Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.03.2015, 17:17   #1
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo!
Ich habe ein Dell-Laptop (Modell Vostro), welches nach Software-Problemen Ende Dez. 2014 komplett neu aufgesetzt wurde (Windows 7 neu installiert und konfiguriert nach Microsoft Vorgaben, Aktualisierung der Treiber).

Seitdem lief es gut, bis zum 11.3., als Windows völlig unvermittelt komplett abstürzte. Der Bildschirm war zunächst schwarz und dann blau. Ich musste eine Systemwiederherstellung machen, die ca. 45 Min. dauerte. Nach der Systemwiederherstellung erschien folgende Meldung: „Das Problem wurde möglicherweise durch nicht angegebene Systemkonfigurationsänderungen verursacht. Reparaturaktion: Systemwiederherstellung, Ergebnis: Fehler. Fehlercode: 0x1f, Reparaturaktion: Integritätsprüfung und Reparatur von Systemdateien. Ergebnis: Erfolgreich abgeschlossen. Fehlercode = 0x0“)"

Bis gestern lief das Gerät wieder normal (bis auf häufige Firefox-Probleme) und stürzte wieder auf die gleiche Art und Weise ab. Mit dem einzigen Unterschied, dass ich dieses Mal keine komplette Systemwiederherstellung machen musste, sondern dass die 2. Option auf dem blauen Bildschirm "Windows normal starten" funktionierte (beim 1. Mal am 11.3. ging das nicht), sprich Windows konnte wieder gestartet werden.

Ich weiß jetzt schlichtweg nicht, ob ich mir da etwas eingefangen habe oder ob ich ein ganz anderes Problem habe (z. B. ein Hardware-Thema). Ersteres würde ich gerne ausschließen, bevor ich mir einen neuen PC kaufe...


Mit der Bitte um kurze Info, ob/was ich Euch für files zur Verfügung stellen soll.

Vielen Dank für Eure Hilfe im Voraus!
Maja

Alt 30.03.2015, 17:18   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 30.03.2015, 18:24   #3
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hi,
leider bin ich gerade nicht in der Lage mir die Scan-Software (64 bit-Version) runterzuladen, egal welchen Download-Button ich drücke, ich werde zum Download von der "All-in-one Allin1Convert™-Toolbar" geführt, die ich ja wohl nicht will?

Ich sollte das ja in meiner 1. Antwort angeben: Ich bin Existenzgründerin/Einzelunternehmerin ohne Angestellte und ohne IT-Abteilung.

Mit der Bitte um kurze Info betr. Download, DANKE!

Ich bitte um Nachsicht, den Textlink habe ich angesichts der zahlreichen Download-Buttons irgendwie übersehen (bei mir liegen gerade die Nerven etwas blank). Hier kommen die benötigten Scans:

FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Nadine Dvorak (administrator) on DELL on 30-03-2015 19:11:15
Running from C:\Users\Nadine Dvorak\Downloads
Loaded Profiles: Nadine Dvorak & UpdatusUser (Available profiles: Nadine Dvorak & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.)
HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\...\Run: [GMX Application {sync-000021}] => C:\Users\Nadine Dvorak\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe [781312 2015-02-18] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\...\Run: [DellSystemDetect] => C:\Users\Nadine Dvorak\AppData\Local\Apps\2.0\OQMWQXAT.VLC\1GNNCX3B.7PL\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2014-12-20] (Dell)
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\...\Run: [DellSystemDetect] => C:\Users\UpdatusUser\AppData\Local\Apps\2.0\OQMWQXAT.VLC\1GNNCX3B.7PL\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\...\MountPoints2: {2617604e-8868-11e4-a051-806e6f6e6963} - X:\start.exe
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20141228154428983.dll (1&1 Mail & Media GmbH)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4212112752-3989366140-1034592079-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-4212112752-3989366140-1034592079-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nadine Dvorak\AppData\Roaming\Mozilla\Firefox\Profiles\crradbte.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-23] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Nadine Dvorak\AppData\Roaming\Mozilla\Firefox\Profiles\crradbte.default\Extensions\trash [2015-03-30]

Chrome: 
=======
CHR Profile: C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-20]
CHR Extension: (Google Docs) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-20]
CHR Extension: (Google Drive) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-20]
CHR Extension: (YouTube) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-20]
CHR Extension: (Google Search) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-20]
CHR Extension: (Google Sheets) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-20]
CHR Extension: (Google Wallet) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-20]
CHR Extension: (Gmail) - C:\Users\Nadine Dvorak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-11] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-09] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 19:11 - 2015-03-30 19:11 - 00015755 _____ () C:\Users\Nadine Dvorak\Downloads\FRST.txt
2015-03-30 19:10 - 2015-03-30 19:11 - 00000000 ____D () C:\FRST
2015-03-30 19:10 - 2015-03-30 19:10 - 02095616 _____ (Farbar) C:\Users\Nadine Dvorak\Downloads\FRST64.exe
2015-03-30 00:27 - 2015-03-30 00:27 - 260905513 _____ () C:\Windows\MEMORY.DMP
2015-03-30 00:27 - 2015-03-30 00:27 - 00262224 _____ () C:\Windows\Minidump\033015-24679-01.dmp
2015-03-30 00:27 - 2015-03-30 00:27 - 00000000 ____D () C:\Windows\Minidump
2015-03-28 20:36 - 2015-03-28 20:36 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Local\Autodesk
2015-03-28 20:35 - 2015-03-28 20:35 - 00001870 _____ () C:\Users\Public\Desktop\Pixlr .lnk
2015-03-28 20:35 - 2015-03-28 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-28 20:35 - 2015-03-28 20:35 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-03-28 20:33 - 2015-03-28 20:33 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Roaming\Autodesk
2015-03-28 20:33 - 2015-03-28 20:33 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-28 20:32 - 2015-03-28 20:32 - 00000000 ____D () C:\Autodesk
2015-03-28 20:30 - 2015-03-28 20:31 - 35841688 _____ () C:\Users\Nadine Dvorak\Downloads\Autodesk_Pixlr_v1.0.3.0_Win32.exe
2015-03-26 00:08 - 2015-03-26 00:08 - 01054912 _____ (Adobe) C:\Users\Nadine Dvorak\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih(1).exe
2015-03-24 21:30 - 2015-03-24 21:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-24 21:15 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-24 21:15 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-24 21:15 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-24 21:15 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-24 21:15 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-24 21:15 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-24 21:15 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 21:15 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-19 20:33 - 2015-03-19 20:33 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Local\PDFCreator
2015-03-19 20:31 - 2015-03-19 20:32 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-03-19 20:31 - 2015-03-19 20:32 - 00000000 ____D () C:\Program Files\PDFCreator
2015-03-19 20:31 - 2015-03-19 20:31 - 00000837 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-03-19 20:31 - 2015-03-19 20:31 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Roaming\pdfforge
2015-03-19 20:31 - 2015-03-19 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-19 20:10 - 2015-03-19 20:11 - 27721680 _____ (pdfforge ) C:\Users\Nadine Dvorak\Downloads\PDFCreator-2_0_2-setup.exe
2015-03-11 21:06 - 2015-02-20 07:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:06 - 2015-02-20 07:25 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:06 - 2015-02-20 07:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:06 - 2015-02-20 07:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:06 - 2015-02-20 07:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:06 - 2015-02-20 07:17 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:06 - 2015-02-20 07:17 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:06 - 2015-02-20 07:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:06 - 2015-02-20 05:50 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:06 - 2015-02-20 05:46 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:05 - 2015-02-03 05:38 - 03977664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:05 - 2015-02-03 05:38 - 03921848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:05 - 2015-02-03 05:32 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:05 - 2015-02-03 05:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:05 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:05 - 2015-02-03 05:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:05 - 2015-02-03 05:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:05 - 2015-02-03 05:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:05 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:05 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:05 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:04 - 2015-02-03 05:55 - 05553600 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:04 - 2015-02-03 05:55 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:04 - 2015-02-03 05:55 - 00095160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:04 - 2015-02-03 05:53 - 00617376 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:04 - 2015-02-03 05:51 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:04 - 2015-02-03 05:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:04 - 2015-02-03 05:51 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:04 - 2015-02-03 05:51 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:04 - 2015-02-03 05:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:04 - 2015-02-03 05:51 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:04 - 2015-02-03 05:50 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:04 - 2015-02-03 05:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:04 - 2015-02-03 05:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:04 - 2015-02-03 05:50 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:04 - 2015-02-03 05:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:04 - 2015-02-03 05:50 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:04 - 2015-02-03 05:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:04 - 2015-02-03 05:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:04 - 2015-02-03 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:04 - 2015-02-03 05:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:04 - 2015-02-03 05:32 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:04 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:04 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:04 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:04 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:04 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:04 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:03 - 2015-02-03 05:51 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:03 - 2015-02-03 05:51 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:03 - 2015-02-03 05:51 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:03 - 2015-02-03 05:50 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:03 - 2015-02-03 05:50 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:03 - 2015-02-03 05:50 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:03 - 2015-02-03 05:32 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:03 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:03 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:03 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:03 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:03 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:03 - 2015-02-03 04:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:03 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:03 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:03 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:01 - 2015-02-13 07:01 - 12878336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:00 - 2015-02-13 07:13 - 14182912 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 01:59 - 2015-03-06 07:12 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 01:59 - 2015-03-06 07:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 01:59 - 2015-03-06 07:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 01:59 - 2015-03-06 07:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 01:59 - 2015-03-06 07:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 01:59 - 2015-03-06 07:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 01:59 - 2015-03-06 07:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 01:59 - 2015-03-06 07:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 01:58 - 2015-03-11 01:58 - 00000000 ____D () C:\48ad5f2bd7c5b78e91
2015-03-11 01:58 - 2015-03-06 07:38 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 01:58 - 2015-03-06 07:38 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 01:58 - 2015-03-06 07:33 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 01:58 - 2015-03-06 07:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 01:58 - 2015-03-06 07:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 01:58 - 2015-03-06 07:33 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00315904 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 01:58 - 2015-03-06 07:32 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 01:58 - 2015-03-06 07:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 01:58 - 2015-03-06 07:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 01:58 - 2015-03-06 07:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 01:58 - 2015-03-06 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 01:58 - 2015-03-06 07:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 01:58 - 2015-01-31 01:58 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 01:52 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 01:52 - 2015-01-17 05:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 01:52 - 2015-01-17 05:03 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 01:51 - 2015-02-26 05:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 01:51 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 01:49 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 01:49 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 01:49 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 01:49 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 01:49 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 01:49 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 01:49 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 01:49 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 01:49 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 01:49 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 01:49 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 01:49 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 01:49 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 01:49 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 01:49 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 01:49 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 01:49 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 01:49 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 01:49 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 01:49 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 01:49 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 01:49 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 01:49 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 01:49 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 01:49 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 01:49 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 01:49 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 01:49 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 01:49 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 01:49 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 01:49 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 01:49 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 01:49 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 01:49 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 01:49 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 01:49 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 01:49 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 01:49 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 01:49 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 01:49 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 01:49 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 01:49 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 01:49 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 01:48 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 01:48 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 01:48 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 01:48 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 01:48 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 01:48 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 01:48 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 01:48 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 01:48 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 01:48 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 01:48 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 01:48 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 01:48 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 01:48 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 01:48 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-02 18:29 - 2015-03-02 18:29 - 00000000 _____ () C:\Windows\SysWOW64\debug.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 19:11 - 2014-12-20 14:27 - 01784566 _____ () C:\Windows\WindowsUpdate.log
2015-03-30 19:10 - 2014-12-20 17:38 - 00000000 ____D () C:\Users\Nadine Dvorak\Documents\Outlook-Datendateien
2015-03-30 19:01 - 2014-12-20 15:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-30 18:32 - 2009-07-14 06:45 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-30 18:32 - 2009-07-14 06:45 - 00022496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-30 18:20 - 2014-12-20 16:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 17:33 - 2011-04-12 09:43 - 00702980 _____ () C:\Windows\system32\perfh007.dat
2015-03-30 17:33 - 2011-04-12 09:43 - 00150532 _____ () C:\Windows\system32\perfc007.dat
2015-03-30 17:33 - 2009-07-14 07:13 - 01628148 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-30 16:47 - 2009-07-14 06:51 - 00033027 _____ () C:\Windows\setupact.log
2015-03-30 00:28 - 2014-12-20 16:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-30 00:27 - 2014-12-20 18:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-30 00:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 11:54 - 2014-12-28 16:53 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Local\CrashDumps
2015-03-28 20:36 - 2015-01-03 14:09 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Roaming\NVIDIA
2015-03-26 18:35 - 2014-12-20 14:39 - 00000000 ____D () C:\Users\Nadine Dvorak\Korrespondenz
2015-03-26 10:56 - 2014-12-20 15:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 00:10 - 2014-12-20 15:47 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Local\Adobe
2015-03-26 00:09 - 2014-12-20 15:28 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-26 00:09 - 2014-12-20 15:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-26 00:09 - 2014-12-20 15:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-26 00:01 - 2014-12-20 18:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-26 00:01 - 2014-12-20 18:48 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-21 23:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-19 20:01 - 2014-12-20 14:36 - 00000000 ____D () C:\Users\Nadine Dvorak\Bewerbung
2015-03-12 09:51 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 09:48 - 2009-07-14 06:45 - 00435192 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 09:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 09:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 20:30 - 2014-12-20 15:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 20:29 - 2014-12-20 16:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-11 08:34 - 2014-12-28 16:44 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Local\GMX Application {sync-000021}
2015-03-11 08:32 - 2010-11-21 05:47 - 00027122 _____ () C:\Windows\PFRO.log
2015-03-11 01:48 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 01:47 - 2014-12-20 18:14 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 01:29 - 2014-12-20 18:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 01:14 - 2014-12-20 14:33 - 00000000 ____D () C:\Users\Nadine Dvorak
2015-03-11 01:00 - 2014-12-20 15:57 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-03-11 01:00 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2015-03-11 01:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-11 00:59 - 2015-01-16 11:32 - 00000000 ____D () C:\Windows\AutoKMS
2015-03-11 00:59 - 2014-12-20 15:56 - 00000000 __RHD () C:\MSOCache
2015-03-11 00:59 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-11 00:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-07 18:15 - 2014-12-20 14:36 - 00000000 ____D () C:\Users\Nadine Dvorak\Bankkonten
2015-03-07 00:59 - 2014-12-20 14:39 - 00000000 ____D () C:\Users\Nadine Dvorak\Einladungen-Feste
2015-03-06 01:17 - 2014-12-20 14:43 - 00000000 ____D () C:\Users\Nadine Dvorak\PC
2015-03-05 00:41 - 2014-12-20 21:11 - 00000514 _____ () C:\Windows\Tasks\AsLiftRightsForClient_SessionSessionId1.job
2015-03-05 00:40 - 2014-12-20 21:11 - 00002744 _____ () C:\Windows\System32\Tasks\AsLiftRightsForClient_SessionSessionId1
2015-03-03 20:46 - 2014-12-20 14:43 - 00000000 ____D () C:\Users\Nadine Dvorak\Reise
2015-03-03 15:17 - 2010-11-21 05:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 18:29 - 2014-12-20 14:34 - 00000000 ____D () C:\Users\Nadine Dvorak\AppData\Roaming\Adobe

Some content of TEMP:
====================
C:\Users\Nadine Dvorak\AppData\Local\Temp\AcDeltree.exe
C:\Users\Nadine Dvorak\AppData\Local\Temp\ose00000.exe
C:\Users\Nadine Dvorak\AppData\Local\Temp\Setup.exe
C:\Users\Nadine Dvorak\AppData\Local\Temp\_is13EF.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-26 11:46

==================== End Of Log ============================
         
--- --- ---

--- --- ---


ADDITION.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Nadine Dvorak at 2015-03-30 19:12:27
Running from C:\Users\Nadine Dvorak\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.17 - STMicroelectronics)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Allway Sync version 14.2.1 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.3.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.3.0 - Autodesk) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.19.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Dell System Detect (HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell System Detect (HKU\S-1-5-21-4212112752-3989366140-1034592079-1001\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
GMX MediaCenter 1.11.4175.0 (HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\...\GMX Application {sync-000021}) (Version: 1.11.4175.0 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.95 - Heiko Schröder)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

11-03-2015 08:35:55 Windows Update
12-03-2015 09:15:53 Windows Update
16-03-2015 01:35:52 Windows Update
20-03-2015 17:37:35 Windows Update
23-03-2015 20:04:54 Windows Update
25-03-2015 23:32:39 Windows Update
30-03-2015 00:00:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03A706A8-D558-4B32-ABBD-7412F315B75D} - System32\Tasks\AsLiftRightsForClient_SessionSessionId1 => C:\Users\Nadine Dvorak\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.0.4356\client.exe [2014-12-03] (pcvisit Software ag)
Task: {2DCD4335-2328-49C4-8C2C-6734DC20ADC0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {369694BE-8876-40AB-9AE6-60CD71AFA987} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-26] (Adobe Systems Incorporated)
Task: {3C0EDC57-7988-4069-B923-DCFF2B9B60E7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {424475BC-9713-490C-B600-6F54A662CD8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {839E96BE-CF27-46B5-B9F6-7D82A3CCF88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {ACEEAEA6-3A05-4DA2-A852-4A5D2103DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {D338A5C3-C5BB-404F-87E3-AA920EBBD74D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4AA62A7-6AB1-475C-9872-19BB8208442B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AsLiftRightsForClient_SessionSessionId1.job => C:\Users\Nadine Dvorak\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.0.4356\client.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-20 18:08 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-20 16:58 - 2010-10-01 10:48 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-21 02:13 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-20 16:57 - 2014-12-20 16:57 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1199075de886acc794eb9eb953fc3c7e\IsdiInterop.ni.dll
2014-12-20 16:57 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-12 18:17 - 2014-11-12 18:17 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll
2014-01-23 08:55 - 2014-01-23 08:55 - 01030312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-03-26 00:09 - 2015-03-26 00:09 - 16858288 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4212112752-3989366140-1034592079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-4212112752-3989366140-1034592079-500 - Administrator - Disabled)
Gast (S-1-5-21-4212112752-3989366140-1034592079-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4212112752-3989366140-1034592079-1003 - Limited - Enabled)
Nadine Dvorak (S-1-5-21-4212112752-3989366140-1034592079-1000 - Administrator - Enabled) => C:\Users\Nadine Dvorak
UpdatusUser (S-1-5-21-4212112752-3989366140-1034592079-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2015 00:29:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 00:21:06 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070015.

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 111416

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 111416

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10125

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10125

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 11:44:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (03/29/2015 11:44:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126


System errors:
=============
Error: (03/30/2015 07:02:54 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/30/2015 05:59:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/30/2015 04:47:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/30/2015 03:47:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/30/2015 00:30:55 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/30/2015 00:27:48 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0xc000021a (0xfffff8a00091ae60, 0x00000000c0000189, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP033015-24679-01

Error: (03/30/2015 00:27:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎03.‎2015 um 00:20:49 unerwartet heruntergefahren.

Error: (03/29/2015 11:48:51 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/29/2015 11:33:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/29/2015 10:15:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{255B9928-060C-4346-A793-130C89B438EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (03/30/2015 00:29:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 00:21:06 AM) (Source: Outlook) (EventID: 34) (User: )
Description: 0x80070015

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 111416

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 111416

Error: (03/29/2015 11:46:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10125

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10125

Error: (03/29/2015 11:44:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 11:44:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (03/29/2015 11:44:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 45%
Total physical RAM: 2998.61 MB
Available physical RAM: 1642.34 MB
Total Pagefile: 5995.39 MB
Available Pagefile: 4209.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (7) (Fixed) (Total:297.99 GB) (Free:209.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2F4BA9C2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 31.03.2015, 05:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.04.2015, 21:13   #5
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo,

vielen Dank für die Instruktionen. Ich habe beides ausgeführt und in beiden Fällen wurde nichts gefunden!
Das Ergebnis in Malwarebytes: "Scan finished: no malware found!"

Hier der TDSS-Killer-logfile:
Code:
ATTFilter
22:01:32.0117 0x1290  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:01:41.0799 0x1290  ============================================================
22:01:41.0799 0x1290  Current date / time: 2015/04/01 22:01:41.0799
22:01:41.0799 0x1290  SystemInfo:
22:01:41.0799 0x1290  
22:01:41.0799 0x1290  OS Version: 6.1.7601 ServicePack: 1.0
22:01:41.0800 0x1290  Product type: Workstation
22:01:41.0800 0x1290  ComputerName: DELL
22:01:41.0800 0x1290  UserName: Nadine Dvorak
22:01:41.0800 0x1290  Windows directory: C:\Windows
22:01:41.0800 0x1290  System windows directory: C:\Windows
22:01:41.0800 0x1290  Running under WOW64
22:01:41.0800 0x1290  Processor architecture: Intel x64
22:01:41.0800 0x1290  Number of processors: 4
22:01:41.0800 0x1290  Page size: 0x1000
22:01:41.0800 0x1290  Boot type: Normal boot
22:01:41.0800 0x1290  ============================================================
22:01:42.0029 0x1290  KLMD registered as C:\Windows\system32\drivers\70451201.sys
22:01:42.0673 0x1290  System UUID: {79EA6DC8-305D-B4AE-8247-6B7D1C0E039B}
22:01:43.0839 0x1290  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:01:43.0844 0x1290  ============================================================
22:01:43.0844 0x1290  \Device\Harddisk0\DR0:
22:01:43.0844 0x1290  MBR partitions:
22:01:43.0844 0x1290  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:01:43.0844 0x1290  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
22:01:43.0844 0x1290  ============================================================
22:01:43.0862 0x1290  C: <-> \Device\Harddisk0\DR0\Partition2
22:01:43.0862 0x1290  ============================================================
22:01:43.0862 0x1290  Initialize success
22:01:43.0863 0x1290  ============================================================
22:02:05.0492 0x13dc  ============================================================
22:02:05.0492 0x13dc  Scan started
22:02:05.0492 0x13dc  Mode: Manual; 
22:02:05.0492 0x13dc  ============================================================
22:02:05.0492 0x13dc  KSN ping started
22:02:08.0200 0x13dc  KSN ping finished: true
22:02:08.0628 0x13dc  ================ Scan system memory ========================
22:02:08.0628 0x13dc  System memory - ok
22:02:08.0629 0x13dc  ================ Scan services =============================
22:02:08.0767 0x13dc  [ 0B94DF0DB9DCA3EDB2B57747D5433E7F, B8C4501476396B434D5EA35451556CB97ACF4C8CF666B9C753E2FEFA77DD7213 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:02:08.0777 0x13dc  1394ohci - ok
22:02:08.0843 0x13dc  [ AEDB94A49236F5FF060C90E09E70281F, 111ADF5A4B19A31A86DD9D62F06C065B983A11E3286BA973D0080FBB38D2E514 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
22:02:08.0846 0x13dc  Acceler - ok
22:02:08.0886 0x13dc  [ 114ACFE781B214B95F53D52020466CFD, CB25CED9C0AA17CC14AABBE845BF497E33C0642699236A93BCA7B197CAA6D2D8 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:02:08.0900 0x13dc  ACPI - ok
22:02:08.0932 0x13dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:02:08.0934 0x13dc  AcpiPmi - ok
22:02:09.0033 0x13dc  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:02:09.0037 0x13dc  AdobeARMservice - ok
22:02:09.0135 0x13dc  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:02:09.0149 0x13dc  AdobeFlashPlayerUpdateSvc - ok
22:02:09.0188 0x13dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:02:09.0203 0x13dc  adp94xx - ok
22:02:09.0261 0x13dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:02:09.0276 0x13dc  adpahci - ok
22:02:09.0294 0x13dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:02:09.0299 0x13dc  adpu320 - ok
22:02:09.0330 0x13dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:02:09.0332 0x13dc  AeLookupSvc - ok
22:02:09.0383 0x13dc  [ BDF76C3CE993FFB6214287272708364F, C2112D58104DD8FB74530F6DCA4F1261C82F26DE928E0BD764BCB6EF49B59A2D ] AFD             C:\Windows\system32\drivers\afd.sys
22:02:09.0397 0x13dc  AFD - ok
22:02:09.0424 0x13dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:02:09.0426 0x13dc  agp440 - ok
22:02:09.0434 0x13dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:02:09.0440 0x13dc  ALG - ok
22:02:09.0467 0x13dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:02:09.0469 0x13dc  aliide - ok
22:02:09.0473 0x13dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:02:09.0474 0x13dc  amdide - ok
22:02:09.0480 0x13dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:02:09.0482 0x13dc  AmdK8 - ok
22:02:09.0487 0x13dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:02:09.0489 0x13dc  AmdPPM - ok
22:02:09.0560 0x13dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:02:09.0563 0x13dc  amdsata - ok
22:02:09.0622 0x13dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:02:09.0633 0x13dc  amdsbs - ok
22:02:09.0652 0x13dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:02:09.0654 0x13dc  amdxata - ok
22:02:09.0699 0x13dc  [ 02D4DE040DA056068F5D275445CE336A, 38D2985FDB9516207DEC77509BC48598392BEAA5F6FB58ABC97C59D97335CB6A ] AppID           C:\Windows\system32\drivers\appid.sys
22:02:09.0703 0x13dc  AppID - ok
22:02:09.0723 0x13dc  [ A14B9A51587AACB37EAE5CD29C862C78, 4819237772CE816B535DA64AA7366710871620205F83F67C38CF2E4A69E5DF02 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:02:09.0726 0x13dc  AppIDSvc - ok
22:02:09.0746 0x13dc  [ 9651B55594F10F65D6D4498B89E5A4C5, 0726F44A81298116E61DCF720383C2E295EA96C79364A19B1ED1C274D20B3D77 ] Appinfo         C:\Windows\System32\appinfo.dll
22:02:09.0750 0x13dc  Appinfo - ok
22:02:09.0810 0x13dc  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:02:09.0814 0x13dc  Apple Mobile Device - ok
22:02:09.0829 0x13dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:02:09.0834 0x13dc  arc - ok
22:02:09.0842 0x13dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:02:09.0846 0x13dc  arcsas - ok
22:02:09.0937 0x13dc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:02:09.0967 0x13dc  aspnet_state - ok
22:02:09.0991 0x13dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:02:09.0993 0x13dc  AsyncMac - ok
22:02:10.0027 0x13dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:02:10.0029 0x13dc  atapi - ok
22:02:10.0089 0x13dc  [ FD26867D65646A4DEFDA725096C688FA, 883ECC4B09946E5766FECC926CD9FC383758ED322675A7E2CE9806E4A9C3C9C5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:02:10.0108 0x13dc  AudioEndpointBuilder - ok
22:02:10.0130 0x13dc  [ FD26867D65646A4DEFDA725096C688FA, 883ECC4B09946E5766FECC926CD9FC383758ED322675A7E2CE9806E4A9C3C9C5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:02:10.0145 0x13dc  AudioSrv - ok
22:02:10.0177 0x13dc  [ CDA9ED9AEE49BB4076B0FAF5DBE3B666, 31FA98F0A6284EAD0110944694C70C978E3825884F6B429C353B966E20A43413 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:02:10.0181 0x13dc  AxInstSV - ok
22:02:10.0224 0x13dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:02:10.0238 0x13dc  b06bdrv - ok
22:02:10.0267 0x13dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:02:10.0275 0x13dc  b57nd60a - ok
22:02:10.0488 0x13dc  [ 43AD3D3E7674833FCA9A7C4E7180AD54, 81CBF3146853FCCA26C14D23160892BD892269C5BB8B2167837339372BD38DA2 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
22:02:10.0608 0x13dc  BCM43XX - ok
22:02:10.0634 0x13dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:02:10.0637 0x13dc  BDESVC - ok
22:02:10.0649 0x13dc  [ 35BC71BC8B0E7BCA41352679B19AD070, 9AE92D8E5575ACD3EF7143076B473E09D75520302EF1C64057F991070B84118B ] Beep            C:\Windows\system32\drivers\Beep.sys
22:02:10.0650 0x13dc  Beep - ok
22:02:10.0713 0x13dc  [ 9A65B27028F7CAFEDC414A648773D3E7, 37F433F30FF081AAFD914B4A84A7B3A44452A641ACB4B8719EC1C971665F25B5 ] BFE             C:\Windows\System32\bfe.dll
22:02:10.0735 0x13dc  BFE - ok
22:02:10.0782 0x13dc  [ 7F299EC15BD781C260213704032970D2, D8B445AE20C68E2070F56A65770C310F9C4603CB3B02856B76989328BA4E3299 ] BITS            C:\Windows\System32\qmgr.dll
22:02:10.0805 0x13dc  BITS - ok
22:02:10.0837 0x13dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:02:10.0839 0x13dc  blbdrive - ok
22:02:10.0911 0x13dc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:02:10.0929 0x13dc  Bonjour Service - ok
22:02:10.0961 0x13dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:02:10.0964 0x13dc  bowser - ok
22:02:10.0982 0x13dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:02:10.0984 0x13dc  BrFiltLo - ok
22:02:10.0998 0x13dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:02:10.0999 0x13dc  BrFiltUp - ok
22:02:11.0022 0x13dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:02:11.0027 0x13dc  Browser - ok
22:02:11.0069 0x13dc  [ 6DF544E72FF139E8FBBBA6D0E569BEA5, 80B1D95F55E86CF442FCC3B2EF143C5E98F30FE809DC24A3CEE17D9D5EC1B7AC ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
22:02:11.0072 0x13dc  BrSerIb - ok
22:02:11.0095 0x13dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:02:11.0103 0x13dc  Brserid - ok
22:02:11.0108 0x13dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:02:11.0110 0x13dc  BrSerWdm - ok
22:02:11.0114 0x13dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:02:11.0115 0x13dc  BrUsbMdm - ok
22:02:11.0119 0x13dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:02:11.0121 0x13dc  BrUsbSer - ok
22:02:11.0140 0x13dc  [ 80082AD46578F0D3270D2E56D6433082, 8798F19B2966C24D122F03D34B605B660F676AC55535530D39FDE2BECAE09809 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
22:02:11.0141 0x13dc  BrUsbSIb - ok
22:02:11.0164 0x13dc  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
22:02:11.0171 0x13dc  BrYNSvc - ok
22:02:11.0177 0x13dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:02:11.0180 0x13dc  BTHMODEM - ok
22:02:11.0216 0x13dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:02:11.0219 0x13dc  bthserv - ok
22:02:11.0233 0x13dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:02:11.0237 0x13dc  cdfs - ok
22:02:11.0270 0x13dc  [ E5F4FD3D59B9141560D4174AAE6E66E0, 41614846F083525E913C4C36FB3E4227138833978ECCD840737B766F0BA24D62 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:02:11.0273 0x13dc  cdrom - ok
22:02:11.0305 0x13dc  [ 89050BDC752EC2AAEDC50789223CD5E9, CECE30222CC9722655690C5A319F478A9E0C0C8100E660CA2B976852AB9CFDEF ] CertPropSvc     C:\Windows\System32\certprop.dll
22:02:11.0308 0x13dc  CertPropSvc - ok
22:02:11.0312 0x13dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:02:11.0314 0x13dc  circlass - ok
22:02:11.0329 0x13dc  [ 7D4ABBB2980BAC8255515FB327A6FF97, 0F0435572CFEEEF33D5B7148BD11E8E0EEA032D82F7CDB3AD59AFA2AD1710ECE ] CLFS            C:\Windows\system32\CLFS.sys
22:02:11.0338 0x13dc  CLFS - ok
22:02:11.0399 0x13dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:02:11.0404 0x13dc  clr_optimization_v2.0.50727_32 - ok
22:02:11.0457 0x13dc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:02:11.0463 0x13dc  clr_optimization_v2.0.50727_64 - ok
22:02:11.0538 0x13dc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:02:11.0544 0x13dc  clr_optimization_v4.0.30319_32 - ok
22:02:11.0571 0x13dc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:02:11.0634 0x13dc  clr_optimization_v4.0.30319_64 - ok
22:02:11.0695 0x13dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:02:11.0697 0x13dc  CmBatt - ok
22:02:11.0712 0x13dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:02:11.0714 0x13dc  cmdide - ok
22:02:11.0760 0x13dc  [ 4566E7FEA8C966648DFC34FE9953653E, CEFF85D84529F8EFE119ECC8E521B854A4A30F30F4212B30AE8B577F41682576 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:02:11.0779 0x13dc  CNG - ok
22:02:11.0799 0x13dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:02:11.0801 0x13dc  Compbatt - ok
22:02:11.0808 0x13dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:02:11.0810 0x13dc  CompositeBus - ok
22:02:11.0822 0x13dc  COMSysApp - ok
22:02:11.0837 0x13dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:02:11.0838 0x13dc  crcdisk - ok
22:02:11.0869 0x13dc  [ 00D0F7BA3B27126A3E25B540979A9F39, 1B32482E674995B14BDE6A75C784209F5A75DEFD180595CFBE82D20D4B37E96D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:02:11.0875 0x13dc  CryptSvc - ok
22:02:11.0912 0x13dc  [ 5CC1040FDA8A7EF9A17D39DA339ACFCF, A8BAA5CE72F898E5C270DE6779179AA5E97B54592BF03A71DE60D7305D0EF2B1 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:02:11.0926 0x13dc  DcomLaunch - ok
22:02:11.0957 0x13dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:02:11.0965 0x13dc  defragsvc - ok
22:02:11.0997 0x13dc  [ F55E55EE7E21CF2F9028B83C0DCFEA81, 79E865ADAF57609B8C6BEF18567F18725647B7CEA68789058DFB56A32FF641E2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:02:12.0000 0x13dc  DfsC - ok
22:02:12.0048 0x13dc  [ 3855C80D6D8EAAF826D0704F0C4C95A0, D96D864190D3CA841EC4C0F6E2E04DF49AB3FB18016AE9B18E6624E0DF2ED84C ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:02:12.0064 0x13dc  Dhcp - ok
22:02:12.0088 0x13dc  [ 9ED290A1E8FDBCF269B26CDA541DDC84, 103332D59EFAAF60B014F4450C4B68051417B5CBBF4CA1769CCE694925CB0A83 ] discache        C:\Windows\system32\drivers\discache.sys
22:02:12.0090 0x13dc  discache - ok
22:02:12.0122 0x13dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:02:12.0125 0x13dc  Disk - ok
22:02:12.0154 0x13dc  [ 46295251B5536E8C13BD6A6A1C1B4B30, B9B064D8E96421080B36211E6A9EF2C01165B6E704B6AA137268B74E627F4A20 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:02:12.0163 0x13dc  Dnscache - ok
22:02:12.0180 0x13dc  [ 8DA62036CC6192959D675142A3084916, BA97989D8E047872C54BC517697366741AFBB483906185EDED67C7C5854FCB4F ] dot3svc         C:\Windows\System32\dot3svc.dll
22:02:12.0190 0x13dc  dot3svc - ok
22:02:12.0207 0x13dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:02:12.0212 0x13dc  DPS - ok
22:02:12.0246 0x13dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:02:12.0247 0x13dc  drmkaud - ok
22:02:12.0300 0x13dc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:02:12.0328 0x13dc  DXGKrnl - ok
22:02:12.0359 0x13dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:02:12.0363 0x13dc  EapHost - ok
22:02:12.0503 0x13dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:02:12.0591 0x13dc  ebdrv - ok
22:02:12.0622 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] EFS             C:\Windows\System32\lsass.exe
22:02:12.0624 0x13dc  EFS - ok
22:02:12.0693 0x13dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:02:12.0711 0x13dc  ehRecvr - ok
22:02:12.0719 0x13dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:02:12.0723 0x13dc  ehSched - ok
22:02:12.0764 0x13dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:02:12.0779 0x13dc  elxstor - ok
22:02:12.0784 0x13dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:02:12.0785 0x13dc  ErrDev - ok
22:02:12.0833 0x13dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:02:12.0845 0x13dc  EventSystem - ok
22:02:12.0869 0x13dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:02:12.0875 0x13dc  exfat - ok
22:02:12.0897 0x13dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:02:12.0903 0x13dc  fastfat - ok
22:02:12.0947 0x13dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:02:12.0966 0x13dc  Fax - ok
22:02:12.0979 0x13dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:02:12.0980 0x13dc  fdc - ok
22:02:12.0990 0x13dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:02:12.0992 0x13dc  fdPHost - ok
22:02:12.0998 0x13dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:02:13.0000 0x13dc  FDResPub - ok
22:02:13.0024 0x13dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:02:13.0027 0x13dc  FileInfo - ok
22:02:13.0031 0x13dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:02:13.0033 0x13dc  Filetrace - ok
22:02:13.0047 0x13dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:02:13.0048 0x13dc  flpydisk - ok
22:02:13.0076 0x13dc  [ BAD52A4449DB51D70826EBDE87D84E22, D9B805CD3B0995FBF8A10060B08D9CAEB1B87371B5B9C0FF07400AEB73B9F0EB ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:02:13.0084 0x13dc  FltMgr - ok
22:02:13.0136 0x13dc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:02:13.0168 0x13dc  FontCache - ok
22:02:13.0216 0x13dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:02:13.0220 0x13dc  FontCache3.0.0.0 - ok
22:02:13.0228 0x13dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:02:13.0232 0x13dc  FsDepends - ok
22:02:13.0259 0x13dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:02:13.0262 0x13dc  Fs_Rec - ok
22:02:13.0285 0x13dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:02:13.0295 0x13dc  fvevol - ok
22:02:13.0320 0x13dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:02:13.0322 0x13dc  gagp30kx - ok
22:02:13.0346 0x13dc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:02:13.0348 0x13dc  GEARAspiWDM - ok
22:02:13.0383 0x13dc  [ 030B778F4272DF185E4E2E8EC49D162E, 702E884DC9C56D67A250F2DE4C293A878054F0F0A3BB64944A204445D9D5357F ] gpsvc           C:\Windows\System32\gpsvc.dll
22:02:13.0404 0x13dc  gpsvc - ok
22:02:13.0475 0x13dc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:02:13.0480 0x13dc  gupdate - ok
22:02:13.0490 0x13dc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:02:13.0495 0x13dc  gupdatem - ok
22:02:13.0533 0x13dc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:02:13.0538 0x13dc  gusvc - ok
22:02:13.0560 0x13dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:02:13.0562 0x13dc  hcw85cir - ok
22:02:13.0625 0x13dc  [ FBB4644CD43147F8128782BF5BCD1A67, DD4447E8433A2E826A8070271BE723DAF294BED84935307268958B90CB44D26E ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:02:13.0642 0x13dc  HdAudAddService - ok
22:02:13.0675 0x13dc  [ 04EC89E18FBA1F3F0E0C55DBF6F45E86, BF9DD474AB47AADEE0FBCB384D0274E54A3510752D0CFAAF6C6020ED6250934A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:02:13.0679 0x13dc  HDAudBus - ok
22:02:13.0712 0x13dc  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
22:02:13.0714 0x13dc  HECIx64 - ok
22:02:13.0733 0x13dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:02:13.0735 0x13dc  HidBatt - ok
22:02:13.0757 0x13dc  [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E, B865703E3D9BFC75DF363BF943213C47A63445415E211000717009D2BD0C062B ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:02:13.0761 0x13dc  HidBth - ok
22:02:13.0790 0x13dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:02:13.0793 0x13dc  HidIr - ok
22:02:13.0816 0x13dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:02:13.0818 0x13dc  hidserv - ok
22:02:13.0841 0x13dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:02:13.0843 0x13dc  HidUsb - ok
22:02:13.0863 0x13dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:02:13.0866 0x13dc  hkmsvc - ok
22:02:13.0876 0x13dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:02:13.0883 0x13dc  HomeGroupListener - ok
22:02:13.0907 0x13dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:02:13.0913 0x13dc  HomeGroupProvider - ok
22:02:13.0919 0x13dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:02:13.0921 0x13dc  HpSAMD - ok
22:02:13.0971 0x13dc  [ 30C2ABEA8C73FE17292420D6AF68822E, FBAF41833E9D99CBB8056C82AD1327BBCE8168F9ABCFDF332C3B1236BAF9B5AD ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:02:13.0991 0x13dc  HTTP - ok
22:02:14.0024 0x13dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:02:14.0025 0x13dc  hwpolicy - ok
22:02:14.0042 0x13dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:02:14.0046 0x13dc  i8042prt - ok
22:02:14.0089 0x13dc  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:02:14.0102 0x13dc  iaStor - ok
22:02:14.0164 0x13dc  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:02:14.0165 0x13dc  IAStorDataMgrSvc - ok
22:02:14.0216 0x13dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:02:14.0230 0x13dc  iaStorV - ok
22:02:14.0293 0x13dc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:02:14.0317 0x13dc  idsvc - ok
22:02:14.0322 0x13dc  IEEtwCollectorService - ok
22:02:14.0350 0x13dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:02:14.0353 0x13dc  iirsp - ok
22:02:14.0399 0x13dc  [ 1C0CCAEEC82218693EF0363C8BCE51D9, 21850F4D166CE634EC05421B61476A6E7EC179908ECE7A5DF1F4EB0155FCB570 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:02:14.0423 0x13dc  IKEEXT - ok
22:02:14.0431 0x13dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:02:14.0433 0x13dc  intelide - ok
22:02:14.0461 0x13dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:02:14.0464 0x13dc  intelppm - ok
22:02:14.0499 0x13dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:02:14.0504 0x13dc  IPBusEnum - ok
22:02:14.0509 0x13dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:02:14.0512 0x13dc  IpFilterDriver - ok
22:02:14.0536 0x13dc  [ 44A0A05577B41E2157161071AB109C8A, 84A190CEAC4993141C19E323563C3A6DBF6F9B643A7C02E96DF298F0AFB9F6B9 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:02:14.0551 0x13dc  iphlpsvc - ok
22:02:14.0571 0x13dc  [ 3CB3DBEECB9672698B5C1A6EAB2940B0, AC252B7344A3A3F2799D4FF5612FAF9DC8830F30C97B69950CF9245EA5415D08 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:02:14.0573 0x13dc  IPMIDRV - ok
22:02:14.0580 0x13dc  [ C9A829B22D1F2613E7A3A3E5C0E43EA2, F8C2BE9B671C14B7D203DAC99E3BEDB113AAC058B6A0D03587DC2C427CC96D74 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:02:14.0584 0x13dc  IPNAT - ok
22:02:14.0646 0x13dc  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:02:14.0663 0x13dc  iPod Service - ok
22:02:14.0694 0x13dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:02:14.0695 0x13dc  IRENUM - ok
22:02:14.0707 0x13dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:02:14.0709 0x13dc  isapnp - ok
22:02:14.0738 0x13dc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:02:14.0754 0x13dc  iScsiPrt - ok
22:02:14.0779 0x13dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:02:14.0781 0x13dc  kbdclass - ok
22:02:14.0812 0x13dc  [ 3985332405FA64D8E679A1DB24901596, CA4C274704B9F4AE560CC32AD7C22D39ADAD13C61709E21F70C9B1AACE34B7A2 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:02:14.0820 0x13dc  kbdhid - ok
22:02:14.0830 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] KeyIso          C:\Windows\system32\lsass.exe
22:02:14.0832 0x13dc  KeyIso - ok
22:02:14.0843 0x13dc  [ 5A401E4618CDD2C695493A0A5EC074DC, 2604FD3C40D468D3BE96092A5963A4890CB75967EEAE6C71D0C94B8A160539DA ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:02:14.0847 0x13dc  KSecDD - ok
22:02:14.0863 0x13dc  [ 243366640578F2199F1BA23C08B75FE3, 8FB33416AF4E3E0B1901928997E6FC5E3A30D433AB6B9FFC004565ECCD84DDA4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:02:14.0869 0x13dc  KSecPkg - ok
22:02:14.0882 0x13dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:02:14.0884 0x13dc  ksthunk - ok
22:02:14.0918 0x13dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:02:14.0931 0x13dc  KtmRm - ok
22:02:14.0966 0x13dc  [ 5CE3ADEF1C7203DCC0467E084ACE5643, E8A26479F296451310D42215E3E280C80A18BD6E537A854D1702873AC4162382 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:02:14.0976 0x13dc  LanmanServer - ok
22:02:15.0007 0x13dc  [ FCFB82793B989875CF2DF98AD2BEA5BD, 38A612BE12613D2196AE86F8C8686A53AB83E9CEE8E0E4AB0BD0329244D9050A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:02:15.0013 0x13dc  LanmanWorkstation - ok
22:02:15.0049 0x13dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:02:15.0052 0x13dc  lltdio - ok
22:02:15.0076 0x13dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:02:15.0087 0x13dc  lltdsvc - ok
22:02:15.0097 0x13dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:02:15.0100 0x13dc  lmhosts - ok
22:02:15.0138 0x13dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:02:15.0142 0x13dc  LSI_FC - ok
22:02:15.0148 0x13dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:02:15.0152 0x13dc  LSI_SAS - ok
22:02:15.0158 0x13dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:02:15.0160 0x13dc  LSI_SAS2 - ok
22:02:15.0168 0x13dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:02:15.0171 0x13dc  LSI_SCSI - ok
22:02:15.0178 0x13dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:02:15.0182 0x13dc  luafv - ok
22:02:15.0223 0x13dc  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
22:02:15.0226 0x13dc  mbamchameleon - ok
22:02:15.0253 0x13dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:02:15.0257 0x13dc  Mcx2Svc - ok
22:02:15.0261 0x13dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:02:15.0263 0x13dc  megasas - ok
22:02:15.0284 0x13dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:02:15.0293 0x13dc  MegaSR - ok
22:02:15.0310 0x13dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:02:15.0313 0x13dc  MMCSS - ok
22:02:15.0340 0x13dc  [ BFFB0C93D9FB43CA42EF11C9240BFF7F, E1E98C55DF9A56316050A21AC5A7D764338DA55F6124B52A52E71B5B0089C3FA ] Modem           C:\Windows\system32\drivers\modem.sys
22:02:15.0341 0x13dc  Modem - ok
22:02:15.0369 0x13dc  [ 009E04D73298787DAA406104B17305A7, E9713CF96C1FE6808E7F5CDF3255A930D38B7FBBF51DCA63B17F40A37D621718 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:02:15.0371 0x13dc  monitor - ok
22:02:15.0408 0x13dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:02:15.0410 0x13dc  mouclass - ok
22:02:15.0423 0x13dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:02:15.0425 0x13dc  mouhid - ok
22:02:15.0462 0x13dc  [ 8317536D445B05D0F8E7C6E26FF12E56, C2F3D0B1DD5F60AC7AA6AC921A194128B34E4046D8CAED00D41738B77249D880 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:02:15.0465 0x13dc  mountmgr - ok
22:02:15.0531 0x13dc  [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:02:15.0539 0x13dc  MozillaMaintenance - ok
22:02:15.0586 0x13dc  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:02:15.0600 0x13dc  MpFilter - ok
22:02:15.0617 0x13dc  [ 3A6FB80E65EB0D5F78779E1F860CEEDF, DE5004F43EDA2A6C629CEFA76D4F751F6CB4349271B7806206D19F35A68EDBEC ] mpio            C:\Windows\system32\drivers\mpio.sys
22:02:15.0621 0x13dc  mpio - ok
22:02:15.0628 0x13dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:02:15.0631 0x13dc  mpsdrv - ok
22:02:15.0697 0x13dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:02:15.0719 0x13dc  MpsSvc - ok
22:02:15.0758 0x13dc  [ 0AE0AB07EB9166EA6030153830148C02, 03525A7BD53657EEEBD3CE1EA9360A93B4954DE5FA0363697BEDAF6EEFADDA9D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:02:15.0766 0x13dc  MRxDAV - ok
22:02:15.0808 0x13dc  [ D90B2747E7289BE3F52C980EBC35DDEB, 465F3D4CB193FBD054C3FB5AF2A60DF279832458EE78DC15839DB5B2DB9000C6 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:02:15.0817 0x13dc  mrxsmb - ok
22:02:15.0838 0x13dc  [ EA55E1D458CA528EFA506B5D05DD3E2A, FE4D4C3947515B9AF49D4301DD78177E876546A5D031E3ACC2C7BEB7DC36B206 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:02:15.0848 0x13dc  mrxsmb10 - ok
22:02:15.0860 0x13dc  [ 9E1539400275C9EE352D85D13E35C07E, 5764C6CD9F379F465009CFF957CC25DA945020BA171EBB8312AEB0C4A681BC07 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:02:15.0864 0x13dc  mrxsmb20 - ok
22:02:15.0884 0x13dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:02:15.0886 0x13dc  msahci - ok
22:02:15.0905 0x13dc  [ 12AFF5E3B3E1C6C040B2416ACC3B151B, 61E74BF5D772C435408AFD2CD32FC17678EC105960CB97860BFA16752F31EB6F ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:02:15.0910 0x13dc  msdsm - ok
22:02:15.0924 0x13dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:02:15.0929 0x13dc  MSDTC - ok
22:02:15.0937 0x13dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:02:15.0938 0x13dc  Msfs - ok
22:02:15.0947 0x13dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:02:15.0948 0x13dc  mshidkmdf - ok
22:02:15.0952 0x13dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:02:15.0953 0x13dc  msisadrv - ok
22:02:15.0989 0x13dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:02:15.0994 0x13dc  MSiSCSI - ok
22:02:15.0998 0x13dc  msiserver - ok
22:02:16.0024 0x13dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:02:16.0025 0x13dc  MSKSSRV - ok
22:02:16.0083 0x13dc  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:02:16.0084 0x13dc  MsMpSvc - ok
22:02:16.0090 0x13dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:02:16.0091 0x13dc  MSPCLOCK - ok
22:02:16.0100 0x13dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:02:16.0102 0x13dc  MSPQM - ok
22:02:16.0120 0x13dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:02:16.0130 0x13dc  MsRPC - ok
22:02:16.0136 0x13dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:02:16.0138 0x13dc  mssmbios - ok
22:02:16.0150 0x13dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:02:16.0151 0x13dc  MSTEE - ok
22:02:16.0155 0x13dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:02:16.0157 0x13dc  MTConfig - ok
22:02:16.0162 0x13dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:02:16.0164 0x13dc  Mup - ok
22:02:16.0201 0x13dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:02:16.0215 0x13dc  napagent - ok
22:02:16.0257 0x13dc  [ B323F2FB750238EE63843C2C3D4218F5, 529077D71D9C376CB200AF793364689EA2C61FD49E4C6DD5107F2F2C607A3EE6 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:02:16.0266 0x13dc  NativeWifiP - ok
22:02:16.0305 0x13dc  [ E41F813C4400FDC0CA3ED36360EDCAD3, 690CBFAD79B4221666A9D76BE04B7E564AB8D81FA8393346182258B5CAFB4B67 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:02:16.0330 0x13dc  NDIS - ok
22:02:16.0346 0x13dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:02:16.0347 0x13dc  NdisCap - ok
22:02:16.0374 0x13dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:02:16.0375 0x13dc  NdisTapi - ok
22:02:16.0388 0x13dc  [ 662CBFAA835FFF1A935DD01890AAFC62, 41CD715EF77446E2ECD70A512BF2A5DC8C32C0F38E56F48621461784C28CF914 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:02:16.0390 0x13dc  Ndisuio - ok
22:02:16.0397 0x13dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:02:16.0402 0x13dc  NdisWan - ok
22:02:16.0414 0x13dc  [ F84F49FD9002E84FBCCF60F9F6AB8FBE, 91DB0A9050F24C3D453316ECFC93F5762AAA8CF6D778406D64952A12119991E0 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:02:16.0416 0x13dc  NDProxy - ok
22:02:16.0429 0x13dc  [ BB14215BBAF8EBB5E5FFAA3B6B04D177, 7A53CBF15409FAF34F3959263E7C3E69770CF06B4FEB7A08E3009C18A098DBA3 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:02:16.0431 0x13dc  NetBIOS - ok
22:02:16.0441 0x13dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:02:16.0449 0x13dc  NetBT - ok
22:02:16.0463 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] Netlogon        C:\Windows\system32\lsass.exe
22:02:16.0465 0x13dc  Netlogon - ok
22:02:16.0497 0x13dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:02:16.0508 0x13dc  Netman - ok
22:02:16.0538 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:02:16.0551 0x13dc  NetMsmqActivator - ok
22:02:16.0558 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:02:16.0562 0x13dc  NetPipeActivator - ok
22:02:16.0587 0x13dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:02:16.0600 0x13dc  netprofm - ok
22:02:16.0717 0x13dc  [ 78DFEAB988E0B0EA4ECF29D908D09AF6, E7D447CBBF4B3B561D5062CE5B7B26E8430D2A0DA7E0F59CC3A07839B37E8136 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
22:02:16.0775 0x13dc  netr28ux - ok
22:02:16.0785 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:02:16.0789 0x13dc  NetTcpActivator - ok
22:02:16.0795 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:02:16.0799 0x13dc  NetTcpPortSharing - ok
22:02:16.0839 0x13dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:02:16.0843 0x13dc  nfrd960 - ok
22:02:16.0868 0x13dc  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:02:16.0873 0x13dc  NisDrv - ok
22:02:16.0902 0x13dc  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
22:02:16.0917 0x13dc  NisSrv - ok
22:02:16.0948 0x13dc  [ 1198848B46764B158CF995C4D110EFEF, DE98EA0E19FE5A056925212A2FF9F326D16A2E6F56CB02589FC6E628A68D26D5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:02:16.0957 0x13dc  NlaSvc - ok
22:02:16.0972 0x13dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:02:16.0974 0x13dc  Npfs - ok
22:02:17.0000 0x13dc  [ B6537E9A92256943F1FB3B8172307C3B, AA6E4EAEE15A5666BDA8725F762077FDCE8EEA1058E6432C233592A516134E88 ] nsi             C:\Windows\system32\nsisvc.dll
22:02:17.0002 0x13dc  nsi - ok
22:02:17.0012 0x13dc  [ 2A87D15C1A5AE031388DB1FCB0442EE1, 77E11F7C8E7005762FF3CDD820450DD544B70EFDA6369A2BCB4A134534C9CE25 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:02:17.0013 0x13dc  nsiproxy - ok
22:02:17.0089 0x13dc  [ 48B6047F82D5A8D0AEC71593F4ACD79B, A96F91C1DFD1CBB17C05B5DAAC4956169380E988FB4223E4588FEF34C2BC5249 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:02:17.0133 0x13dc  Ntfs - ok
22:02:17.0159 0x13dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:02:17.0160 0x13dc  Null - ok
22:02:17.0208 0x13dc  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:02:17.0219 0x13dc  NVHDA - ok
22:02:17.0639 0x13dc  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:02:18.0035 0x13dc  nvlddmkm - ok
22:02:18.0091 0x13dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:02:18.0095 0x13dc  nvraid - ok
22:02:18.0104 0x13dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:02:18.0109 0x13dc  nvstor - ok
22:02:18.0191 0x13dc  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:02:18.0220 0x13dc  nvsvc - ok
22:02:18.0294 0x13dc  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:02:18.0328 0x13dc  nvUpdatusService - ok
22:02:18.0366 0x13dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:02:18.0370 0x13dc  nv_agp - ok
22:02:18.0376 0x13dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:02:18.0379 0x13dc  ohci1394 - ok
22:02:18.0428 0x13dc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:02:18.0436 0x13dc  ose - ok
22:02:18.0664 0x13dc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:02:18.0796 0x13dc  osppsvc - ok
22:02:18.0896 0x13dc  [ 8830D42427D05B15B032108EBBDBD289, 977AEE57EF7639A1B1C8D8858AF369927EB16181100FCC4517F4B58148138C22 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:02:18.0911 0x13dc  p2pimsvc - ok
22:02:18.0933 0x13dc  [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F, 07D17B7778A88A3007E98C47773D1D8649C3AF5284BCC870829DDF2725CF2FC1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:02:18.0945 0x13dc  p2psvc - ok
22:02:18.0975 0x13dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:02:18.0978 0x13dc  Parport - ok
22:02:18.0994 0x13dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:02:18.0997 0x13dc  partmgr - ok
22:02:19.0033 0x13dc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:02:19.0039 0x13dc  PcaSvc - ok
22:02:19.0058 0x13dc  [ 9CE2B541DEBE8DCA0ECD251584540703, 04395C3C57C1200C29266077816922CF342A06ECCCB4EDEC0AFA6923C5800B5B ] pci             C:\Windows\system32\drivers\pci.sys
22:02:19.0063 0x13dc  pci - ok
22:02:19.0067 0x13dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:02:19.0069 0x13dc  pciide - ok
22:02:19.0078 0x13dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:02:19.0084 0x13dc  pcmcia - ok
22:02:19.0099 0x13dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:02:19.0101 0x13dc  pcw - ok
22:02:19.0169 0x13dc  [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
22:02:19.0183 0x13dc  PDFProFiltSrvPP - ok
22:02:19.0236 0x13dc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:02:19.0253 0x13dc  PEAUTH - ok
22:02:19.0319 0x13dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:02:19.0322 0x13dc  PerfHost - ok
22:02:19.0414 0x13dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:02:19.0452 0x13dc  pla - ok
22:02:19.0517 0x13dc  [ FC9CFBF842E2B3A044092ADAD71B5784, 32A6CE32B285302A2DAD0F008099586E955D954BB7EDF7D94696D3CE6FB14CF1 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:02:19.0538 0x13dc  PlugPlay - ok
22:02:19.0549 0x13dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:02:19.0552 0x13dc  PNRPAutoReg - ok
22:02:19.0575 0x13dc  [ 8830D42427D05B15B032108EBBDBD289, 977AEE57EF7639A1B1C8D8858AF369927EB16181100FCC4517F4B58148138C22 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:02:19.0586 0x13dc  PNRPsvc - ok
22:02:19.0629 0x13dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:02:19.0645 0x13dc  PolicyAgent - ok
22:02:19.0656 0x13dc  [ 0E2274B028C26022D4E13FA68B727FE3, F8ECC591575D8F3305AE6E7258A16C1D91D6C08482B1DCCD7920142221ACD5BC ] Power           C:\Windows\system32\umpo.dll
22:02:19.0662 0x13dc  Power - ok
22:02:19.0692 0x13dc  [ D8874711B6C3DD308F84E42BA6EFF179, A7E14D9A80D0F2A38568E99E34FFBE2430743523D6739C0251EE5E4E8BBB68CC ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:02:19.0695 0x13dc  PptpMiniport - ok
22:02:19.0718 0x13dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:02:19.0720 0x13dc  Processor - ok
22:02:19.0755 0x13dc  [ D0891D2F5D63DAB719F005919762912C, F187C38764D01AE3FD7CF711DF8B5FE8EB455186F104D5A76FB9DD7443066352 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:02:19.0762 0x13dc  ProfSvc - ok
22:02:19.0772 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:02:19.0773 0x13dc  ProtectedStorage - ok
22:02:19.0800 0x13dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:02:19.0804 0x13dc  Psched - ok
22:02:19.0862 0x13dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:02:19.0901 0x13dc  ql2300 - ok
22:02:19.0910 0x13dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:02:19.0914 0x13dc  ql40xx - ok
22:02:19.0941 0x13dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:02:19.0949 0x13dc  QWAVE - ok
22:02:19.0957 0x13dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:02:19.0959 0x13dc  QWAVEdrv - ok
22:02:19.0963 0x13dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:02:19.0964 0x13dc  RasAcd - ok
22:02:20.0003 0x13dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:02:20.0005 0x13dc  RasAgileVpn - ok
22:02:20.0015 0x13dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:02:20.0019 0x13dc  RasAuto - ok
22:02:20.0026 0x13dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:02:20.0030 0x13dc  Rasl2tp - ok
22:02:20.0070 0x13dc  [ 4FF5EAF907C288B338A21D9C91AA2E4E, 4D0A7BA47E699782AE1F2321A2B84A83AEC2DA6A287FDBF7926B0980B9BB3A77 ] RasMan          C:\Windows\System32\rasmans.dll
22:02:20.0080 0x13dc  RasMan - ok
22:02:20.0091 0x13dc  [ 77682DE44B334E6AAFCD0ED61FB7404F, C95DF9113D8B777BC9CFE319A710C9293210377F531F0C38FA38C588B8A3F5B4 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:02:20.0094 0x13dc  RasPppoe - ok
22:02:20.0100 0x13dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:02:20.0103 0x13dc  RasSstp - ok
22:02:20.0116 0x13dc  [ 638131F5C52C93ED651A0A7DB8AA6B01, D54B466859664B8CD2415CC205092849D76C765BDDDD7AD0908D2C8DBB1AB9CF ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:02:20.0125 0x13dc  rdbss - ok
22:02:20.0129 0x13dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:02:20.0131 0x13dc  rdpbus - ok
22:02:20.0151 0x13dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:02:20.0152 0x13dc  RDPCDD - ok
22:02:20.0163 0x13dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:02:20.0164 0x13dc  RDPENCDD - ok
22:02:20.0177 0x13dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:02:20.0178 0x13dc  RDPREFMP - ok
22:02:20.0238 0x13dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:02:20.0240 0x13dc  RdpVideoMiniport - ok
22:02:20.0274 0x13dc  [ 6F426DCF2DDDCCF6BA4DFD34E9803E5B, F98270D03D2171D6F0D4D719828BF7585C44E18CAF66DEF93A51A0064E1813AE ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:02:20.0285 0x13dc  RDPWD - ok
22:02:20.0309 0x13dc  [ 9500266AFA2548D2812DC59D8C1D7BD3, 25FFD440B02D7D651B57133D94C95EB526F7189F3329060D004F28BA179BF89F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:02:20.0316 0x13dc  rdyboost - ok
22:02:20.0336 0x13dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:02:20.0340 0x13dc  RemoteAccess - ok
22:02:20.0367 0x13dc  [ 44A031C50D6E8077A034D59E094AB1E2, 7C03954A82C15B14D9160C2E8675A82A47E1C34E0D731CE5A4DED795CF873EED ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:02:20.0373 0x13dc  RemoteRegistry - ok
22:02:20.0398 0x13dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:02:20.0402 0x13dc  RpcEptMapper - ok
22:02:20.0409 0x13dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:02:20.0411 0x13dc  RpcLocator - ok
22:02:20.0439 0x13dc  [ 5CC1040FDA8A7EF9A17D39DA339ACFCF, A8BAA5CE72F898E5C270DE6779179AA5E97B54592BF03A71DE60D7305D0EF2B1 ] RpcSs           C:\Windows\system32\rpcss.dll
22:02:20.0453 0x13dc  RpcSs - ok
22:02:20.0477 0x13dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:02:20.0480 0x13dc  rspndr - ok
22:02:20.0505 0x13dc  [ FB39AF63D6617F028BA0EBC21B83360D, 0D306DD9C3F64E4CE01F98883C0C1AE945280FD9D2A0E68ACC75273187F77C5E ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
22:02:20.0511 0x13dc  RSUSBSTOR - ok
22:02:20.0558 0x13dc  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:02:20.0572 0x13dc  RTL8167 - ok
22:02:20.0588 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] SamSs           C:\Windows\system32\lsass.exe
22:02:20.0590 0x13dc  SamSs - ok
22:02:20.0610 0x13dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:02:20.0613 0x13dc  sbp2port - ok
22:02:20.0622 0x13dc  [ DBF28417B606FEA67F40FA4DEBDCEDA4, BBBA27D3E87AB4FADABB44624F206F14E49C8EACF2B7D81667E238615530DC3D ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:02:20.0628 0x13dc  SCardSvr - ok
22:02:20.0639 0x13dc  [ B0402F6755F0BEFFF66414A41EED6350, A365586427B49F8F2965F647F3D435BB165CA69C697E291C6898AC15ED5B0EB6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:02:20.0640 0x13dc  scfilter - ok
22:02:20.0695 0x13dc  [ 0327D26E36803BA62F18E3AF1D59DF4E, 4111A17D099018EFD43D7EE7CB811FF071F13FD3A020437213D1817D2585E298 ] Schedule        C:\Windows\system32\schedsvc.dll
22:02:20.0726 0x13dc  Schedule - ok
22:02:20.0746 0x13dc  [ 89050BDC752EC2AAEDC50789223CD5E9, CECE30222CC9722655690C5A319F478A9E0C0C8100E660CA2B976852AB9CFDEF ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:02:20.0749 0x13dc  SCPolicySvc - ok
22:02:20.0778 0x13dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:02:20.0784 0x13dc  SDRSVC - ok
22:02:20.0816 0x13dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:02:20.0817 0x13dc  secdrv - ok
22:02:20.0827 0x13dc  [ EA764FF72CD57F69B6E1E1A4F713708C, C2C5E268297F00B7263635C0D296D3F76B5E09BAE6E33B0E350CDBC9C0A1FD9A ] seclogon        C:\Windows\system32\seclogon.dll
22:02:20.0830 0x13dc  seclogon - ok
22:02:20.0835 0x13dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:02:20.0838 0x13dc  SENS - ok
22:02:20.0863 0x13dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:02:20.0865 0x13dc  SensrSvc - ok
22:02:20.0886 0x13dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:02:20.0887 0x13dc  Serenum - ok
22:02:20.0921 0x13dc  [ 083D3741859C4FEA4410BB4ACC536A39, FD89DA79FE0377E22AB3770E3030FDEBBB5A2DBF8B023045833EC8D9EFE680A0 ] Serial          C:\Windows\system32\drivers\serial.sys
22:02:20.0925 0x13dc  Serial - ok
22:02:20.0938 0x13dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:02:20.0940 0x13dc  sermouse - ok
22:02:20.0971 0x13dc  [ B83579A3127F13580B63CBEB85DD4B2B, ACD04233D1941928095384F815C9A065C28078E6624532023F1031352A4D9DD3 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:02:20.0976 0x13dc  SessionEnv - ok
22:02:20.0994 0x13dc  [ C3D57658C34C68DB5D8970A1CF96284E, 4227C4AFDA94FB87FDB6642FB345209809EB86EC8F02DB79502AE54EF4A98A4B ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:02:20.0995 0x13dc  sffdisk - ok
22:02:21.0006 0x13dc  [ 21EACBEFFFB0FB4999D3D10245CF10A5, 46EFD8D61FE7CB6C9BAA84B869558749CC394D15B425E1657CABA6EAE718D6CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:02:21.0008 0x13dc  sffp_mmc - ok
22:02:21.0012 0x13dc  [ AF660EA3039E8FE3C2051D7224C82F34, F559BF0492DBFFE877D04DF565265195794BEB92CCAC22E4665CD7BE42F8FA2B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:02:21.0014 0x13dc  sffp_sd - ok
22:02:21.0018 0x13dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:02:21.0020 0x13dc  sfloppy - ok
22:02:21.0067 0x13dc  [ 8944F9C62D18FD16B1114C48C1E3DB26, 7AAC831672DBD63A4B4C5E7AC89A3CCA08FED87E0ED5AFCBBB1345F28A8E4C76 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:02:21.0079 0x13dc  SharedAccess - ok
22:02:21.0101 0x13dc  [ EA9092F3DB26EDC7199AB64C9EF0D2D7, 2FD5AFD91CF50FEEE0E5C59590C471BE61470E1C0BF4DC3745B75739BB0769F3 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:02:21.0112 0x13dc  ShellHWDetection - ok
22:02:21.0126 0x13dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:02:21.0128 0x13dc  SiSRaid2 - ok
22:02:21.0144 0x13dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:02:21.0147 0x13dc  SiSRaid4 - ok
22:02:21.0162 0x13dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:02:21.0166 0x13dc  Smb - ok
22:02:21.0199 0x13dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:02:21.0201 0x13dc  SNMPTRAP - ok
22:02:21.0209 0x13dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:02:21.0210 0x13dc  spldr - ok
22:02:21.0241 0x13dc  [ 0E188E193A90E49F2C13FD6CB1EC15E5, 2F09769F588703316743478BAE96C4FF47196C15FD65809A62E58702766709DA ] Spooler         C:\Windows\System32\spoolsv.exe
22:02:21.0257 0x13dc  Spooler - ok
22:02:21.0431 0x13dc  [ 2A0DA1B8F48E7F3C9337E5463CEABB8D, 581C95B02DFD1300875ED2F61E65A682CABD1375251C10254F744E5D5A1A8B08 ] sppsvc          C:\Windows\system32\sppsvc.exe
22:02:21.0543 0x13dc  sppsvc - ok
22:02:21.0577 0x13dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:02:21.0580 0x13dc  sppuinotify - ok
22:02:21.0607 0x13dc  [ D4E114C444967B7B5A94B3173AFCF401, A73BDF489DABD871842A01D7BD7B3F89C673CB1F0AEA95E9443E357D5800BFB8 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:02:21.0619 0x13dc  srv - ok
22:02:21.0646 0x13dc  [ B5ED6C75CEC467A35BC965B9342FD734, 7000C179DA17B4D3CC18A6B3E5F0DDD25B858DFAA844AB36C9605DCBEA2971E4 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:02:21.0657 0x13dc  srv2 - ok
22:02:21.0666 0x13dc  [ 83D70A79C456CF21CD4AC98FEDA65C3A, 374381C55248A6E4C3D8F65CFF2AB512185686DC6CDB6834D969D297D968E2C0 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:02:21.0671 0x13dc  srvnet - ok
22:02:21.0690 0x13dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:02:21.0697 0x13dc  SSDPSRV - ok
22:02:21.0712 0x13dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:02:21.0716 0x13dc  SstpSvc - ok
22:02:21.0736 0x13dc  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
22:02:21.0738 0x13dc  stdcfltn - ok
22:02:21.0787 0x13dc  [ 7FCE08C739136C9C64107A8814EF854C, 820E494A401D69E3DA7A8624B2093DCF98198E6D8CCCE345BDF76952EE4ADB07 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:02:21.0798 0x13dc  Stereo Service - ok
22:02:21.0816 0x13dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:02:21.0818 0x13dc  stexstor - ok
22:02:21.0872 0x13dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:02:21.0888 0x13dc  stisvc - ok
22:02:21.0897 0x13dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:02:21.0899 0x13dc  swenum - ok
22:02:21.0937 0x13dc  [ 5D967724564F7ACCEBAC3720CFE89C32, 3420E958DA13235968138E593BC190469F456059518B7524BDE9F6F1271679F2 ] swprv           C:\Windows\System32\swprv.dll
22:02:21.0953 0x13dc  swprv - ok
22:02:22.0020 0x13dc  [ 25E0900D1B452EDEB09B1F9B71195153, 96F47A96AA3510EBC67579806A679D82CF85709A1E041D026378E8F6DC0EB374 ] SysMain         C:\Windows\system32\sysmain.dll
22:02:22.0065 0x13dc  SysMain - ok
22:02:22.0095 0x13dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:02:22.0099 0x13dc  TabletInputService - ok
22:02:22.0122 0x13dc  [ D583628BEAD52E4E78E5A8FA338D0E02, 15D69565A824ACDB5F25903351CB9427605CB41E2BD8828D190E09D20007241C ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:02:22.0132 0x13dc  TapiSrv - ok
22:02:22.0146 0x13dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:02:22.0149 0x13dc  TBS - ok
22:02:22.0239 0x13dc  [ 4F80944B03112F486212DC20BE166079, B4C1AF42E450A280C8018EF123555F4E3FD943BDC14E4ECD0AB72BB40C22AF94 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:02:22.0287 0x13dc  Tcpip - ok
22:02:22.0351 0x13dc  [ 4F80944B03112F486212DC20BE166079, B4C1AF42E450A280C8018EF123555F4E3FD943BDC14E4ECD0AB72BB40C22AF94 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:02:22.0391 0x13dc  TCPIP6 - ok
22:02:22.0410 0x13dc  [ 67ADEA7792E8C6C812A642069274E784, 15502D6C88CD511BF7649C00D42C56BBFF1C85DEF0A75AEB0E8157EF83C81254 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:02:22.0412 0x13dc  tcpipreg - ok
22:02:22.0433 0x13dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:02:22.0434 0x13dc  TDPIPE - ok
22:02:22.0446 0x13dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:02:22.0448 0x13dc  TDTCP - ok
22:02:22.0475 0x13dc  [ 5FCF588BBD2358538DB17DD0A0A31813, 28E7F4809BD348DE3A295B4B353E70A6B60E7E8CDF0CAC8482B48A91206A13CB ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:02:22.0478 0x13dc  tdx - ok
22:02:22.0499 0x13dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:02:22.0502 0x13dc  TermDD - ok
22:02:22.0528 0x13dc  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
22:02:22.0530 0x13dc  terminpt - ok
22:02:22.0574 0x13dc  [ 6A5B600AD0041E9AF564DE73B716F3D2, D6426A63D8EED6E1630E639F489B096E3A1BE5178561F20B3CB8B1289FF9227A ] TermService     C:\Windows\System32\termsrv.dll
22:02:22.0591 0x13dc  TermService - ok
22:02:22.0618 0x13dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:02:22.0621 0x13dc  Themes - ok
22:02:22.0651 0x13dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:02:22.0653 0x13dc  THREADORDER - ok
22:02:22.0666 0x13dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:02:22.0671 0x13dc  TrkWks - ok
22:02:22.0716 0x13dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:02:22.0723 0x13dc  TrustedInstaller - ok
22:02:22.0751 0x13dc  [ 2CE1083C5A2D9BA5FFAD087F997EE25C, 1293A1B4D98A800A16BCD3ED52EA8AB429259FC16F9B6D3A0CAAEE7C7BE57DF7 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:02:22.0753 0x13dc  tssecsrv - ok
22:02:22.0779 0x13dc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:02:22.0782 0x13dc  TsUsbFlt - ok
22:02:22.0788 0x13dc  [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:02:22.0790 0x13dc  TsUsbGD - ok
22:02:22.0827 0x13dc  [ A9EFA7F181D82632CDEDEEBC99FA0A41, 2F775A9382CD899B4360B9E61563F47F3DAA14FEDB204865705747437B211D6C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:02:22.0832 0x13dc  tunnel - ok
22:02:22.0850 0x13dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:02:22.0853 0x13dc  uagp35 - ok
22:02:22.0882 0x13dc  [ 992DCA93480DBF9EF103A7350C5B360E, A97739B3299EBA2043E1593C211F3AEFFA2258D8D8F0643FF3E7A6893DFC86AA ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:02:22.0893 0x13dc  udfs - ok
22:02:22.0925 0x13dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:02:22.0929 0x13dc  UI0Detect - ok
22:02:22.0945 0x13dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:02:22.0948 0x13dc  uliagpkx - ok
22:02:22.0967 0x13dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:02:22.0969 0x13dc  umbus - ok
22:02:22.0973 0x13dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:02:22.0975 0x13dc  UmPass - ok
22:02:23.0001 0x13dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:02:23.0014 0x13dc  upnphost - ok
22:02:23.0020 0x13dc  [ A4AFA26E3D434574BAD7C4A0B73A6940, C773BD84B8A8996AD0AA299C00E3008BD3D88E63F2B80D3B79642D991889421A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:02:23.0024 0x13dc  usbccgp - ok
22:02:23.0040 0x13dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:02:23.0044 0x13dc  usbcir - ok
22:02:23.0059 0x13dc  [ 737ADB93A7F744AC551EDE7B28FA5217, BFE19BAFCA4AC49B1C50D3CACE362E1BD16FF29B9B166725545EDAB5F4C4719E ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:02:23.0062 0x13dc  usbehci - ok
22:02:23.0086 0x13dc  [ 972DCAC1950CC0F45F9D6B560DCC8353, FDE1AECC5335E3EE828FEB000129587060F864A773770B8652463B89BA5C6AB6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:02:23.0095 0x13dc  usbhub - ok
22:02:23.0110 0x13dc  [ 4D5FAE4ECE2BC7519DE9AC27812601D2, F8C913142833DE66BFC3A21C2E08DC958DE146D653BE4B4F0D07FC1C500AAD70 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:02:23.0112 0x13dc  usbohci - ok
22:02:23.0130 0x13dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:02:23.0131 0x13dc  usbprint - ok
22:02:23.0160 0x13dc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:02:23.0162 0x13dc  usbscan - ok
22:02:23.0185 0x13dc  [ ED08C252A0041F8FC0237BAB585BABDC, DF5948BCD5CEB5B69E1A0096465C069E233DB81F5524D7364FF3FCD1E5B28880 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:02:23.0188 0x13dc  USBSTOR - ok
22:02:23.0205 0x13dc  [ E4B76CE1297989EA1F2246C0B225AFF2, B20DAE1B6616F9401FDED6EA992883B5D16179FE1FA65CAB665273F4E79DE314 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:02:23.0207 0x13dc  usbuhci - ok
22:02:23.0246 0x13dc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:02:23.0251 0x13dc  usbvideo - ok
22:02:23.0274 0x13dc  [ 81D8645AC588E7A6D9755D8FD84E6FDD, 0D6904CF522CD822AE106259D46BC161F56E3992FEA6F1DF70EDC5BFA2247F5E ] UxSms           C:\Windows\System32\uxsms.dll
22:02:23.0277 0x13dc  UxSms - ok
22:02:23.0297 0x13dc  [ D3EFC37F285DE231585A1871EFE2958A, D8DBC785DD1A7DD2137D1842C6DD6BC1B1369C2A5EC1B7B140D1295110322391 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
22:02:23.0300 0x13dc  valWBFPolicyService - ok
22:02:23.0312 0x13dc  [ 395CAE11172BEBB0253895E8B5F82BFA, 7CD60EF6FA38D42412E03DF3A831009A4BE10F3E43D05BCCC9C35B26A4008F29 ] VaultSvc        C:\Windows\system32\lsass.exe
22:02:23.0314 0x13dc  VaultSvc - ok
22:02:23.0342 0x13dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:02:23.0344 0x13dc  vdrvroot - ok
22:02:23.0373 0x13dc  [ 44082C4A89ABDAC0C4B08AA8834270B4, C312E144AC4E5475506EBC62CC5D0529B256771C1FA2D709228D3F6BFEB55DED ] vds             C:\Windows\System32\vds.exe
22:02:23.0388 0x13dc  vds - ok
22:02:23.0415 0x13dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:02:23.0417 0x13dc  vga - ok
22:02:23.0421 0x13dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:02:23.0423 0x13dc  VgaSave - ok
22:02:23.0449 0x13dc  [ 2E9907E787CDAFA2AAA7F928853B7142, 29F30D60BBE5909D4DB569D52ADC7677CA94831B6E5CB25927386CC24CCCE898 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:02:23.0455 0x13dc  vhdmp - ok
22:02:23.0459 0x13dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:02:23.0461 0x13dc  viaide - ok
22:02:23.0483 0x13dc  [ B7962BD45492837173E0EF274E691C1F, 6845F94E6345888714206072229035C0E93BA6E8B4EACFA8C479474B5FF1AA88 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:02:23.0485 0x13dc  volmgr - ok
22:02:23.0507 0x13dc  [ 0904EF550B3D3FEB326638A4BAD9937E, 462FA11F260C420756DBD989CB505EEB9A286B9EEB826EB2935C119C839EDC8E ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:02:23.0516 0x13dc  volmgrx - ok
22:02:23.0538 0x13dc  [ 35B18F5EBE7459D9CCEFAB6CA5B399FA, 14FCDF1F5EEF310F3C1D58BBEE56154D58539F74D282610C038603FC5CBCAD9D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:02:23.0546 0x13dc  volsnap - ok
22:02:23.0573 0x13dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:02:23.0578 0x13dc  vsmraid - ok
22:02:23.0632 0x13dc  [ 0EE1E0842B66F9DF52C5510741053EE3, 7B5CB798BB84328B04104C234AE25AE33707E47A1E0C7E9675D6410E6F1D0AE8 ] VSS             C:\Windows\system32\vssvc.exe
22:02:23.0675 0x13dc  VSS - ok
22:02:23.0682 0x13dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:02:23.0683 0x13dc  vwifibus - ok
22:02:23.0697 0x13dc  [ 274804C8405091526F2AFFDE354D433A, 702E33C998C29A9C448F0C968527C8B769DC1CAB7AFC7D7A1506FBF96741D0FA ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:02:23.0699 0x13dc  vwififlt - ok
22:02:23.0720 0x13dc  [ FC7784CE50FD5C6A7555F9280B4542ED, B0A73E85C9CF36362E4449D86AE5EAFE6E4B159ABC89F4C9249DB531463710B0 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:02:23.0721 0x13dc  vwifimp - ok
22:02:23.0748 0x13dc  [ C7B83BD98BA3560374569C0C13EA3685, 68C05B99D6035568E2470FE7E73167AF584CC721F76E02CA1470CA5E1E341607 ] W32Time         C:\Windows\system32\w32time.dll
22:02:23.0759 0x13dc  W32Time - ok
22:02:23.0784 0x13dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:02:23.0786 0x13dc  WacomPen - ok
22:02:23.0803 0x13dc  [ 79A3B7533AEEDCFC511E534DF8333D5C, ED2D241DE7DF3F61C34B7D968AE5574344FA830977E2E7C0BCCF8CD3968CB24E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:02:23.0806 0x13dc  WANARP - ok
22:02:23.0812 0x13dc  [ 79A3B7533AEEDCFC511E534DF8333D5C, ED2D241DE7DF3F61C34B7D968AE5574344FA830977E2E7C0BCCF8CD3968CB24E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:02:23.0814 0x13dc  Wanarpv6 - ok
22:02:23.0878 0x13dc  [ F91B8969183F3461BD3D3438052AEAD0, 8AC901D5CF209479DBE1DD0D7BB084848796E0659C134998F82CDFC6EC7059E7 ] wbengine        C:\Windows\system32\wbengine.exe
22:02:23.0918 0x13dc  wbengine - ok
22:02:23.0929 0x13dc  [ 509575C01A75FB7D80569ED33075D615, 8B5E44D245EC4C07E1D9D79F1BA56EF3482C7B5BA095BBD9704D3031F00BE9E8 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:02:23.0936 0x13dc  WbioSrvc - ok
22:02:23.0972 0x13dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:02:23.0983 0x13dc  wcncsvc - ok
22:02:23.0998 0x13dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:02:24.0001 0x13dc  WcsPlugInService - ok
22:02:24.0005 0x13dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:02:24.0007 0x13dc  Wd - ok
22:02:24.0057 0x13dc  [ 37CE6867FC4A6827009A713A9737262C, D8890524F4EF358E35C4A992BEAF7C8FB5ED647FE4D899D3CF608C2201E218A5 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:02:24.0077 0x13dc  Wdf01000 - ok
22:02:24.0109 0x13dc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:02:24.0114 0x13dc  WdiServiceHost - ok
22:02:24.0119 0x13dc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:02:24.0123 0x13dc  WdiSystemHost - ok
22:02:24.0156 0x13dc  [ C1EAE0C20DFC3E193BC1B2701CA6B333, C6BEC998FE4A11F0600C613E6ECEAD9604510B73F3FB4EAF27B5974A6F1D9FA6 ] WebClient       C:\Windows\System32\webclnt.dll
22:02:24.0164 0x13dc  WebClient - ok
22:02:24.0191 0x13dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:02:24.0199 0x13dc  Wecsvc - ok
22:02:24.0209 0x13dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:02:24.0213 0x13dc  wercplsupport - ok
22:02:24.0238 0x13dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:02:24.0242 0x13dc  WerSvc - ok
22:02:24.0272 0x13dc  [ 009604986BAE004733728282BD98BB03, CE82EA41E6CC1EF2D11BFB2761105C422EA9A146FF52034C4A2221A4B5FD3940 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:02:24.0274 0x13dc  WfpLwf - ok
22:02:24.0294 0x13dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:02:24.0296 0x13dc  WIMMount - ok
22:02:24.0306 0x13dc  WinDefend - ok
22:02:24.0313 0x13dc  WinHttpAutoProxySvc - ok
22:02:24.0354 0x13dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:02:24.0362 0x13dc  Winmgmt - ok
22:02:24.0465 0x13dc  [ 29C8E2A9684E3DFA946C1EC87AB724AD, A2B3274BC02C120D9DF2C8EF1026B3D8802CD8ABEFB068BBBCEDCD59A9EDC185 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:02:24.0537 0x13dc  WinRM - ok
22:02:24.0629 0x13dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
22:02:24.0632 0x13dc  WinUsb - ok
22:02:24.0728 0x13dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:02:24.0753 0x13dc  Wlansvc - ok
22:02:24.0777 0x13dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:02:24.0778 0x13dc  WmiAcpi - ok
22:02:24.0803 0x13dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:02:24.0809 0x13dc  wmiApSrv - ok
22:02:24.0837 0x13dc  WMPNetworkSvc - ok
22:02:24.0861 0x13dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:02:24.0863 0x13dc  WPCSvc - ok
22:02:24.0890 0x13dc  [ 40E549091F6BA713114B85159BFC6993, E37255A374A0CF31087A1E0535ED6BC32B8848B084A1626A0AC4F2BAA376FB36 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:02:24.0895 0x13dc  WPDBusEnum - ok
22:02:24.0900 0x13dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:02:24.0901 0x13dc  ws2ifsl - ok
22:02:24.0920 0x13dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:02:24.0924 0x13dc  wscsvc - ok
22:02:24.0928 0x13dc  WSearch - ok
22:02:25.0056 0x13dc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:02:25.0121 0x13dc  wuauserv - ok
22:02:25.0137 0x13dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:02:25.0140 0x13dc  WudfPf - ok
22:02:25.0171 0x13dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:02:25.0177 0x13dc  WUDFRd - ok
22:02:25.0205 0x13dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:02:25.0210 0x13dc  wudfsvc - ok
22:02:25.0228 0x13dc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:02:25.0236 0x13dc  WwanSvc - ok
22:02:25.0249 0x13dc  ================ Scan global ===============================
22:02:25.0274 0x13dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:02:25.0303 0x13dc  [ BDADDE9AD8DD2BF67426C23A8874D776, CD8EE0EB9370F70340580C271CEA4CF6B4C91D5670999740F628EAE721FF8879 ] C:\Windows\system32\winsrv.dll
22:02:25.0320 0x13dc  [ BDADDE9AD8DD2BF67426C23A8874D776, CD8EE0EB9370F70340580C271CEA4CF6B4C91D5670999740F628EAE721FF8879 ] C:\Windows\system32\winsrv.dll
22:02:25.0350 0x13dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:02:25.0368 0x13dc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:02:25.0377 0x13dc  [ Global ] - ok
22:02:25.0378 0x13dc  ================ Scan MBR ==================================
22:02:25.0386 0x13dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:02:25.0563 0x13dc  \Device\Harddisk0\DR0 - ok
22:02:25.0564 0x13dc  ================ Scan VBR ==================================
22:02:25.0567 0x13dc  [ 6F1CB0E5BC29831383C3E6B736CE8D6E ] \Device\Harddisk0\DR0\Partition1
22:02:25.0569 0x13dc  \Device\Harddisk0\DR0\Partition1 - ok
22:02:25.0573 0x13dc  [ AA60BE62B4A43BF117300BEBD62164BA ] \Device\Harddisk0\DR0\Partition2
22:02:25.0576 0x13dc  \Device\Harddisk0\DR0\Partition2 - ok
22:02:25.0576 0x13dc  ================ Scan generic autorun ======================
22:02:25.0689 0x13dc  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
22:02:25.0722 0x13dc  MSC - ok
22:02:25.0786 0x13dc  [ B7680F36C41AE21C0ECA96523443831F, C45924B67D4ABD0E60C894AC396BB886D6D8BAA83E1CD369B25CC9C9476189B5 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
22:02:25.0804 0x13dc  FreeFallProtection - ok
22:02:25.0865 0x13dc  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:02:25.0891 0x13dc  Adobe ARM - ok
22:02:25.0949 0x13dc  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
22:02:25.0957 0x13dc  iTunesHelper - ok
22:02:26.0028 0x13dc  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:02:26.0040 0x13dc  IAStorIcon - ok
22:02:26.0066 0x13dc  [ 07C4EBD3107799774FA3103956CD1C40, BB798DE0F18D2A28B18467D958B68C23DBA0A802512C36E708D9EBD9352492F6 ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
22:02:26.0068 0x13dc  IndexSearch - ok
22:02:26.0096 0x13dc  [ E5F1D2C7D51C816437BBE2306828BC4B, BBBEB3294EF02F3E4C73A3A2FAE83C261A095602D86E1FF272C6FDFCE0C05E1B ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
22:02:26.0102 0x13dc  PaperPort PTD - ok
22:02:26.0125 0x13dc  [ 0D1D2FBAE112BDDB9F77B7BC7A956D3A, BD833CF275B4EC4EC12E868EB2EE049A6F9F0792A326BEAEB1433586257C098F ] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe
22:02:26.0137 0x13dc  PPort12reminder - ok
22:02:26.0179 0x13dc  [ 016B31B67ACDF4AEB325FAC166684E5D, 3C22DF4E55554EB16EA2CA5927285C35E2A6C3DE22ACDDCD68492EAFAD4B0A9F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
22:02:26.0186 0x13dc  ControlCenter4 - ok
22:02:26.0313 0x13dc  [ 84ED734D77A8F8B7E56C954D42731945, 12E51DF14DEE016B7FE53221D58B47DF27E9BB840B49CB334A99A42777570D4A ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
22:02:26.0378 0x13dc  BrStsMon00 - ok
22:02:26.0486 0x13dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:02:26.0517 0x13dc  Sidebar - ok
22:02:26.0542 0x13dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:02:26.0545 0x13dc  mctadmin - ok
22:02:26.0580 0x13dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:02:26.0604 0x13dc  Sidebar - ok
22:02:26.0611 0x13dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:02:26.0614 0x13dc  mctadmin - ok
22:02:26.0686 0x13dc  [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
22:02:26.0698 0x13dc  ISUSPM - ok
22:02:26.0801 0x13dc  [ 2CFEAAAB47D36E9651FC7F89F4F31DBC, 91ED0328C6417C0DDBB3E92626414CE681AD075AD21A5BDB3EB21DB3ADFA72B3 ] C:\Users\Nadine Dvorak\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe
22:02:26.0825 0x13dc  GMX Application {sync-000021} - ok
22:02:26.0899 0x13dc  [ 8D6D691AA7AA121AC048BA594AD7E647, 8583202D26BA894F30C222EF1DA155427E738DA7DF6C7EBDAA982DE070B88095 ] C:\Users\Nadine Dvorak\AppData\Local\Apps\2.0\OQMWQXAT.VLC\1GNNCX3B.7PL\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
22:02:26.0912 0x13dc  DellSystemDetect - ok
22:02:26.0961 0x13dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:02:26.0985 0x13dc  Sidebar - ok
22:02:27.0018 0x13dc  DellSystemDetect - ok
22:02:27.0040 0x13dc  [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
22:02:27.0045 0x13dc  ISUSPM - ok
22:02:27.0058 0x13dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:02:27.0061 0x13dc  mctadmin - ok
22:02:27.0062 0x13dc  Waiting for KSN requests completion. In queue: 346
22:02:28.0063 0x13dc  Waiting for KSN requests completion. In queue: 34
22:02:29.0071 0x13dc  Waiting for KSN requests completion. In queue: 34
22:02:30.0111 0x13dc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
22:02:30.0131 0x13dc  Win FW state via NFP2: enabled
22:02:32.0871 0x13dc  ============================================================
22:02:32.0871 0x13dc  Scan finished
22:02:32.0871 0x13dc  ============================================================
22:02:32.0881 0x0b68  Detected object count: 0
22:02:32.0881 0x0b68  Actual detected object count: 0
         
Grüße
Maja


Alt 02.04.2015, 09:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Malware ist da keine. Bitte mal einen bericht mit Bluescreenview erstellen:

Windows Bluescreen Absturz analysieren und beheben - so geht's - Anleitungen
__________________
--> Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen

Alt 06.04.2015, 20:19   #7
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



HTML-Code:
==================================================
Filename          : ntoskrnl.exe
Address In Stack  : ntoskrnl.exe+4d635e
From Address      : fffff800`02e63000
To Address        : fffff800`03449000
Size              : 0x005e6000
Time Stamp        : 0x54d030c3
Time String       : 03.02.2015 04:21:55
Product Name      : Microsoft® Windows® Operating System
File Description  : NT Kernel & System
File Version      : 6.1.7601.22948 (win7sp1_ldr.150202-1521)
Company           : Microsoft Corporation
Full Path         : C:\Windows\system32\ntoskrnl.exe
==================================================

==================================================
Filename          : hal.dll
Address In Stack  : 
From Address      : fffff800`02e1a000
To Address        : fffff800`02e63000
Size              : 0x00049000
Time Stamp        : 0x4eb4c7f6
Time String       : 05.11.2011 07:21:58
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : kdcom.dll
Address In Stack  : 
From Address      : fffff800`00baf000
To Address        : fffff800`00bb9000
Size              : 0x0000a000
Time Stamp        : 0x4d4d8061
Time String       : 05.02.2011 18:52:49
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : mcupdate_GenuineIntel.dll
Address In Stack  : 
From Address      : fffff880`00c93000
To Address        : fffff880`00ce2000
Size              : 0x0004f000
Time Stamp        : 0x4d53e5a7
Time String       : 10.02.2011 15:18:31
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : PSHED.dll
Address In Stack  : 
From Address      : fffff880`00ce2000
To Address        : fffff880`00cf6000
Size              : 0x00014000
Time Stamp        : 0x4a5be027
Time String       : 14.07.2009 03:32:23
Product Name      : Betriebssystem Microsoft® Windows®
File Description  : Plattformspezifischer Hardwarefehlertreiber
File Version      : 6.1.7600.16385 (win7_rtm.090713-1255)
Company           : Microsoft Corporation
Full Path         : C:\Windows\system32\PSHED.dll
==================================================

==================================================
Filename          : CLFS.SYS
Address In Stack  : 
From Address      : fffff880`00cf6000
To Address        : fffff880`00d54000
Size              : 0x0005e000
Time Stamp        : 0x529e80a7
Time String       : 04.12.2013 03:08:55
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : CI.dll
Address In Stack  : 
From Address      : fffff880`00d54000
To Address        : fffff880`00dc9000
Size              : 0x00075000
Time Stamp        : 0x53acd215
Time String       : 27.06.2014 04:08:21
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Wdf01000.sys
Address In Stack  : 
From Address      : fffff880`00efe000
To Address        : fffff880`00fc0000
Size              : 0x000c2000
Time Stamp        : 0x51c55683
Time String       : 22.06.2013 09:47:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : WDFLDR.SYS
Address In Stack  : 
From Address      : fffff880`00fc0000
To Address        : fffff880`00fd0000
Size              : 0x00010000
Time Stamp        : 0x5010ab70
Time String       : 26.07.2012 04:29:04
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ACPI.sys
Address In Stack  : 
From Address      : fffff880`00e00000
To Address        : fffff880`00e57000
Size              : 0x00057000
Time Stamp        : 0x5048b7de
Time String       : 06.09.2012 16:49:02
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : WMILIB.SYS
Address In Stack  : 
From Address      : fffff880`00e57000
To Address        : fffff880`00e60000
Size              : 0x00009000
Time Stamp        : 0x4a5bc117
Time String       : 14.07.2009 01:19:51
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : msisadrv.sys
Address In Stack  : 
From Address      : fffff880`00e60000
To Address        : fffff880`00e6a000
Size              : 0x0000a000
Time Stamp        : 0x4a5bc0fe
Time String       : 14.07.2009 01:19:26
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : pci.sys
Address In Stack  : 
From Address      : fffff880`00e6a000
To Address        : fffff880`00e9d000
Size              : 0x00033000
Time Stamp        : 0x4fa4be81
Time String       : 05.05.2012 07:45:37
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : vdrvroot.sys
Address In Stack  : 
From Address      : fffff880`00e9d000
To Address        : fffff880`00eaa000
Size              : 0x0000d000
Time Stamp        : 0x4a5bcadb
Time String       : 14.07.2009 02:01:31
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : partmgr.sys
Address In Stack  : 
From Address      : fffff880`00eaa000
To Address        : fffff880`00ebf000
Size              : 0x00015000
Time Stamp        : 0x4f641bc1
Time String       : 17.03.2012 07:06:09
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : compbatt.sys
Address In Stack  : 
From Address      : fffff880`00ebf000
To Address        : fffff880`00ec8000
Size              : 0x00009000
Time Stamp        : 0x4a5bc3b6
Time String       : 14.07.2009 01:31:02
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : BATTC.SYS
Address In Stack  : 
From Address      : fffff880`00ec8000
To Address        : fffff880`00ed4000
Size              : 0x0000c000
Time Stamp        : 0x4a5bc3b5
Time String       : 14.07.2009 01:31:01
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : volmgr.sys
Address In Stack  : 
From Address      : fffff880`00ed4000
To Address        : fffff880`00ee8000
Size              : 0x00014000
Time Stamp        : 0x4fa4be8f
Time String       : 05.05.2012 07:45:51
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : volmgrx.sys
Address In Stack  : 
From Address      : fffff880`00c00000
To Address        : fffff880`00c5c000
Size              : 0x0005c000
Time Stamp        : 0x4e13c869
Time String       : 06.07.2011 04:28:57
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : mountmgr.sys
Address In Stack  : 
From Address      : fffff880`00fd0000
To Address        : fffff880`00fea000
Size              : 0x0001a000
Time Stamp        : 0x54d02e19
Time String       : 03.02.2015 04:10:33
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : iaStor.sys
Address In Stack  : 
From Address      : fffff880`0105e000
To Address        : fffff880`01268000
Size              : 0x0020a000
Time Stamp        : 0x4b8f2033
Time String       : 04.03.2010 04:51:31
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : atapi.sys
Address In Stack  : 
From Address      : fffff880`01268000
To Address        : fffff880`01271000
Size              : 0x00009000
Time Stamp        : 0x4a5bc113
Time String       : 14.07.2009 01:19:47
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ataport.SYS
Address In Stack  : 
From Address      : fffff880`01271000
To Address        : fffff880`0129b000
Size              : 0x0002a000
Time Stamp        : 0x51fef9b5
Time String       : 05.08.2013 03:02:45
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : msahci.sys
Address In Stack  : 
From Address      : fffff880`0129b000
To Address        : fffff880`012a6000
Size              : 0x0000b000
Time Stamp        : 0x4ce7a416
Time String       : 20.11.2010 12:33:58
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : PCIIDEX.SYS
Address In Stack  : 
From Address      : fffff880`012a6000
To Address        : fffff880`012b6000
Size              : 0x00010000
Time Stamp        : 0x4a5bc114
Time String       : 14.07.2009 01:19:48
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : amdxata.sys
Address In Stack  : 
From Address      : fffff880`012b6000
To Address        : fffff880`012c1000
Size              : 0x0000b000
Time Stamp        : 0x4ba3a3ca
Time String       : 19.03.2010 18:18:18
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : fltmgr.sys
Address In Stack  : 
From Address      : fffff880`012c1000
To Address        : fffff880`0130c000
Size              : 0x0004b000
Time Stamp        : 0x4fa4bbc6
Time String       : 05.05.2012 07:33:58
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : fileinfo.sys
Address In Stack  : 
From Address      : fffff880`0130c000
To Address        : fffff880`01320000
Size              : 0x00014000
Time Stamp        : 0x4a5bc481
Time String       : 14.07.2009 01:34:25
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : MpFilter.sys
Address In Stack  : 
From Address      : fffff880`01320000
To Address        : fffff880`01363000
Size              : 0x00043000
Time Stamp        : 0x545532e8
Time String       : 01.11.2014 21:22:16
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Ntfs.sys
Address In Stack  : 
From Address      : fffff880`01446000
To Address        : fffff880`015ee000
Size              : 0x001a8000
Time Stamp        : 0x52e1bf1c
Time String       : 24.01.2014 03:17:16
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : msrpc.sys
Address In Stack  : 
From Address      : fffff880`01363000
To Address        : fffff880`013c1000
Size              : 0x0005e000
Time Stamp        : 0x4ce79334
Time String       : 20.11.2010 11:21:56
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ksecdd.sys
Address In Stack  : 
From Address      : fffff880`01400000
To Address        : fffff880`0141b000
Size              : 0x0001b000
Time Stamp        : 0x54f92917
Time String       : 06.03.2015 06:12:07
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : cng.sys
Address In Stack  : 
From Address      : fffff880`01699000
To Address        : fffff880`0170b000
Size              : 0x00072000
Time Stamp        : 0x54cafcb1
Time String       : 30.01.2015 05:38:25
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : pcw.sys
Address In Stack  : 
From Address      : fffff880`0170b000
To Address        : fffff880`0171c000
Size              : 0x00011000
Time Stamp        : 0x4a5bc0ff
Time String       : 14.07.2009 01:19:27
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Fs_Rec.sys
Address In Stack  : 
From Address      : fffff880`0171c000
To Address        : fffff880`01726000
Size              : 0x0000a000
Time Stamp        : 0x4f4eefd2
Time String       : 01.03.2012 05:41:06
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ndis.sys
Address In Stack  : 
From Address      : fffff880`01891000
To Address        : fffff880`01984000
Size              : 0x000f3000
Time Stamp        : 0x52554546
Time String       : 09.10.2013 14:00:06
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : NETIO.SYS
Address In Stack  : 
From Address      : fffff880`01984000
To Address        : fffff880`019e4000
Size              : 0x00060000
Time Stamp        : 0x533f58d9
Time String       : 05.04.2014 03:14:01
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ksecpkg.sys
Address In Stack  : 
From Address      : fffff880`01800000
To Address        : fffff880`0182c000
Size              : 0x0002c000
Time Stamp        : 0x54f92cf7
Time String       : 06.03.2015 06:28:39
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : tcpip.sys
Address In Stack  : 
From Address      : fffff880`01a00000
To Address        : fffff880`01bfc000
Size              : 0x001fc000
Time Stamp        : 0x533f5937
Time String       : 05.04.2014 03:15:35
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : fwpkclnt.sys
Address In Stack  : 
From Address      : fffff880`0182c000
To Address        : fffff880`01875000
Size              : 0x00049000
Time Stamp        : 0x533f58a4
Time String       : 05.04.2014 03:13:08
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : wfplwf.sys
Address In Stack  : 
From Address      : fffff880`01875000
To Address        : fffff880`0187e000
Size              : 0x00009000
Time Stamp        : 0x4eb4b1c7
Time String       : 05.11.2011 05:47:19
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : volsnap.sys
Address In Stack  : 
From Address      : fffff880`01726000
To Address        : fffff880`01772000
Size              : 0x0004c000
Time Stamp        : 0x51f86417
Time String       : 31.07.2013 03:10:47
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : stdcfltn.sys
Address In Stack  : 
From Address      : fffff880`0187e000
To Address        : fffff880`01887000
Size              : 0x00009000
Time Stamp        : 0x4c6ec3cd
Time String       : 20.08.2010 20:05:01
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : spldr.sys
Address In Stack  : 
From Address      : fffff880`01887000
To Address        : fffff880`0188f000
Size              : 0x00008000
Time Stamp        : 0x4a0858bb
Time String       : 11.05.2009 18:56:27
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rdyboost.sys
Address In Stack  : 
From Address      : fffff880`01772000
To Address        : fffff880`017ac000
Size              : 0x0003a000
Time Stamp        : 0x5080451b
Time String       : 18.10.2012 20:06:19
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : mup.sys
Address In Stack  : 
From Address      : fffff880`019e4000
To Address        : fffff880`019f6000
Size              : 0x00012000
Time Stamp        : 0x4a5bc201
Time String       : 14.07.2009 01:23:45
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : hwpolicy.sys
Address In Stack  : 
From Address      : fffff880`019f6000
To Address        : fffff880`019ff000
Size              : 0x00009000
Time Stamp        : 0x4ce7927e
Time String       : 20.11.2010 11:18:54
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : fvevol.sys
Address In Stack  : 
From Address      : fffff880`017ac000
To Address        : fffff880`017e6000
Size              : 0x0003a000
Time Stamp        : 0x5100a65c
Time String       : 24.01.2013 05:11:24
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : disk.sys
Address In Stack  : 
From Address      : fffff880`017e6000
To Address        : fffff880`017fc000
Size              : 0x00016000
Time Stamp        : 0x4a5bc11d
Time String       : 14.07.2009 01:19:57
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : CLASSPNP.SYS
Address In Stack  : 
From Address      : fffff880`01600000
To Address        : fffff880`01630000
Size              : 0x00030000
Time Stamp        : 0x512d7635
Time String       : 27.02.2013 04:57:57
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : cdrom.sys
Address In Stack  : 
From Address      : fffff880`04308000
To Address        : fffff880`04333000
Size              : 0x0002b000
Time Stamp        : 0x501a98d5
Time String       : 02.08.2012 17:12:21
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Null.SYS
Address In Stack  : 
From Address      : fffff880`04333000
To Address        : fffff880`0433c000
Size              : 0x00009000
Time Stamp        : 0x4a5bc109
Time String       : 14.07.2009 01:19:37
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Beep.SYS
Address In Stack  : 
From Address      : fffff880`0433c000
To Address        : fffff880`04343000
Size              : 0x00007000
Time Stamp        : 0x52568e77
Time String       : 10.10.2013 13:24:39
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : vga.sys
Address In Stack  : 
From Address      : fffff880`04343000
To Address        : fffff880`04351000
Size              : 0x0000e000
Time Stamp        : 0x4a5bc587
Time String       : 14.07.2009 01:38:47
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : VIDEOPRT.SYS
Address In Stack  : 
From Address      : fffff880`04351000
To Address        : fffff880`04376000
Size              : 0x00025000
Time Stamp        : 0x4a5bc58b
Time String       : 14.07.2009 01:38:51
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : watchdog.sys
Address In Stack  : 
From Address      : fffff880`04376000
To Address        : fffff880`04386000
Size              : 0x00010000
Time Stamp        : 0x4a5bc53f
Time String       : 14.07.2009 01:37:35
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : RDPCDD.sys
Address In Stack  : 
From Address      : fffff880`04386000
To Address        : fffff880`0438f000
Size              : 0x00009000
Time Stamp        : 0x4a5bce62
Time String       : 14.07.2009 02:16:34
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rdpencdd.sys
Address In Stack  : 
From Address      : fffff880`0438f000
To Address        : fffff880`04398000
Size              : 0x00009000
Time Stamp        : 0x4a5bce62
Time String       : 14.07.2009 02:16:34
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rdprefmp.sys
Address In Stack  : 
From Address      : fffff880`04398000
To Address        : fffff880`043a1000
Size              : 0x00009000
Time Stamp        : 0x4a5bce63
Time String       : 14.07.2009 02:16:35
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Msfs.SYS
Address In Stack  : 
From Address      : fffff880`043a1000
To Address        : fffff880`043ac000
Size              : 0x0000b000
Time Stamp        : 0x4a5bc113
Time String       : 14.07.2009 01:19:47
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Npfs.SYS
Address In Stack  : 
From Address      : fffff880`043ac000
To Address        : fffff880`043bd000
Size              : 0x00011000
Time Stamp        : 0x4a5bc114
Time String       : 14.07.2009 01:19:48
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : tdx.sys
Address In Stack  : 
From Address      : fffff880`043bd000
To Address        : fffff880`043df000
Size              : 0x00022000
Time Stamp        : 0x54616cbf
Time String       : 11.11.2014 03:56:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : TDI.SYS
Address In Stack  : 
From Address      : fffff880`043df000
To Address        : fffff880`043ec000
Size              : 0x0000d000
Time Stamp        : 0x4ce7933e
Time String       : 20.11.2010 11:22:06
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : afd.sys
Address In Stack  : 
From Address      : fffff880`04000000
To Address        : fffff880`04089000
Size              : 0x00089000
Time Stamp        : 0x53882807
Time String       : 30.05.2014 08:41:11
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : netbt.sys
Address In Stack  : 
From Address      : fffff880`04089000
To Address        : fffff880`040ce000
Size              : 0x00045000
Time Stamp        : 0x4ce79386
Time String       : 20.11.2010 11:23:18
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : pacer.sys
Address In Stack  : 
From Address      : fffff880`0163e000
To Address        : fffff880`01664000
Size              : 0x00026000
Time Stamp        : 0x4ce7a862
Time String       : 20.11.2010 12:52:18
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : vwififlt.sys
Address In Stack  : 
From Address      : fffff880`040ce000
To Address        : fffff880`040e4000
Size              : 0x00016000
Time Stamp        : 0x50804f72
Time String       : 18.10.2012 20:50:26
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : netbios.sys
Address In Stack  : 
From Address      : fffff880`043ec000
To Address        : fffff880`043fc000
Size              : 0x00010000
Time Stamp        : 0x4f5839f8
Time String       : 08.03.2012 06:47:52
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : wanarp.sys
Address In Stack  : 
From Address      : fffff880`01664000
To Address        : fffff880`0167f000
Size              : 0x0001b000
Time Stamp        : 0x51396340
Time String       : 08.03.2013 06:04:16
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : termdd.sys
Address In Stack  : 
From Address      : fffff880`0167f000
To Address        : fffff880`01693000
Size              : 0x00014000
Time Stamp        : 0x4ce7ab0c
Time String       : 20.11.2010 13:03:40
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rdbss.sys
Address In Stack  : 
From Address      : fffff880`01000000
To Address        : fffff880`01053000
Size              : 0x00053000
Time Stamp        : 0x52554c90
Time String       : 09.10.2013 14:31:12
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : nsiproxy.sys
Address In Stack  : 
From Address      : fffff880`0141b000
To Address        : fffff880`01427000
Size              : 0x0000c000
Time Stamp        : 0x52f190aa
Time String       : 05.02.2014 03:15:22
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : mssmbios.sys
Address In Stack  : 
From Address      : fffff880`01427000
To Address        : fffff880`01432000
Size              : 0x0000b000
Time Stamp        : 0x4a5bc3be
Time String       : 14.07.2009 01:31:10
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : discache.sys
Address In Stack  : 
From Address      : fffff880`01432000
To Address        : fffff880`01441000
Size              : 0x0000f000
Time Stamp        : 0x4fd2bafe
Time String       : 09.06.2012 04:54:54
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : dfsc.sys
Address In Stack  : 
From Address      : fffff880`013c1000
To Address        : fffff880`013df000
Size              : 0x0001e000
Time Stamp        : 0x52f2e26c
Time String       : 06.02.2014 03:16:28
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : blbdrive.sys
Address In Stack  : 
From Address      : fffff880`015ee000
To Address        : fffff880`015ff000
Size              : 0x00011000
Time Stamp        : 0x4a5bc4df
Time String       : 14.07.2009 01:35:59
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : tunnel.sys
Address In Stack  : 
From Address      : fffff880`00c5c000
To Address        : fffff880`00c82000
Size              : 0x00026000
Time Stamp        : 0x50ee3e4d
Time String       : 10.01.2013 06:06:37
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : nvlddmkm.sys
Address In Stack  : 
From Address      : fffff880`05808000
To Address        : fffff880`062ff000
Size              : 0x00af7000
Time Stamp        : 0x521fbf80
Time String       : 29.08.2013 23:39:12
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : nvBridge.kmd
Address In Stack  : 
From Address      : fffff880`062ff000
To Address        : fffff880`06300180
Size              : 0x00001180
Time Stamp        : 0x4b7ee525
Time String       : 19.02.2010 21:23:17
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : dxgkrnl.sys
Address In Stack  : 
From Address      : fffff880`06301000
To Address        : fffff880`063f6000
Size              : 0x000f5000
Time Stamp        : 0x539e411c
Time String       : 16.06.2014 02:58:04
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : dxgmms1.sys
Address In Stack  : 
From Address      : fffff880`04496000
To Address        : fffff880`044dc000
Size              : 0x00046000
Time Stamp        : 0x5164dc13
Time String       : 10.04.2013 05:27:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : HDAudBus.sys
Address In Stack  : 
From Address      : fffff880`044dc000
To Address        : fffff880`04500000
Size              : 0x00024000
Time Stamp        : 0x52bb888f
Time String       : 26.12.2013 03:38:23
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : HECIx64.sys
Address In Stack  : 
From Address      : fffff880`04500000
To Address        : fffff880`04511000
Size              : 0x00011000
Time Stamp        : 0x4ab293e8
Time String       : 17.09.2009 21:54:16
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : usbehci.sys
Address In Stack  : 
From Address      : fffff880`04511000
To Address        : fffff880`04523000
Size              : 0x00012000
Time Stamp        : 0x52a6705c
Time String       : 10.12.2013 03:37:32
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : USBPORT.SYS
Address In Stack  : 
From Address      : fffff880`04523000
To Address        : fffff880`0457a000
Size              : 0x00057000
Time Stamp        : 0x52a67063
Time String       : 10.12.2013 03:37:39
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : bcmwl664.sys
Address In Stack  : 
From Address      : fffff880`04ada000
To Address        : fffff880`04f64000
Size              : 0x0048a000
Time Stamp        : 0x4e0dd172
Time String       : 01.07.2011 15:53:54
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : vwifibus.sys
Address In Stack  : 
From Address      : fffff880`04f64000
To Address        : fffff880`04f71000
Size              : 0x0000d000
Time Stamp        : 0x4a5bcc39
Time String       : 14.07.2009 02:07:21
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Rt64win7.sys
Address In Stack  : 
From Address      : fffff880`04f71000
To Address        : fffff880`04ff6000
Size              : 0x00085000
Time Stamp        : 0x4df1baab
Time String       : 10.06.2011 08:33:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : i8042prt.sys
Address In Stack  : 
From Address      : fffff880`04a00000
To Address        : fffff880`04a1e000
Size              : 0x0001e000
Time Stamp        : 0x4a5bc11d
Time String       : 14.07.2009 01:19:57
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : mouclass.sys
Address In Stack  : 
From Address      : fffff880`04a1e000
To Address        : fffff880`04a2d000
Size              : 0x0000f000
Time Stamp        : 0x4a5bc116
Time String       : 14.07.2009 01:19:50
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : kbdclass.sys
Address In Stack  : 
From Address      : fffff880`04a2d000
To Address        : fffff880`04a3c000
Size              : 0x0000f000
Time Stamp        : 0x4a5bc116
Time String       : 14.07.2009 01:19:50
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : GEARAspiWDM.sys
Address In Stack  : 
From Address      : fffff880`04a3c000
To Address        : fffff880`04a42c00
Size              : 0x00006c00
Time Stamp        : 0x4fa2e2e1
Time String       : 03.05.2012 21:56:17
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : Accelern.sys
Address In Stack  : 
From Address      : fffff880`04a43000
To Address        : fffff880`04a53000
Size              : 0x00010000
Time Stamp        : 0x4ca37987
Time String       : 29.09.2010 19:38:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : wmiacpi.sys
Address In Stack  : 
From Address      : fffff880`04a53000
To Address        : fffff880`04a5c000
Size              : 0x00009000
Time Stamp        : 0x4a5bc3b6
Time String       : 14.07.2009 01:31:02
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : CmBatt.sys
Address In Stack  : 
From Address      : fffff880`04a5c000
To Address        : fffff880`04a60500
Size              : 0x00004500
Time Stamp        : 0x4a5bc3b7
Time String       : 14.07.2009 01:31:03
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : intelppm.sys
Address In Stack  : 
From Address      : fffff880`04a61000
To Address        : fffff880`04a77000
Size              : 0x00016000
Time Stamp        : 0x4a5bc0fd
Time String       : 14.07.2009 01:19:25
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : CompositeBus.sys
Address In Stack  : 
From Address      : fffff880`04a77000
To Address        : fffff880`04a87000
Size              : 0x00010000
Time Stamp        : 0x4ce7a3ed
Time String       : 20.11.2010 12:33:17
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : AgileVpn.sys
Address In Stack  : 
From Address      : fffff880`04a87000
To Address        : fffff880`04a9d000
Size              : 0x00016000
Time Stamp        : 0x4a5bccf0
Time String       : 14.07.2009 02:10:24
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rasl2tp.sys
Address In Stack  : 
From Address      : fffff880`04a9d000
To Address        : fffff880`04ac1000
Size              : 0x00024000
Time Stamp        : 0x4ce7a872
Time String       : 20.11.2010 12:52:34
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ndistapi.sys
Address In Stack  : 
From Address      : fffff880`04ac1000
To Address        : fffff880`04acd000
Size              : 0x0000c000
Time Stamp        : 0x4a5bccd8
Time String       : 14.07.2009 02:10:00
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ndiswan.sys
Address In Stack  : 
From Address      : fffff880`0457a000
To Address        : fffff880`045a9000
Size              : 0x0002f000
Time Stamp        : 0x4ce7a870
Time String       : 20.11.2010 12:52:32
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : raspppoe.sys
Address In Stack  : 
From Address      : fffff880`045a9000
To Address        : fffff880`045c4000
Size              : 0x0001b000
Time Stamp        : 0x4d2e8145
Time String       : 13.01.2011 06:36:21
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : raspptp.sys
Address In Stack  : 
From Address      : fffff880`045c4000
To Address        : fffff880`045e5000
Size              : 0x00021000
Time Stamp        : 0x4e855e37
Time String       : 30.09.2011 08:14:15
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : rassstp.sys
Address In Stack  : 
From Address      : fffff880`045e5000
To Address        : fffff880`045ff000
Size              : 0x0001a000
Time Stamp        : 0x4a5bccf1
Time String       : 14.07.2009 02:10:25
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : swenum.sys
Address In Stack  : 
From Address      : fffff880`04acd000
To Address        : fffff880`04ace480
Size              : 0x00001480
Time Stamp        : 0x4a5bca92
Time String       : 14.07.2009 02:00:18
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ks.sys
Address In Stack  : 
From Address      : fffff880`04400000
To Address        : fffff880`04443000
Size              : 0x00043000
Time Stamp        : 0x4ce7a3f3
Time String       : 20.11.2010 12:33:23
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : umbus.sys
Address In Stack  : 
From Address      : fffff880`04443000
To Address        : fffff880`04455000
Size              : 0x00012000
Time Stamp        : 0x4ce7a695
Time String       : 20.11.2010 12:44:37
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : usbhub.sys
Address In Stack  : 
From Address      : fffff880`046d4000
To Address        : fffff880`0472e000
Size              : 0x0005a000
Time Stamp        : 0x52a6707a
Time String       : 10.12.2013 03:38:02
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : NDProxy.SYS
Address In Stack  : 
From Address      : fffff880`0472e000
To Address        : fffff880`04743000
Size              : 0x00015000
Time Stamp        : 0x51396330
Time String       : 08.03.2013 06:04:00
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : nvhda64v.sys
Address In Stack  : 
From Address      : fffff880`04743000
To Address        : fffff880`04777000
Size              : 0x00034000
Time Stamp        : 0x51bdb1af
Time String       : 16.06.2013 14:38:07
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : portcls.sys
Address In Stack  : 
From Address      : fffff880`04777000
To Address        : fffff880`047b4000
Size              : 0x0003d000
Time Stamp        : 0x524e1b82
Time String       : 04.10.2013 03:36:02
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : drmk.sys
Address In Stack  : 
From Address      : fffff880`047b4000
To Address        : fffff880`047d6000
Size              : 0x00022000
Time Stamp        : 0x524e24fe
Time String       : 04.10.2013 04:16:30
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : ksthunk.sys
Address In Stack  : 
From Address      : fffff880`047d6000
To Address        : fffff880`047db200
Size              : 0x00005200
Time Stamp        : 0x4a5bca93
Time String       : 14.07.2009 02:00:19
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : HdAudio.sys
Address In Stack  : 
From Address      : fffff880`04600000
To Address        : fffff880`0465c000
Size              : 0x0005c000
Time Stamp        : 0x5168039c
Time String       : 12.04.2013 14:52:44
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : crashdmp.sys
Address In Stack  : 
From Address      : fffff880`0465c000
To Address        : fffff880`0466a000
Size              : 0x0000e000
Time Stamp        : 0x513dc497
Time String       : 11.03.2013 13:48:39
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : dump_iaStor.sys
Address In Stack  : 
From Address      : fffff880`040e4000
To Address        : fffff880`042ee000
Size              : 0x0020a000
Time Stamp        : 0x4b8f2033
Time String       : 04.03.2010 04:51:31
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

==================================================
Filename          : dump_dumpfve.sys
Address In Stack  : 
From Address      : fffff880`0466a000
To Address        : fffff880`0467d000
Size              : 0x00013000
Time Stamp        : 0x4a5bc18f
Time String       : 14.07.2009 01:21:51
Product Name      : 
File Description  : 
File Version      : 
Company           : 
Full Path         : 
==================================================

Alt 07.04.2015, 12:46   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Schau mal bitte auf der Herstellerseite des Gerätes ob es aktuellere Treiber gibt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2015, 21:12   #9
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo Schrauber,

aktueller als wann soll der Treiber sein?
Ich bin leider Laie und weiß schlichtweg nicht, wo ich sehe, wie alt mein Treiber ist.
Ich kann nur sagen, dass mein PC am 20.12.2014 komplett neu aufgesetzt wurde und in der Rechnung des Dienstleisters steht, dass die Treiber erneuert wurden.

Da ich unterwegs bin, weiß ich gerade noch nicht einmal auswendig, welches Vostro-Gerät ich habe...

Viele Grüße
Maja

Alt 08.04.2015, 14:06   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Ich formuliere anders:

Lade alle Treiber, die aktuellen Versionen, und installiere die drüber
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.04.2015, 20:58   #11
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo Schrauber,

ich hoffe, ich habe das jetzt richtig gemacht mit dem Treiber-Update. Ich habe ja die 64bit-Version, ursprünglich war aber eine 32-bit-Version auf dem Laptop (nach Eingabe meines Service Tags wurde mir wohl ein Update package für eine 32bit-Version angeboten.
Wenn ich die Beschreibung des Updates richtig verstehe, passt das aber trotzdem, oder?:
" Format DescriptionDell Update Packages (DUP) in Microsoft Windows 32bit format have been designed to run on Microsoft Windows 64bit Operating Systems. Dell Update Packages (DUP) in Microsoft Windows 64bit format will only run on Microsoft Windows 64bit Operating Systems. When selecting a device driver update be sure to select the one that is appropriate for your operating system."

Und hier noch ein log file für Dich:-):

HTML-Code:
[04/10/15 21:48:48]	Update Package Execution Started
[04/10/15 21:48:48]	Original command line: "C:\Users\Nadine Dvorak\Downloads\Application_56J82_WN32_1.4.2000.0_A07.EXE" 
[04/10/15 21:48:49]	DUP Framework EXE Version: 3.1.3.1
[04/10/15 21:48:49]	DUP Release: 56J82A07
[04/10/15 21:48:49]	Intializing framework...
[04/10/15 21:48:51]	logo.png
[04/10/15 21:48:57]	User Command: attended
[04/10/15 21:48:57]	DUP Capabilities Value: 2097151 (0x1FFFFF)
[04/10/15 21:48:57]	DUP Vendor Software Version: 1.4.2000.0
[04/10/15 21:48:57]	Local System/Model Compatible with this Package? Yes
[04/10/15 21:48:57]	Local System OS Version: 6.1.1.0
[04/10/15 21:48:57]	OS Compatible with this Package? Yes
[04/10/15 21:48:57]	Local System OS Language: DE
[04/10/15 21:48:57]	Language Compatible with this Package? Unknown
[04/10/15 21:48:58]	Identified Behavior : attended
[04/10/15 21:48:58]	Temporary payload log file name: C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DUPB863.tmp
[04/10/15 21:48:58]	Translated Command Line : msiexec.exe /i DellUpdate.1.4.2000.0.msi /log C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DUPB863.tmp
[04/10/15 21:48:58]	Path : C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07
[04/10/15 21:48:58]	Identified Behavior : attended
[04/10/15 21:49:15]	Append Vendor Software Log: C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DUPB863.tmp
[04/10/15 21:49:15]	
--- Start of Vendor Software Log ---

[04/10/15 21:49:15]	Unicode payload log file detected.
[04/10/15 21:49:15]	=== Logging started: 10.04.2015  21:49:00 ===
Action 21:49:00: INSTALL. 
Action start 21:49:00: INSTALL.
Action 21:49:00: FindRelatedProducts. Searching for related applications
Action start 21:49:00: FindRelatedProducts.
Action ended 21:49:00: FindRelatedProducts. Return value 1.
Action 21:49:00: AppSearch. Searching for installed applications
Action start 21:49:00: AppSearch.
AppSearch: Property: DEUEULA, Signature: DeuEula
AppSearch: Property: NETFRAMEWORK45, Signature: NetFramework45
Action ended 21:49:00: AppSearch. Return value 1.
Action 21:49:00: LaunchConditions. Evaluating launch conditions
Action start 21:49:00: LaunchConditions.
Action ended 21:49:00: LaunchConditions. Return value 1.
Action 21:49:00: ValidateProductID. 
Action start 21:49:00: ValidateProductID.
Action ended 21:49:00: ValidateProductID. Return value 1.
Action 21:49:00: CostInitialize. Computing space requirements
Action start 21:49:00: CostInitialize.
Action ended 21:49:00: CostInitialize. Return value 1.
Action 21:49:00: FileCost. Computing space requirements
Action start 21:49:00: FileCost.
Action ended 21:49:00: FileCost. Return value 1.
Action 21:49:00: CostFinalize. Computing space requirements
Action start 21:49:00: CostFinalize.
Action ended 21:49:00: CostFinalize. Return value 1.
Action 21:49:00: ExecuteAction. 
Action start 21:49:00: ExecuteAction.
Action start 21:49:01: INSTALL.
Action start 21:49:01: FindRelatedProducts.
Action ended 21:49:01: FindRelatedProducts. Return value 0.
Action start 21:49:01: AppSearch.
Action ended 21:49:01: AppSearch. Return value 0.
Action start 21:49:01: LaunchConditions.
Action ended 21:49:01: LaunchConditions. Return value 1.
Action start 21:49:01: ValidateProductID.
Action ended 21:49:01: ValidateProductID. Return value 1.
Action start 21:49:01: CostInitialize.
Action ended 21:49:01: CostInitialize. Return value 1.
Action start 21:49:01: FileCost.
Action ended 21:49:01: FileCost. Return value 1.
Action start 21:49:01: CostFinalize.
Action ended 21:49:01: CostFinalize. Return value 1.
Action start 21:49:01: InstallValidate.
Action ended 21:49:01: InstallValidate. Return value 1.
Action start 21:49:01: SetARPINSTALLLOCATION.
Action ended 21:49:01: SetARPINSTALLLOCATION. Return value 1.
Action start 21:49:01: InstallInitialize.
Action ended 21:49:01: InstallInitialize. Return value 1.
Action start 21:49:01: RemoveExistingProducts.
Action ended 21:49:01: RemoveExistingProducts. Return value 1.
Action start 21:49:01: ProcessComponents.
Action ended 21:49:01: ProcessComponents. Return value 1.
Action start 21:49:01: UnpublishFeatures.
Action ended 21:49:01: UnpublishFeatures. Return value 1.
Action start 21:49:01: StopServices.
Action ended 21:49:01: StopServices. Return value 1.
Action start 21:49:01: DeleteServices.
Action ended 21:49:01: DeleteServices. Return value 1.
Action start 21:49:01: RemoveRegistryValues.
Action ended 21:49:01: RemoveRegistryValues. Return value 1.
Action start 21:49:01: RemoveShortcuts.
Action ended 21:49:01: RemoveShortcuts. Return value 1.
Action start 21:49:01: RemoveFiles.
Action ended 21:49:01: RemoveFiles. Return value 1.
Action start 21:49:02: InstallFiles.
Action ended 21:49:02: InstallFiles. Return value 1.
Action start 21:49:02: CreateShortcuts.
Action ended 21:49:02: CreateShortcuts. Return value 1.
Action start 21:49:02: WriteRegistryValues.
Action ended 21:49:02: WriteRegistryValues. Return value 1.
Action start 21:49:02: InstallServices.
Action ended 21:49:02: InstallServices. Return value 1.
Action start 21:49:02: MsiConfigureServices.
Action ended 21:49:02: MsiConfigureServices. Return value 1.
Action start 21:49:02: StartServices.
Action ended 21:49:02: StartServices. Return value 1.
Action start 21:49:02: RegisterUser.
Action ended 21:49:02: RegisterUser. Return value 1.
Action start 21:49:02: RegisterProduct.
Action ended 21:49:02: RegisterProduct. Return value 1.
Action start 21:49:02: PublishFeatures.
Action ended 21:49:02: PublishFeatures. Return value 1.
Action start 21:49:02: PublishProduct.
Action ended 21:49:02: PublishProduct. Return value 1.
Action start 21:49:02: InstallFinalize.
Action ended 21:49:14: InstallFinalize. Return value 1.
Action ended 21:49:14: INSTALL. Return value 1.
Property(S): UpgradeCode = {A42D814D-EACD-4EAD-B65C-06B61B817725}
Property(S): NETFRAMEWORK45 = #379893
Property(S): INSTALLLOCATION = C:\Program Files (x86)\Dell Update\
Property(S): LocalizationEnglish = C:\Program Files (x86)\Dell Update\en\
Property(S): LocalizationSpanish = C:\Program Files (x86)\Dell Update\es\
Property(S): LocalizationFrench = C:\Program Files (x86)\Dell Update\fr\
Property(S): LocalizationPortuguese = C:\Program Files (x86)\Dell Update\pt\
Property(S): LocalizationDutch = C:\Program Files (x86)\Dell Update\nl\
Property(S): LocalizationGerman = C:\Program Files (x86)\Dell Update\de\
Property(S): LocalizationKorean = C:\Program Files (x86)\Dell Update\ko\
Property(S): LocalizationJapanese = C:\Program Files (x86)\Dell Update\ja\
Property(S): LocalizationDanish = C:\Program Files (x86)\Dell Update\da\
Property(S): LocalizationFinnish = C:\Program Files (x86)\Dell Update\fi\
Property(S): LocalizationItalian = C:\Program Files (x86)\Dell Update\it\
Property(S): LocalizationNorwegian = C:\Program Files (x86)\Dell Update\no\
Property(S): LocalizationSwedish = C:\Program Files (x86)\Dell Update\sv\
Property(S): LocalizationChineseChina = C:\Program Files (x86)\Dell Update\zh-cn\
Property(S): LocalizationChineseHongKong = C:\Program Files (x86)\Dell Update\zh-hk\
Property(S): LocalizationChineseTaiwan = C:\Program Files (x86)\Dell Update\zh-tw\
Property(S): LocalizationPolish = C:\Program Files (x86)\Dell Update\pl\
Property(S): LocalizationArabic = C:\Program Files (x86)\Dell Update\ar\
Property(S): LocalizationCzech = C:\Program Files (x86)\Dell Update\cs\
Property(S): LocalizationGreek = C:\Program Files (x86)\Dell Update\el\
Property(S): LocalizationHebrew = C:\Program Files (x86)\Dell Update\he\
Property(S): LocalizationCroatian = C:\Program Files (x86)\Dell Update\hr\
Property(S): LocalizationHungarian = C:\Program Files (x86)\Dell Update\hu\
Property(S): LocalizationIberianPortuguese = C:\Program Files (x86)\Dell Update\pt-pt\
Property(S): LocalizationRomanian = C:\Program Files (x86)\Dell Update\ro\
Property(S): LocalizationRussian = C:\Program Files (x86)\Dell Update\ru\
Property(S): LocalizationSlovak = C:\Program Files (x86)\Dell Update\sk\
Property(S): LocalizationSlovenian = C:\Program Files (x86)\Dell Update\sl\
Property(S): LocalizationTurkish = C:\Program Files (x86)\Dell Update\tr\
Property(S): ApplicationProgramsFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\
Property(S): ARPINSTALLLOCATION = C:\Program Files (x86)\Dell Update\
Property(S): ProgramMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
Property(S): TARGETDIR = C:\
Property(S): ProgramFilesFolder = C:\Program Files (x86)\
Property(S): SourceDir = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\
Property(S): VersionNT = 601
Property(S): ALLUSERS = 1
Property(S): MSIFASTINSTALL = 3
Property(S): WINDOWS_SERVICE_DISPLAY_NAME = Dell Update Service
Property(S): FACTORY_INSTALL = 0
Property(S): ARPPRODUCTICON = dnd.ico
Property(S): ARPHELPLINK = hxxp://dell.com/support
Property(S): ARPCOMMENTS = Downloads and installs updates for your Dell device  (Release Version 1.4.2000.0)
Property(S): Manufacturer = Dell Inc.
Property(S): ProductCode = {C87ADBDA-EF36-4A53-B05C-DBCD98D3A2CA}
Property(S): ProductLanguage = 1033
Property(S): ProductName = Dell Update
Property(S): ProductVersion = 1.4.2000.0
Property(S): SecureCustomProperties = FACTORY_INSTALL;NETFRAMEWORK45;NEWERPRODUCTFOUND;UPGRADEFOUND
Property(S): MsiLogFileLocation = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DUPB863.tmp
Property(S): PackageCode = {C9F21F66-8013-42EB-B9BB-D11950E111D0}
Property(S): ProductState = -1
Property(S): PackagecodeChanging = 1
Property(S): CURRENTDIRECTORY = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07
Property(S): CLIENTUILEVEL = 0
Property(S): CLIENTPROCESSID = 6552
Property(S): USERNAME = Nadine Dvorak
Property(S): VersionDatabase = 200
Property(S): ROOTDRIVE = C:\
Property(S): EXECUTEACTION = INSTALL
Property(S): ACTION = INSTALL
Property(S): INSTALLLEVEL = 1
Property(S): SECONDSEQUENCE = 1
Property(S): ADDLOCAL = MainFeature
Property(S): VersionMsi = 5.00
Property(S): VersionNT64 = 601
Property(S): WindowsBuild = 7601
Property(S): ServicePackLevel = 1
Property(S): ServicePackLevelMinor = 0
Property(S): MsiNTProductType = 1
Property(S): MsiNTSuitePersonal = 1
Property(S): WindowsFolder = C:\Windows\
Property(S): WindowsVolume = C:\
Property(S): System64Folder = C:\Windows\system32\
Property(S): SystemFolder = C:\Windows\SysWOW64\
Property(S): RemoteAdminTS = 1
Property(S): TempFolder = C:\Users\NADINE~1\AppData\Local\Temp\
Property(S): CommonFilesFolder = C:\Program Files (x86)\Common Files\
Property(S): ProgramFiles64Folder = C:\Program Files\
Property(S): CommonFiles64Folder = C:\Program Files\Common Files\
Property(S): AppDataFolder = C:\Users\Nadine Dvorak\AppData\Roaming\
Property(S): FavoritesFolder = C:\Users\Nadine Dvorak\Favorites\
Property(S): NetHoodFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Network Shortcuts\
Property(S): PersonalFolder = C:\Users\Nadine Dvorak\Documents\
Property(S): PrintHoodFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\
Property(S): RecentFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Recent\
Property(S): SendToFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\SendTo\
Property(S): TemplateFolder = C:\ProgramData\Microsoft\Windows\Templates\
Property(S): CommonAppDataFolder = C:\ProgramData\
Property(S): LocalAppDataFolder = C:\Users\Nadine Dvorak\AppData\Local\
Property(S): MyPicturesFolder = C:\Users\Nadine Dvorak\Pictures\
Property(S): AdminToolsFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\
Property(S): StartupFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Property(S): StartMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\
Property(S): DesktopFolder = C:\Users\Public\Desktop\
Property(S): FontsFolder = C:\Windows\Fonts\
Property(S): GPTSupport = 1
Property(S): OLEAdvtSupport = 1
Property(S): ShellAdvtSupport = 1
Property(S): MsiAMD64 = 6
Property(S): Msix64 = 6
Property(S): Intel = 6
Property(S): PhysicalMemory = 2999
Property(S): VirtualMemory = 3509
Property(S): AdminUser = 1
Property(S): MsiTrueAdminUser = 1
Property(S): LogonUser = Nadine Dvorak
Property(S): UserSID = S-1-5-21-4212112752-3989366140-1034592079-1000
Property(S): UserLanguageID = 1031
Property(S): ComputerName = DELL
Property(S): SystemLanguageID = 1031
Property(S): ScreenX = 1024
Property(S): ScreenY = 768
Property(S): CaptionHeight = 22
Property(S): BorderTop = 1
Property(S): BorderSide = 1
Property(S): TextHeight = 16
Property(S): TextInternalLeading = 3
Property(S): ColorBits = 32
Property(S): TTCSupport = 1
Property(S): Time = 21:49:14
Property(S): Date = 10.04.2015
Property(S): MsiNetAssemblySupport = 4.0.30319.34209
Property(S): MsiWin32AssemblySupport = 6.1.7601.17777
Property(S): RedirectedDllSupport = 2
Property(S): MsiRunningElevated = 1
Property(S): Privileged = 1
Property(S): DATABASE = C:\Windows\Installer\14c3c1d5.msi
Property(S): OriginalDatabase = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DellUpdate.1.4.2000.0.msi
Property(S): UILevel = 5
Property(S): Preselected = 1
Property(S): CostingComplete = 1
Property(S): OutOfDiskSpace = 0
Property(S): OutOfNoRbDiskSpace = 0
Property(S): PrimaryVolumeSpaceAvailable = 0
Property(S): PrimaryVolumeSpaceRequired = 0
Property(S): PrimaryVolumeSpaceRemaining = 0
Property(S): SOURCEDIR = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\
Property(S): SourcedirProduct = {C87ADBDA-EF36-4A53-B05C-DBCD98D3A2CA}
Property(S): ProductToBeRegistered = 1
Action ended 21:49:15: ExecuteAction. Return value 1.
Action ended 21:49:15: INSTALL. Return value 1.
Property(C): UpgradeCode = {A42D814D-EACD-4EAD-B65C-06B61B817725}
Property(C): NETFRAMEWORK45 = #379893
Property(C): INSTALLLOCATION = C:\Program Files (x86)\Dell Update\
Property(C): LocalizationEnglish = C:\Program Files (x86)\Dell Update\en\
Property(C): LocalizationSpanish = C:\Program Files (x86)\Dell Update\es\
Property(C): LocalizationFrench = C:\Program Files (x86)\Dell Update\fr\
Property(C): LocalizationPortuguese = C:\Program Files (x86)\Dell Update\pt\
Property(C): LocalizationDutch = C:\Program Files (x86)\Dell Update\nl\
Property(C): LocalizationGerman = C:\Program Files (x86)\Dell Update\de\
Property(C): LocalizationKorean = C:\Program Files (x86)\Dell Update\ko\
Property(C): LocalizationJapanese = C:\Program Files (x86)\Dell Update\ja\
Property(C): LocalizationDanish = C:\Program Files (x86)\Dell Update\da\
Property(C): LocalizationFinnish = C:\Program Files (x86)\Dell Update\fi\
Property(C): LocalizationItalian = C:\Program Files (x86)\Dell Update\it\
Property(C): LocalizationNorwegian = C:\Program Files (x86)\Dell Update\no\
Property(C): LocalizationSwedish = C:\Program Files (x86)\Dell Update\sv\
Property(C): LocalizationChineseChina = C:\Program Files (x86)\Dell Update\zh-cn\
Property(C): LocalizationChineseHongKong = C:\Program Files (x86)\Dell Update\zh-hk\
Property(C): LocalizationChineseTaiwan = C:\Program Files (x86)\Dell Update\zh-tw\
Property(C): LocalizationPolish = C:\Program Files (x86)\Dell Update\pl\
Property(C): LocalizationArabic = C:\Program Files (x86)\Dell Update\ar\
Property(C): LocalizationCzech = C:\Program Files (x86)\Dell Update\cs\
Property(C): LocalizationGreek = C:\Program Files (x86)\Dell Update\el\
Property(C): LocalizationHebrew = C:\Program Files (x86)\Dell Update\he\
Property(C): LocalizationCroatian = C:\Program Files (x86)\Dell Update\hr\
Property(C): LocalizationHungarian = C:\Program Files (x86)\Dell Update\hu\
Property(C): LocalizationIberianPortuguese = C:\Program Files (x86)\Dell Update\pt-pt\
Property(C): LocalizationRomanian = C:\Program Files (x86)\Dell Update\ro\
Property(C): LocalizationRussian = C:\Program Files (x86)\Dell Update\ru\
Property(C): LocalizationSlovak = C:\Program Files (x86)\Dell Update\sk\
Property(C): LocalizationSlovenian = C:\Program Files (x86)\Dell Update\sl\
Property(C): LocalizationTurkish = C:\Program Files (x86)\Dell Update\tr\
Property(C): ApplicationProgramsFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\
Property(C): ProgramMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
Property(C): TARGETDIR = C:\
Property(C): ProgramFilesFolder = C:\Program Files (x86)\
Property(C): SourceDir = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\
Property(C): VersionNT = 601
Property(C): ALLUSERS = 1
Property(C): MSIFASTINSTALL = 3
Property(C): WINDOWS_SERVICE_DISPLAY_NAME = Dell Update Service
Property(C): FACTORY_INSTALL = 0
Property(C): ARPPRODUCTICON = dnd.ico
Property(C): ARPHELPLINK = hxxp://dell.com/support
Property(C): ARPCOMMENTS = Downloads and installs updates for your Dell device  (Release Version 1.4.2000.0)
Property(C): Manufacturer = Dell Inc.
Property(C): ProductCode = {C87ADBDA-EF36-4A53-B05C-DBCD98D3A2CA}
Property(C): ProductLanguage = 1033
Property(C): ProductName = Dell Update
Property(C): ProductVersion = 1.4.2000.0
Property(C): SecureCustomProperties = FACTORY_INSTALL;NETFRAMEWORK45;NEWERPRODUCTFOUND;UPGRADEFOUND
Property(C): MsiLogFileLocation = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DUPB863.tmp
Property(C): PackageCode = {C9F21F66-8013-42EB-B9BB-D11950E111D0}
Property(C): ProductState = -1
Property(C): PackagecodeChanging = 1
Property(C): CURRENTDIRECTORY = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07
Property(C): CLIENTUILEVEL = 0
Property(C): CLIENTPROCESSID = 6552
Property(C): VersionDatabase = 200
Property(C): VersionMsi = 5.00
Property(C): VersionNT64 = 601
Property(C): WindowsBuild = 7601
Property(C): ServicePackLevel = 1
Property(C): ServicePackLevelMinor = 0
Property(C): MsiNTProductType = 1
Property(C): MsiNTSuitePersonal = 1
Property(C): WindowsFolder = C:\Windows\
Property(C): WindowsVolume = C:\
Property(C): System64Folder = C:\Windows\system32\
Property(C): SystemFolder = C:\Windows\SysWOW64\
Property(C): RemoteAdminTS = 1
Property(C): TempFolder = C:\Users\NADINE~1\AppData\Local\Temp\
Property(C): CommonFilesFolder = C:\Program Files (x86)\Common Files\
Property(C): ProgramFiles64Folder = C:\Program Files\
Property(C): CommonFiles64Folder = C:\Program Files\Common Files\
Property(C): AppDataFolder = C:\Users\Nadine Dvorak\AppData\Roaming\
Property(C): FavoritesFolder = C:\Users\Nadine Dvorak\Favorites\
Property(C): NetHoodFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Network Shortcuts\
Property(C): PersonalFolder = C:\Users\Nadine Dvorak\Documents\
Property(C): PrintHoodFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\
Property(C): RecentFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\Recent\
Property(C): SendToFolder = C:\Users\Nadine Dvorak\AppData\Roaming\Microsoft\Windows\SendTo\
Property(C): TemplateFolder = C:\ProgramData\Microsoft\Windows\Templates\
Property(C): CommonAppDataFolder = C:\ProgramData\
Property(C): LocalAppDataFolder = C:\Users\Nadine Dvorak\AppData\Local\
Property(C): MyPicturesFolder = C:\Users\Nadine Dvorak\Pictures\
Property(C): AdminToolsFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\
Property(C): StartupFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Property(C): StartMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\
Property(C): DesktopFolder = C:\Users\Public\Desktop\
Property(C): FontsFolder = C:\Windows\Fonts\
Property(C): GPTSupport = 1
Property(C): OLEAdvtSupport = 1
Property(C): ShellAdvtSupport = 1
Property(C): MsiAMD64 = 6
Property(C): Msix64 = 6
Property(C): Intel = 6
Property(C): PhysicalMemory = 2999
Property(C): VirtualMemory = 3512
Property(C): AdminUser = 1
Property(C): MsiTrueAdminUser = 1
Property(C): LogonUser = Nadine Dvorak
Property(C): UserSID = S-1-5-21-4212112752-3989366140-1034592079-1000
Property(C): UserLanguageID = 1031
Property(C): ComputerName = DELL
Property(C): SystemLanguageID = 1031
Property(C): ScreenX = 1366
Property(C): ScreenY = 768
Property(C): CaptionHeight = 22
Property(C): BorderTop = 1
Property(C): BorderSide = 1
Property(C): TextHeight = 16
Property(C): TextInternalLeading = 3
Property(C): ColorBits = 32
Property(C): TTCSupport = 1
Property(C): Time = 21:49:15
Property(C): Date = 10.04.2015
Property(C): MsiNetAssemblySupport = 4.0.30319.34209
Property(C): MsiWin32AssemblySupport = 6.1.7601.17777
Property(C): RedirectedDllSupport = 2
Property(C): MsiRunningElevated = 1
Property(C): Privileged = 1
Property(C): USERNAME = Nadine Dvorak
Property(C): DATABASE = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DellUpdate.1.4.2000.0.msi
Property(C): OriginalDatabase = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\DellUpdate.1.4.2000.0.msi
Property(C): SOURCEDIR = C:\ProgramData\dell\drivers\Application_56J82_WN32_1.4.2000.0_A07\
Property(C): VersionHandler = 5.00
Property(C): ROOTDRIVE = C:\
Property(C): EXECUTEACTION = INSTALL
Property(C): ACTION = INSTALL
Property(C): UILevel = 5
Property(C): CostingComplete = 0
Property(C): OutOfDiskSpace = 0
Property(C): OutOfNoRbDiskSpace = 0
Property(C): PrimaryVolumeSpaceAvailable = 0
Property(C): PrimaryVolumeSpaceRequired = 0
Property(C): PrimaryVolumeSpaceRemaining = 0
Property(C): INSTALLLEVEL = 1
=== Logging stopped: 10.04.2015  21:49:15 ===
MSI (c) (98:88) [21:49:15:121]: Product: Dell Update -- Installation completed successfully.

MSI (c) (98:88) [21:49:15:122]: Windows Installer installed the product. Product Name: Dell Update. Product Version: 1.4.2000.0. Product Language: 1033. Manufacturer: Dell Inc.. Installation success or error status: 0.


[04/10/15 21:49:15]	
--- End of Vendor Software Log ---

[04/10/15 21:49:15]	Vendor Software Return Code: 0
[04/10/15 21:49:16]	logo.png
[04/10/15 21:49:16]	Name of Exit Code: SUCCESS
[04/10/15 21:49:16]	Exit Code set to: 0 (0x0)
[04/10/15 21:49:16]	Result: SUCCESS
[04/10/15 21:49:27]	logo.png
[04/10/15 21:49:53]	Open file: C:\ProgramData\Dell\UpdatePackage\Log\Application_56J82_WN32_1.4.2000.0_A07.txt
Viele Grüße
Maja

Alt 11.04.2015, 07:40   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Wie läuft der Rechner aktuell?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.04.2015, 15:07   #13
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo Schrauber,

aktuell läuft der PC normal, sprich bis auf meine üblichen Firefox-Probleme gut. Allerdings lief er auch ok zwischen den zwei Abstürzen neulich. Nun ja, ich vermute, ich kann nur abwarten und hoffen, dass nichts mehr passiert...
Wenn er wieder abstürzen sollte, was soll ich dann tun? Vor allem mit dieser Systemwiederherstellung bin ich wirklich beunruhigt, weil ich die Auswirkungen nicht genau kenne, sprich Angst habe, dass danach Daten nicht mehr gespeichert sind... Ein großes Problem habe ich nämlich seit dem 2. Absturz, sprich seitdem funktioniert meine Datensicherung via Allway Sync nicht mehr, die ich zuvor alle paar Wochen gemacht habe. Erst habe ich eine Meldung bekommen, ich habe das übliche Volumen überschritten und müsste die Software kostenpflichtig erwerben (das kann nicht sein, sprich die Software war wohl aufgrund der Systemwiederherstellung "verwirrt"). Jetzt, 2 Wochen später, habe ich es wieder versucht und bekomme die Fehlermeldung, "Fehler beim API-Aufruf, Das Gerät ist nicht bereit.(80070015)".

Viele Grüße
Maja

Alt 12.04.2015, 07:28   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Bei einer Systemwiederherstellung gehen immer Daten flöten. Deshalb sollte man die nur machen wenn es unbedingt nötig ist und Backups vorhanden sind.

Beim nächsten Absturz kann man nur schauen ob der Minidump des Bluescreens nochmal mehr Auskunft liefert.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.04.2015, 10:57   #15
MajaDELL
 
Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Standard

Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen



Hallo Schrauber,

dann bedanke ich mich an dieser Stelle ganz herzlich für die Unterstützung!
Nur noch zwei Fragen zum Schluss:
1. Was genau sollte ich machen, wenn der PC wieder abstürzt und ich diesen blauen Bildschirm vor mir habe? Ich habe, wie in Eurer Anleitung beschrieben, das Häkchen in der Systemsteuerung betr. automatischen Neustart rausgenommen.
2. Du meinst doch mit Backup die Datensicherung meiner persönlichen Dateien? Oder meinst Du, dass ich betr. Windows noch irgendwas regelmäßig machen muss, wovon ich keine Ahnung habe?

Viele Grüße
Maja

Antwort

Themen zu Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen
aktualisierung, anderes, bildschirm, eingefangen, erfolgreich, ergebnis, fehlercode, files, folge, folgende, gestartet, installiert, komplett, kurze, meldung, microsoft, neu, neue, neuen, schwarz, starten, systemwiederherstellung, treiber, windows, windows 7



Ähnliche Themen: Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen


  1. Bundeskriminalamt-Virus innerhalb der Sandiebox
    Plagegeister aller Art und deren Bekämpfung - 09.07.2015 (13)
  2. Windows 8 - seit 2 Tagen reagiert Maus und Touchpad zeitverzögert / ruckelt
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (15)
  3. Windows 7: Laptop seit wenigen Tagen extrem langsam
    Log-Analyse und Auswertung - 26.04.2014 (3)
  4. HILFE!!! Vor zwei Tagen einen GFU Trojaner auf Windows 8 sony vaio eingefangen. nichts geht mehr!!!
    Log-Analyse und Auswertung - 03.08.2013 (9)
  5. JS/BlacoleRef.CZ.19 in Browsercache innerhalb Sandbox
    Log-Analyse und Auswertung - 31.05.2013 (12)
  6. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  7. TR/ATRAPS.Gen2 seit zwei Tagen auf dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (21)
  8. hunderte Mails von MAILER-DAEMON@mailout-de.gmx.net in zwei tagen im Posteingang
    Plagegeister aller Art und deren Bekämpfung - 06.11.2012 (1)
  9. Windows security center meldung verlangt 100 euro innerhalb von 24 h ...
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (1)
  10. Windows Security-Drohung - Zahlung innerhalb 24 Stunden oder Platte wird gelöscht
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (63)
  11. Windows Vista - CPU seit 2-3 Tagen fast nur noch auf 100%
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (3)
  12. Boot-Reihenfolge innerhalb von Windows ändern?
    Alles rund um Windows - 21.06.2010 (1)
  13. ZoneAlarmFirewall - 25Warnungen innerhalb 10min.
    Antiviren-, Firewall- und andere Schutzprogramme - 29.07.2009 (7)
  14. 2 Mal geahckt innerhalb von 2 Tagen???
    Plagegeister aller Art und deren Bekämpfung - 26.08.2008 (8)
  15. Probleme mit den zwei Benützer im Windows
    Alles rund um Windows - 14.08.2005 (4)
  16. Neuinstalliert, nach zwei Tagen wieder was drauf
    Plagegeister aller Art und deren Bekämpfung - 10.02.2005 (2)

Zum Thema Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen - Hallo! Ich habe ein Dell-Laptop (Modell Vostro), welches nach Software-Problemen Ende Dez. 2014 komplett neu aufgesetzt wurde (Windows 7 neu installiert und konfiguriert nach Microsoft Vorgaben, Aktualisierung der Treiber). Seitdem - Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen...
Archiv
Du betrachtest: Zwei Windows 7-Totalabstürze innerhalb von 14 Tagen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.