00 - 2015-01-29 17:04 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-29 16:57 - 2015-01-29 17:04 - 00000000 ____D () C:\Users\Stefan\Desktop\mbar
2015-01-27 08:38 - 2015-01-27 08:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 23:14 - 2015-01-22 23:19 - 00000000 ____D () C:\Users\Stefan\Desktop\Char
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Users\Stefan\Documents\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-22 19:42 - 2015-01-22 19:42 - 00000518 _____ () C:\Users\Stefan\Downloads\LAPD.asx
2015-01-22 19:35 - 2015-01-22 19:35 - 00042983 _____ () C:\Users\Stefan\Downloads\handling.dat
2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\Users\Stefan\Downloads\1ChikamruRealTraffic
2015-01-22 18:43 - 2015-01-22 18:43 - 00433384 _____ () C:\Users\Stefan\Downloads\1ChikamruRealTraffic.rar
2015-01-22 18:41 - 2015-01-22 18:41 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Take-Two_Interactive_Soft
2015-01-22 18:34 - 2015-01-22 18:34 - 00642712 _____ (Microsoft Corporation) C:\Users\Stefan\Downloads\gfwlive35setup.exe
2015-01-22 18:34 - 2015-01-22 18:34 - 00000000 ____D () C:\Users\Stefan\Documents\Games for Windows - LIVE Demos
2015-01-22 18:34 - 2015-01-22 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-01-21 23:29 - 2015-01-21 23:29 - 00000201 _____ () C:\Users\Stefan\Desktop\Grand Theft Auto IV.url
2015-01-21 23:07 - 2015-01-21 23:07 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2015-01-21 22:57 - 2015-01-21 22:57 - 00000000 ____D () C:\Users\Stefan\Documents\Rockstar Games
2015-01-21 22:50 - 2015-01-21 22:50 - 00000000 __SHD () C:\ProgramData\SecuROM
2015-01-21 22:49 - 2015-01-22 18:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-21 22:49 - 2015-01-21 22:49 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 __RHD () C:\Users\Stefan\AppData\Roaming\SecuROM
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Rockstar Games
2015-01-21 21:41 - 2015-01-21 21:43 - 00000000 ____D () C:\AdwCleaner
2015-01-21 21:35 - 2015-01-29 17:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 21:35 - 2015-01-29 16:57 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-21 21:35 - 2015-01-21 21:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-21 21:35 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-21 21:35 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-21 17:32 - 2015-01-21 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsPassengersX
2015-01-20 22:08 - 2015-01-20 22:08 - 00001055 _____ () C:\Users\Stefan\Desktop\767-300 FSX Configuration Manager.lnk
2015-01-20 22:07 - 2015-01-20 22:07 - 00002048 _____ () C:\Windows\ld767fsx.lic
2015-01-20 15:32 - 2015-01-20 15:32 - 00003005 _____ () C:\Users\Stefan\Desktop\X-55 Rhino.lnk
2015-01-20 15:32 - 2015-01-20 15:32 - 00000000 ____D () C:\Program Files\Mad Catz
2015-01-20 13:46 - 2015-01-20 13:46 - 00000000 _____ () C:\Windows\system32\msi_drv_dmp.txt
2015-01-20 13:21 - 2015-01-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG
2015-01-19 23:10 - 2015-01-20 11:50 - 00001328 _____ () C:\FSUIPC_reg.bin
2015-01-19 22:34 - 2015-01-19 22:34 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
2015-01-19 21:53 - 2015-01-19 21:53 - 00000656 _____ () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2015-01-19 21:10 - 2015-01-19 21:10 - 00000061 ___SH () C:\Windows\cnerolf.dat
2015-01-19 21:08 - 2015-01-20 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2015-01-19 21:08 - 2015-01-19 21:08 - 00000879 _____ () C:\Users\Stefan\Desktop\767-300 Configuration Manager.lnk
2015-01-19 21:07 - 2015-01-19 21:07 - 00002048 _____ () C:\Windows\lvld67.lic
2015-01-19 10:05 - 2015-01-19 10:07 - 00000676 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2015-01-19 09:43 - 2015-01-19 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC MSFS Gauge
2015-01-19 01:08 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-19 01:07 - 2015-01-19 01:07 - 00000199 _____ () C:\Users\Stefan\QualityWings_Ultimate 757 Collection.reg
2015-01-19 00:51 - 2015-01-19 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QualityWings
2015-01-19 00:39 - 2015-01-21 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-19 00:39 - 2015-01-19 00:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-19 00:39 - 2015-01-19 00:39 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-19 00:39 - 2015-01-19 00:39 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-19 00:39 - 2015-01-19 00:39 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-19 00:39 - 2015-01-19 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-19 00:39 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-01-19 00:19 - 2015-01-19 00:19 - 00000181 _____ () C:\Users\Stefan\FSDreamTeam_KLAS.reg
2015-01-19 00:14 - 2015-01-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2015-01-15 18:01 - 2015-01-15 18:01 - 00000648 _____ () C:\Users\Stefan\Desktop\FS Global Real Weather.lnk
2015-01-15 17:46 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 17:45 - 2015-01-15 17:45 - 00000884 _____ () C:\Users\Public\Desktop\AESHelp.lnk
2015-01-14 23:37 - 2015-01-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSNavigator for FS2004
2015-01-14 23:01 - 2015-01-14 23:01 - 00000185 _____ () C:\Users\Stefan\FlightBeam_San Francisco X.reg
2015-01-14 22:38 - 2015-01-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC FS2004 Gauge
2015-01-14 22:38 - 2015-01-14 22:38 - 00000000 ____D () C:\Panel
2015-01-14 20:13 - 2015-01-14 20:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-14 17:20 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:20 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:20 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 17:20 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 17:20 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 17:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 17:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 17:20 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:20 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:20 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:20 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:20 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 00:34 - 2015-01-14 00:34 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synchro-Soft EA GP7200 Soundset
2015-01-14 00:34 - 2015-01-14 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synchro-Soft EA GP7200 Soundset
2015-01-13 23:48 - 2015-01-13 23:48 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\France VFR and FlightScenery
2015-01-13 23:48 - 2015-01-13 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\France VFR and FlightScenery
2015-01-13 23:19 - 2015-01-14 17:35 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\France VFR
2015-01-13 22:41 - 2015-01-13 22:41 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMS_FMMI07
2015-01-13 22:41 - 2015-01-13 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMS_FMMI07
2015-01-13 22:06 - 2015-01-28 15:58 - 00000000 ____D () C:\Users\Stefan\Documents\Flight Simulator-Dateien
2015-01-13 22:04 - 2015-01-28 15:58 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-13 22:04 - 2015-01-13 22:04 - 00000930 _____ () C:\Users\Stefan\Desktop\FS2004.lnk
2015-01-13 22:04 - 2015-01-13 22:04 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-13 20:00 - 2015-01-13 20:00 - 00000210 _____ () C:\Users\Stefan\Desktop\Neues Textdokument (2).txt
2015-01-09 17:44 - 2015-01-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&S Design EC135 X
2015-01-08 20:33 - 2015-01-08 20:33 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\4X_DATA
2015-01-07 19:23 - 2015-01-07 19:26 - 00000000 ____D () C:\Users\Stefan\Desktop\Motorflug Rechnung
2015-01-06 17:36 - 2015-01-27 08:25 - 00062976 _____ () C:\Users\Stefan\Desktop\Stundennachweis 2015.xls
2015-01-01 17:24 - 2015-01-01 17:24 - 00000000 ____D () C:\Users\Stefan\AppData\Local\VAFinancials
2014-12-31 16:52 - 2014-12-31 16:52 - 00000521 _____ () C:\Users\Stefan\Desktop\VAFS5.lnk
2014-12-31 16:52 - 2014-12-31 16:52 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-12-31 16:52 - 2014-12-31 16:52 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAFS5
2014-12-30 18:24 - 2014-12-30 18:24 - 00000533 _____ () C:\Users\Stefan\Desktop\vasFMC.lnk
2014-12-30 18:24 - 2014-12-30 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC
2014-12-30 18:00 - 2014-12-30 18:00 - 00000952 _____ () C:\Users\Public\Desktop\AESHelp for FSX.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 18:14 - 2014-12-02 19:44 - 00000925 _____ () C:\Users\Stefan\Desktop\FTX Central.lnk
2015-01-29 18:14 - 2014-11-25 17:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orbx
2015-01-29 18:12 - 2014-11-05 19:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 17:57 - 2014-11-05 17:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-29 17:19 - 2014-11-29 02:04 - 00000000 ____D () C:\Users\Stefan\Documents\Flight Simulator X-Dateien
2015-01-29 17:01 - 2011-04-12 08:43 - 02779976 _____ () C:\Windows\system32\perfh007.dat
2015-01-29 17:01 - 2011-04-12 08:43 - 00796182 _____ () C:\Windows\system32\perfc007.dat
2015-01-29 17:01 - 2009-07-14 06:13 - 00006474 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 17:01 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-29 17:01 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-29 16:57 - 2014-11-05 17:00 - 01534412 _____ () C:\Windows\WindowsUpdate.log
2015-01-29 16:56 - 2014-11-05 18:56 - 00006467 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-29 16:55 - 2014-11-29 17:07 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Spotify
2015-01-29 16:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 16:54 - 2009-07-14 05:51 - 00184190 _____ () C:\Windows\setupact.log
2015-01-28 18:12 - 2014-12-01 20:48 - 00000000 ____D () C:\Users\Stefan\Documents\ProfileCache
2015-01-28 18:08 - 2014-12-01 20:48 - 00000000 ____D () C:\Users\Stefan\Documents\The Crew
2015-01-28 15:54 - 2014-11-05 19:13 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client
2015-01-28 11:14 - 2014-11-27 12:28 - 00000000 ____D () C:\Users\Stefan\Documents\Plan-G Files
2015-01-28 09:45 - 2014-11-05 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 17:32 - 2014-11-06 00:27 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-27 17:09 - 2014-11-05 19:20 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-27 17:09 - 2014-11-05 19:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-27 17:09 - 2014-11-05 19:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-27 08:22 - 2014-11-29 17:08 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Spotify
2015-01-22 22:27 - 2014-11-05 19:26 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\vlc
2015-01-21 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-21 22:49 - 2014-11-05 20:11 - 00706734 _____ () C:\Windows\DirectX.log
2015-01-21 22:49 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 22:16 - 2014-11-05 18:01 - 00019301 _____ () C:\Windows\IE11_main.log
2015-01-21 21:44 - 2010-11-21 04:47 - 00057208 _____ () C:\Windows\PFRO.log
2015-01-21 18:40 - 2014-12-28 23:45 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Skype
2015-01-20 22:08 - 2014-12-26 10:27 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2015-01-20 22:07 - 2014-11-05 21:27 - 00000000 ____D () C:\Flight One Software
2015-01-20 15:18 - 2014-11-06 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-19 23:04 - 2014-12-26 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2015-01-19 17:22 - 2014-11-05 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2015-01-19 17:22 - 2014-11-05 17:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-19 09:06 - 2009-07-14 05:45 - 00302168 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-19 01:08 - 2014-11-05 17:02 - 00070232 _____ () C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-19 01:07 - 2014-11-05 17:00 - 00000000 ____D () C:\Users\Stefan
2015-01-19 01:05 - 2014-11-05 22:16 - 00000000 ____D () C:\ProgramData\Esellerate
2015-01-15 18:06 - 2014-12-20 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO
2015-01-15 00:36 - 2014-11-05 17:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:34 - 2014-11-05 17:20 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 17:35 - 2014-12-16 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\France VFR
2015-01-12 20:37 - 2014-11-05 23:54 - 00000000 ____D () C:\Users\Public\Documents\PFPX Data
2015-01-12 15:46 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-04 18:32 - 2014-12-16 15:07 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\RAASPRO
2015-01-04 16:37 - 2014-11-27 12:28 - 00000000 ____D () C:\Users\Stefan\AppData\Local\GMap.NET
2015-01-01 17:09 - 2014-11-24 18:26 - 00073216 _____ () C:\Users\Stefan\Desktop\Stundennachweis 2014 Bradtke.xls

==================== Files in the root of some directories =======

2014-11-05 17:07 - 2014-11-05 18:55 - 0000000 _____ () C:\Users\Stefan\AppData\Local\Driver_LOM_8161Present.flag
2014-11-27 12:28 - 2014-11-27 12:28 - 0000085 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Stefan\FlightBeam_San Francisco X.reg
C:\Users\Stefan\FSDreamTeam_GSX.reg
C:\Users\Stefan\FSDreamTeam_KLAS.reg
C:\Users\Stefan\QualityWings_Ultimate 757 Collection.reg


Some content of TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Stefan\AppData\Local\Temp\Quarantine.exe
C:\Users\Stefan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 09:52

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Stefan at 2015-01-29 18:17:25
Running from F:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

777 Immersion (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\00e2719abe02a8af) (Version: 1.0.0.27 - OldProp Solutions Inc)
A2A C172 Trainer for FSX (HKLM-x32\...\A2A C172 Trainer for FSX) (Version:  - )
Active Sky Next for FSX SP1B (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.5410.16208 - HiFi Technologies, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}) (Version: 12.1.3.153 - Adobe Systems, Inc)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.20 - Aerosoft)
Aerosoft's - Airbus X Extended - FSX (HKLM-x32\...\Airbus X Extended - FSX) (Version: 1.16 - Aerosoft)
Aerosoft's - Diamond DA20-100 Katana 4X (HKLM-x32\...\{974BF461-4D2C-448A-B05B-502AEA41B7FB}) (Version: 1.04 - Aerosoft)
Aerosoft's - Huey X - FSX (HKLM-x32\...\Huey X - FSX) (Version: 1.20 - )
aerosoft's - Maldives X (HKLM-x32\...\{17BA8B2D-BF89-4D10-B9D1-1CC5F322A6BB}) (Version: 1.02 - aerosoft)
aerosoft's - Mega Airport Dublin - FS9 (HKLM-x32\...\{3BCDDB83-BC42-4AEF-BBDF-E928A8368817}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Paris CDG (HKLM-x32\...\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}) (Version: 1.00 - aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.18 - aerosoft)
Aerosoft's - Seychelles X - FSX (HKLM-x32\...\Seychelles X - FSX) (Version: 1.00 - Aerosoft)
Aerosoft's - Twin Otter X Extended - FSX (HKLM-x32\...\Twin Otter X Extended - FSX) (Version: 1.11 - Aerosoft)
Africa Greatest Airports Nairobi (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Africa Greatest Airports Nairobi) (Version:  - )
Airports of REUNION (HKLM-x32\...\Airports of REUNION) (Version:  - )
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.5.1 - AivlaSoft GmbH)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
AMS_FMMI07 (HKLM-x32\...\AMS_FMMI07) (Version:  - )
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.5410.16224 - HiFi Technologies, Inc.)
Autogen REUNION (HKLM-x32\...\Autogen REUNION) (Version:  - )
BDOaviation - Juanda FSX (HKLM-x32\...\FSX_BDOaviation_Juanda_FSX_is1) (Version: 1.0.0.0 - SimMarket)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
Carenado C208B Grand Caravan (HKLM-x32\...\Carenado C208B Grand Caravan) (Version: 1.00.00.00 - Carenado)
Death Valley (HKLM-x32\...\Death Valley) (Version:  - )
Death Valley MESH (HKLM-x32\...\Death Valley MESH) (Version:  - )
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
EZdok Camera for Microsoft Flight Simulator X (HKLM-x32\...\EZdok Camera for Microsoft Flight Simulator X) (Version:  - )
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
FlightBeam San Francisco International FS9 2.0.1 (HKLM-x32\...\FlightBeam San Francisco International FS9_is1) (Version:  - )
FlightParis AutogenPack (HKLM-x32\...\FlightParis AutogenPack) (Version:  - )
FlightParis BasePack (HKLM-x32\...\FlightParis BasePack) (Version:  - )
FlightParis CityPack (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\FlightParis CityPack) (Version:  - )
Flux Player (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Flux Player) (Version: 4.2.1.4214 - )
FS2Crew: Aerosoft Airbus X Button Control (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Button Control) (Version:  - )
FS2Crew: Emergency NGX! (HKLM-x32\...\FS2Crew: Emergency NGX!) (Version:  - )
FS2Crew: PMDG 737 NGX Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Edition) (Version:  - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version:  - )
FSDG's - Ayers Rock X - FSX (HKLM-x32\...\Ayers Rock X - FSX) (Version: 1.00 - FSDG)
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.9.0.3 - VIRTUALI Sagl)
FSDreamTeam Las Vegas McCarran FS9 1.1 (HKLM-x32\...\FSDreamTeam Las Vegas McCarran FS9_is1) (Version:  - )
FSGenesis North America Terrain Mesh for FSX -- Eastern Rockies (HKLM-x32\...\North America Terrain Mesh for FSX -- Eastern Rockies2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Northeast (HKLM-x32\...\North America Terrain Mesh for FSX -- Northeast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Plains (HKLM-x32\...\North America Terrain Mesh for FSX -- Plains2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Southeast (HKLM-x32\...\North America Terrain Mesh for FSX -- Southeast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- West Coast (HKLM-x32\...\North America Terrain Mesh for FSX -- West Coast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Western Rockies (HKLM-x32\...\North America Terrain Mesh for FSX -- Western Rockies2.0.0) (Version: 2.0.0 - FSGenesis)
FSNavigator (HKLM-x32\...\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}) (Version: 4.7 - FSNavigator team)
Grand Canyon & KGCN V2 (HKLM-x32\...\Grand Canyon & KGCN V2) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Instant Scenery (HKLM-x32\...\instant scenery2) (Version: 2.03 - Flight1 Software)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
IvAp v1.6.0 b2785 (HKLM-x32\...\IvAp_is1) (Version:  - International Virtual Aviation Organisation VZW/ASBL)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version:  - IVAO)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KLIA FSX (HKLM-x32\...\FSX_A_A_SCENERIES_KLIA_is1) (Version: 1.0.0.0 - SimMarket)
La Réunion FullHD (HKLM-x32\...\La Réunion FullHD) (Version:  - )
Level-D 767-300 for FSX (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Level-D 767-300 for FSX) (Version:  - )
Level-D Simulations 767-300 (HKLM-x32\...\Level-D Simulations 767-300) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maps2Bgl 2.6b Beta FSX-Version (HKLM-x32\...\Maps2Bgl_X_is1) (Version:  - Gunnar Daehling)
Mayotte (HKLM-x32\...\Mayotte) (Version:  - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NavDataPro (HKLM-x32\...\NavDataPro) (Version: 1.0.2.0 - Aerosoft GmbH)
NEXTMesh France FSX (HKLM-x32\...\NEXTMesh France FSX) (Version:  - )
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Overland - World Airlines (Airbus) (HKLM-x32\...\{BA62F8D6-D795-4CD2-BECF-C7DCC3508AC5}) (Version: 1.00.0000 - Overland Co.,Ltd.)
Overland - World Airlines for FSX (Airbus) (HKLM-x32\...\{CB71DCD9-6D02-4FB4-A81F-27415DA07007}) (Version: 1.00.0000 - Overland)
Plan-G v3.1.1 Version 3.1.1 (HKLM-x32\...\{BC13ABF2-2C08-42A6-A5C4-AFCE666ABE58}_is1) (Version: 3.1.1 - TA Studio)
PMDG 737 8900 NGX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.00.3219 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PrecipitFX (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\ef10d9a45bf46eb5) (Version: 1.2.0.13 - OldProp Solutions Inc)
Prepar3D v2 Academic Bundle (x32 Version: 2.4.11570.0 - Lockheed Martin) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QualityWings Ultimate 757 Collection FS9 1.3 (HKLM-x32\...\QualityWings Ultimate 757 Collection FS9_is1) (Version:  - )
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
REX 4 - Texture Direct with SP2 (HKLM-x32\...\{438D594B-17CF-4E9F-81AA-182B0A67D7B4}) (Version: 4.2.2014.0520 - REX Game Studios, LLC.)
REX Essential Plus (HKLM-x32\...\REX Essential Plus 3.2.2013.0415) (Version: 3.2.2013.0415 - REX Game Studios)
REX Essential Plus (x32 Version: 3.2.2013.0415 - REX Game Studios) Hidden
SBuilderX313 (HKLM-x32\...\{E947C6F0-20AD-4A8F-823F-ADC1251FBE45}) (Version: 3.1.3 - PTSim)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Spotify (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synchro-Soft EA GP7200 Soundset (HKLM-x32\...\Synchro-Soft EA GP7200 Soundset) (Version:  - )
T2G Orlando International Airport (HKLM-x32\...\FS9_T2G_KMCO_FS9_is1) (Version: 1.0.0.0 - SimMarket)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
TOPCAT 2.74 Beta 1 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 Beta 1 - FSS GmbH)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VAFS5 (HKLM-x32\...\309E6243-31FB-434E-9FF5-9AFEB1542DAD) (Version: 5.1.1.20 - VAFINANCIALS)
vasFMC 1.10 (HKLM-x32\...\vasFMC_is1) (Version:  - Alex Wemmer <alex@wemmer.at>)
vasFMC 2.0a9 (HKLM-x32\...\vasFMC FS2004 Gauge_is1) (Version:  - VAS Project <contact@vas-project.org>)
vasFMC 2.1 (HKLM-x32\...\vasFMC MSFS Gauge_is1) (Version:  - VAS Project <contact@vas-project.org>)
VHHH-FSX (HKLM-x32\...\T2G_VHHH_is1) (Version: 1.0.0.0 - SimMarket)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
vPilot (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\vPilot) (Version: 1.1.5365.23193 - Ross Carlson)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WSSS Singapore FSX (HKLM-x32\...\{2093D803-387A-47D8-B271-7B53CF2EBED3}) (Version: 1.0.0 - Imagine Simulation)
X-55 Rhino (HKLM\...\{0BE6604F-766C-46AF-92C8-D4DFD65FFEBE}) (Version: 7.0.33.91 - Mad Catz Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-01-2015 18:48:12 Installiert Mega Airport Dublin - FS9
19-01-2015 01:11:12 Installed KATL Atlanta FS2004
19-01-2015 17:22:08 Installiert Mega Airport Paris CDG
19-01-2015 17:22:15 Installiert Mega Airport Paris CDG
20-01-2015 15:16:00 Removed Saitek DirectOutput 6.2.2.4
20-01-2015 15:17:45 Removed X-55 Rhino
21-01-2015 21:39:06 Windows Update
21-01-2015 22:01:44 Windows Update
21-01-2015 22:49:06 DirectX wurde installiert
21-01-2015 22:49:18 DirectX wurde installiert
21-01-2015 22:49:27 DirectX wurde installiert
21-01-2015 23:07:05 Installed Windows Live ID Sign-in Assistant
21-01-2015 23:07:12 Installed Microsoft Games for Windows - LIVE Redistributable
29-01-2015 14:16:07 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14BE5C7E-7CEE-43AB-B27E-F59CBB641C60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3C11E257-529F-442D-9123-93A1DA65F7B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A0256483-D1F8-49E6-BAF5-0375E2CD817D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27] (Adobe Systems Incorporated)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {D7B2F413-9092-43A1-A522-0FCA32E325B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F62C351E-1321-4BD5-B0CA-CB104C0D35BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-11-25 12:14 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 16:01 - 2014-08-25 16:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-17 11:02 - 2014-04-17 11:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-04-11 14:50 - 2014-04-11 14:50 - 12533760 _____ () C:\Program Files\Mad Catz\X-55 Rhino\Pr0fileEditor_Forms.dll
2014-04-11 14:50 - 2014-04-11 14:50 - 00299008 _____ () C:\Program Files\Mad Catz\X-55 Rhino\de\Pr0fileEditor_Forms.resources.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-01-19 00:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-19 00:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-19 00:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-19 00:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-19 00:39 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-27 08:38 - 2015-01-27 08:38 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A1D5C6AA
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:EFD9810A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-304583724-483401485-1721918428-500 - Administrator - Disabled)
Gast (S-1-5-21-304583724-483401485-1721918428-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-304583724-483401485-1721918428-1002 - Limited - Enabled)
Stefan (S-1-5-21-304583724-483401485-1721918428-1000 - Administrator - Enabled) => C:\Users\Stefan

==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/29/2015 04:54:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 04:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 04:30:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EZCA.exe, Version: 1.1.7.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: USP10.dll, Version: 1.626.7601.18454, Zeitstempel: 0x5359c2c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00046147
ID des fehlerhaften Prozesses: 0xf14
Startzeit der fehlerhaften Anwendung: 0xEZCA.exe0
Pfad der fehlerhaften Anwendung: EZCA.exe1
Pfad des fehlerhaften Moduls: EZCA.exe2
Berichtskennung: EZCA.exe3

Error: (01/29/2015 03:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ASNext.exe, Version: 1.0.5410.16208, Zeitstempel: 0x544a85af
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5485, Zeitstempel: 0x53a121fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001568cf
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xASNext.exe0
Pfad der fehlerhaften Anwendung: ASNext.exe1
Pfad des fehlerhaften Moduls: ASNext.exe2
Berichtskennung: ASNext.exe3

Error: (01/29/2015 03:54:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (61B6FB1E) (80131506).

Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (01/29/2015 04:56:43 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 04:54:52 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 04:54:51 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 04:52:28 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 04:52:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 11:42:04 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/29/2015 11:40:43 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/28/2015 09:54:13 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/28/2015 09:54:13 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/28/2015 09:48:00 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422


Microsoft Office Sessions:
=========================
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/29/2015 04:54:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 04:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 04:30:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EZCA.exe1.1.7.02a425e19USP10.dll1.626.7601.184545359c2c9c000000500046147f1401d03bd7eeb4e075C:\Program Files (x86)\EZCA\EZCA.exeC:\Windows\syswow64\USP10.dllc5ecab1c-a7cb-11e4-8d49-448a5bcc6b74

Error: (01/29/2015 03:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASNext.exe1.0.5410.16208544a85afmscorwks.dll2.0.50727.548553a121fac0000005001568cf

Error: (01/29/2015 03:54:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (61B6FB1E) (80131506).

Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-12-12 12:29:55.923
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 12:29:55.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 12:28:24.404
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 12:28:24.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:23:26.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:23:26.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:23:26.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:23:26.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:22:55.650
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 17:22:55.588
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 9%
Total physical RAM: 32719.71 MB
Available physical RAM: 29694.96 MB
Total Pagefile: 65437.6 MB
Available Pagefile: 62112.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.66 GB) (Free:117.49 GB) NTFS
Drive d: (FSX1) (Fixed) (Total:465.63 GB) (Free:336.32 GB) NTFS
Drive e: (FSX2) (Fixed) (Total:1000 GB) (Free:997.86 GB) NTFS
Drive f: (Daten) (Fixed) (Total:1000 GB) (Free:834.28 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:1000 GB) (Free:819.14 GB) NTFS
Drive h: (Programme) (Fixed) (Total:726.02 GB) (Free:699.15 GB) NTFS
Drive i: (FSX DISK 1) (CDROM) (Total:4.2 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BC61B2CC)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Vielen Dank schonmal von mir!
__________________

Alt 30.01.2015, 06:17   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2015, 11:32   #5
Dustoff
 
Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.01.30.04
  rootkit: v2015.01.14.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Stefan :: STEFAN-PC [administrator]

30.01.2015 12:22:01
mbar-log-2015-01-30 (12-22-01).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 355021
Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
12:27:33.0162 0x17d4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:27:33.0162 0x17d4  UEFI system
12:27:37.0269 0x17d4  ============================================================
12:27:37.0270 0x17d4  Current date / time: 2015/01/30 12:27:37.0269
12:27:37.0270 0x17d4  SystemInfo:
12:27:37.0270 0x17d4  
12:27:37.0270 0x17d4  OS Version: 6.1.7601 ServicePack: 1.0
12:27:37.0270 0x17d4  Product type: Workstation
12:27:37.0270 0x17d4  ComputerName: STEFAN-PC
12:27:37.0270 0x17d4  UserName: Stefan
12:27:37.0270 0x17d4  Windows directory: C:\Windows
12:27:37.0270 0x17d4  System windows directory: C:\Windows
12:27:37.0270 0x17d4  Running under WOW64
12:27:37.0270 0x17d4  Processor architecture: Intel x64
12:27:37.0270 0x17d4  Number of processors: 4
12:27:37.0270 0x17d4  Page size: 0x1000
12:27:37.0270 0x17d4  Boot type: Normal boot
12:27:37.0270 0x17d4  ============================================================
12:27:37.0659 0x17d4  KLMD registered as C:\Windows\system32\drivers\63604021.sys
12:27:37.0773 0x17d4  System UUID: {13EF58B7-F087-AE2C-91C3-39BB211E1FAF}
12:27:38.0004 0x17d4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0006 0x17d4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0007 0x17d4  Drive \Device\Harddisk2\DR2 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0010 0x17d4  ============================================================
12:27:38.0010 0x17d4  \Device\Harddisk0\DR0:
12:27:38.0010 0x17d4  GPT partitions:
12:27:38.0010 0x17d4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {26FD35FB-3E0A-4EA7-9DCC-DF8D7C6D8476}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
12:27:38.0010 0x17d4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9C6EBDD4-A772-4745-9B0A-BFE518EF9A3A}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
12:27:38.0010 0x17d4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BDF3D2A5-D3B3-4D3F-AA28-1D96E10D36D4}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D153000
12:27:38.0010 0x17d4  MBR partitions:
12:27:38.0010 0x17d4  \Device\Harddisk1\DR1:
12:27:38.0010 0x17d4  GPT partitions:
12:27:38.0011 0x17d4  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {46AC8BAA-B994-4BBF-A3B4-20746B5DEF0A}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:27:38.0011 0x17d4  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C21F73DE-37AC-4052-B888-9CAC15D53FD1}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345000
12:27:38.0011 0x17d4  MBR partitions:
12:27:38.0011 0x17d4  \Device\Harddisk2\DR2:
12:27:38.0011 0x17d4  GPT partitions:
12:27:38.0012 0x17d4  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {81CC1217-19FC-4238-9CD6-E6672FC12A08}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E0B081CF-7CDB-431D-8E8A-033A08C79BE1}, Name: Basic data partition, StartLBA 0x7D000800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4  \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B33F83A0-7AE1-40BA-BEA4-AA80C3D5DEAA}, Name: Basic data partition, StartLBA 0xFA000800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4  \Device\Harddisk2\DR2\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D88A3E33-296E-4C6F-830C-533EDB3E96AA}, Name: Basic data partition, StartLBA 0x177000800, BlocksNum 0x5AC0A800
12:27:38.0012 0x17d4  MBR partitions:
12:27:38.0012 0x17d4  ============================================================
12:27:38.0012 0x17d4  C: <-> \Device\Harddisk0\DR0\Partition3
12:27:38.0013 0x17d4  D: <-> \Device\Harddisk1\DR1\Partition2
12:27:38.0032 0x17d4  E: <-> \Device\Harddisk2\DR2\Partition1
12:27:38.0170 0x17d4  F: <-> \Device\Harddisk2\DR2\Partition2
12:27:38.0201 0x17d4  G: <-> \Device\Harddisk2\DR2\Partition3
12:27:38.0220 0x17d4  H: <-> \Device\Harddisk2\DR2\Partition4
12:27:38.0220 0x17d4  ============================================================
12:27:38.0221 0x17d4  Initialize success
12:27:38.0221 0x17d4  ============================================================
12:28:52.0905 0x1b98  ============================================================
12:28:52.0905 0x1b98  Scan started
12:28:52.0905 0x1b98  Mode: Manual; SigCheck; TDLFS; 
12:28:52.0905 0x1b98  ============================================================
12:28:52.0905 0x1b98  KSN ping started
12:29:02.0492 0x1b98  KSN ping finished: true
12:29:03.0239 0x1b98  ================ Scan system memory ========================
12:29:03.0239 0x1b98  System memory - ok
12:29:03.0239 0x1b98  ================ Scan services =============================
12:29:03.0274 0x1b98  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:29:03.0312 0x1b98  1394ohci - ok
12:29:03.0321 0x1b98  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:29:03.0329 0x1b98  ACPI - ok
12:29:03.0331 0x1b98  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:29:03.0337 0x1b98  AcpiPmi - ok
12:29:03.0340 0x1b98  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:29:03.0345 0x1b98  AdobeARMservice - ok
12:29:03.0359 0x1b98  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:29:03.0365 0x1b98  AdobeFlashPlayerUpdateSvc - ok
12:29:03.0373 0x1b98  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:29:03.0382 0x1b98  adp94xx - ok
12:29:03.0388 0x1b98  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:29:03.0396 0x1b98  adpahci - ok
12:29:03.0399 0x1b98  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:29:03.0405 0x1b98  adpu320 - ok
12:29:03.0408 0x1b98  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:29:03.0424 0x1b98  AeLookupSvc - ok
12:29:03.0432 0x1b98  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:29:03.0443 0x1b98  AFD - ok
12:29:03.0446 0x1b98  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:29:03.0451 0x1b98  agp440 - ok
12:29:03.0453 0x1b98  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:29:03.0459 0x1b98  ALG - ok
12:29:03.0461 0x1b98  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:29:03.0465 0x1b98  aliide - ok
12:29:03.0467 0x1b98  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:29:03.0471 0x1b98  amdide - ok
12:29:03.0473 0x1b98  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:29:03.0478 0x1b98  AmdK8 - ok
12:29:03.0480 0x1b98  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:29:03.0486 0x1b98  AmdPPM - ok
12:29:03.0489 0x1b98  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:29:03.0494 0x1b98  amdsata - ok
12:29:03.0498 0x1b98  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:29:03.0505 0x1b98  amdsbs - ok
12:29:03.0506 0x1b98  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:29:03.0511 0x1b98  amdxata - ok
12:29:03.0513 0x1b98  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:29:03.0528 0x1b98  AppID - ok
12:29:03.0530 0x1b98  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:29:03.0545 0x1b98  AppIDSvc - ok
12:29:03.0547 0x1b98  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:29:03.0553 0x1b98  Appinfo - ok
12:29:03.0557 0x1b98  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:29:03.0564 0x1b98  AppMgmt - ok
12:29:03.0566 0x1b98  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:29:03.0571 0x1b98  arc - ok
12:29:03.0574 0x1b98  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:29:03.0579 0x1b98  arcsas - ok
12:29:03.0586 0x1b98  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:29:03.0592 0x1b98  aspnet_state - ok
12:29:03.0594 0x1b98  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:29:03.0608 0x1b98  AsyncMac - ok
12:29:03.0610 0x1b98  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:29:03.0614 0x1b98  atapi - ok
12:29:03.0624 0x1b98  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:29:03.0638 0x1b98  AudioEndpointBuilder - ok
12:29:03.0647 0x1b98  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:29:03.0660 0x1b98  AudioSrv - ok
12:29:03.0666 0x1b98  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
12:29:03.0675 0x1b98  AVP15.0.1 - ok
12:29:03.0679 0x1b98  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:29:03.0687 0x1b98  AxInstSV - ok
12:29:03.0694 0x1b98  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:29:03.0704 0x1b98  b06bdrv - ok
12:29:03.0709 0x1b98  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:29:03.0717 0x1b98  b57nd60a - ok
12:29:03.0721 0x1b98  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:29:03.0727 0x1b98  BDESVC - ok
12:29:03.0728 0x1b98  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:29:03.0743 0x1b98  Beep - ok
12:29:03.0753 0x1b98  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:29:03.0766 0x1b98  BFE - ok
12:29:03.0769 0x1b98  [ 489F355FC5D33534195AA5E815146119, 85090C2C21353646952940D743C04C5BF1FF25CC565FE136644B565401A1C192 ] BfLwf           C:\Windows\system32\DRIVERS\bflwfx64.sys
12:29:03.0774 0x1b98  BfLwf - ok
12:29:03.0785 0x1b98  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:29:03.0809 0x1b98  BITS - ok
12:29:03.0812 0x1b98  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:29:03.0818 0x1b98  blbdrive - ok
12:29:03.0820 0x1b98  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:29:03.0826 0x1b98  bowser - ok
12:29:03.0827 0x1b98  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:29:03.0833 0x1b98  BrFiltLo - ok
12:29:03.0835 0x1b98  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:29:03.0840 0x1b98  BrFiltUp - ok
12:29:03.0844 0x1b98  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:29:03.0851 0x1b98  Browser - ok
12:29:03.0856 0x1b98  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:29:03.0864 0x1b98  Brserid - ok
12:29:03.0867 0x1b98  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:29:03.0873 0x1b98  BrSerWdm - ok
12:29:03.0874 0x1b98  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:29:03.0880 0x1b98  BrUsbMdm - ok
12:29:03.0882 0x1b98  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:29:03.0886 0x1b98  BrUsbSer - ok
12:29:03.0888 0x1b98  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:29:03.0895 0x1b98  BTHMODEM - ok
12:29:03.0898 0x1b98  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:29:03.0913 0x1b98  bthserv - ok
12:29:03.0916 0x1b98  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:29:03.0931 0x1b98  cdfs - ok
12:29:03.0934 0x1b98  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:29:03.0941 0x1b98  cdrom - ok
12:29:03.0943 0x1b98  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:29:03.0958 0x1b98  CertPropSvc - ok
12:29:03.0960 0x1b98  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:29:03.0967 0x1b98  circlass - ok
12:29:03.0974 0x1b98  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:29:03.0982 0x1b98  CLFS - ok
12:29:03.0986 0x1b98  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:29:03.0990 0x1b98  clr_optimization_v2.0.50727_32 - ok
12:29:03.0994 0x1b98  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:29:03.0999 0x1b98  clr_optimization_v2.0.50727_64 - ok
12:29:04.0006 0x1b98  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:29:04.0012 0x1b98  clr_optimization_v4.0.30319_32 - ok
12:29:04.0015 0x1b98  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:29:04.0022 0x1b98  clr_optimization_v4.0.30319_64 - ok
12:29:04.0024 0x1b98  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:29:04.0029 0x1b98  CmBatt - ok
12:29:04.0031 0x1b98  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:29:04.0035 0x1b98  cmdide - ok
12:29:04.0039 0x1b98  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
12:29:04.0045 0x1b98  cm_km_w - ok
12:29:04.0052 0x1b98  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:29:04.0063 0x1b98  CNG - ok
12:29:04.0065 0x1b98  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:29:04.0069 0x1b98  Compbatt - ok
12:29:04.0071 0x1b98  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:29:04.0077 0x1b98  CompositeBus - ok
12:29:04.0078 0x1b98  COMSysApp - ok
12:29:04.0080 0x1b98  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:29:04.0085 0x1b98  crcdisk - ok
12:29:04.0089 0x1b98  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:29:04.0096 0x1b98  CryptSvc - ok
12:29:04.0104 0x1b98  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:29:04.0115 0x1b98  CSC - ok
12:29:04.0124 0x1b98  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:29:04.0137 0x1b98  CscService - ok
12:29:04.0145 0x1b98  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:29:04.0165 0x1b98  DcomLaunch - ok
12:29:04.0171 0x1b98  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:29:04.0189 0x1b98  defragsvc - ok
12:29:04.0191 0x1b98  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:29:04.0207 0x1b98  DfsC - ok
12:29:04.0212 0x1b98  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:29:04.0221 0x1b98  Dhcp - ok
12:29:04.0223 0x1b98  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:29:04.0238 0x1b98  discache - ok
12:29:04.0240 0x1b98  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:29:04.0245 0x1b98  Disk - ok
12:29:04.0247 0x1b98  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:29:04.0253 0x1b98  dmvsc - ok
12:29:04.0256 0x1b98  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:29:04.0263 0x1b98  Dnscache - ok
12:29:04.0268 0x1b98  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:29:04.0285 0x1b98  dot3svc - ok
12:29:04.0288 0x1b98  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:29:04.0304 0x1b98  DPS - ok
12:29:04.0306 0x1b98  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:29:04.0310 0x1b98  drmkaud - ok
12:29:04.0323 0x1b98  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:29:04.0338 0x1b98  DXGKrnl - ok
12:29:04.0341 0x1b98  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:29:04.0357 0x1b98  EapHost - ok
12:29:04.0394 0x1b98  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:29:04.0439 0x1b98  ebdrv - ok
12:29:04.0443 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:29:04.0449 0x1b98  EFS - ok
12:29:04.0459 0x1b98  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:29:04.0473 0x1b98  ehRecvr - ok
12:29:04.0476 0x1b98  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:29:04.0482 0x1b98  ehSched - ok
12:29:04.0490 0x1b98  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:29:04.0500 0x1b98  elxstor - ok
12:29:04.0502 0x1b98  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:29:04.0506 0x1b98  ErrDev - ok
12:29:04.0514 0x1b98  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:29:04.0533 0x1b98  EventSystem - ok
12:29:04.0537 0x1b98  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:29:04.0554 0x1b98  exfat - ok
12:29:04.0558 0x1b98  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:29:04.0575 0x1b98  fastfat - ok
12:29:04.0584 0x1b98  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:29:04.0598 0x1b98  Fax - ok
12:29:04.0600 0x1b98  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:29:04.0605 0x1b98  fdc - ok
12:29:04.0606 0x1b98  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:29:04.0621 0x1b98  fdPHost - ok
12:29:04.0623 0x1b98  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:29:04.0638 0x1b98  FDResPub - ok
12:29:04.0640 0x1b98  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:29:04.0645 0x1b98  FileInfo - ok
12:29:04.0647 0x1b98  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:29:04.0662 0x1b98  Filetrace - ok
12:29:04.0677 0x1b98  [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:29:04.0692 0x1b98  FLEXnet Licensing Service - ok
12:29:04.0694 0x1b98  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:29:04.0700 0x1b98  flpydisk - ok
12:29:04.0705 0x1b98  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:29:04.0712 0x1b98  FltMgr - ok
12:29:04.0727 0x1b98  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:29:04.0747 0x1b98  FontCache - ok
12:29:04.0750 0x1b98  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:29:04.0754 0x1b98  FontCache3.0.0.0 - ok
12:29:04.0756 0x1b98  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:29:04.0761 0x1b98  FsDepends - ok
12:29:04.0763 0x1b98  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:29:04.0767 0x1b98  Fs_Rec - ok
12:29:04.0772 0x1b98  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:29:04.0779 0x1b98  fvevol - ok
12:29:04.0782 0x1b98  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:29:04.0786 0x1b98  gagp30kx - ok
12:29:04.0796 0x1b98  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:29:04.0820 0x1b98  gpsvc - ok
12:29:04.0823 0x1b98  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:29:04.0828 0x1b98  hcw85cir - ok
12:29:04.0833 0x1b98  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:29:04.0843 0x1b98  HdAudAddService - ok
12:29:04.0847 0x1b98  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:29:04.0855 0x1b98  HDAudBus - ok
12:29:04.0857 0x1b98  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:29:04.0861 0x1b98  HidBatt - ok
12:29:04.0864 0x1b98  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:29:04.0871 0x1b98  HidBth - ok
12:29:04.0874 0x1b98  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:29:04.0880 0x1b98  HidIr - ok
12:29:04.0882 0x1b98  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:29:04.0897 0x1b98  hidserv - ok
12:29:04.0899 0x1b98  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:29:04.0904 0x1b98  HidUsb - ok
12:29:04.0906 0x1b98  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:29:04.0921 0x1b98  hkmsvc - ok
12:29:04.0926 0x1b98  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:29:04.0934 0x1b98  HomeGroupListener - ok
12:29:04.0937 0x1b98  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:29:04.0945 0x1b98  HomeGroupProvider - ok
12:29:04.0947 0x1b98  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:29:04.0952 0x1b98  HpSAMD - ok
12:29:04.0962 0x1b98  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:29:04.0985 0x1b98  HTTP - ok
12:29:04.0987 0x1b98  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:29:04.0992 0x1b98  hwpolicy - ok
12:29:04.0995 0x1b98  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:29:05.0000 0x1b98  i8042prt - ok
12:29:05.0010 0x1b98  [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
12:29:05.0021 0x1b98  iaStorA - ok
12:29:05.0025 0x1b98  [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:29:05.0028 0x1b98  IAStorDataMgrSvc - ok
12:29:05.0030 0x1b98  [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
12:29:05.0034 0x1b98  iaStorF - ok
12:29:05.0040 0x1b98  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:29:05.0048 0x1b98  iaStorV - ok
12:29:05.0052 0x1b98  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:29:05.0054 0x1b98  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:29:07.0402 0x1b98  Detect skipped due to KSN trusted
12:29:07.0402 0x1b98  IDriverT - ok
12:29:07.0446 0x1b98  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:29:07.0471 0x1b98  idsvc - ok
12:29:07.0473 0x1b98  IEEtwCollectorService - ok
12:29:07.0475 0x1b98  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:29:07.0480 0x1b98  iirsp - ok
12:29:07.0482 0x1b98  [ FF604BCE2537A4734DA0CE19AD9B7B7A, E40E87961F46B374122ED2B06E79C575FCFA4D29F95763ADC7E88270D064AFE8 ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
12:29:07.0486 0x1b98  ikbevent - ok
12:29:07.0497 0x1b98  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:29:07.0513 0x1b98  IKEEXT - ok
12:29:07.0515 0x1b98  [ 298E67827BE3C4403C32EAB66987A334, BE7D95E2BB0D6D60B40966305D0354CA93F773FD2FA2727F1076DC8E162D5EB1 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
12:29:07.0519 0x1b98  imsevent - ok
12:29:07.0522 0x1b98  [ 0BBE196EED750C18E5D4B3CB55EB097C, 6A67BF6CD9BBC77034AD1BBDE6FD1DE78440825E317DB7C517BD4D773FEBDA39 ] INETMON         C:\Windows\System32\Drivers\INETMON.sys
12:29:07.0526 0x1b98  INETMON - ok
12:29:07.0573 0x1b98  [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:29:07.0619 0x1b98  IntcAzAudAddService - ok
12:29:07.0635 0x1b98  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:29:07.0648 0x1b98  Intel(R) Capability Licensing Service TCP IP Interface - ok
12:29:07.0651 0x1b98  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:29:07.0655 0x1b98  intelide - ok
12:29:07.0657 0x1b98  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:29:07.0663 0x1b98  intelppm - ok
12:29:07.0665 0x1b98  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:29:07.0681 0x1b98  IPBusEnum - ok
12:29:07.0684 0x1b98  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:29:07.0699 0x1b98  IpFilterDriver - ok
12:29:07.0706 0x1b98  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:29:07.0719 0x1b98  iphlpsvc - ok
12:29:07.0721 0x1b98  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:29:07.0727 0x1b98  IPMIDRV - ok
12:29:07.0730 0x1b98  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:29:07.0745 0x1b98  IPNAT - ok
12:29:07.0747 0x1b98  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:29:07.0754 0x1b98  IRENUM - ok
12:29:07.0756 0x1b98  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:29:07.0760 0x1b98  isapnp - ok
12:29:07.0765 0x1b98  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:29:07.0772 0x1b98  iScsiPrt - ok
12:29:07.0774 0x1b98  [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT            C:\Windows\system32\DRIVERS\ISCTD.sys
12:29:07.0779 0x1b98  ISCT - ok
12:29:07.0784 0x1b98  [ 796A8DFCB3609C61E6AD43E551F55D9A, 20A0FF8E72238DAC64A65DEEAA84BD8D7AD45249FC87DEA11B715D0CD0DBDCBC ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
12:29:07.0790 0x1b98  ISCTAgent - ok
12:29:07.0792 0x1b98  [ 61662AFF4AF0413F461F2780167703AE, 55CCBA4F09581871B3EB81A40A3FB59013AD988CEED109E18C58609AD469117A ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:29:07.0796 0x1b98  iusb3hcs - ok
12:29:07.0802 0x1b98  [ 923030D5F4B1C801AE5219551F7B490B, C00D9CCE8D04FEFA9391725F79BBD77F03ED3E3DB53E02E80ABC008B2F179043 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
12:29:07.0810 0x1b98  iusb3hub - ok
12:29:07.0820 0x1b98  [ 234E2245AF65CFC021874F64C40E206B, 4254180327F7B58AAE1A158DADE53A06C02139F6CDD2A657E5E9B2868B96F806 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:29:07.0833 0x1b98  iusb3xhc - ok
12:29:07.0837 0x1b98  [ 9BF27BE5D9F87E556BF4269025703E4D, A4BF5514BD6FFA9FEA5AF4DCCCB92DEB93261731A4B5814177D2680883D0C09A ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:29:07.0842 0x1b98  jhi_service - ok
12:29:07.0844 0x1b98  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:29:07.0849 0x1b98  kbdclass - ok
12:29:07.0851 0x1b98  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:29:07.0856 0x1b98  kbdhid - ok
12:29:07.0859 0x1b98  [ B34C08826C081A92D7298DE23E001FB6, A63B232AAE618F8E28777892193A04828C8D07F79283C2D8AECBAEAED6C8F0E6 ] Ke2200          C:\Windows\system32\DRIVERS\e22w7x64.sys
12:29:07.0864 0x1b98  Ke2200 - ok
12:29:07.0866 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:29:07.0871 0x1b98  KeyIso - ok
12:29:07.0878 0x1b98  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
12:29:07.0887 0x1b98  kl1 - ok
12:29:07.0889 0x1b98  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
12:29:07.0894 0x1b98  kldisk - ok
12:29:07.0897 0x1b98  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
12:29:07.0903 0x1b98  klflt - ok
12:29:07.0908 0x1b98  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
12:29:07.0915 0x1b98  klhk - ok
12:29:07.0925 0x1b98  [ 150DEC2F6A081D2513B7428DC060B557, 7E5996530FD821D1FAF1879F1167CBDE0B562E17388FDC46939ABEFB8869D2CE ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
12:29:07.0938 0x1b98  KLIF - ok
12:29:07.0941 0x1b98  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
12:29:07.0945 0x1b98  KLIM6 - ok
12:29:07.0947 0x1b98  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
12:29:07.0951 0x1b98  klkbdflt - ok
12:29:07.0953 0x1b98  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
12:29:07.0957 0x1b98  klmouflt - ok
12:29:07.0958 0x1b98  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
12:29:07.0962 0x1b98  klpd - ok
12:29:07.0964 0x1b98  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
12:29:07.0968 0x1b98  kltdi - ok
12:29:07.0971 0x1b98  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
12:29:07.0975 0x1b98  Klwtp - ok
12:29:07.0979 0x1b98  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
12:29:07.0984 0x1b98  kneps - ok
12:29:07.0987 0x1b98  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:29:07.0992 0x1b98  KSecDD - ok
12:29:07.0995 0x1b98  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:29:08.0001 0x1b98  KSecPkg - ok
12:29:08.0003 0x1b98  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:29:08.0018 0x1b98  ksthunk - ok
12:29:08.0024 0x1b98  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:29:08.0043 0x1b98  KtmRm - ok
12:29:08.0047 0x1b98  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:29:08.0065 0x1b98  LanmanServer - ok
12:29:08.0068 0x1b98  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:29:08.0084 0x1b98  LanmanWorkstation - ok
12:29:08.0087 0x1b98  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:29:08.0102 0x1b98  lltdio - ok
12:29:08.0107 0x1b98  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:29:08.0125 0x1b98  lltdsvc - ok
12:29:08.0127 0x1b98  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:29:08.0142 0x1b98  lmhosts - ok
12:29:08.0149 0x1b98  [ E4267604E975EF4BBB1A39A1B4F5B3CB, 4FC4D213A209F96893819EC7971BEA9651BAF4BF999304FB20556ACF98ADBB9C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:29:08.0158 0x1b98  LMS - ok
12:29:08.0161 0x1b98  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:29:08.0167 0x1b98  LSI_FC - ok
12:29:08.0169 0x1b98  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:29:08.0175 0x1b98  LSI_SAS - ok
12:29:08.0177 0x1b98  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:29:08.0181 0x1b98  LSI_SAS2 - ok
12:29:08.0184 0x1b98  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:29:08.0189 0x1b98  LSI_SCSI - ok
12:29:08.0192 0x1b98  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:29:08.0208 0x1b98  luafv - ok
12:29:08.0210 0x1b98  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:29:08.0214 0x1b98  MBAMProtector - ok
12:29:08.0235 0x1b98  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:29:08.0259 0x1b98  MBAMScheduler - ok
12:29:08.0272 0x1b98  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:29:08.0286 0x1b98  MBAMService - ok
12:29:08.0288 0x1b98  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:29:08.0293 0x1b98  MBAMWebAccessControl - ok
12:29:08.0294 0x1b98  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
12:29:08.0298 0x1b98  MBfilt - ok
12:29:08.0301 0x1b98  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:29:08.0307 0x1b98  Mcx2Svc - ok
12:29:08.0309 0x1b98  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:29:08.0313 0x1b98  megasas - ok
12:29:08.0318 0x1b98  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:29:08.0325 0x1b98  MegaSR - ok
12:29:08.0329 0x1b98  [ A37A2ED3321A7A7BC85FA05221051A7F, 32E75126F3480DC59C480D821A717E5AC2639912D515693557EBF999B7DB0B10 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:29:08.0334 0x1b98  MEIx64 - ok
12:29:08.0337 0x1b98  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:29:08.0352 0x1b98  MMCSS - ok
12:29:08.0354 0x1b98  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:29:08.0369 0x1b98  Modem - ok
12:29:08.0372 0x1b98  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:29:08.0378 0x1b98  monitor - ok
12:29:08.0392 0x1b98  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:29:08.0397 0x1b98  mouclass - ok
12:29:08.0399 0x1b98  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:29:08.0404 0x1b98  mouhid - ok
12:29:08.0406 0x1b98  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:29:08.0411 0x1b98  mountmgr - ok
12:29:08.0414 0x1b98  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:29:08.0419 0x1b98  MozillaMaintenance - ok
12:29:08.0422 0x1b98  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:29:08.0428 0x1b98  mpio - ok
12:29:08.0430 0x1b98  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:29:08.0446 0x1b98  mpsdrv - ok
12:29:08.0457 0x1b98  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:29:08.0481 0x1b98  MpsSvc - ok
12:29:08.0485 0x1b98  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:29:08.0491 0x1b98  MRxDAV - ok
12:29:08.0495 0x1b98  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:29:08.0501 0x1b98  mrxsmb - ok
12:29:08.0506 0x1b98  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:29:08.0514 0x1b98  mrxsmb10 - ok
12:29:08.0517 0x1b98  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:29:08.0523 0x1b98  mrxsmb20 - ok
12:29:08.0525 0x1b98  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:29:08.0529 0x1b98  msahci - ok
12:29:08.0533 0x1b98  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:29:08.0538 0x1b98  msdsm - ok
12:29:08.0541 0x1b98  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:29:08.0548 0x1b98  MSDTC - ok
12:29:08.0551 0x1b98  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:29:08.0566 0x1b98  Msfs - ok
12:29:08.0568 0x1b98  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:29:08.0582 0x1b98  mshidkmdf - ok
12:29:08.0583 0x1b98  MSICDSetup - ok
12:29:08.0585 0x1b98  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:29:08.0589 0x1b98  msisadrv - ok
12:29:08.0593 0x1b98  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:29:08.0609 0x1b98  MSiSCSI - ok
12:29:08.0611 0x1b98  msiserver - ok
12:29:08.0612 0x1b98  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:29:08.0627 0x1b98  MSKSSRV - ok
12:29:08.0628 0x1b98  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:29:08.0643 0x1b98  MSPCLOCK - ok
12:29:08.0645 0x1b98  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:29:08.0659 0x1b98  MSPQM - ok
12:29:08.0665 0x1b98  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:29:08.0673 0x1b98  MsRPC - ok
12:29:08.0676 0x1b98  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:29:08.0680 0x1b98  mssmbios - ok
12:29:08.0682 0x1b98  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:29:08.0696 0x1b98  MSTEE - ok
12:29:08.0698 0x1b98  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:29:08.0703 0x1b98  MTConfig - ok
12:29:08.0705 0x1b98  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:29:08.0709 0x1b98  Mup - ok
12:29:08.0716 0x1b98  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:29:08.0737 0x1b98  napagent - ok
12:29:08.0742 0x1b98  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:29:08.0753 0x1b98  NativeWifiP - ok
12:29:08.0766 0x1b98  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:29:08.0780 0x1b98  NDIS - ok
12:29:08.0782 0x1b98  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:29:08.0797 0x1b98  NdisCap - ok
12:29:08.0799 0x1b98  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:29:08.0814 0x1b98  NdisTapi - ok
12:29:08.0816 0x1b98  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:29:08.0831 0x1b98  Ndisuio - ok
12:29:08.0834 0x1b98  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:29:08.0850 0x1b98  NdisWan - ok
12:29:08.0853 0x1b98  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:29:08.0867 0x1b98  NDProxy - ok
12:29:08.0869 0x1b98  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:29:08.0884 0x1b98  NetBIOS - ok
12:29:08.0889 0x1b98  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:29:08.0906 0x1b98  NetBT - ok
12:29:08.0907 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:29:08.0912 0x1b98  Netlogon - ok
12:29:08.0918 0x1b98  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:29:08.0937 0x1b98  Netman - ok
12:29:08.0940 0x1b98  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0948 0x1b98  NetMsmqActivator - ok
12:29:08.0951 0x1b98  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0957 0x1b98  NetPipeActivator - ok
12:29:08.0963 0x1b98  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:29:08.0984 0x1b98  netprofm - ok
12:29:08.0987 0x1b98  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0993 0x1b98  NetTcpActivator - ok
12:29:08.0996 0x1b98  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:09.0002 0x1b98  NetTcpPortSharing - ok
12:29:09.0004 0x1b98  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:29:09.0008 0x1b98  nfrd960 - ok
12:29:09.0013 0x1b98  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:29:09.0022 0x1b98  NlaSvc - ok
12:29:09.0024 0x1b98  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:29:09.0039 0x1b98  Npfs - ok
12:29:09.0041 0x1b98  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:29:09.0056 0x1b98  nsi - ok
12:29:09.0058 0x1b98  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:29:09.0073 0x1b98  nsiproxy - ok
12:29:09.0094 0x1b98  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:29:09.0116 0x1b98  Ntfs - ok
12:29:09.0118 0x1b98  NTIOLib_1_0_C - ok
12:29:09.0120 0x1b98  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:29:09.0135 0x1b98  Null - ok
12:29:09.0278 0x1b98  [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:29:09.0423 0x1b98  nvlddmkm - ok
12:29:09.0437 0x1b98  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:29:09.0442 0x1b98  nvraid - ok
12:29:09.0446 0x1b98  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:29:09.0452 0x1b98  nvstor - ok
12:29:09.0464 0x1b98  [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:29:09.0479 0x1b98  nvsvc - ok
12:29:09.0482 0x1b98  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:29:09.0488 0x1b98  nv_agp - ok
12:29:09.0490 0x1b98  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:29:09.0495 0x1b98  ohci1394 - ok
12:29:09.0501 0x1b98  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:29:09.0510 0x1b98  p2pimsvc - ok
12:29:09.0517 0x1b98  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:29:09.0527 0x1b98  p2psvc - ok
12:29:09.0528 0x1b98  PAExec - ok
12:29:09.0531 0x1b98  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:29:09.0537 0x1b98  Parport - ok
12:29:09.0539 0x1b98  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:29:09.0544 0x1b98  partmgr - ok
12:29:09.0548 0x1b98  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:29:09.0557 0x1b98  PcaSvc - ok
12:29:09.0561 0x1b98  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:29:09.0567 0x1b98  pci - ok
12:29:09.0569 0x1b98  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:29:09.0573 0x1b98  pciide - ok
12:29:09.0577 0x1b98  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:29:09.0584 0x1b98  pcmcia - ok
12:29:09.0586 0x1b98  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:29:09.0590 0x1b98  pcw - ok
12:29:09.0604 0x1b98  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:29:09.0627 0x1b98  PEAUTH - ok
12:29:09.0643 0x1b98  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:29:09.0666 0x1b98  PeerDistSvc - ok
12:29:09.0677 0x1b98  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:29:09.0682 0x1b98  PerfHost - ok
12:29:09.0701 0x1b98  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:29:09.0733 0x1b98  pla - ok
12:29:09.0740 0x1b98  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:29:09.0750 0x1b98  PlugPlay - ok
12:29:09.0752 0x1b98  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:29:09.0757 0x1b98  PNRPAutoReg - ok
12:29:09.0762 0x1b98  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:29:09.0771 0x1b98  PNRPsvc - ok
12:29:09.0778 0x1b98  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:29:09.0798 0x1b98  PolicyAgent - ok
12:29:09.0803 0x1b98  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:29:09.0820 0x1b98  Power - ok
12:29:09.0823 0x1b98  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:29:09.0838 0x1b98  PptpMiniport - ok
12:29:09.0840 0x1b98  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:29:09.0846 0x1b98  Processor - ok
12:29:09.0850 0x1b98  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:29:09.0857 0x1b98  ProfSvc - ok
12:29:09.0859 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:29:09.0864 0x1b98  ProtectedStorage - ok
12:29:09.0867 0x1b98  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:29:09.0883 0x1b98  Psched - ok
12:29:09.0901 0x1b98  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:29:09.0922 0x1b98  ql2300 - ok
12:29:09.0925 0x1b98  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:29:09.0931 0x1b98  ql40xx - ok
12:29:09.0937 0x1b98  [ 0AF624035C3BDCFB50F500D467D50940, 421289444162C93EAB9E344B3DD3B84CADAC4DE2555A4565B63870A68B786C21 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
12:29:09.0943 0x1b98  Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
12:29:12.0291 0x1b98  Detect skipped due to KSN trusted
12:29:12.0291 0x1b98  Qualcomm Atheros Killer Service V2 - ok
12:29:12.0311 0x1b98  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:29:12.0351 0x1b98  QWAVE - ok
12:29:12.0356 0x1b98  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:29:12.0366 0x1b98  QWAVEdrv - ok
12:29:12.0368 0x1b98  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:29:12.0387 0x1b98  RasAcd - ok
12:29:12.0390 0x1b98  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:29:12.0405 0x1b98  RasAgileVpn - ok
12:29:12.0408 0x1b98  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:29:12.0424 0x1b98  RasAuto - ok
12:29:12.0426 0x1b98  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:29:12.0442 0x1b98  Rasl2tp - ok
12:29:12.0448 0x1b98  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:29:12.0467 0x1b98  RasMan - ok
12:29:12.0470 0x1b98  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:29:12.0486 0x1b98  RasPppoe - ok
12:29:12.0488 0x1b98  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:29:12.0503 0x1b98  RasSstp - ok
12:29:12.0509 0x1b98  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:29:12.0526 0x1b98  rdbss - ok
12:29:12.0528 0x1b98  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:29:12.0534 0x1b98  rdpbus - ok
12:29:12.0536 0x1b98  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:29:12.0550 0x1b98  RDPCDD - ok
12:29:12.0555 0x1b98  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:29:12.0562 0x1b98  RDPDR - ok
12:29:12.0563 0x1b98  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:29:12.0577 0x1b98  RDPENCDD - ok
12:29:12.0580 0x1b98  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:29:12.0594 0x1b98  RDPREFMP - ok
12:29:12.0597 0x1b98  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:29:12.0602 0x1b98  RdpVideoMiniport - ok
12:29:12.0607 0x1b98  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:29:12.0614 0x1b98  RDPWD - ok
12:29:12.0619 0x1b98  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:29:12.0625 0x1b98  rdyboost - ok
12:29:12.0627 0x1b98  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:29:12.0643 0x1b98  RemoteAccess - ok
12:29:12.0647 0x1b98  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:29:12.0664 0x1b98  RemoteRegistry - ok
12:29:12.0666 0x1b98  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:29:12.0682 0x1b98  RpcEptMapper - ok
12:29:12.0684 0x1b98  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:29:12.0689 0x1b98  RpcLocator - ok
12:29:12.0697 0x1b98  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:29:12.0717 0x1b98  RpcSs - ok
12:29:12.0720 0x1b98  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:29:12.0735 0x1b98  rspndr - ok
12:29:12.0737 0x1b98  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:29:12.0741 0x1b98  s3cap - ok
12:29:12.0743 0x1b98  [ A7BD09F4EE327FFF4DCFB01B5251085D, F8C86A2E4F9FC298D4DB60E1C24585A13A33145A411F3F92FDE9074D9417E351 ] Said2215        C:\Windows\system32\DRIVERS\Said2215.sys
12:29:12.0747 0x1b98  Said2215 - ok
12:29:12.0748 0x1b98  [ 51A5C75AD7B0BED5EBBCBA6F2C72DA31, 7FDBAD9E259E911713433816A08AB2880090C7BC61FCE85E69D9E52C6EC1348D ] Saida215        C:\Windows\system32\DRIVERS\Saida215.sys
12:29:12.0752 0x1b98  Saida215 - ok
12:29:12.0756 0x1b98  [ 6EFAB54D88306542861D680493CB20DB, F5A5753A52967E156E395482B58DF6D8DD110F836D981501B6B7FF7CE5B22B32 ] SaiG2215        C:\Windows\system32\DRIVERS\SaiG2215.sys
12:29:12.0762 0x1b98  SaiG2215 - ok
12:29:12.0766 0x1b98  [ B16853E9229CDC58DD0F05B6DFE22436, 9881A5F045236F3DCB0386D86900A2A39B8D78661E343F1BFA1D05844E3F4704 ] SaiGa215        C:\Windows\system32\DRIVERS\SaiGa215.sys
12:29:12.0772 0x1b98  SaiGa215 - ok
12:29:12.0778 0x1b98  [ 7820252E00EB1C75FF3FCB00FFD8B9A2, C0DAD87506D2F1A9771E77ED23AC54DD976ABB5F9E6358974E07631E1B05F6DF ] SaiK0762        C:\Windows\system32\DRIVERS\SaiK0762.sys
12:29:12.0783 0x1b98  SaiK0762 - ok
12:29:12.0787 0x1b98  [ 24099C3D4EC943F875BF29F75987A3A6, 4D114D3B6B75BB9E647884F5EFEE342AC51AB4C22EF89A22C78FA17739C9E0B7 ] SaiK0836        C:\Windows\system32\DRIVERS\SaiK0836.sys
12:29:12.0793 0x1b98  SaiK0836 - ok
12:29:12.0797 0x1b98  [ 20ADDAC042ED6CECD5033823E0C6525E, 175E4739989EA83291C5E81AA7BC2DD67BD75887D1A782F427B14CFA80DE0663 ] SaiK2215        C:\Windows\system32\DRIVERS\SaiK2215.sys
12:29:12.0802 0x1b98  SaiK2215 - ok
12:29:12.0806 0x1b98  [ F0BA475C42D46CBB2A421D4AA69DD008, EC6DA91CFF6D72451AA4D7CFA65BB5426B3268C2E4EF5753A2AC2115DD67A9E8 ] SaiKa215        C:\Windows\system32\DRIVERS\SaiKa215.sys
12:29:12.0811 0x1b98  SaiKa215 - ok
12:29:12.0814 0x1b98  [ AD505946BB6CE56BE9CB8924F8DEC7BD, 553F87A84DBCEDDAD18777FB02C4874AA4334ED9CF5D403D01A141DC5CE2BBA1 ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
12:29:12.0818 0x1b98  SaiMini - ok
12:29:12.0820 0x1b98  [ 8BB354AA12530C4C5EE9DA90F1FC1AD9, 9C0410E4E07711F15D5B61E3FFE00A1B200F07E6737B3FD2A76061F3CF986C97 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
12:29:12.0824 0x1b98  SaiNtBus - ok
12:29:12.0826 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:29:12.0830 0x1b98  SamSs - ok
12:29:12.0833 0x1b98  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:29:12.0838 0x1b98  sbp2port - ok
12:29:12.0842 0x1b98  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:29:12.0859 0x1b98  SCardSvr - ok
12:29:12.0861 0x1b98  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:29:12.0875 0x1b98  scfilter - ok
12:29:12.0889 0x1b98  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:29:12.0917 0x1b98  Schedule - ok
12:29:12.0921 0x1b98  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:29:12.0935 0x1b98  SCPolicySvc - ok
12:29:12.0939 0x1b98  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:29:12.0946 0x1b98  SDRSVC - ok
12:29:12.0967 0x1b98  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:29:12.0989 0x1b98  SDScannerService - ok
12:29:13.0014 0x1b98  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:29:13.0040 0x1b98  SDUpdateService - ok
12:29:13.0044 0x1b98  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:29:13.0050 0x1b98  SDWSCService - ok
12:29:13.0052 0x1b98  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:29:13.0067 0x1b98  secdrv - ok
12:29:13.0069 0x1b98  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:29:13.0084 0x1b98  seclogon - ok
12:29:13.0086 0x1b98  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:29:13.0102 0x1b98  SENS - ok
12:29:13.0104 0x1b98  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:29:13.0109 0x1b98  SensrSvc - ok
12:29:13.0111 0x1b98  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:29:13.0116 0x1b98  Serenum - ok
12:29:13.0118 0x1b98  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:29:13.0124 0x1b98  Serial - ok
12:29:13.0126 0x1b98  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:29:13.0131 0x1b98  sermouse - ok
12:29:13.0135 0x1b98  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:29:13.0151 0x1b98  SessionEnv - ok
12:29:13.0153 0x1b98  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:29:13.0159 0x1b98  sffdisk - ok
12:29:13.0160 0x1b98  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:29:13.0166 0x1b98  sffp_mmc - ok
12:29:13.0168 0x1b98  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:29:13.0174 0x1b98  sffp_sd - ok
12:29:13.0175 0x1b98  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:29:13.0180 0x1b98  sfloppy - ok
12:29:13.0186 0x1b98  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:29:13.0204 0x1b98  SharedAccess - ok
12:29:13.0210 0x1b98  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:29:13.0229 0x1b98  ShellHWDetection - ok
12:29:13.0232 0x1b98  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:29:13.0236 0x1b98  SiSRaid2 - ok
12:29:13.0239 0x1b98  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:29:13.0243 0x1b98  SiSRaid4 - ok
12:29:13.0251 0x1b98  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     H:\Skype\Updater\Updater.exe
12:29:13.0259 0x1b98  SkypeUpdate - ok
12:29:13.0262 0x1b98  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:29:13.0277 0x1b98  Smb - ok
12:29:13.0280 0x1b98  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:29:13.0286 0x1b98  SNMPTRAP - ok
12:29:13.0288 0x1b98  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:29:13.0292 0x1b98  spldr - ok
12:29:13.0301 0x1b98  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:29:13.0313 0x1b98  Spooler - ok
12:29:13.0354 0x1b98  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:29:13.0413 0x1b98  sppsvc - ok
12:29:13.0417 0x1b98  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:29:13.0433 0x1b98  sppuinotify - ok
12:29:13.0436 0x1b98  [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:29:13.0443 0x1b98  SQLWriter - ok
12:29:13.0449 0x1b98  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:29:13.0460 0x1b98  srv - ok
12:29:13.0466 0x1b98  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:29:13.0475 0x1b98  srv2 - ok
12:29:13.0479 0x1b98  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:29:13.0486 0x1b98  srvnet - ok
12:29:13.0489 0x1b98  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:29:13.0506 0x1b98  SSDPSRV - ok
12:29:13.0509 0x1b98  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:29:13.0525 0x1b98  SstpSvc - ok
12:29:13.0534 0x1b98  [ 15E9700890AE50AA6A8B68EBB8F82EAD, 99D909B8A20E47BBDB5902806C700EAF914192561D69182D93357C6C6F30EC0D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:29:13.0543 0x1b98  Steam Client Service - ok
12:29:13.0545 0x1b98  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:29:13.0549 0x1b98  stexstor - ok
12:29:13.0558 0x1b98  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:29:13.0572 0x1b98  stisvc - ok
12:29:13.0575 0x1b98  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:29:13.0579 0x1b98  storflt - ok
12:29:13.0581 0x1b98  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:29:13.0586 0x1b98  StorSvc - ok
12:29:13.0588 0x1b98  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:29:13.0592 0x1b98  storvsc - ok
12:29:13.0594 0x1b98  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:29:13.0598 0x1b98  swenum - ok
12:29:13.0605 0x1b98  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:29:13.0627 0x1b98  swprv - ok
12:29:13.0648 0x1b98  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:29:13.0678 0x1b98  SysMain - ok
12:29:13.0681 0x1b98  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:29:13.0690 0x1b98  TabletInputService - ok
12:29:13.0695 0x1b98  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:29:13.0713 0x1b98  TapiSrv - ok
12:29:13.0715 0x1b98  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:29:13.0731 0x1b98  TBS - ok
12:29:13.0753 0x1b98  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:29:13.0778 0x1b98  Tcpip - ok
12:29:13.0801 0x1b98  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:29:13.0825 0x1b98  TCPIP6 - ok
12:29:13.0829 0x1b98  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:29:13.0834 0x1b98  tcpipreg - ok
12:29:13.0836 0x1b98  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:29:13.0841 0x1b98  TDPIPE - ok
12:29:13.0843 0x1b98  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:29:13.0847 0x1b98  TDTCP - ok
12:29:13.0850 0x1b98  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:29:13.0856 0x1b98  tdx - ok
12:29:13.0919 0x1b98  [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:29:13.0981 0x1b98  TeamViewer - ok
12:29:13.0987 0x1b98  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:29:13.0992 0x1b98  TermDD - ok
12:29:14.0001 0x1b98  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:29:14.0015 0x1b98  TermService - ok
12:29:14.0017 0x1b98  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:29:14.0025 0x1b98  Themes - ok
12:29:14.0027 0x1b98  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:29:14.0042 0x1b98  THREADORDER - ok
12:29:14.0045 0x1b98  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:29:14.0061 0x1b98  TrkWks - ok
12:29:14.0066 0x1b98  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:29:14.0082 0x1b98  TrustedInstaller - ok
12:29:14.0084 0x1b98  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:29:14.0089 0x1b98  tssecsrv - ok
12:29:14.0092 0x1b98  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:29:14.0097 0x1b98  TsUsbFlt - ok
12:29:14.0099 0x1b98  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:29:14.0104 0x1b98  TsUsbGD - ok
12:29:14.0107 0x1b98  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:29:14.0123 0x1b98  tunnel - ok
12:29:14.0125 0x1b98  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:29:14.0130 0x1b98  uagp35 - ok
12:29:14.0135 0x1b98  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:29:14.0153 0x1b98  udfs - ok
12:29:14.0156 0x1b98  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:29:14.0162 0x1b98  UI0Detect - ok
12:29:14.0165 0x1b98  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:29:14.0170 0x1b98  uliagpkx - ok
12:29:14.0171 0x1b98  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:29:14.0177 0x1b98  umbus - ok
12:29:14.0178 0x1b98  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:29:14.0183 0x1b98  UmPass - ok
12:29:14.0187 0x1b98  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:29:14.0194 0x1b98  UmRdpService - ok
12:29:14.0200 0x1b98  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:29:14.0219 0x1b98  upnphost - ok
12:29:14.0223 0x1b98  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:29:14.0229 0x1b98  usbaudio - ok
12:29:14.0231 0x1b98  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:29:14.0237 0x1b98  usbccgp - ok
12:29:14.0240 0x1b98  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:29:14.0245 0x1b98  usbcir - ok
12:29:14.0247 0x1b98  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:29:14.0252 0x1b98  usbehci - ok
12:29:14.0258 0x1b98  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:29:14.0267 0x1b98  usbhub - ok
12:29:14.0269 0x1b98  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:29:14.0274 0x1b98  usbohci - ok
12:29:14.0275 0x1b98  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:29:14.0281 0x1b98  usbprint - ok
12:29:14.0283 0x1b98  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:29:14.0289 0x1b98  usbscan - ok
12:29:14.0291 0x1b98  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:29:14.0297 0x1b98  USBSTOR - ok
12:29:14.0299 0x1b98  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:29:14.0304 0x1b98  usbuhci - ok
12:29:14.0306 0x1b98  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:29:14.0322 0x1b98  UxSms - ok
12:29:14.0324 0x1b98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:29:14.0328 0x1b98  VaultSvc - ok
12:29:14.0330 0x1b98  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:29:14.0335 0x1b98  vdrvroot - ok
12:29:14.0342 0x1b98  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:29:14.0363 0x1b98  vds - ok
12:29:14.0366 0x1b98  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:29:14.0372 0x1b98  vga - ok
12:29:14.0374 0x1b98  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:29:14.0388 0x1b98  VgaSave - ok
12:29:14.0392 0x1b98  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:29:14.0399 0x1b98  vhdmp - ok
12:29:14.0401 0x1b98  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:29:14.0405 0x1b98  viaide - ok
12:29:14.0409 0x1b98  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:29:14.0415 0x1b98  vmbus - ok
12:29:14.0416 0x1b98  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:29:14.0421 0x1b98  VMBusHID - ok
12:29:14.0423 0x1b98  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:29:14.0428 0x1b98  volmgr - ok
12:29:14.0434 0x1b98  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:29:14.0442 0x1b98  volmgrx - ok
12:29:14.0447 0x1b98  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:29:14.0455 0x1b98  volsnap - ok
12:29:14.0458 0x1b98  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:29:14.0464 0x1b98  vsmraid - ok
12:29:14.0484 0x1b98  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:29:14.0518 0x1b98  VSS - ok
12:29:14.0521 0x1b98  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:29:14.0527 0x1b98  vwifibus - ok
12:29:14.0533 0x1b98  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:29:14.0553 0x1b98  W32Time - ok
12:29:14.0556 0x1b98  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:29:14.0561 0x1b98  WacomPen - ok
12:29:14.0563 0x1b98  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:29:14.0578 0x1b98  WANARP - ok
12:29:14.0580 0x1b98  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:29:14.0595 0x1b98  Wanarpv6 - ok
12:29:14.0613 0x1b98  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:29:14.0637 0x1b98  wbengine - ok
12:29:14.0642 0x1b98  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:29:14.0652 0x1b98  WbioSrvc - ok
12:29:14.0658 0x1b98  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:29:14.0670 0x1b98  wcncsvc - ok
12:29:14.0672 0x1b98  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:29:14.0678 0x1b98  WcsPlugInService - ok
12:29:14.0680 0x1b98  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:29:14.0684 0x1b98  Wd - ok
12:29:14.0694 0x1b98  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:29:14.0707 0x1b98  Wdf01000 - ok
12:29:14.0710 0x1b98  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:29:14.0719 0x1b98  WdiServiceHost - ok
12:29:14.0721 0x1b98  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:29:14.0729 0x1b98  WdiSystemHost - ok
12:29:14.0733 0x1b98  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:29:14.0742 0x1b98  WebClient - ok
12:29:14.0747 0x1b98  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:29:14.0765 0x1b98  Wecsvc - ok
12:29:14.0767 0x1b98  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:29:14.0783 0x1b98  wercplsupport - ok
12:29:14.0786 0x1b98  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:29:14.0802 0x1b98  WerSvc - ok
12:29:14.0803 0x1b98  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:29:14.0818 0x1b98  WfpLwf - ok
12:29:14.0820 0x1b98  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:29:14.0825 0x1b98  WIMMount - ok
12:29:14.0826 0x1b98  WinDefend - ok
12:29:14.0828 0x1b98  WinHttpAutoProxySvc - ok
12:29:14.0835 0x1b98  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:29:14.0852 0x1b98  Winmgmt - ok
12:29:14.0876 0x1b98  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
12:29:14.0906 0x1b98  WinRM - ok
12:29:14.0911 0x1b98  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:29:14.0917 0x1b98  WinUsb - ok
12:29:14.0929 0x1b98  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:29:14.0947 0x1b98  Wlansvc - ok
12:29:14.0974 0x1b98  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:29:15.0002 0x1b98  wlidsvc - ok
12:29:15.0005 0x1b98  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:29:15.0010 0x1b98  WmiAcpi - ok
12:29:15.0015 0x1b98  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:29:15.0022 0x1b98  wmiApSrv - ok
12:29:15.0024 0x1b98  WMPNetworkSvc - ok
12:29:15.0025 0x1b98  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:29:15.0031 0x1b98  WPCSvc - ok
12:29:15.0033 0x1b98  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:29:15.0041 0x1b98  WPDBusEnum - ok
12:29:15.0043 0x1b98  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:29:15.0058 0x1b98  ws2ifsl - ok
12:29:15.0061 0x1b98  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:29:15.0069 0x1b98  wscsvc - ok
12:29:15.0071 0x1b98  WSearch - ok
12:29:15.0100 0x1b98  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:29:15.0132 0x1b98  wuauserv - ok
12:29:15.0136 0x1b98  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:29:15.0141 0x1b98  WudfPf - ok
12:29:15.0146 0x1b98  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:29:15.0153 0x1b98  WUDFRd - ok
12:29:15.0156 0x1b98  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:29:15.0162 0x1b98  wudfsvc - ok
12:29:15.0167 0x1b98  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:29:15.0175 0x1b98  WwanSvc - ok
12:29:15.0176 0x1b98  ================ Scan global ===============================
12:29:15.0178 0x1b98  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:29:15.0182 0x1b98  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:29:15.0189 0x1b98  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:29:15.0193 0x1b98  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:29:15.0199 0x1b98  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:29:15.0203 0x1b98  [ Global ] - ok
12:29:15.0203 0x1b98  ================ Scan MBR ==================================
12:29:15.0204 0x1b98  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:29:15.0225 0x1b98  \Device\Harddisk0\DR0 - ok
12:29:15.0230 0x1b98  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:29:15.0271 0x1b98  \Device\Harddisk1\DR1 - ok
12:29:15.0276 0x1b98  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
12:29:15.0379 0x1b98  \Device\Harddisk2\DR2 - ok
12:29:15.0379 0x1b98  ================ Scan VBR ==================================
12:29:15.0383 0x1b98  [ BE54F67307EB287F1CA1AD3B62A1E2B4 ] \Device\Harddisk0\DR0\Partition1
12:29:15.0384 0x1b98  \Device\Harddisk0\DR0\Partition1 - ok
12:29:15.0389 0x1b98  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
12:29:15.0389 0x1b98  \Device\Harddisk0\DR0\Partition2 - ok
12:29:15.0395 0x1b98  [ 2335EC4CF42FF034996D32BCEA048B06 ] \Device\Harddisk0\DR0\Partition3
12:29:15.0398 0x1b98  \Device\Harddisk0\DR0\Partition3 - ok
12:29:15.0406 0x1b98  [ 76D5F80B332DCD35FB513C8B2E00512F ] \Device\Harddisk1\DR1\Partition1
12:29:15.0406 0x1b98  \Device\Harddisk1\DR1\Partition1 - ok
12:29:15.0411 0x1b98  [ 9351AF2D8A933D08401FD5615D187251 ] \Device\Harddisk1\DR1\Partition2
12:29:15.0413 0x1b98  \Device\Harddisk1\DR1\Partition2 - ok
12:29:15.0416 0x1b98  [ 45035FF6019F480C176B5BE0A75437EF ] \Device\Harddisk2\DR2\Partition1
12:29:15.0440 0x1b98  \Device\Harddisk2\DR2\Partition1 - ok
12:29:15.0442 0x1b98  [ B36D48C61DDDF93D50E67E37EF02D1CF ] \Device\Harddisk2\DR2\Partition2
12:29:15.0455 0x1b98  \Device\Harddisk2\DR2\Partition2 - ok
12:29:15.0459 0x1b98  [ 701BE379903A9D017FE77328A32A544C ] \Device\Harddisk2\DR2\Partition3
12:29:15.0482 0x1b98  \Device\Harddisk2\DR2\Partition3 - ok
12:29:15.0487 0x1b98  [ ED67C20C6226E7686C0BD4FCE1D66789 ] \Device\Harddisk2\DR2\Partition4
12:29:15.0491 0x1b98  \Device\Harddisk2\DR2\Partition4 - ok
12:29:15.0491 0x1b98  ================ Scan generic autorun ======================
12:29:15.0497 0x1b98  [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
12:29:15.0506 0x1b98  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
12:29:17.0854 0x1b98  Detect skipped due to KSN trusted
12:29:17.0854 0x1b98  IAStorIcon - ok
12:29:17.0978 0x1b98  [ EEF85F53AB2B172D10629CAE1A491EC2, C0787C1F8C193BCC0577F13A503E939056AD41BC4D34BD4B62DADA7F3D0AF429 ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
12:29:18.0043 0x1b98  ISCT Tray - ok
12:29:18.0131 0x1b98  [ E1026B2975D308D43E896A108C92F1BD, 562903C88BC3CBD86E9A813001C72576181F2470286040240BAC92E5BF1F1583 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:29:18.0214 0x1b98  RTHDVCPL - ok
12:29:18.0225 0x1b98  [ B2B879C0BA746CBB6A97212D8B5908B9, 6B38EB19064746EF42B6DABE754361377D6A460FD8E4C6B619EF4DD659F7357B ] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
12:29:18.0233 0x1b98  ProfilerU - detected UnsignedFile.Multi.Generic ( 1 )
12:29:20.0644 0x1b98  ProfilerU ( UnsignedFile.Multi.Generic ) - warning
12:29:20.0644 0x1b98  Force sending object to P2P due to detect: C:\Program Files\SmartTechnology\Software\ProfilerU.exe
12:29:23.0102 0x1b98  Object send P2P result: true
12:29:25.0506 0x1b98  [ 3371D09E5A75889B1CFAF8C05CAFC3B8, 1CAA518BDFB69062355CD10611076E3DF9196DEB7C49EA11F0F2ADDA3DA1F79F ] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
12:29:25.0526 0x1b98  SaiMfd - detected UnsignedFile.Multi.Generic ( 1 )
12:29:27.0872 0x1b98  SaiMfd ( UnsignedFile.Multi.Generic ) - warning
12:29:30.0253 0x1b98  [ F19BB9A114A0F85E6E8C4395322E7191, FDFAFE5535442031A1102F0AE2B50213BDACA291EF958DE59E9C3CD556BF5DA7 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:29:30.0276 0x1b98  USB3MON - ok
12:29:30.0334 0x1b98  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
12:29:30.0380 0x1b98  SDTray - ok
12:29:30.0385 0x1b98  [ 52356BC35A37001C9456757B22260B77, 6EF36E232D2CC6810D23BB926CD0636DD61B792309706812D1635A68DA044AEE ] C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe
12:29:30.0387 0x1b98  X-55 Rhino - detected UnsignedFile.Multi.Generic ( 1 )
12:29:32.0732 0x1b98  X-55 Rhino ( UnsignedFile.Multi.Generic ) - warning
12:29:35.0152 0x1b98  [ 34560253EF56416ED5F9192AA258407E, 1915FED010A852C65A4BF809D9DC8E8C96ECCABFC6707F1EBA946630F4E56CAF ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
12:29:35.0177 0x1b98  TrojanScanner - ok
12:29:35.0195 0x1b98  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:29:35.0214 0x1b98  Sidebar - ok
12:29:35.0217 0x1b98  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:29:35.0225 0x1b98  mctadmin - ok
12:29:35.0240 0x1b98  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:29:35.0259 0x1b98  Sidebar - ok
12:29:35.0262 0x1b98  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:29:35.0270 0x1b98  mctadmin - ok
12:29:35.0343 0x1b98  [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Stefan\AppData\Roaming\Spotify\Spotify.exe
12:29:35.0417 0x1b98  Spotify - ok
12:29:35.0441 0x1b98  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:29:35.0462 0x1b98  Spotify Web Helper - ok
12:29:35.0463 0x1b98  Waiting for KSN requests completion. In queue: 9
12:29:36.0463 0x1b98  Waiting for KSN requests completion. In queue: 9
12:29:37.0463 0x1b98  Waiting for KSN requests completion. In queue: 7
12:29:38.0501 0x1b98  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
12:29:38.0505 0x1b98  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
12:29:40.0863 0x1b98  ============================================================
12:29:40.0863 0x1b98  Scan finished
12:29:40.0863 0x1b98  ============================================================
12:29:40.0878 0x0810  Detected object count: 3
12:29:40.0878 0x0810  Actual detected object count: 3
12:30:14.0691 0x0810  ProfilerU ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0691 0x0810  ProfilerU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:30:14.0694 0x0810  SaiMfd ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0694 0x0810  SaiMfd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:30:14.0695 0x0810  X-55 Rhino ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0696 0x0810  X-55 Rhino ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:30:17.0806 0x1530  Deinitialize success
         


Alt 30.01.2015, 13:30   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



Ist das ein laptop oder ein Desktop PC?
__________________
--> Tastertur schreibt rückwärts / Desktop spielt verrückt

Alt 30.01.2015, 17:02   #7
Dustoff
 
Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



Hi, ist ein Desktop PC.

Haben die drei gefundenen Sachen eine Bedeutung?

Alt 31.01.2015, 10:28   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



Nein haben sie nicht. Hast du schon mal ein anderes Keybaord getestet?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.01.2015, 10:51   #9
Dustoff
 
Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



Nein, das habe ich noch nicht gemacht...

Ich nehme mal an, dass mein System erstmal okay ausschaut!? Sonst wäre doch sicherlich etwas gefunden worden!?

Alt 31.01.2015, 14:52   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Tastertur schreibt rückwärts / Desktop spielt verrückt - Standard

Tastertur schreibt rückwärts / Desktop spielt verrückt



genau
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Tastertur schreibt rückwärts / Desktop spielt verrückt
andere, browser, desktop, diverse, downloads, folge, folgendes, funktioniert, guten, kaspersky, klicke, klicken, links, neu, neustart, nichts, plötzlich, programm, programme, rechts, spiel, symbol, verrückt, vollständig, zusammen



Ähnliche Themen: Tastertur schreibt rückwärts / Desktop spielt verrückt


  1. System spielt verrückt
    Log-Analyse und Auswertung - 28.05.2015 (8)
  2. Browser spielt verrückt
    Log-Analyse und Auswertung - 23.06.2014 (16)
  3. Pc spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (27)
  4. Tastatur spielt verrückt !
    Netzwerk und Hardware - 28.10.2011 (5)
  5. google spielt verrückt
    Antiviren-, Firewall- und andere Schutzprogramme - 20.04.2010 (3)
  6. Windows XP spielt verrückt
    Log-Analyse und Auswertung - 07.04.2010 (2)
  7. PC spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 25.10.2009 (1)
  8. Maus spielt verrückt
    Log-Analyse und Auswertung - 17.03.2009 (0)
  9. Pc spielt Verrückt.
    Log-Analyse und Auswertung - 21.02.2009 (6)
  10. PC spielt verrückt -.-
    Log-Analyse und Auswertung - 13.01.2009 (1)
  11. IE spielt verrückt
    Mülltonne - 14.11.2007 (0)
  12. Tastatur schreibt oft rückwärts, was ist los? Hilfe!
    Log-Analyse und Auswertung - 26.05.2006 (14)
  13. Sound spielt verrückt
    Netzwerk und Hardware - 09.04.2006 (2)
  14. HILFE: Internet Explorer schreibt rückwärts!
    Plagegeister aller Art und deren Bekämpfung - 04.09.2005 (1)
  15. rad spielt verrückt?
    Alles rund um Windows - 23.03.2005 (4)
  16. svchost spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 16.02.2005 (27)
  17. ie spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 27.12.2003 (18)

Zum Thema Tastertur schreibt rückwärts / Desktop spielt verrückt - Guten Abend Zusammen, ich bin neu hier im Forum. Also bitte seit nicht ganz so streng mit mir :-) Ich habe folgendes Problem...nach unbestimmter Zeit spielt mein PC irgendwie verrückt. - Tastertur schreibt rückwärts / Desktop spielt verrückt...
Archiv
Du betrachtest: Tastertur schreibt rückwärts / Desktop spielt verrückt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.