| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.06.2015, 22:09
| #1 |
| |  Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? Hallo, habe diesen Beitrag aus Versehen zunächst unter "Lob, Kritik und Wünsche" gepostet.  Sorry! Jetzt nochmal am richtigen Platz! Habe ein totaler geistiger Umnachtung und in Erwartung eines DHL Paketes eine angebliche DHL Mail geöffnet und ein pdf dort angeklickt/runtergelanden. Hierbei war ein aktualisierter Virenscanner (F-secure) aktiv. Es gab ein kurzes Pop-Up mit der Aussage, dass eine Datei mit Namen xyz.Trojan32.xyz (den genauen Filenamen kann ich leider nicht reproduzieren und er findet sich auch nicht mehr über Suchfunktion unter Windows) erkannt wurde. Leider hab ich die Email auch gelöscht... Habe daraufhin unter F-secure gesucht, dort war aber keine solche Datei in Quarantäne oder sonstwie zu finden. Ein kompletter Systemscan incl. Suche nach Rootkits mit F-secure ergab keine Funde. Symptome wie Verlangsamung des Systems, Abstürze, Fehlermeldungen etc. bemerke ich bisher überhaupt nicht. Wie man unschwer erkennt, bin ich nicht gerade ein PC Guru und wäre euch für Hilfe extrem dankbar. Mich interessiert natürlich besonders ob eine Infektion mit Viren/Trojanern vorliegt und was ggf. zu tun wäre. Herzlichen Dank für eure Mühe! Und hier sind die gewünschten Logfiles, allerdings habe ich das sehr lange (und daher gezippte) GMER logfile zunächst weggelassen. defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:01 on 08/06/2015 *****
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by ***** (administrator) on *****-ARLT on 08-06-2015 20:34:48
Running from C:\Users\*****\Downloads
Loaded Profiles: ***** (Available Profiles: *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
() E:\Program Files (x86)\steuer2013\mshaktuell.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CHIP) C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [12288 2012-04-19] ()
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [306032 2015-03-16] (F-Secure Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2510784 2015-05-23] ()
HKLM-x32\...\Run: [F-Secure Hoster (6661000)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-04-02] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-942739605-3385505395-2671100095-1000\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-21] ()
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-11-22]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\Program Files (x86)\steuer2013\mshaktuell.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-942739605-3385505395-2671100095-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-04-15] (F-Secure Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-04-15] (F-Secure Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-23] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.198 80.69.100.206
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: ixquick.de
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-23] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default\searchplugins\google-images.xml [2014-07-31]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default\searchplugins\google-maps.xml [2014-07-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-23]
FF Extension: AVG Security Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default\Extensions\avg@toolbar [2015-03-08]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{c221abfe-5478-4975-96e9-196fdedf5863}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-10-09]
FF HKU\S-1-5-21-942739605-3385505395-2671100095-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\lkeg0ufb.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-04-02] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [215920 2015-03-16] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-10] (F-Secure Corporation)
R2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-23] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adp3132; C:\Windows\system32\drivers\adp3132.sys [385072 2010-01-28] (Adaptec, Inc.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-06-13] (Etron Technology Inc)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-05-01] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-05-26] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-06-24] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [26072 2012-10-18] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [652760 2012-10-18] (Intel Corporation)
S3 ISASerial; C:\Windows\system32\drivers\ISASerial.sys [72192 2008-02-20] (Windows (R) Codename Longhorn DDK provider)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [46568 2013-02-14] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
S3 MtsHID; C:\Windows\system32\drivers\MtsHID.sys [27664 2009-07-15] (TechniSat Provide)
S3 nvamacpi; C:\Windows\system32\drivers\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-05] (OCZ Technology Group, Inc.)
S1 oxpar; C:\Windows\system32\drivers\oxpar.sys [158208 2007-01-24] (OEM)
S3 OxPPort; C:\Windows\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [72192 2008-05-22] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [95744 2008-05-22] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [126464 2008-05-22] ()
S3 PPorts; C:\Windows\system32\drivers\PPorts.sys [95744 2008-02-20] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
S3 SPorts; C:\Windows\system32\drivers\SPorts.sys [124416 2008-02-20] ()
S3 StnPport; C:\Windows\system32\drivers\StnPport.sys [97280 2009-12-17] ()
S3 StnSport; C:\Windows\system32\drivers\StnSport.sys [126464 2009-11-14] ()
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
S3 NmPar; \SystemRoot\system32\drivers\NmPar.sys [X]
S3 nmserial; \SystemRoot\system32\drivers\nmserial.sys [X]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [X]
S3 oxser; \SystemRoot\system32\drivers\oxser.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 20:34 - 2015-06-08 20:35 - 00015107 _____ C:\Users\*****\Downloads\FRST.txt
2015-06-08 20:33 - 2015-06-08 20:34 - 00000000 ____D C:\FRST
2015-06-08 20:32 - 2015-06-08 20:32 - 02108928 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-06-07 17:47 - 2015-06-07 17:47 - 00000000 ____D C:\Users\*****\AppData\Local\F-Secure
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Apple Computer
2015-06-04 16:36 - 2015-06-04 16:36 - 00000000 ____D C:\Users\*****\AppData\Local\Apple Computer
2015-06-04 16:23 - 2015-06-04 16:23 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-06-04 16:23 - 2015-06-04 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-06-04 16:23 - 2015-06-04 16:23 - 00000000 ____D C:\ProgramData\Apple Computer
2015-06-04 16:23 - 2015-06-04 16:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-06-04 16:21 - 2015-06-04 16:21 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-06-04 16:21 - 2015-06-04 16:21 - 00000000 ____D C:\Users\*****\AppData\Local\Apple
2015-06-04 16:21 - 2015-06-04 16:21 - 00000000 ____D C:\ProgramData\Apple
2015-06-04 16:21 - 2015-06-04 16:21 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-06-04 16:20 - 2015-06-04 16:20 - 42096984 _____ (Apple Inc.) C:\Users\*****\Downloads\QuickTimeInstaller.exe
2015-05-23 01:14 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 01:14 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 21:08 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-22 21:08 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-22 21:08 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-22 21:08 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-22 21:08 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-22 21:08 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-22 21:08 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-22 21:08 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-22 21:08 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-22 21:08 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-22 21:08 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-22 21:08 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-22 21:08 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-22 21:08 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-22 21:08 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-22 21:08 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-22 21:08 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-22 21:08 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-22 21:08 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-22 21:08 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-22 21:08 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-22 21:08 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-22 21:08 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-22 21:08 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-22 21:08 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-22 21:08 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-22 21:08 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-22 21:08 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-22 21:08 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-22 21:08 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-22 21:08 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-22 21:08 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-22 21:08 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-22 21:08 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-22 21:08 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-22 21:08 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-22 21:08 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-22 21:08 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-22 21:08 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-22 21:08 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-22 21:08 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-22 21:08 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-22 21:08 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-22 21:08 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-22 21:08 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-22 21:08 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-22 21:08 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-22 21:08 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-22 21:08 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-22 21:08 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-22 21:08 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-22 21:08 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-22 21:08 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-22 21:08 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-22 21:08 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-22 21:08 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-22 21:08 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-22 21:08 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-22 21:08 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-22 21:08 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-22 21:08 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-22 21:08 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-22 21:08 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-22 21:08 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-22 21:08 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-22 21:08 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-22 21:08 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-22 21:08 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-22 21:08 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-22 21:08 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-22 21:08 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-22 21:08 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-22 21:08 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-22 21:08 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-22 21:08 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-22 21:08 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-22 21:08 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-22 21:08 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-22 21:08 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-22 21:07 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-22 21:07 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-22 21:07 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-22 21:07 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-22 21:07 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-22 21:07 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-22 21:07 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-22 21:07 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-22 21:07 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-22 21:07 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 20:29 - 2014-07-23 19:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-08 20:11 - 2014-07-22 14:04 - 01571291 _____ C:\Windows\WindowsUpdate.log
2015-06-08 20:11 - 2010-11-21 08:50 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-06-08 20:11 - 2010-11-21 08:50 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-06-08 20:11 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-08 20:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 20:07 - 2009-07-14 06:51 - 00066069 _____ C:\Windows\setupact.log
2015-06-07 23:10 - 2009-07-14 06:45 - 00024288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 23:10 - 2009-07-14 06:45 - 00024288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 20:46 - 2014-10-07 21:35 - 00000000 ____D C:\Users\*****\Desktop\Bearbeitete Facharztfragen
2015-06-04 13:04 - 2014-07-22 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-04 13:04 - 2010-11-21 05:47 - 00657104 _____ C:\Windows\PFRO.log
2015-06-03 20:51 - 2014-07-22 23:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-30 17:03 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-05-26 18:40 - 2014-07-22 23:34 - 00055336 _____ C:\Windows\system32\Drivers\fsbts.sys
2015-05-24 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-23 22:30 - 2015-03-08 17:24 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2015-05-23 10:45 - 2014-08-16 17:59 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2015-05-23 10:45 - 2014-07-23 19:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-23 10:45 - 2014-07-23 19:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-23 10:45 - 2014-07-23 19:03 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-23 10:28 - 2009-07-14 06:45 - 00343264 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-23 10:27 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-23 01:19 - 2014-07-22 22:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-23 01:19 - 2014-07-22 22:12 - 00000000 ____D C:\Office14
2015-05-23 01:18 - 2014-07-22 14:46 - 00000000 ____D C:\Windows\system32\MRT
2015-05-23 01:16 - 2014-07-22 14:46 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-23 01:14 - 2014-07-31 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-23 01:13 - 2014-07-31 19:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-23 01:13 - 2014-07-31 19:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 21:09 - 2014-07-27 19:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
==================== Files in the root of some directories =======
2014-07-22 14:26 - 2014-07-22 14:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\cleanup_tool.exe
C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\*****\AppData\Local\Temp\oi_{C5EA8D99-09D0-40CB-B409-21858F59ED65}.exe
C:\Users\*****\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\Samsung_Magician_Setup_v45.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-04 19:47
==================== End of log ============================
Additional [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by ***** at 2015-06-08 20:35:25
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-942739605-3385505395-2671100095-500 - Administrator - Disabled)
Gast (S-1-5-21-942739605-3385505395-2671100095-501 - Limited - Disabled)
***** (S-1-5-21-942739605-3385505395-2671100095-1000 - Administrator - Enabled) => C:\Users\*****
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Antivirus (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AS: Antivirus (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-942739605-3385505395-2671100095-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
Bing Bar (HKLM-x32\...\{0E825A19-67CF-450F-818B-FBD5AF0F29AA}) (Version: 7.1.362.0 - Microsoft Corporation)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.26 - Abelssoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Computer Security 14.132.102.0 (release) (x32 Version: 14.132.102.0 - F-Secure Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 6661000) (Version: 2.33.220.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.33.220.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.61.106.453 (release) (x32 Version: 1.61.106.453 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.03.127 (x32 Version: 1.03.127 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.04.101.0 (release) (x32 Version: 1.04.101.0 - F-Secure Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-942739605-3385505395-2671100095-1000\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Online Safety 2.133.4000.2313 (x32 Version: 2.133.4000.2313 - F-Secure Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-942739605-3385505395-2671100095-1000\...\{80D1E9BC-7E8A-45A9-AAE3-283A1B6EDA2E}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-942739605-3385505395-2671100095-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-942739605-3385505395-2671100095-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-942739605-3385505395-2671100095-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-942739605-3385505395-2671100095-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-942739605-3385505395-2671100095-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
11-06-2014 10:51:10 Windows Update
18-06-2014 19:06:24 Geplanter Prüfpunkt
26-06-2014 22:03:16 Geplanter Prüfpunkt
06-07-2014 11:31:13 Geplanter Prüfpunkt
10-07-2014 22:59:38 Windows Update
15-07-2014 00:34:35 Windows Update
16-07-2014 20:55:47 Wiederherstellungsvorgang
16-07-2014 21:04:11 Windows Update
16-07-2014 23:13:11 Windows Update
23-05-2015 01:12:57 Windows Update
30-05-2015 20:08:34 Geplanter Prüfpunkt
04-06-2015 16:21:30 Installed QuickTime 7
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {097882BD-F771-4610-82D3-08845736D15A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5356219D-A61E-4062-8758-38451FA7C709} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-07-21] (CHIP)
Task: {A2C64545-B0D8-48E0-ABAE-A9ABBC8BF3BF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {CFA2E71E-EAEF-4E9E-BF76-C5E4DF8C5848} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-23] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-23 22:30 - 2015-05-23 22:30 - 00166848 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2014-07-31 19:13 - 2015-04-21 01:37 - 05886784 _____ () C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-11-22 18:57 - 2014-09-18 14:50 - 01428760 _____ () E:\Program Files (x86)\steuer2013\mshaktuell.exe
2015-03-08 17:24 - 2015-05-23 22:30 - 02510784 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2012-05-04 15:40 - 2012-05-04 15:40 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-05-04 15:47 - 2012-05-04 15:47 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-07-30 19:59 - 2014-07-21 20:03 - 00054024 _____ () C:\Program Files (x86)\CHIP Updater\AbSettings.dll
2014-07-30 19:59 - 2014-07-21 20:03 - 01399048 _____ () C:\Program Files (x86)\CHIP Updater\AbGui.dll
2014-07-30 19:59 - 2014-07-21 20:03 - 00020232 _____ () C:\Program Files (x86)\CHIP Updater\AbStartManager.dll
2014-07-30 19:59 - 2014-07-21 20:03 - 00041224 _____ () C:\Program Files (x86)\CHIP Updater\AbApi.dll
2014-07-22 23:34 - 2015-03-16 17:20 - 00045424 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2015-04-02 10:26 - 2015-04-02 10:26 - 00248872 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2015-05-23 22:30 - 2015-05-23 22:30 - 00526784 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2014-07-22 23:37 - 2014-07-22 23:37 - 00030888 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-07-22 23:34 - 2015-04-14 19:50 - 00175144 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Gemini\fsgem.dll
2014-07-22 23:34 - 2015-05-01 00:01 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2014-07-22 23:34 - 2015-04-14 19:50 - 00949288 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 09726232 _____ () E:\Program Files (x86)\steuer2013\wgui14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 00035608 _____ () E:\Program Files (x86)\steuer2013\rsdcom48.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 00309016 _____ () E:\Program Files (x86)\steuer2013\rscorewinapi48.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 00322840 _____ () E:\Program Files (x86)\steuer2013\rsguiwinapi48.dll
2014-11-22 18:53 - 2014-09-18 14:51 - 03902232 _____ () E:\Program Files (x86)\steuer2013\wcore14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 00136472 _____ () E:\Program Files (x86)\steuer2013\rsodbc48.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 02752280 _____ () E:\Program Files (x86)\steuer2013\wfvie14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 02125592 _____ () E:\Program Files (x86)\steuer2013\wsteu14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01933080 _____ () E:\Program Files (x86)\steuer2013\wreli14.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 04325656 _____ () E:\Program Files (x86)\steuer2013\wauff14.dll
2014-11-22 18:54 - 2014-02-11 12:53 - 01043456 _____ () E:\Program Files (x86)\steuer2013\clucene-core.dll
2014-11-22 18:54 - 2014-02-11 12:53 - 00094720 _____ () E:\Program Files (x86)\steuer2013\clucene-shared.dll
2014-11-22 18:54 - 2014-02-11 12:53 - 00250368 _____ () E:\Program Files (x86)\steuer2013\clucene-contribs-lib.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01572632 _____ () E:\Program Files (x86)\steuer2013\wmain14.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 05302040 _____ () E:\Program Files (x86)\steuer2013\wbae114.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 01740568 _____ () E:\Program Files (x86)\steuer2013\wbae214.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 01812248 _____ () E:\Program Files (x86)\steuer2013\wbae314.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 01633560 _____ () E:\Program Files (x86)\steuer2013\wbae414.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01117976 _____ () E:\Program Files (x86)\steuer2013\whau114.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01340696 _____ () E:\Program Files (x86)\steuer2013\whau214.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01312536 _____ () E:\Program Files (x86)\steuer2013\wwerb14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 07357208 _____ () E:\Program Files (x86)\steuer2013\wkont14.dll
2014-11-22 18:54 - 2014-09-18 14:50 - 01287448 _____ () E:\Program Files (x86)\steuer2013\wimp14.dll
2014-11-22 18:53 - 2014-09-18 14:50 - 01331480 _____ () E:\Program Files (x86)\steuer2013\wfabu14.dll
2014-07-22 23:34 - 2015-03-16 17:20 - 00056176 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
2015-05-01 00:00 - 2015-05-01 00:00 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.83_none_b5a04c2d11fb5517\QtMultimediaKit1.dll
2014-07-22 14:21 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-942739605-3385505395-2671100095-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 80.69.100.198 - 80.69.100.206
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8CA23AE8-7B60-49C0-8DFA-CF6D83DA9E21}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D073BDE5-F3C9-4889-95CD-957D18315116}] => (Allow) LPort=2869
FirewallRules: [{C4228207-3E15-4CCE-8EF1-0E959379FE97}] => (Allow) LPort=1900
FirewallRules: [{2055187B-EFA9-46EF-AA4B-5E5EC588CF5B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14CBDA14-F206-4DB2-95AD-B2C5CEC4FFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{747EA726-8A32-4AA9-ABA3-25E32ADAC01B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2015 08:09:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 05:21:27 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1 2015-06-07 17:21:27+02:00 *****-ARLT *****-ARLT\***** F-Secure Anti-Virus
Web Traffic Scanning Alert
Infection: hxxp://carlamascioli.altervista.org/CQdFywGbV/DHL_Report_7858695909.zip
Object name: Trojan:W32/Emotet.B
Action: Malicious content was blocked.
Error: (06/07/2015 10:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2015 09:52:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/04/2015 01:05:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/03/2015 08:52:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2015 06:55:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2015 07:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 00:10:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2015 03:28:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/08/2015 08:25:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/07/2015 06:20:42 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/01/2015 11:02:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/26/2015 01:25:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/23/2015 10:29:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (05/23/2015 01:12:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/12/2015 00:09:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/06/2015 00:03:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (04/27/2015 11:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (04/20/2015 11:37:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Microsoft Office:
=========================
Error: (06/08/2015 08:09:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 05:21:27 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1 2015-06-07 17:21:27+02:00 *****-ARLT *****-ARLT\***** F-Secure Anti-Virus
Web Traffic Scanning Alert
Infection: hxxp://carlamascioli.altervista.org/CQdFywGbV/DHL_Report_7858695909.zip
Object name: Trojan:W32/Emotet.B
Action: Malicious content was blocked.
Error: (06/07/2015 10:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2015 09:52:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/04/2015 01:05:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/03/2015 08:52:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2015 06:55:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2015 07:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 00:10:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2015 03:28:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-07-22 14:16:38.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:16:38.739
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:38.770
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:38.754
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:37.543
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:37.527
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:36.359
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:36.312
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:34.747
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-22 14:15:34.732
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 46%
Total physical RAM: 3838.16 MB
Available physical RAM: 2067.54 MB
Total Pagefile: 4036.35 MB
Available Pagefile: 1760.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:46.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:232.88 GB) (Free:95.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:232.88 GB) (Free:232.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9C56B6B1)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C8C4F0AA)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of log ============================
Geändert von klickklack (08.06.2015 um 22:28 Uhr) |
|
09.06.2015, 05:58
| #2 |
| /// the machine /// TB-Ausbilder    |  Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
09.06.2015, 19:35
| #3 |
| | Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? Hallo Schrauber,
__________________erstmal herzlichen Dank für die schnelle Bearbeitung! Habe den den Scan mit MBAR durchgeführt und anscheinend nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.09.04
rootkit: v2015.06.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
***** :: *****-ARLT [administrator]
09.06.2015 18:23:36
mbar-log-2015-06-09 (18-23-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 354144
Time elapsed: 11 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:05:58.0731 0x0bb4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:06:05.0820 0x0bb4 ============================================================
19:06:05.0820 0x0bb4 Current date / time: 2015/06/09 19:06:05.0820
19:06:05.0820 0x0bb4 SystemInfo:
19:06:05.0820 0x0bb4
19:06:05.0820 0x0bb4 OS Version: 6.1.7601 ServicePack: 1.0
19:06:05.0820 0x0bb4 Product type: Workstation
19:06:05.0820 0x0bb4 ComputerName: *****-ARLT
19:06:05.0820 0x0bb4 UserName: *****
19:06:05.0820 0x0bb4 Windows directory: C:\Windows
19:06:05.0820 0x0bb4 System windows directory: C:\Windows
19:06:05.0820 0x0bb4 Running under WOW64
19:06:05.0820 0x0bb4 Processor architecture: Intel x64
19:06:05.0820 0x0bb4 Number of processors: 2
19:06:05.0820 0x0bb4 Page size: 0x1000
19:06:05.0820 0x0bb4 Boot type: Normal boot
19:06:05.0820 0x0bb4 ============================================================
19:06:05.0875 0x0bb4 KLMD registered as C:\Windows\system32\drivers\56328719.sys
19:06:05.0941 0x0bb4 System UUID: {AD30C7F6-4037-9312-720D-B72C6B33B73F}
19:06:06.0280 0x0bb4 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:06:06.0293 0x0bb4 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:06:06.0316 0x0bb4 ============================================================
19:06:06.0316 0x0bb4 \Device\Harddisk0\DR0:
19:06:06.0316 0x0bb4 MBR partitions:
19:06:06.0316 0x0bb4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
19:06:06.0316 0x0bb4 \Device\Harddisk1\DR1:
19:06:06.0316 0x0bb4 MBR partitions:
19:06:06.0316 0x0bb4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2000
19:06:06.0316 0x0bb4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1C2800, BlocksNum 0x1D1C3000
19:06:06.0316 0x0bb4 ============================================================
19:06:06.0318 0x0bb4 C: <-> \Device\Harddisk0\DR0\Partition1
19:06:06.0322 0x0bb4 E: <-> \Device\Harddisk1\DR1\Partition1
19:06:06.0343 0x0bb4 F: <-> \Device\Harddisk1\DR1\Partition2
19:06:06.0343 0x0bb4 ============================================================
19:06:06.0344 0x0bb4 Initialize success
19:06:06.0344 0x0bb4 ============================================================
19:07:25.0612 0x02a8 ============================================================
19:07:25.0612 0x02a8 Scan started
19:07:25.0612 0x02a8 Mode: Manual;
19:07:25.0612 0x02a8 ============================================================
19:07:25.0612 0x02a8 KSN ping started
19:07:39.0263 0x02a8 KSN ping finished: true
19:07:39.0522 0x02a8 ================ Scan system memory ========================
19:07:39.0522 0x02a8 System memory - ok
19:07:39.0523 0x02a8 ================ Scan services =============================
19:07:39.0595 0x02a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:07:39.0611 0x02a8 1394ohci - ok
19:07:39.0648 0x02a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:07:39.0669 0x02a8 ACPI - ok
19:07:39.0677 0x02a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:07:39.0679 0x02a8 AcpiPmi - ok
19:07:39.0686 0x02a8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:39.0688 0x02a8 AdobeARMservice - ok
19:07:39.0728 0x02a8 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:39.0734 0x02a8 AdobeFlashPlayerUpdateSvc - ok
19:07:39.0765 0x02a8 [ 132190688D8E51D61F88A150D7DF9FB4, 76E1C520CCA50509AD60B7257099855674E4BB8E63CE933A0B53C7A8DCAE55C9 ] adp3132 C:\Windows\system32\drivers\adp3132.sys
19:07:39.0791 0x02a8 adp3132 - ok
19:07:39.0823 0x02a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:07:39.0851 0x02a8 adp94xx - ok
19:07:39.0876 0x02a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:07:39.0896 0x02a8 adpahci - ok
19:07:39.0910 0x02a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:07:39.0921 0x02a8 adpu320 - ok
19:07:39.0933 0x02a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:07:39.0938 0x02a8 AeLookupSvc - ok
19:07:39.0976 0x02a8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:07:40.0008 0x02a8 AFD - ok
19:07:40.0016 0x02a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:07:40.0020 0x02a8 agp440 - ok
19:07:40.0039 0x02a8 [ FD420DB9B94309BCF182F4E8FB022C1D, 3C6C520D5CA222BACA0CE3FBD3804F9DD35100BE69138D1577D2951D17B4684E ] ahcix64s C:\Windows\system32\drivers\ahcix64s.sys
19:07:40.0056 0x02a8 ahcix64s - ok
19:07:40.0066 0x02a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:07:40.0072 0x02a8 ALG - ok
19:07:40.0077 0x02a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:07:40.0079 0x02a8 aliide - ok
19:07:40.0097 0x02a8 [ E7D375BA988D76E7FE175B493A152C0A, 7C4AF44CBE993B7D4125EB82AA569B3CDC27258332423FCCBB0B93A0DAB112FA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:07:40.0111 0x02a8 AMD External Events Utility - ok
19:07:40.0117 0x02a8 AMD FUEL Service - ok
19:07:40.0126 0x02a8 [ AD8D779A1EE0F7F6B11EA4916CC92D65, 61D32502E04642463ED1855EF2EEBDFA72D9151750F7D74410B55587954B729D ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
19:07:40.0132 0x02a8 amdhub30 - ok
19:07:40.0138 0x02a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:07:40.0140 0x02a8 amdide - ok
19:07:40.0146 0x02a8 [ 0DB2DF2B692A3F70443FD14D7920F249, 2B567735CF07D2386E65A17801890C98379322DE08CA2B43CA8C33466552BE92 ] amdide64 C:\Windows\system32\drivers\amdide64.sys
19:07:40.0148 0x02a8 amdide64 - ok
19:07:40.0153 0x02a8 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:07:40.0155 0x02a8 amdiox64 - ok
19:07:40.0164 0x02a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:07:40.0169 0x02a8 AmdK8 - ok
19:07:40.0751 0x02a8 [ 713FB06DE2E3A03587DE208D6B94509F, ADF819CEADC19E5586CFF7A8264CB7FB4C786707169DBB41D29858514C6DFCA7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:07:41.0320 0x02a8 amdkmdag - ok
19:07:41.0361 0x02a8 [ E78DF1BE38F723972ED4EF0DBFD621E0, 603341722D020123812534F2A892A7A5C948032DDA707B71592713F4EA002109 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:07:41.0379 0x02a8 amdkmdap - ok
19:07:41.0386 0x02a8 [ 1C9C3547977DFA31C1A1FD0E8F1C0C11, A89AF945B2B4E8658A5BCAC58A54F84AFA6BC75CA3561E4BA2C0927705F578DA ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
19:07:41.0389 0x02a8 amdkmpfd - ok
19:07:41.0396 0x02a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:07:41.0398 0x02a8 AmdPPM - ok
19:07:41.0410 0x02a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:07:41.0419 0x02a8 amdsata - ok
19:07:41.0435 0x02a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:07:41.0449 0x02a8 amdsbs - ok
19:07:41.0455 0x02a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:07:41.0458 0x02a8 amdxata - ok
19:07:41.0475 0x02a8 [ B9032F3857207F37029375374AC4BE4A, C5FF1374BD0422EF40CF04175DBE9431DD9C8192A2A3A34AEB24C1E60F955F1A ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
19:07:41.0489 0x02a8 amdxhc - ok
19:07:41.0494 0x02a8 [ F9D46B6B322708BD5AFCC8767EBDC901, BD4872A62516D8326D43FD37A8BECEBADB80C51CD79506FD8A2013358710F774 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
19:07:41.0496 0x02a8 amd_sata - ok
19:07:41.0502 0x02a8 [ 329CC9C7E20DEEBCD4CD10816193EF14, FA217536D56EA0BFC783FC29919F529A9AF8E0F7B2A49AA452B218BC6F1E0366 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
19:07:41.0504 0x02a8 amd_xata - ok
19:07:41.0509 0x02a8 [ D7253A1A7A49FA40EF0BA1955AAFB346, 0C84A844F06D414F1A6793C9330B7B1474641B569EFEB5F64F29C0D11E59E631 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:07:41.0512 0x02a8 AODDriver4.1 - ok
19:07:41.0518 0x02a8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
19:07:41.0521 0x02a8 AppID - ok
19:07:41.0525 0x02a8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:07:41.0527 0x02a8 AppIDSvc - ok
19:07:41.0537 0x02a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:07:41.0543 0x02a8 Appinfo - ok
19:07:41.0552 0x02a8 [ D73AAD4946051D074909FDFD34D94C7B, F959C1E63EAFF88C9F15F71607DF1B604981AA75AE3C0D33F6EBBFB452F634CD ] arc C:\Windows\system32\drivers\arc.sys
19:07:41.0558 0x02a8 arc - ok
19:07:41.0567 0x02a8 [ 46E8C3EB03224A1E55C6F0C100A9D2CC, 7CF7A92942117D45345C5324E1ADA5AD77EECF36C4AA63339E676D72D7624F01 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:07:41.0573 0x02a8 arcsas - ok
19:07:41.0581 0x02a8 [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64 C:\Windows\system32\drivers\asahci64.sys
19:07:41.0584 0x02a8 asahci64 - ok
19:07:41.0596 0x02a8 [ 425A881DFFB426660A6861DC44927DD3, 575878CD7B7E2E6DD9D7051D0637C72D5795F863D32EA47B6A0B8A336D520D47 ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
19:07:41.0605 0x02a8 asmthub3 - ok
19:07:41.0633 0x02a8 [ 0B19AE36FAAE5294B19B0AD4E5F2F37E, 654627BCE074752A06CAE501778AE044589E20E9568367F00A66C45E2A00B143 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
19:07:41.0658 0x02a8 asmtxhci - ok
19:07:41.0684 0x02a8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:07:41.0691 0x02a8 aspnet_state - ok
19:07:41.0697 0x02a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:41.0700 0x02a8 AsyncMac - ok
19:07:41.0705 0x02a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:07:41.0708 0x02a8 atapi - ok
19:07:41.0718 0x02a8 [ 24464B908E143D2561E9E452FEE97309, F5A24FEBAD1B1795A075130F7FFDD4EB76C8F1855FA1628A29CAFAF03C1C9183 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:07:41.0722 0x02a8 AtiHDAudioService - ok
19:07:41.0728 0x02a8 [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:07:41.0730 0x02a8 AtiPcie - ok
19:07:41.0753 0x02a8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:07:41.0768 0x02a8 AudioEndpointBuilder - ok
19:07:41.0786 0x02a8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:07:41.0799 0x02a8 AudioSrv - ok
19:07:41.0819 0x02a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:07:41.0825 0x02a8 AxInstSV - ok
19:07:41.0859 0x02a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:07:41.0890 0x02a8 b06bdrv - ok
19:07:41.0912 0x02a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:41.0930 0x02a8 b57nd60a - ok
19:07:41.0947 0x02a8 [ 47480F4260DAE9AA589BCAF924B3767A, 00C46D6714BE9B24682A953F0BC05004AEAC664073E0418DFF5CB9B738281993 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
19:07:41.0960 0x02a8 BBSvc - ok
19:07:41.0976 0x02a8 [ 6BF743CBF3BCD09DAB79245E60E1AE62, AF21BA914790B187ED32FB7A16586E371D803D167EFFC4949047FBAF74A782F3 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
19:07:41.0981 0x02a8 BBUpdate - ok
19:07:41.0991 0x02a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:07:41.0998 0x02a8 BDESVC - ok
19:07:42.0006 0x02a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:07:42.0006 0x02a8 Beep - ok
19:07:42.0042 0x02a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:07:42.0073 0x02a8 BFE - ok
19:07:42.0122 0x02a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:07:42.0168 0x02a8 BITS - ok
19:07:42.0177 0x02a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:07:42.0182 0x02a8 blbdrive - ok
19:07:42.0189 0x02a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:07:42.0194 0x02a8 bowser - ok
19:07:42.0201 0x02a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:07:42.0204 0x02a8 BrFiltLo - ok
19:07:42.0209 0x02a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:07:42.0211 0x02a8 BrFiltUp - ok
19:07:42.0224 0x02a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:07:42.0233 0x02a8 Browser - ok
19:07:42.0253 0x02a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:07:42.0271 0x02a8 Brserid - ok
19:07:42.0279 0x02a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:42.0283 0x02a8 BrSerWdm - ok
19:07:42.0289 0x02a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:42.0291 0x02a8 BrUsbMdm - ok
19:07:42.0298 0x02a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:42.0300 0x02a8 BrUsbSer - ok
19:07:42.0308 0x02a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:07:42.0313 0x02a8 BTHMODEM - ok
19:07:42.0325 0x02a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:07:42.0331 0x02a8 bthserv - ok
19:07:42.0341 0x02a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:07:42.0348 0x02a8 cdfs - ok
19:07:42.0361 0x02a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:07:42.0365 0x02a8 cdrom - ok
19:07:42.0379 0x02a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:07:42.0384 0x02a8 CertPropSvc - ok
19:07:42.0391 0x02a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:07:42.0395 0x02a8 circlass - ok
19:07:42.0408 0x02a8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
19:07:42.0417 0x02a8 CLFS - ok
19:07:42.0426 0x02a8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:42.0429 0x02a8 clr_optimization_v2.0.50727_32 - ok
19:07:42.0442 0x02a8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:07:42.0448 0x02a8 clr_optimization_v2.0.50727_64 - ok
19:07:42.0477 0x02a8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:42.0484 0x02a8 clr_optimization_v4.0.30319_32 - ok
19:07:42.0499 0x02a8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:07:42.0516 0x02a8 clr_optimization_v4.0.30319_64 - ok
19:07:42.0521 0x02a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:07:42.0522 0x02a8 CmBatt - ok
19:07:42.0528 0x02a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:07:42.0531 0x02a8 cmdide - ok
19:07:42.0546 0x02a8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
19:07:42.0557 0x02a8 CNG - ok
19:07:42.0564 0x02a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:07:42.0566 0x02a8 Compbatt - ok
19:07:42.0572 0x02a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:07:42.0575 0x02a8 CompositeBus - ok
19:07:42.0579 0x02a8 COMSysApp - ok
19:07:42.0587 0x02a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:07:42.0589 0x02a8 crcdisk - ok
19:07:42.0600 0x02a8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:07:42.0605 0x02a8 CryptSvc - ok
19:07:42.0635 0x02a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:07:42.0660 0x02a8 DcomLaunch - ok
19:07:42.0683 0x02a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:07:42.0699 0x02a8 defragsvc - ok
19:07:42.0709 0x02a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:07:42.0716 0x02a8 DfsC - ok
19:07:42.0741 0x02a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:07:42.0761 0x02a8 Dhcp - ok
19:07:42.0767 0x02a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:07:42.0770 0x02a8 discache - ok
19:07:42.0778 0x02a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:07:42.0783 0x02a8 Disk - ok
19:07:42.0800 0x02a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:07:42.0812 0x02a8 Dnscache - ok
19:07:42.0833 0x02a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:07:42.0849 0x02a8 dot3svc - ok
19:07:42.0860 0x02a8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:07:42.0867 0x02a8 Dot4 - ok
19:07:42.0873 0x02a8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:07:42.0876 0x02a8 Dot4Print - ok
19:07:42.0882 0x02a8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:07:42.0885 0x02a8 dot4usb - ok
19:07:42.0899 0x02a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:07:42.0911 0x02a8 DPS - ok
19:07:42.0917 0x02a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:07:42.0919 0x02a8 drmkaud - ok
19:07:42.0968 0x02a8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:07:43.0011 0x02a8 DXGKrnl - ok
19:07:43.0023 0x02a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:07:43.0031 0x02a8 EapHost - ok
19:07:43.0215 0x02a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:07:43.0389 0x02a8 ebdrv - ok
19:07:43.0399 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS C:\Windows\System32\lsass.exe
19:07:43.0401 0x02a8 EFS - ok
19:07:43.0445 0x02a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:07:43.0483 0x02a8 ehRecvr - ok
19:07:43.0495 0x02a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:07:43.0502 0x02a8 ehSched - ok
19:07:43.0537 0x02a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:07:43.0570 0x02a8 elxstor - ok
19:07:43.0575 0x02a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:07:43.0577 0x02a8 ErrDev - ok
19:07:43.0587 0x02a8 [ 03CBDC540473AA54D43DF4C7AC5205C4, 9757002E173220D00F41BDA7F5580B5C91A4176E97AB15C05D27D593A2B525EF ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
19:07:43.0590 0x02a8 EtronHub3 - ok
19:07:43.0596 0x02a8 [ 1EDF0CF390B84266FD7FFED38AB7DCAC, E0C34BFC031006195B6943DFEC32963675FBAC2A440F651AF3125ED98381E035 ] EtronSTOR C:\Windows\System32\Drivers\EtronSTOR.sys
19:07:43.0599 0x02a8 EtronSTOR - ok
19:07:43.0610 0x02a8 [ C4505F6B97A55F8D9154866FB621AF9C, 8CE76779DB4726821A4B1724D7F28A5669C8F1F8E56008C3CA5798A405F973B2 ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
19:07:43.0616 0x02a8 EtronXHCI - ok
19:07:43.0648 0x02a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:07:43.0670 0x02a8 EventSystem - ok
19:07:43.0685 0x02a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:07:43.0697 0x02a8 exfat - ok
19:07:43.0712 0x02a8 [ 476F455E9ACD598FD2D82A7F2896F040, 13D4EBAEC9F9259F14EBC4F61DCED6755AB254681B7FD9CBBFABDB1C05DD0726 ] F-Secure Gatekeeper C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
19:07:43.0718 0x02a8 F-Secure Gatekeeper - ok
19:07:43.0724 0x02a8 [ 91E3FB44FD00648B026CE6EE5C5414FB, D77ABFCA24645E992F9D787E2C12369CDDE928BF211F791E2D04CA3EB143D607 ] F-Secure HIPS C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
19:07:43.0726 0x02a8 F-Secure HIPS - ok
19:07:43.0744 0x02a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:07:43.0757 0x02a8 fastfat - ok
19:07:43.0801 0x02a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:07:43.0842 0x02a8 Fax - ok
19:07:43.0848 0x02a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:07:43.0851 0x02a8 fdc - ok
19:07:43.0856 0x02a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:07:43.0858 0x02a8 fdPHost - ok
19:07:43.0864 0x02a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:07:43.0866 0x02a8 FDResPub - ok
19:07:43.0874 0x02a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:07:43.0879 0x02a8 FileInfo - ok
19:07:43.0886 0x02a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:07:43.0889 0x02a8 Filetrace - ok
19:07:43.0895 0x02a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:07:43.0898 0x02a8 flpydisk - ok
19:07:43.0917 0x02a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:07:43.0933 0x02a8 FltMgr - ok
19:07:43.0949 0x02a8 [ 5F3982B51A5DF6F7FF5FD3A4CE0BFF5D, 99F99A96A310B701981B55F287C3685CBBBA3D7B810675C90DD78E4CE4E12180 ] FLxHCIc C:\Windows\system32\drivers\FLxHCIc.sys
19:07:43.0962 0x02a8 FLxHCIc - ok
19:07:43.0973 0x02a8 [ 1ACB3F124140A2EAB5A1E36286E37C0D, C0D00E1BF4D501A1D6DC97B9DE378867C9FDEFF6B4E17054DC1F1EC8F958D4C8 ] FLxHCIh C:\Windows\system32\drivers\FLxHCIh.sys
19:07:43.0979 0x02a8 FLxHCIh - ok
19:07:44.0009 0x02a8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
19:07:44.0035 0x02a8 FontCache - ok
19:07:44.0046 0x02a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:07:44.0047 0x02a8 FontCache3.0.0.0 - ok
19:07:44.0053 0x02a8 [ DDA886136E50D00BFFD202AAE37A55E5, 257794E68DCEB6DC684C9EDACCC2A23062F2EE1D180683DB20AAD89D9B18402B ] fsbts C:\Windows\system32\Drivers\fsbts.sys
19:07:44.0055 0x02a8 fsbts - ok
19:07:44.0062 0x02a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:07:44.0067 0x02a8 FsDepends - ok
19:07:44.0075 0x02a8 [ 1F0E4889955FCED4BE9A07F3107EE86B, CD758AAE4F2008439450F240CCA199EFEAEE4A30B2D709FA885516EDD4D77090 ] fshoster C:\Program Files (x86)\F-Secure\fshoster32.exe
19:07:44.0078 0x02a8 fshoster - ok
19:07:44.0088 0x02a8 [ 2C665BD435A534CF13B7FC188D2516E7, 997E4196BF3B0FE084F6CCBCA90A5647870F7906BCBB32E7C9C6BD14CB16E2B5 ] FSMA C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
19:07:44.0093 0x02a8 FSMA - ok
19:07:44.0100 0x02a8 [ D3B6995B7D1CD9481AA54ECB8B8DF595, 27BAD0724B6ACC41FA677832952277275C5C8D807FFE7058FC5D64F357A4B232 ] fsni C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys
19:07:44.0103 0x02a8 fsni - ok
19:07:44.0108 0x02a8 [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
19:07:44.0110 0x02a8 FSORSPClient - ok
19:07:44.0118 0x02a8 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:07:44.0123 0x02a8 fssfltr - ok
19:07:44.0206 0x02a8 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:07:44.0283 0x02a8 fsssvc - ok
19:07:44.0289 0x02a8 [ BDC821334C7C770ADB21F8C166DE8525, 9C39C83AEF79D480BF62B4EA72646BE80830210103E021CAA17CD6A450588400 ] fsvista C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
19:07:44.0290 0x02a8 fsvista - ok
19:07:44.0296 0x02a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:07:44.0299 0x02a8 Fs_Rec - ok
19:07:44.0315 0x02a8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:07:44.0328 0x02a8 fvevol - ok
19:07:44.0337 0x02a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:07:44.0341 0x02a8 gagp30kx - ok
19:07:44.0395 0x02a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:07:44.0445 0x02a8 gpsvc - ok
19:07:44.0453 0x02a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:07:44.0455 0x02a8 hcw85cir - ok
19:07:44.0480 0x02a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:07:44.0503 0x02a8 HdAudAddService - ok
19:07:44.0515 0x02a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:44.0520 0x02a8 HDAudBus - ok
19:07:44.0529 0x02a8 [ 935758B765D3EE17B622F370DD0C1DE7, 839AF3F76AFB7BAADEB03763233162D1320D56652DCAA3D175397568F8FABD2B ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
19:07:44.0536 0x02a8 HECIx64 - ok
19:07:44.0542 0x02a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:07:44.0545 0x02a8 HidBatt - ok
19:07:44.0555 0x02a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:07:44.0562 0x02a8 HidBth - ok
19:07:44.0569 0x02a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:07:44.0573 0x02a8 HidIr - ok
19:07:44.0579 0x02a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:07:44.0582 0x02a8 hidserv - ok
19:07:44.0589 0x02a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:07:44.0592 0x02a8 HidUsb - ok
19:07:44.0601 0x02a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:07:44.0607 0x02a8 hkmsvc - ok
19:07:44.0624 0x02a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:07:44.0637 0x02a8 HomeGroupListener - ok
19:07:44.0649 0x02a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:07:44.0659 0x02a8 HomeGroupProvider - ok
19:07:44.0669 0x02a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:07:44.0675 0x02a8 HpSAMD - ok
19:07:44.0695 0x02a8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:07:44.0712 0x02a8 HTTP - ok
19:07:44.0718 0x02a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:07:44.0721 0x02a8 hwpolicy - ok
19:07:44.0730 0x02a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:44.0736 0x02a8 i8042prt - ok
19:07:44.0776 0x02a8 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:07:44.0812 0x02a8 iaStor - ok
19:07:44.0856 0x02a8 [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
19:07:44.0896 0x02a8 iaStorA - ok
19:07:44.0903 0x02a8 [ 8794865C23E2CCF267CB4FA3AE14D345, AA309946D13C9B68CD82FF159AF621754EDEF92B7A723A338D89BEBCBF6F5B48 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
19:07:44.0905 0x02a8 iaStorF - ok
19:07:44.0945 0x02a8 [ BF97F6FA8A129741F6FDFC19BD21427F, E5E80F13E6ED48E43F17200C8206D23CB6FE7C1E7C22CAA7C1E890E9D7524A45 ] iaStorS C:\Windows\system32\drivers\iaStorS.sys
19:07:44.0985 0x02a8 iaStorS - ok
19:07:45.0013 0x02a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:07:45.0037 0x02a8 iaStorV - ok
19:07:45.0068 0x02a8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:07:45.0098 0x02a8 idsvc - ok
19:07:45.0103 0x02a8 IEEtwCollectorService - ok
19:07:45.0111 0x02a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:07:45.0115 0x02a8 iirsp - ok
19:07:45.0169 0x02a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:07:45.0217 0x02a8 IKEEXT - ok
19:07:45.0460 0x02a8 [ 0DCFCCBBE8435989F4A0E23E3AE15F80, 6A9B5D7A53ABCF0C8E5579070393FAF646B03A0E9A9D550583852C790A745282 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:07:45.0699 0x02a8 IntcAzAudAddService - ok
19:07:45.0712 0x02a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:07:45.0715 0x02a8 intelide - ok
19:07:45.0723 0x02a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:07:45.0728 0x02a8 intelppm - ok
19:07:45.0736 0x02a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:07:45.0742 0x02a8 IPBusEnum - ok
19:07:45.0751 0x02a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:45.0758 0x02a8 IpFilterDriver - ok
19:07:45.0788 0x02a8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:07:45.0814 0x02a8 iphlpsvc - ok
19:07:45.0826 0x02a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:07:45.0833 0x02a8 IPMIDRV - ok
19:07:45.0844 0x02a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:07:45.0852 0x02a8 IPNAT - ok
19:07:45.0857 0x02a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:07:45.0859 0x02a8 IRENUM - ok
19:07:45.0865 0x02a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:07:45.0867 0x02a8 isapnp - ok
19:07:45.0875 0x02a8 [ AC45D94185CF67267D06BF2F45E9E31E, 737EA8220EC265AF3C61611C2B005D2825E6ABBB19DB934ECA0BCBB88CB42EA9 ] ISASerial C:\Windows\system32\drivers\ISASerial.sys
19:07:45.0880 0x02a8 ISASerial - ok
19:07:45.0900 0x02a8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:07:45.0918 0x02a8 iScsiPrt - ok
19:07:45.0925 0x02a8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\drivers\ISCTD64.sys
19:07:45.0929 0x02a8 ISCT - ok
19:07:45.0936 0x02a8 [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir C:\Windows\system32\drivers\itecir.sys
19:07:45.0941 0x02a8 itecir - ok
19:07:45.0947 0x02a8 [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
19:07:45.0950 0x02a8 iusb3hcs - ok
19:07:45.0975 0x02a8 [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
19:07:45.0996 0x02a8 iusb3hub - ok
19:07:46.0040 0x02a8 [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
19:07:46.0081 0x02a8 iusb3xhc - ok
19:07:46.0094 0x02a8 [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID C:\Windows\system32\drivers\jraid.sys
19:07:46.0102 0x02a8 JRAID - ok
19:07:46.0109 0x02a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:46.0113 0x02a8 kbdclass - ok
19:07:46.0119 0x02a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:07:46.0122 0x02a8 kbdhid - ok
19:07:46.0126 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso C:\Windows\system32\lsass.exe
19:07:46.0128 0x02a8 KeyIso - ok
19:07:46.0134 0x02a8 [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:07:46.0137 0x02a8 KSecDD - ok
19:07:46.0144 0x02a8 [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:07:46.0148 0x02a8 KSecPkg - ok
19:07:46.0155 0x02a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:07:46.0157 0x02a8 ksthunk - ok
19:07:46.0179 0x02a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:07:46.0197 0x02a8 KtmRm - ok
19:07:46.0216 0x02a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:07:46.0233 0x02a8 LanmanServer - ok
19:07:46.0243 0x02a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:07:46.0251 0x02a8 LanmanWorkstation - ok
19:07:46.0260 0x02a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:07:46.0265 0x02a8 lltdio - ok
19:07:46.0287 0x02a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:07:46.0306 0x02a8 lltdsvc - ok
19:07:46.0312 0x02a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:07:46.0315 0x02a8 lmhosts - ok
19:07:46.0328 0x02a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:07:46.0337 0x02a8 LSI_FC - ok
19:07:46.0347 0x02a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:07:46.0353 0x02a8 LSI_SAS - ok
19:07:46.0361 0x02a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:07:46.0365 0x02a8 LSI_SAS2 - ok
19:07:46.0377 0x02a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:07:46.0386 0x02a8 LSI_SCSI - ok
19:07:46.0396 0x02a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:07:46.0403 0x02a8 luafv - ok
19:07:46.0408 0x02a8 [ 07389F6925E490D2DB7882110E99921C, AD316EE8A47B6EDD1AB1E1E7DDE2BC69DC0E342144F5B74C96E9494F847B1B7E ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
19:07:46.0409 0x02a8 lvpepf64 - ok
19:07:46.0451 0x02a8 [ 7F0BA3A6E8996F15693C6B7D81DA049E, 96925ABA3A9C5FD2CF9ECBDC4ED8E94033EB1C53DD03F28102E83EEF327777E6 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:07:46.0488 0x02a8 LVRS64 - ok
19:07:46.0497 0x02a8 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
19:07:46.0500 0x02a8 LVUSBS64 - ok
19:07:46.0510 0x02a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:07:46.0517 0x02a8 Mcx2Svc - ok
19:07:46.0524 0x02a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:07:46.0527 0x02a8 megasas - ok
19:07:46.0547 0x02a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:07:46.0564 0x02a8 MegaSR - ok
19:07:46.0573 0x02a8 [ 935758B765D3EE17B622F370DD0C1DE7, 839AF3F76AFB7BAADEB03763233162D1320D56652DCAA3D175397568F8FABD2B ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
19:07:46.0575 0x02a8 MEIx64 - ok
19:07:46.0583 0x02a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:07:46.0589 0x02a8 MMCSS - ok
19:07:46.0595 0x02a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:07:46.0596 0x02a8 Modem - ok
19:07:46.0602 0x02a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:07:46.0604 0x02a8 monitor - ok
19:07:46.0611 0x02a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:07:46.0615 0x02a8 mouclass - ok
19:07:46.0623 0x02a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:07:46.0627 0x02a8 mouhid - ok
19:07:46.0633 0x02a8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:07:46.0636 0x02a8 mountmgr - ok
19:07:46.0644 0x02a8 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:07:46.0649 0x02a8 MozillaMaintenance - ok
19:07:46.0662 0x02a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:07:46.0672 0x02a8 mpio - ok
19:07:46.0680 0x02a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:07:46.0685 0x02a8 mpsdrv - ok
19:07:46.0732 0x02a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:07:46.0775 0x02a8 MpsSvc - ok
19:07:46.0783 0x02a8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:07:46.0787 0x02a8 MRxDAV - ok
19:07:46.0801 0x02a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:46.0811 0x02a8 mrxsmb - ok
19:07:46.0829 0x02a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:46.0843 0x02a8 mrxsmb10 - ok
19:07:46.0859 0x02a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:46.0867 0x02a8 mrxsmb20 - ok
19:07:46.0874 0x02a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:07:46.0877 0x02a8 msahci - ok
19:07:46.0890 0x02a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:07:46.0899 0x02a8 msdsm - ok
19:07:46.0912 0x02a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:07:46.0921 0x02a8 MSDTC - ok
19:07:46.0931 0x02a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:07:46.0934 0x02a8 Msfs - ok
19:07:46.0939 0x02a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:07:46.0940 0x02a8 mshidkmdf - ok
19:07:46.0946 0x02a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:07:46.0948 0x02a8 msisadrv - ok
19:07:46.0960 0x02a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:07:46.0970 0x02a8 MSiSCSI - ok
19:07:46.0974 0x02a8 msiserver - ok
19:07:46.0980 0x02a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:07:46.0983 0x02a8 MSKSSRV - ok
19:07:46.0987 0x02a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:46.0989 0x02a8 MSPCLOCK - ok
19:07:46.0994 0x02a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:07:46.0996 0x02a8 MSPQM - ok
19:07:47.0018 0x02a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:07:47.0038 0x02a8 MsRPC - ok
19:07:47.0046 0x02a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:07:47.0047 0x02a8 mssmbios - ok
19:07:47.0052 0x02a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:07:47.0054 0x02a8 MSTEE - ok
19:07:47.0060 0x02a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:07:47.0062 0x02a8 MTConfig - ok
19:07:47.0066 0x02a8 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\drivers\ASACPI.sys
19:07:47.0068 0x02a8 MTsensor - ok
19:07:47.0075 0x02a8 [ 07AD6825D5C658595CAB7F8F5849401C, 21DEC409C781848B8104CE23E42D3D3DFABE9CC2527C78B1ED9167E063DB1542 ] MtsHID C:\Windows\system32\drivers\MtsHID.sys
19:07:47.0078 0x02a8 MtsHID - ok
19:07:47.0085 0x02a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:07:47.0089 0x02a8 Mup - ok
19:07:47.0094 0x02a8 [ AFA051DA029FA6771746067137654584, 5AFB3B1565C68B84240337E62888191328363C1DC28C923C43BDBC9CFCDB1405 ] mv91cons C:\Windows\system32\drivers\mv91cons.sys
19:07:47.0097 0x02a8 mv91cons - ok
19:07:47.0119 0x02a8 [ D72CFFB7AF56CBB37FD8D6686A33E6C7, 373B2FAE7219413B2BE534839D37F0DCA2CDFF9ED3B358EC1DF7474DAF20E9DC ] mv91xx C:\Windows\system32\drivers\mv91xx.sys
19:07:47.0139 0x02a8 mv91xx - ok
19:07:47.0167 0x02a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:07:47.0192 0x02a8 napagent - ok
19:07:47.0215 0x02a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:07:47.0234 0x02a8 NativeWifiP - ok
19:07:47.0290 0x02a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:07:47.0339 0x02a8 NDIS - ok
19:07:47.0346 0x02a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:47.0349 0x02a8 NdisCap - ok
19:07:47.0355 0x02a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:47.0358 0x02a8 NdisTapi - ok
19:07:47.0366 0x02a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:47.0371 0x02a8 Ndisuio - ok
19:07:47.0383 0x02a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:47.0392 0x02a8 NdisWan - ok
19:07:47.0400 0x02a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:07:47.0404 0x02a8 NDProxy - ok
19:07:47.0410 0x02a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:07:47.0414 0x02a8 NetBIOS - ok
19:07:47.0431 0x02a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:07:47.0445 0x02a8 NetBT - ok
19:07:47.0449 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon C:\Windows\system32\lsass.exe
19:07:47.0451 0x02a8 Netlogon - ok
19:07:47.0478 0x02a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:07:47.0501 0x02a8 Netman - ok
19:07:47.0513 0x02a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:47.0522 0x02a8 NetMsmqActivator - ok
19:07:47.0532 0x02a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:47.0535 0x02a8 NetPipeActivator - ok
19:07:47.0563 0x02a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:07:47.0587 0x02a8 netprofm - ok
19:07:47.0598 0x02a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:47.0601 0x02a8 NetTcpActivator - ok
19:07:47.0611 0x02a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:47.0614 0x02a8 NetTcpPortSharing - ok
19:07:47.0622 0x02a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:07:47.0626 0x02a8 nfrd960 - ok
19:07:47.0637 0x02a8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:07:47.0648 0x02a8 NlaSvc - ok
19:07:47.0652 0x02a8 NmPar - ok
19:07:47.0657 0x02a8 nmserial - ok
19:07:47.0665 0x02a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:07:47.0668 0x02a8 Npfs - ok
19:07:47.0675 0x02a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:07:47.0678 0x02a8 nsi - ok
19:07:47.0683 0x02a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:07:47.0685 0x02a8 nsiproxy - ok
19:07:47.0795 0x02a8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:07:47.0896 0x02a8 Ntfs - ok
19:07:47.0904 0x02a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:07:47.0906 0x02a8 Null - ok
19:07:47.0913 0x02a8 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
19:07:47.0918 0x02a8 nusb3hub - ok
19:07:47.0934 0x02a8 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
19:07:47.0946 0x02a8 nusb3xhc - ok
19:07:47.0953 0x02a8 [ 7FD5C060CB907489A5702F628226F54A, 56101B878DCBFDEF4D5C8BBC6BE0D7710108E651809812BAB876A2E1D4ACB256 ] nvamacpi C:\Windows\system32\drivers\NVAMACPI.sys
19:07:47.0955 0x02a8 nvamacpi - ok
19:07:47.0968 0x02a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:07:47.0978 0x02a8 nvraid - ok
19:07:47.0991 0x02a8 [ 694F5E9D9D624D47F432F5B2E66A0528, 5ACE83A62CBBA735D516FD1C603C69A2136132203679D1F3C92AC5266E84DD8C ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
19:07:48.0001 0x02a8 nvrd64 - ok
19:07:48.0009 0x02a8 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
19:07:48.0013 0x02a8 nvsmu - ok
19:07:48.0027 0x02a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:07:48.0038 0x02a8 nvstor - ok
19:07:48.0055 0x02a8 [ 05DE5DC43AFE6CAB78F9C7CA044CBCBE, 59643F2B07DC964EDCE583CEA6AD81B33CB6D5923C9A5881268E7FCD5700601E ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
19:07:48.0068 0x02a8 nvstor64 - ok
19:07:48.0078 0x02a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:07:48.0085 0x02a8 nv_agp - ok
19:07:48.0099 0x02a8 [ 7B372B3C006280BCB8C8C7AFC8C38DF4, 3E5ECF426AEA89EC88AE13B73994DF3B363132106635C23DD898305544D36E57 ] ocz10xx C:\Windows\system32\drivers\ocz10xx.sys
19:07:48.0107 0x02a8 ocz10xx - ok
19:07:48.0117 0x02a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:07:48.0124 0x02a8 ohci1394 - ok
19:07:48.0137 0x02a8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:48.0148 0x02a8 ose - ok
19:07:48.0395 0x02a8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:07:48.0622 0x02a8 osppsvc - ok
19:07:48.0634 0x02a8 Oxmfuf - ok
19:07:48.0647 0x02a8 [ 00E332D6BF1D15521EFEB5DF1EBFAE3E, DDD263ABF5F240EF1AD85686BD6297465BFD6AD4F775EB64F873EE86CE611DBE ] oxpar C:\Windows\system32\drivers\oxpar.sys
19:07:48.0657 0x02a8 oxpar - ok
19:07:48.0668 0x02a8 [ DC3FA0B732B5EF07C0CDE1682F6D0824, C20923BF74BD632EA56247E438D22A7D1519B63FF26974BCC9DA9255C37318F6 ] OxPPort C:\Windows\system32\drivers\OxPPort.sys
19:07:48.0674 0x02a8 OxPPort - ok
19:07:48.0678 0x02a8 oxser - ok
19:07:48.0702 0x02a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:07:48.0721 0x02a8 p2pimsvc - ok
19:07:48.0747 0x02a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:07:48.0769 0x02a8 p2psvc - ok
19:07:48.0780 0x02a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:07:48.0787 0x02a8 Parport - ok
19:07:48.0797 0x02a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:07:48.0802 0x02a8 partmgr - ok
19:07:48.0811 0x02a8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:07:48.0816 0x02a8 PcaSvc - ok
19:07:48.0830 0x02a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:07:48.0839 0x02a8 pci - ok
19:07:48.0844 0x02a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:07:48.0846 0x02a8 pciide - ok
19:07:48.0854 0x02a8 [ D7C203015E2C2A2EAC8DACEF156D8DC3, FDE6B49A36588C22D92B591576FF1A1D8E60BE11EC3FBE8242FA671CF5A27031 ] PciIsaSerial C:\Windows\system32\drivers\PciIsaSerial.sys
19:07:48.0859 0x02a8 PciIsaSerial - ok
19:07:48.0870 0x02a8 [ 088B509B2F35A3CEE00AC0E0BC4C5BED, BD778FE0BAE72045511F1D66F980749443CC6EE2C3600FD55BD908BCCFD18B24 ] PciPPorts C:\Windows\system32\drivers\PciPPorts.sys
19:07:48.0876 0x02a8 PciPPorts - ok
19:07:48.0887 0x02a8 [ 7F97CDD5E91FC73DA2B01344957AA058, 72A887B477ADBBC9CC7071AF1A62EF3D62B3385B7D817AFE140CEBBA59948B41 ] PciSPorts C:\Windows\system32\drivers\PciSPorts.sys
19:07:48.0896 0x02a8 PciSPorts - ok
19:07:48.0912 0x02a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:07:48.0926 0x02a8 pcmcia - ok
19:07:48.0934 0x02a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:07:48.0939 0x02a8 pcw - ok
19:07:48.0958 0x02a8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:07:48.0973 0x02a8 PEAUTH - ok
19:07:49.0012 0x02a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:07:49.0016 0x02a8 PerfHost - ok
19:07:49.0122 0x02a8 [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
19:07:49.0215 0x02a8 PID_PEPI - ok
19:07:49.0287 0x02a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:07:49.0354 0x02a8 pla - ok
19:07:49.0381 0x02a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:07:49.0403 0x02a8 PlugPlay - ok
19:07:49.0410 0x02a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:07:49.0413 0x02a8 PNRPAutoReg - ok
19:07:49.0436 0x02a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:07:49.0442 0x02a8 PNRPsvc - ok
19:07:49.0469 0x02a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:07:49.0494 0x02a8 PolicyAgent - ok
19:07:49.0508 0x02a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:07:49.0516 0x02a8 Power - ok
19:07:49.0526 0x02a8 [ 14C04684A25C221EBE2105D169B4B6FF, 7331F3C7419102D1C710310BA82642EA50FDA05AC81D713506A60AAD208C74F8 ] PPorts C:\Windows\system32\drivers\PPorts.sys
19:07:49.0534 0x02a8 PPorts - ok
19:07:49.0544 0x02a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:07:49.0552 0x02a8 PptpMiniport - ok
19:07:49.0558 0x02a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:07:49.0562 0x02a8 Processor - ok
19:07:49.0570 0x02a8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:07:49.0576 0x02a8 ProfSvc - ok
19:07:49.0580 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
19:07:49.0582 0x02a8 ProtectedStorage - ok
19:07:49.0593 0x02a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:07:49.0599 0x02a8 Psched - ok
19:07:49.0701 0x02a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:07:49.0798 0x02a8 ql2300 - ok
19:07:49.0810 0x02a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:07:49.0818 0x02a8 ql40xx - ok
19:07:49.0830 0x02a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:07:49.0840 0x02a8 QWAVE - ok
19:07:49.0848 0x02a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:07:49.0852 0x02a8 QWAVEdrv - ok
19:07:49.0857 0x02a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:07:49.0859 0x02a8 RasAcd - ok
19:07:49.0867 0x02a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:49.0872 0x02a8 RasAgileVpn - ok
19:07:49.0881 0x02a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:07:49.0888 0x02a8 RasAuto - ok
19:07:49.0900 0x02a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:49.0909 0x02a8 Rasl2tp - ok
19:07:49.0931 0x02a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:07:49.0949 0x02a8 RasMan - ok
19:07:49.0959 0x02a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:49.0965 0x02a8 RasPppoe - ok
19:07:49.0974 0x02a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:07:49.0980 0x02a8 RasSstp - ok
19:07:50.0004 0x02a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:07:50.0024 0x02a8 rdbss - ok
19:07:50.0030 0x02a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:07:50.0032 0x02a8 rdpbus - ok
19:07:50.0037 0x02a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:50.0039 0x02a8 RDPCDD - ok
19:07:50.0047 0x02a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:07:50.0049 0x02a8 RDPENCDD - ok
19:07:50.0056 0x02a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:07:50.0058 0x02a8 RDPREFMP - ok
19:07:50.0068 0x02a8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:07:50.0075 0x02a8 RDPWD - ok
19:07:50.0092 0x02a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:07:50.0106 0x02a8 rdyboost - ok
19:07:50.0115 0x02a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:07:50.0122 0x02a8 RemoteAccess - ok
19:07:50.0135 0x02a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:07:50.0145 0x02a8 RemoteRegistry - ok
19:07:50.0153 0x02a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:07:50.0158 0x02a8 RpcEptMapper - ok
19:07:50.0164 0x02a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:07:50.0166 0x02a8 RpcLocator - ok
19:07:50.0193 0x02a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:07:50.0203 0x02a8 RpcSs - ok
19:07:50.0214 0x02a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:07:50.0220 0x02a8 rspndr - ok
19:07:50.0274 0x02a8 [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:07:50.0321 0x02a8 RTL8167 - ok
19:07:50.0331 0x02a8 [ ADC93A9B608729C2F9D22505032497B8, A25059D903C82F048670D9E4B1E947C93EB573161D386DE16A0AA45C3893C647 ] rusb3hub C:\Windows\system32\drivers\rusb3hub.sys
19:07:50.0336 0x02a8 rusb3hub - ok
19:07:50.0354 0x02a8 [ 0F9CF3CA4D93BE07FE2989766597AF41, D7C712738453D3494DAB4641DA8107B3B99F316FE2EDE768773BDD0F58D25DA4 ] rusb3xhc C:\Windows\system32\drivers\rusb3xhc.sys
19:07:50.0370 0x02a8 rusb3xhc - ok
19:07:50.0374 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs C:\Windows\system32\lsass.exe
19:07:50.0376 0x02a8 SamSs - ok
19:07:50.0385 0x02a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:07:50.0391 0x02a8 sbp2port - ok
19:07:50.0405 0x02a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:07:50.0416 0x02a8 SCardSvr - ok
19:07:50.0424 0x02a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:07:50.0428 0x02a8 scfilter - ok
19:07:50.0479 0x02a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:07:50.0535 0x02a8 Schedule - ok
19:07:50.0573 0x02a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:07:50.0575 0x02a8 SCPolicySvc - ok
19:07:50.0587 0x02a8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:07:50.0596 0x02a8 sdbus - ok
19:07:50.0608 0x02a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:07:50.0617 0x02a8 SDRSVC - ok
19:07:50.0623 0x02a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:07:50.0625 0x02a8 secdrv - ok
19:07:50.0631 0x02a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:07:50.0635 0x02a8 seclogon - ok
19:07:50.0642 0x02a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:07:50.0648 0x02a8 SENS - ok
19:07:50.0656 0x02a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:07:50.0660 0x02a8 SensrSvc - ok
19:07:50.0665 0x02a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:07:50.0668 0x02a8 Serenum - ok
19:07:50.0677 0x02a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
19:07:50.0682 0x02a8 Serial - ok
19:07:50.0688 0x02a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:07:50.0691 0x02a8 sermouse - ok
19:07:50.0707 0x02a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:07:50.0715 0x02a8 SessionEnv - ok
19:07:50.0721 0x02a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:07:50.0723 0x02a8 sffdisk - ok
19:07:50.0728 0x02a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:07:50.0730 0x02a8 sffp_mmc - ok
19:07:50.0735 0x02a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:07:50.0737 0x02a8 sffp_sd - ok
19:07:50.0743 0x02a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:07:50.0745 0x02a8 sfloppy - ok
19:07:50.0768 0x02a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:07:50.0788 0x02a8 SharedAccess - ok
19:07:50.0811 0x02a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:07:50.0830 0x02a8 ShellHWDetection - ok
19:07:50.0853 0x02a8 [ DA492C8305434EC6F9BDD60C8B83B10E, 572C5A1F77E0644B4EB2EAC89C141869F071748CA5BB33F846D284C545166A35 ] Si3124r5 C:\Windows\system32\drivers\Si3124r5.sys
19:07:50.0871 0x02a8 Si3124r5 - ok
19:07:50.0877 0x02a8 [ 8D10887A1699CF61E74467694B929B09, 096A1284092B0002B1405485690C7FC05D9A0FA8809D04327FA2BDEAECA2D199 ] SiFilter C:\Windows\system32\drivers\SiWinAcc.sys
19:07:50.0880 0x02a8 SiFilter - ok
19:07:50.0885 0x02a8 [ 94E1EDA9A0B305A67EE1BBD0A68CE21A, 1EC0E459117100F8C8C325DD4CE2250D51D44B36E5C46FE598A319C353499524 ] SiRemFil C:\Windows\system32\drivers\SiRemFil.sys
19:07:50.0887 0x02a8 SiRemFil - ok
19:07:50.0895 0x02a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:07:50.0898 0x02a8 SiSRaid2 - ok
19:07:50.0909 0x02a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:07:50.0915 0x02a8 SiSRaid4 - ok
19:07:50.0925 0x02a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:07:50.0932 0x02a8 Smb - ok
19:07:50.0942 0x02a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:07:50.0945 0x02a8 SNMPTRAP - ok
19:07:50.0950 0x02a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:07:50.0952 0x02a8 spldr - ok
19:07:50.0984 0x02a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:07:51.0010 0x02a8 Spooler - ok
19:07:51.0022 0x02a8 [ 739C2571867F351167D1D958990E9D84, 0560C2E7FF35790D1B64E9D736DEEA22B4C194809E1435A60FCFA466B19B63B0 ] SPorts C:\Windows\system32\drivers\SPorts.sys
19:07:51.0031 0x02a8 SPorts - ok
19:07:51.0196 0x02a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:07:51.0354 0x02a8 sppsvc - ok
19:07:51.0368 0x02a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:07:51.0374 0x02a8 sppuinotify - ok
19:07:51.0397 0x02a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:07:51.0416 0x02a8 srv - ok
19:07:51.0436 0x02a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:07:51.0452 0x02a8 srv2 - ok
19:07:51.0464 0x02a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:07:51.0471 0x02a8 srvnet - ok
19:07:51.0484 0x02a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:07:51.0496 0x02a8 SSDPSRV - ok
19:07:51.0506 0x02a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:07:51.0513 0x02a8 SstpSvc - ok
19:07:51.0520 0x02a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:07:51.0523 0x02a8 stexstor - ok
19:07:51.0561 0x02a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:07:51.0591 0x02a8 stisvc - ok
19:07:51.0601 0x02a8 [ 335AB4A483C5318182DCEC4EDAE08112, 48A5B188E4BBDF47C424BC07843AFA764A9764FE957375746BBD324749D2FBDA ] StnPport C:\Windows\system32\drivers\StnPport.sys
19:07:51.0608 0x02a8 StnPport - ok
19:07:51.0620 0x02a8 [ 922E545E81C50E8D4A5D327B907D67FE, 035D7239B995F429A7FCAFA207DB102ED74B902B1AEEB585F8D6EEDB13CA6E13 ] StnSport C:\Windows\system32\drivers\StnSport.sys
19:07:51.0629 0x02a8 StnSport - ok
19:07:51.0634 0x02a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:07:51.0636 0x02a8 swenum - ok
19:07:51.0666 0x02a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:07:51.0693 0x02a8 swprv - ok
19:07:51.0777 0x02a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:07:51.0857 0x02a8 SysMain - ok
19:07:51.0868 0x02a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:07:51.0875 0x02a8 TabletInputService - ok
19:07:51.0891 0x02a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:07:51.0906 0x02a8 TapiSrv - ok
19:07:51.0916 0x02a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:07:51.0921 0x02a8 TBS - ok
19:07:52.0041 0x02a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:07:52.0154 0x02a8 Tcpip - ok
19:07:52.0277 0x02a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:07:52.0310 0x02a8 TCPIP6 - ok
19:07:52.0323 0x02a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:07:52.0327 0x02a8 tcpipreg - ok
19:07:52.0334 0x02a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:07:52.0337 0x02a8 TDPIPE - ok
19:07:52.0342 0x02a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:07:52.0345 0x02a8 TDTCP - ok
19:07:52.0357 0x02a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:07:52.0366 0x02a8 tdx - ok
19:07:52.0372 0x02a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:07:52.0376 0x02a8 TermDD - ok
19:07:52.0403 0x02a8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:07:52.0416 0x02a8 TermService - ok
19:07:52.0425 0x02a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:07:52.0429 0x02a8 Themes - ok
19:07:52.0437 0x02a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:07:52.0439 0x02a8 THREADORDER - ok
19:07:52.0450 0x02a8 [ CDD4E2C65FBFBB061FAE53BE7FD9EB87, 7E1C5E33DCDCA07BF6DB521A025295158483C80943DFCCFC28A6E91AAAA5D507 ] tihub3 C:\Windows\system32\drivers\tihub3.sys
19:07:52.0459 0x02a8 tihub3 - ok
19:07:52.0489 0x02a8 [ 8247241C0ED5A5AA4D9B4906C729FAAB, B4C3D8F676C7AB67FB0D3CBE6A2EB92251D4A18A65DA2D05ABFA5183D4627721 ] tixhci C:\Windows\system32\drivers\tixhci.sys
19:07:52.0515 0x02a8 tixhci - ok
19:07:52.0528 0x02a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:07:52.0537 0x02a8 TrkWks - ok
19:07:52.0554 0x02a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:07:52.0568 0x02a8 TrustedInstaller - ok
19:07:52.0575 0x02a8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:52.0577 0x02a8 tssecsrv - ok
19:07:52.0584 0x02a8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:07:52.0588 0x02a8 TsUsbFlt - ok
19:07:52.0594 0x02a8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:07:52.0597 0x02a8 TsUsbGD - ok
19:07:52.0609 0x02a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:07:52.0619 0x02a8 tunnel - ok
19:07:52.0628 0x02a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:07:52.0633 0x02a8 uagp35 - ok
19:07:52.0657 0x02a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:07:52.0676 0x02a8 udfs - ok
19:07:52.0689 0x02a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:07:52.0693 0x02a8 UI0Detect - ok
19:07:52.0700 0x02a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:07:52.0704 0x02a8 uliagpkx - ok
19:07:52.0712 0x02a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:07:52.0715 0x02a8 umbus - ok
19:07:52.0721 0x02a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:07:52.0723 0x02a8 UmPass - ok
19:07:52.0746 0x02a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:07:52.0766 0x02a8 upnphost - ok
19:07:52.0776 0x02a8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:07:52.0783 0x02a8 usbaudio - ok
19:07:52.0791 0x02a8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:52.0797 0x02a8 usbccgp - ok
19:07:52.0807 0x02a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:07:52.0813 0x02a8 usbcir - ok
19:07:52.0820 0x02a8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:07:52.0824 0x02a8 usbehci - ok
19:07:52.0832 0x02a8 [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:07:52.0835 0x02a8 usbfilter - ok
19:07:52.0861 0x02a8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:07:52.0883 0x02a8 usbhub - ok
19:07:52.0889 0x02a8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:07:52.0890 0x02a8 usbohci - ok
19:07:52.0897 0x02a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:07:52.0900 0x02a8 usbprint - ok
19:07:52.0907 0x02a8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:07:52.0910 0x02a8 usbscan - ok
19:07:52.0920 0x02a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:52.0927 0x02a8 USBSTOR - ok
19:07:52.0933 0x02a8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:07:52.0936 0x02a8 usbuhci - ok
19:07:52.0943 0x02a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:07:52.0947 0x02a8 UxSms - ok
19:07:52.0951 0x02a8 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc C:\Windows\system32\lsass.exe
19:07:52.0953 0x02a8 VaultSvc - ok
19:07:52.0958 0x02a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:07:52.0961 0x02a8 vdrvroot - ok
19:07:52.0993 0x02a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:07:53.0022 0x02a8 vds - ok
19:07:53.0029 0x02a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:53.0031 0x02a8 vga - ok
19:07:53.0037 0x02a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:07:53.0040 0x02a8 VgaSave - ok
19:07:53.0054 0x02a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:07:53.0066 0x02a8 vhdmp - ok
19:07:53.0072 0x02a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:07:53.0075 0x02a8 viaide - ok
19:07:53.0082 0x02a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:07:53.0086 0x02a8 volmgr - ok
19:07:53.0107 0x02a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:07:53.0125 0x02a8 volmgrx - ok
19:07:53.0146 0x02a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:07:53.0163 0x02a8 volsnap - ok
19:07:53.0175 0x02a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:07:53.0185 0x02a8 vsmraid - ok
19:07:53.0272 0x02a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:07:53.0356 0x02a8 VSS - ok
19:07:53.0402 0x02a8 [ FA99DFCC12731500CE052C69A81737B8, 7470AC5704BF4AF4AF8A74DA5CFBD23DCF50C88072EAAA90493251A14C91E383 ] vToolbarUpdater18.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
19:07:53.0434 0x02a8 vToolbarUpdater18.5.0 - ok
19:07:53.0453 0x02a8 [ D2F97FBE638A1023316E3A535B8A6AEF, 79DF9851CAADF1B1175E3B416C44061A1218D53B7AF5A4F531093B2EE6A4A964 ] VUSB3HUB C:\Windows\system32\drivers\ViaHub3.sys
19:07:53.0467 0x02a8 VUSB3HUB - ok
19:07:53.0472 0x02a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:07:53.0474 0x02a8 vwifibus - ok
19:07:53.0499 0x02a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:07:53.0521 0x02a8 W32Time - ok
19:07:53.0529 0x02a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:07:53.0532 0x02a8 WacomPen - ok
19:07:53.0541 0x02a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:07:53.0548 0x02a8 WANARP - ok
19:07:53.0556 0x02a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:07:53.0558 0x02a8 Wanarpv6 - ok
19:07:53.0639 0x02a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:07:53.0712 0x02a8 wbengine - ok
19:07:53.0731 0x02a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:07:53.0744 0x02a8 WbioSrvc - ok
19:07:53.0764 0x02a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:07:53.0783 0x02a8 wcncsvc - ok
19:07:53.0789 0x02a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:07:53.0793 0x02a8 WcsPlugInService - ok
19:07:53.0798 0x02a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:07:53.0801 0x02a8 Wd - ok
19:07:53.0859 0x02a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:07:53.0913 0x02a8 Wdf01000 - ok
19:07:53.0929 0x02a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:07:53.0949 0x02a8 WdiServiceHost - ok
19:07:53.0959 0x02a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:07:53.0962 0x02a8 WdiSystemHost - ok
19:07:53.0992 0x02a8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:07:54.0011 0x02a8 WebClient - ok
19:07:54.0028 0x02a8 [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc C:\Windows\system32\wecsvc.dll
19:07:54.0042 0x02a8 Wecsvc - ok
19:07:54.0054 0x02a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:07:54.0070 0x02a8 wercplsupport - ok
19:07:54.0083 0x02a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:07:54.0090 0x02a8 WerSvc - ok
19:07:54.0096 0x02a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:07:54.0098 0x02a8 WfpLwf - ok
19:07:54.0109 0x02a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:07:54.0111 0x02a8 WIMMount - ok
19:07:54.0115 0x02a8 WinDefend - ok
19:07:54.0122 0x02a8 WinHttpAutoProxySvc - ok
19:07:54.0150 0x02a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:07:54.0166 0x02a8 Winmgmt - ok
19:07:54.0292 0x02a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:07:54.0411 0x02a8 WinRM - ok
19:07:54.0426 0x02a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:07:54.0430 0x02a8 WinUsb - ok
19:07:54.0477 0x02a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:07:54.0520 0x02a8 Wlansvc - ok
19:07:54.0655 0x02a8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:07:54.0695 0x02a8 wlidsvc - ok
19:07:54.0705 0x02a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:07:54.0706 0x02a8 WmiAcpi - ok
19:07:54.0728 0x02a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:07:54.0744 0x02a8 wmiApSrv - ok
19:07:54.0748 0x02a8 WMPNetworkSvc - ok
19:07:54.0755 0x02a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:07:54.0758 0x02a8 WPCSvc - ok
19:07:54.0767 0x02a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:07:54.0774 0x02a8 WPDBusEnum - ok
19:07:54.0781 0x02a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:07:54.0783 0x02a8 ws2ifsl - ok
19:07:54.0792 0x02a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:07:54.0800 0x02a8 wscsvc - ok
19:07:54.0803 0x02a8 WSearch - ok
19:07:54.0866 0x02a8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
19:07:54.0922 0x02a8 wuauserv - ok
19:07:54.0936 0x02a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:07:54.0942 0x02a8 WudfPf - ok
19:07:54.0956 0x02a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:54.0966 0x02a8 WUDFRd - ok
19:07:54.0975 0x02a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:07:54.0981 0x02a8 wudfsvc - ok
19:07:54.0999 0x02a8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:07:55.0016 0x02a8 WwanSvc - ok
19:07:55.0034 0x02a8 [ C6DAEFBB6ECEBBA4E400A1BF65AB478B, 6D11395B825B298A307B11E77B1188D29FB2CD6D02BA7FF8C82E2EFBE51906EB ] xhcdrv C:\Windows\system32\drivers\xhcdrv.sys
19:07:55.0047 0x02a8 xhcdrv - ok
19:07:55.0052 0x02a8 ================ Scan global ===============================
19:07:55.0060 0x02a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:07:55.0071 0x02a8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
19:07:55.0084 0x02a8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
19:07:55.0094 0x02a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:07:55.0107 0x02a8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:07:55.0115 0x02a8 [ Global ] - ok
19:07:55.0115 0x02a8 ================ Scan MBR ==================================
19:07:55.0118 0x02a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:07:55.0165 0x02a8 \Device\Harddisk0\DR0 - ok
19:07:55.0168 0x02a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:07:55.0396 0x02a8 \Device\Harddisk1\DR1 - ok
19:07:55.0397 0x02a8 ================ Scan VBR ==================================
19:07:55.0399 0x02a8 [ 7DB303D33A7876C832508796B89B0E6E ] \Device\Harddisk0\DR0\Partition1
19:07:55.0400 0x02a8 \Device\Harddisk0\DR0\Partition1 - ok
19:07:55.0403 0x02a8 [ 734A2F634866FBEC0363DD2AFF15B6FA ] \Device\Harddisk1\DR1\Partition1
19:07:55.0405 0x02a8 \Device\Harddisk1\DR1\Partition1 - ok
19:07:55.0407 0x02a8 [ 4CC0DDA13D2C224B94AF7682FE4BCAE0 ] \Device\Harddisk1\DR1\Partition2
19:07:55.0409 0x02a8 \Device\Harddisk1\DR1\Partition2 - ok
19:07:55.0410 0x02a8 ================ Scan generic autorun ======================
19:07:56.0221 0x02a8 [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:07:56.0444 0x02a8 RTHDVCPL - ok
19:07:56.0468 0x02a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:07:56.0472 0x02a8 Logitech Download Assistant - ok
19:07:56.0524 0x02a8 [ 5B4BBAC9467B8DB6BC4A404CF1867FE0, 6CDF6291CE36A94ED50ECAF2F050302619D2FD4915961E968B7E97EC339AE3F0 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:07:56.0558 0x02a8 StartCCC - ok
19:07:56.0561 0x02a8 AMD AVT - ok
19:07:56.0575 0x02a8 [ 0DE44581040FE8B019E84074F11FA444, C4ED849652009B0F10B09FA2DF1E3951C1D7B2D575AA2AB0E717F5BA1FAEA920 ] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
19:07:56.0580 0x02a8 F-Secure Manager - ok
19:07:56.0637 0x02a8 [ 05C6D9268E0F94CE8BA488F378322E67, 51EE5140217BE32C236C3AC2259E2B8FCB3493C89C69A89551EB2944ADC43EE9 ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
19:07:56.0681 0x02a8 vProt - ok
19:07:56.0692 0x02a8 [ 1F0E4889955FCED4BE9A07F3107EE86B, CD758AAE4F2008439450F240CCA199EFEAEE4A30B2D709FA885516EDD4D77090 ] C:\Program Files (x86)\F-Secure\fshoster32.exe
19:07:56.0695 0x02a8 F-Secure Hoster (6661000) - ok
19:07:56.0721 0x02a8 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:07:56.0743 0x02a8 Adobe ARM - ok
19:07:56.0749 0x02a8 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:07:56.0752 0x02a8 APSDaemon - ok
19:07:56.0764 0x02a8 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
19:07:56.0774 0x02a8 QuickTime Task - ok
19:07:56.0840 0x02a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:07:56.0901 0x02a8 Sidebar - ok
19:07:56.0912 0x02a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:07:56.0919 0x02a8 mctadmin - ok
19:07:56.0983 0x02a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:07:57.0002 0x02a8 Sidebar - ok
19:07:57.0013 0x02a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:07:57.0016 0x02a8 mctadmin - ok
19:07:57.0163 0x02a8 [ 2E8EAB89DB3F6C0A15C07627B6ED9BCC, D146DC20A37AC34A957B000B106164278C67BCCA2B717A5E317670556FCCE9C0 ] C:\Users\Hoffmann\AppData\Local\Amazon Music\Amazon Music Helper.exe
19:07:57.0259 0x02a8 Amazon Music - ok
19:07:57.0268 0x02a8 Waiting for KSN requests completion. In queue: 57
19:07:58.0268 0x02a8 Waiting for KSN requests completion. In queue: 57
19:07:59.0268 0x02a8 Waiting for KSN requests completion. In queue: 57
19:08:00.0302 0x02a8 AV detected via SS2: Antivirus, C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 11.0.20110.0 ), 0x41000 ( enabled : updated )
19:08:00.0319 0x02a8 Win FW state via NFP2: enabled
19:08:02.0964 0x02a8 ============================================================
19:08:02.0964 0x02a8 Scan finished
19:08:02.0964 0x02a8 ============================================================
19:08:02.0971 0x0c5c Detected object count: 0
19:08:02.0971 0x0c5c Actual detected object count: 0
Habe weiterhin keine Abstürze oder andere "Symptome" bemerkt. Nochmals vielen Dank und beste Grüße! |
|
10.06.2015, 11:45
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? Sieht gut aus 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.06.2015, 17:49
| #5 |
| | Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? Hallo Schrauber, vielen Dank, das war ja wieder superschnell! Heisst das Scan Ergebnis, dass keine Viren/Trojaner auf dem System sind und somit alles gut ist? Kann ich dann über den Defogger wieder "re-enable" machen? Vielen Dank nochmal, werde mal rüber in den Spenden Thread gehen...  |
|
11.06.2015, 16:09
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? Ja das heisst es . Hier noch unser Text zum aufräumen: Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ --> Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? |
|
| Themen zu Windows 7: Pdf in DHL Zustellankündigung angeklickt - Trojaner/Virus eingefangen? |
| adware, antivirus, avg, avg security toolbar, browser, converter, defender, desktop, email, firefox, firefox 38.0.5, flash player, frage, home, homepage, mozilla, object, onedrive, realtek, registry, rundll, scan, secure search, software, spam, svchost.exe, trojaner/virus, vtoolbarupdater, warnung, windows, wiso |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
