Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.06.2015, 12:30   #1
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Ich habe den Verdacht das auf den System meiner Kinder "WinXP" sich ein Trojaner / Virus eingeschlichen hat.

Beim Herrunterfahren des Systems kommt oft die Meldung ein anderer Benutzer ist noch angemeldet.

Auch hat sich das System schon öfters von alleine Herruntergefahren .

Öfters kommt die Meldung unten rechts eingeblendet das die USB Hub eine bessere Leistung erzielen können ohne das etwas neues angesteckt oder rausgenommen wurde.

Es sind auc einige neue Ordner auf den System zu sehen die ich nicht zuordnen kann.
Da unsere Kinder besser mit WinXP klar kommen wollen wir es behalten.

Ichhabe das System wie von euch beschrieben mit FRST und GMER gescant.

Hier das FRST Logfile :
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Administrator (administrator) on ASPIRE on 15-06-2015 20:52:28
Running from C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator & Gast)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\RtkBtMnt.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Disc Soft Ltd) C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
(Mozilla Corporation) C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\firefox.exe
() C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\Gmer-19357.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18789920 2009-12-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [XboxStat] => c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKU\S-1-5-21-1454471165-261478967-725345543-500\...\Run: [DAEMON Tools Lite Automount] => C:\Programme\DAEMON Tools Lite\DTAgent.exe [3579120 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-1454471165-261478967-725345543-500\...\Run: [Akamai NetSession Interface] => "C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe"
HKU\S-1-5-21-1454471165-261478967-725345543-500\...\MountPoints2: {62e97342-a94d-11e4-99a9-806d6172696f} - D:\autorun.exe
HKU\S-1-5-21-1454471165-261478967-725345543-500\...\MountPoints2: {aae1e93f-0a2d-11e5-9a17-0022690d76d0} - D:\autorun.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1454471165-261478967-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1454471165-261478967-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1454471165-261478967-725345543-500 - Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-01] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF SearchPlugin: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\searchplugins\startpage-ssl-1.xml [2015-03-24]
FF SearchPlugin: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\searchplugins\startpage-ssl.xml [2015-03-24]
FF Extension: anonymoX - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\Extensions\client@anonymox.net.xpi [2015-03-24]
FF Extension: Ghostery - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\Extensions\firefox@ghostery.com.xpi [2015-06-02]
FF Extension: NO Google Analytics - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2015-04-02]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-24]
FF Extension: BetterPrivacy - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\kk6aupd0.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-04-02]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Programme\Avira\AntiVir Desktop\avmailc.exe [825136 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-09] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe [1026288 2015-05-21] (Disc Soft Ltd)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-06-12] ()
S3 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [38912 2004-11-11] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [25600 2004-11-11] (Microsoft Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1312576 2008-05-20] (Atheros Communications, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25016 2015-05-31] (Disc Soft Ltd)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
U3 DfSdkS; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
U3 kwtdrpod; \??\C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\kwtdrpod.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 20:51 - 2015-06-15 20:52 - 00000000 ____D C:\FRST
2015-06-15 10:08 - 2015-06-15 20:47 - 00001427 _____ C:\WINDOWS\setupapi.log
2015-06-12 19:33 - 2015-06-12 19:33 - 00268952 _____ C:\WINDOWS\system32\PnkBstrB.xtr
2015-06-12 19:33 - 2015-06-12 19:33 - 00268952 _____ C:\WINDOWS\system32\PnkBstrB.exe
2015-06-12 19:33 - 2015-06-12 19:33 - 00137176 _____ C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2015-06-12 19:33 - 2015-06-12 19:33 - 00075136 _____ C:\WINDOWS\system32\PnkBstrA.exe
2015-06-12 19:33 - 2015-06-12 19:33 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\PunkBuster
2015-06-10 23:17 - 2015-06-10 23:17 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Electronic_Arts_Inc
2015-06-10 19:26 - 2015-06-12 19:33 - 00000000 ____D C:\WINDOWS\system32\Logfiles
2015-06-10 19:10 - 2015-06-10 19:10 - 00000000 ____D C:\WINDOWS\pss
2015-06-09 11:00 - 2015-06-09 11:00 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2015-06-07 19:28 - 1998-07-30 12:51 - 00305152 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2015-06-04 21:19 - 2015-06-04 21:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$
2015-06-04 21:19 - 2015-06-04 21:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2015-06-04 21:19 - 2015-06-04 21:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2015-06-04 21:19 - 2009-09-09 18:24 - 00062424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys
2015-06-04 21:19 - 2009-08-13 22:40 - 01112288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-06-04 21:19 - 2008-03-21 13:57 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-06-04 21:18 - 2015-06-04 21:19 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Xbox 360 Accessories
2015-06-04 21:18 - 2015-06-04 21:18 - 00000000 ____D C:\Programme\Microsoft Xbox 360 Accessories
2015-06-04 20:17 - 2015-06-04 20:17 - 00000000 ___HD C:\WINDOWS\PIF
2015-06-04 19:56 - 2015-06-04 20:17 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Westwood
2015-06-04 19:55 - 2015-06-04 19:55 - 00000000 ____D C:\WESTWOOD
2015-06-04 19:30 - 2015-06-05 13:32 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-03 11:53 - 2015-06-03 11:57 - 00000000 ____D C:\Programme\Mozilla Firefox
2015-05-31 22:14 - 2008-02-15 12:49 - 00192512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxres.dll
2015-05-31 20:57 - 2015-06-15 19:31 - 00362288 _____ C:\WINDOWS\WindowsUpdate.log
2015-05-31 19:16 - 2015-05-31 19:16 - 00025016 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-05-31 19:16 - 2015-05-31 19:16 - 00001607 _____ C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk
2015-05-30 20:21 - 2015-05-31 19:35 - 00119648 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1454471165-261478967-725345543-500-0.dat
2015-05-30 20:21 - 2015-05-31 19:35 - 00083246 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2015-05-30 20:02 - 2015-05-31 19:17 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 20:02 - 2015-05-31 19:16 - 00000000 ____D C:\Programme\DAEMON Tools Lite
2015-05-30 20:01 - 2015-05-30 20:01 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 19:47 - 2015-05-30 19:47 - 00000000 ____D C:\Programme\Microsoft.NET
2015-05-17 11:28 - 2012-01-29 20:51 - 00434176 _____ (Tiger-IT.de) C:\Dokumente und Einstellungen\Administrator\Desktop\xp-AntiSpy.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 20:52 - 2015-01-31 15:47 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp
2015-06-15 19:35 - 2015-01-31 15:32 - 01268206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-15 19:30 - 2015-05-04 19:08 - 00000238 _____ C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
2015-06-15 19:30 - 2015-01-31 15:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-15 19:30 - 2015-01-31 15:35 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-06-15 19:30 - 2015-01-31 15:35 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-06-15 12:42 - 2015-01-31 15:47 - 00032500 _____ C:\WINDOWS\SchedLgU.Txt
2015-06-15 12:42 - 2015-01-31 15:47 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2015-06-15 12:42 - 2015-01-31 15:47 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator
2015-06-15 12:12 - 2015-01-31 15:38 - 00000000 ____D C:\WINDOWS\Registration
2015-06-14 15:46 - 2004-11-11 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-10 23:52 - 2015-05-05 10:55 - 00000000 ____D C:\Spiele
2015-06-10 23:27 - 2015-01-31 15:31 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-06-10 19:33 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\security
2015-06-10 19:27 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-06-10 19:27 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\Help
2015-06-10 19:27 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\Cursors
2015-06-10 19:27 - 2015-01-31 15:37 - 00000000 ____D C:\Programme\Windows NT
2015-06-10 19:26 - 2015-01-31 15:39 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele
2015-06-10 19:26 - 2015-01-31 15:37 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
2015-06-10 13:52 - 2015-02-16 14:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc
2015-06-10 13:04 - 2015-05-04 18:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 12:55 - 2015-05-04 18:44 - 136900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 10:56 - 2015-05-04 17:15 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-09 10:56 - 2015-05-04 17:15 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-09 10:56 - 2015-05-04 17:15 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-06-08 15:00 - 2015-05-04 19:08 - 00000232 _____ C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-06-04 21:18 - 2015-01-31 15:40 - 00000000 ____D C:\WINDOWS\system32\DirectX
2015-06-04 21:18 - 2015-01-31 15:32 - 00000000 ___RD C:\Programme
2015-06-04 20:17 - 2004-11-11 14:00 - 00000563 _____ C:\WINDOWS\WIN.INI
2015-06-01 14:14 - 2015-04-04 23:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-05-31 21:19 - 2015-02-09 15:59 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2015-05-31 20:46 - 2015-05-03 21:06 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Desktop\Bilder
2015-05-31 19:05 - 2015-01-31 15:31 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente
2015-05-31 18:50 - 2015-01-31 15:46 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService
2015-05-31 18:50 - 2015-01-31 15:46 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService
2015-05-31 18:49 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\system
2015-05-31 13:49 - 2015-01-31 15:31 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü
2015-05-31 12:11 - 2015-02-17 14:45 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Desktop\Musik
2015-05-31 11:32 - 2015-01-31 15:39 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-05-30 19:54 - 2015-02-09 16:31 - 00000000 ____D C:\WINDOWS\system32\de-de
2015-05-25 16:49 - 2015-05-05 23:22 - 00000000 ____D C:\Programme\Bridge Building Game
2015-05-23 01:08 - 2015-04-22 16:13 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser
2015-05-18 22:16 - 2015-04-09 09:21 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-05-17 11:32 - 2015-01-31 15:38 - 00000000 ____D C:\Programme\Messenger
2015-05-16 21:00 - 2015-01-31 15:47 - 00000783 _____ C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2015-05-16 20:56 - 2015-05-04 19:03 - 00000000 ____D C:\WINDOWS\ie8updates
2015-05-16 20:54 - 2015-01-31 16:25 - 00000000 ____D C:\WINDOWS\Media
 
==================== Files in the root of some directories =======
 
2015-02-16 14:22 - 2015-02-23 10:19 - 0015872 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-22 15:44 - 2015-04-22 15:44 - 0002876 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
 
Some files in TEMP:
====================
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\RtkBtMnt.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of log ============================
         
--- --- ---

Und hier das Addition Logfile :FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Administrator at 2015-06-15 20:53:41
Running from C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1454471165-261478967-725345543-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator
Gast (S-1-5-21-1454471165-261478967-725345543-501 - Limited - Disabled) => %SystemDrive%\Dokumente und Einstellungen\Gast
Hilfeassistent (S-1-5-21-1454471165-261478967-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1454471165-261478967-725345543-1002 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
Atheros for Acer Driver v7.6.0.224_Foxconn Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.6.0.224 - Atheros)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Bridge Building Game (HKLM\...\Bridge Building Game) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
D-Fend Reloaded 1.4.1 (deinstallieren) (HKLM\...\D-Fend Reloaded) (Version: 1.4.1 - Alexander Herzog)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834902-v2) (HKLM\...\KB2834902-v2_WM10) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2909212) (HKLM\...\KB2909212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2936068) (HKLM\...\KB2936068) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2964358) (HKLM\...\KB2964358) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
Wings Of Fury (HKLM\...\Wings Of Fury) (Version: - )
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
27-04-2015 15:45:24 Systemprüfpunkt
28-04-2015 19:12:24 Systemprüfpunkt
02-05-2015 15:06:22 Systemprüfpunkt
03-05-2015 16:16:23 Systemprüfpunkt
03-05-2015 20:02:48 Installed CCS64 V3.9
04-05-2015 17:45:00 Software Distribution Service 3.0
04-05-2015 18:05:54 Software Distribution Service 3.0
04-05-2015 18:30:32 Software Distribution Service 3.0
04-05-2015 19:13:34 Software Distribution Service 3.0
04-05-2015 19:19:07 Installed Windows KB954550-v5.
04-05-2015 23:13:58 Installed WinUAE
05-05-2015 13:47:46 Software Distribution Service 3.0
07-05-2015 21:09:57 Systemprüfpunkt
11-05-2015 16:45:02 Systemprüfpunkt
12-05-2015 15:38:55 DirectX wurde installiert
12-05-2015 18:32:51 Removed WinUAE
12-05-2015 18:33:06 Removed CCS64 V3.9
13-05-2015 10:32:19 Software Distribution Service 3.0
15-05-2015 19:03:20 Systemprüfpunkt
17-05-2015 17:02:07 Systemprüfpunkt
22-05-2015 19:26:52 Systemprüfpunkt
24-05-2015 10:11:31 Systemprüfpunkt
26-05-2015 16:53:07 Systemprüfpunkt
29-05-2015 14:17:26 Systemprüfpunkt
31-05-2015 11:32:25 Wiederherstellungsvorgang
31-05-2015 18:46:10 Wiederherstellungsvorgang
31-05-2015 21:02:52 Software Distribution Service 3.0
01-06-2015 18:43:18 DirectX wurde installiert
03-06-2015 02:56:01 Systemprüfpunkt
04-06-2015 20:41:48 Systemprüfpunkt
04-06-2015 21:18:48 DirectX wurde installiert
04-06-2015 21:19:16 Installed Windows XP Wdf01007.
05-06-2015 21:29:04 Systemprüfpunkt
07-06-2015 11:54:55 Systemprüfpunkt
10-06-2015 12:54:52 Software Distribution Service 3.0
11-06-2015 01:04:07 Akamai NetSession Interface wird installiert
14-06-2015 16:42:47 Systemprüfpunkt
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-11-11 14:00 - 2004-11-11 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-12 19:33 - 2015-06-12 19:33 - 00075136 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\libssp-0.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 05064206 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 02029056 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
2000-01-01 02:00 - 2000-01-01 02:00 - 00714452 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00517814 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00110592 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2015-06-15 20:42 - 2015-06-15 20:42 - 00380416 _____ () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\Gmer-19357.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1454471165-261478967-725345543-500\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
DNS Servers: Media is not connected to internet.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Atheros AR5007EG Wireless Network Adapter
Description: Atheros AR5007EG Wireless Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Atheros
Service: AR5416
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: USB-Videogerät
Description: USB-Videogerät
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/15/2015 07:30:42 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 07:30:42 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 07:30:34 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 07:30:34 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 11:58:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 11:58:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 11:56:32 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 11:56:32 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 10:05:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
Error: (06/15/2015 10:05:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.
 
 
System errors:
=============
Error: (06/08/2015 00:06:16 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (06/06/2015 01:27:39 AM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (06/05/2015 01:53:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error: (05/31/2015 02:58:01 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/31/2015 02:02:34 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/28/2015 01:33:26 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/25/2015 09:19:55 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/22/2015 11:29:51 AM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/20/2015 02:28:22 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
Error: (05/19/2015 02:06:03 PM) (Source: 0) (EventID: 1) (User: )
Description: \Device\ACPIEC
 
 
Microsoft Office:
=========================
Error: (06/15/2015 07:30:42 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
 
Error: (06/15/2015 07:30:42 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
 
Error: (06/15/2015 07:30:34 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
 
Error: (06/15/2015 07:30:34 PM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
 
Error: (06/15/2015 11:58:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
 
Error: (06/15/2015 11:58:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
 
Error: (06/15/2015 11:56:32 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
 
Error: (06/15/2015 11:56:32 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
 
Error: (06/15/2015 10:05:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
 
Error: (06/15/2015 10:05:51 AM) (Source: Userenv) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
 
 
==================== Memory info =========================== 
 
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 1011.88 MB
Available physical RAM: 543.13 MB
Total Pagefile: 2430.57 MB
Available Pagefile: 1791.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.43 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:49.81 GB) (Free:31.48 GB) NTFS ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 5FA38A47)
Partition 1: (Active) - (Size=49.8 GB) - (Type=07 NTFS)
 
==================== End of log ============================
         
--- --- ---

--- --- ---

Ich hoffe ihr könnt mir weiter helfen. Ich halte es für möglich das Klassenkameraden über die IP einen Trojaner auf das System geschlichen haben .

Vielen Dank schonmal

Alt 16.06.2015, 13:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



hi,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 16.06.2015, 18:27   #3
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Hallo Schrauber hier das Logfile von Malewarebytes :

Gefunden wurde mit dem Programm wohl nichts ...

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
Malwarebytes | Free Anti-Malware & Internet Security Software

Database version:
main: v2015.06.16.03
rootkit: v2015.06.15.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Administrator :: ASPIRE [administrator]

16.06.2015 13:54:19
mbar-log-2015-06-16 (13-54-19).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 300626
Time elapsed: 1 hour(s), 28 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Hier der Report von TDSS Killer , er liefet einen Fund in der Harddisk .
Ist der Fund gravierend ? Um was für einen Schädling handelt es sich ?



15:46:12.0703 0x06ac TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:46:37.0968 0x06ac ============================================================
15:46:37.0968 0x06ac Current date / time: 2015/06/16 15:46:37.0968
15:46:37.0968 0x06ac SystemInfo:
15:46:37.0968 0x06ac
15:46:37.0968 0x06ac OS Version: 5.1.2600 ServicePack: 3.0
15:46:37.0968 0x06ac Product type: Workstation
15:46:37.0968 0x06ac ComputerName: ASPIRE
15:46:37.0968 0x06ac UserName: Administrator
15:46:37.0968 0x06ac Windows directory: C:\WINDOWS
15:46:37.0968 0x06ac System windows directory: C:\WINDOWS
15:46:37.0968 0x06ac Processor architecture: Intel x86
15:46:37.0968 0x06ac Number of processors: 2
15:46:37.0968 0x06ac Page size: 0x1000
15:46:37.0968 0x06ac Boot type: Normal boot
15:46:37.0968 0x06ac ============================================================
15:46:41.0406 0x06ac KLMD registered as C:\WINDOWS\system32\drivers\46948870.sys
15:46:42.0890 0x06ac System UUID: {27CBF010-E887-F38E-70A1-AB45267BF284}
15:46:46.0812 0x06ac Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:46:46.0828 0x06ac ============================================================
15:46:46.0828 0x06ac \Device\Harddisk0\DR0:
15:46:46.0828 0x06ac MBR partitions:
15:46:46.0828 0x06ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
15:46:46.0828 0x06ac ============================================================
15:46:46.0859 0x06ac C: <-> \Device\Harddisk0\DR0\Partition1
15:46:46.0859 0x06ac ============================================================
15:46:46.0859 0x06ac Initialize success
15:46:46.0859 0x06ac ============================================================
15:48:00.0390 0x0db0 ============================================================
15:48:00.0390 0x0db0 Scan started
15:48:00.0390 0x0db0 Mode: Manual; SigCheck; TDLFS;
15:48:00.0390 0x0db0 ============================================================
15:48:00.0390 0x0db0 KSN ping started
15:48:03.0000 0x0db0 KSN ping finished: true
15:48:04.0796 0x0db0 ================ Scan system memory ========================
15:48:04.0812 0x0db0 System memory - ok
15:48:04.0812 0x0db0 ================ Scan services =============================
15:48:05.0281 0x0db0 Abiosdsk - ok
15:48:05.0296 0x0db0 abp480n5 - ok
15:48:05.0703 0x0db0 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:48:07.0281 0x0db0 ACPI - ok
15:48:07.0828 0x0db0 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:48:08.0062 0x0db0 ACPIEC - ok
15:48:08.0062 0x0db0 adpu160m - ok
15:48:08.0234 0x0db0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:48:08.0656 0x0db0 aec - ok
15:48:08.0796 0x0db0 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:48:08.0968 0x0db0 AFD - ok
15:48:08.0968 0x0db0 Aha154x - ok
15:48:08.0984 0x0db0 aic78u2 - ok
15:48:09.0000 0x0db0 aic78xx - ok
15:48:09.0046 0x0db0 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:48:09.0375 0x0db0 Alerter - ok
15:48:09.0453 0x0db0 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
15:48:09.0812 0x0db0 ALG - ok
15:48:09.0828 0x0db0 AliIde - ok
15:48:11.0093 0x0db0 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
15:48:13.0734 0x0db0 Ambfilt - ok
15:48:13.0750 0x0db0 amsint - ok
15:48:14.0515 0x0db0 [ 6C82CA438DBBB56EBF46506360411BC9, 61B95C2B92586C80173D12B0D0435DB20DC941A9E1594A90A39569F5888BE4F4 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
15:48:15.0609 0x0db0 AntiVirMailService - ok
15:48:16.0156 0x0db0 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:48:16.0453 0x0db0 AntiVirSchedulerService - ok
15:48:16.0875 0x0db0 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:48:17.0156 0x0db0 AntiVirService - ok
15:48:18.0015 0x0db0 [ A9861F16762ABF8C1710E599FBBA6A7E, 42E3E1DDB6BA608928537AA83FF4312A6D6FE7DB0DEF4A1DFA69132F2394E899 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:48:19.0703 0x0db0 AntiVirWebService - ok
15:48:20.0015 0x0db0 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:48:20.0421 0x0db0 AppMgmt - ok
15:48:21.0531 0x0db0 [ 7CAE93FE5511D0C0688CFA56CF241E31, EF02A5A8FE71A8DAA99D2D82573EA91706B580DFB2A212B4D862C6500498CD87 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
15:48:22.0562 0x0db0 AR5416 - ok
15:48:22.0578 0x0db0 asc - ok
15:48:22.0578 0x0db0 asc3350p - ok
15:48:22.0593 0x0db0 asc3550 - ok
15:48:22.0843 0x0db0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:48:23.0078 0x0db0 aspnet_state - ok
15:48:23.0109 0x0db0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:48:23.0390 0x0db0 AsyncMac - ok
15:48:23.0500 0x0db0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:48:23.0796 0x0db0 atapi - ok
15:48:23.0812 0x0db0 Atdisk - ok
15:48:23.0937 0x0db0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:48:24.0281 0x0db0 Atmarpc - ok
15:48:24.0359 0x0db0 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:48:24.0609 0x0db0 AudioSrv - ok
15:48:24.0687 0x0db0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:48:24.0890 0x0db0 audstub - ok
15:48:25.0000 0x0db0 [ 18FB1022DAFC9036ADA9ECF432FAFD06, AFA23C96BDAE15DF4AB32F4CCA04A9D5C5C242E704DC12237CBF57757EBC35AE ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:48:25.0093 0x0db0 avgntflt - ok
15:48:25.0218 0x0db0 [ 062494C204553210FFC0FC33EA58EB36, 2A02003334D3F736907E743C5AB04604228E89DD918E060CCA346F8E739BEB16 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:48:25.0343 0x0db0 avipbb - ok
15:48:25.0390 0x0db0 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:48:25.0453 0x0db0 avkmgr - ok
15:48:25.0500 0x0db0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:48:25.0703 0x0db0 Beep - ok
15:48:26.0031 0x0db0 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
15:48:26.0812 0x0db0 BITS - ok
15:48:26.0937 0x0db0 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
15:48:27.0062 0x0db0 Browser - ok
15:48:27.0109 0x0db0 [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:48:27.0375 0x0db0 BthEnum - ok
15:48:27.0421 0x0db0 [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
15:48:27.0703 0x0db0 BTHMODEM - ok
15:48:27.0812 0x0db0 [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:48:28.0125 0x0db0 BthPan - ok
15:48:28.0390 0x0db0 [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
15:48:28.0687 0x0db0 BTHPORT - ok
15:48:28.0750 0x0db0 [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ C:\WINDOWS\System32\bthserv.dll
15:48:29.0062 0x0db0 BthServ - ok
15:48:29.0140 0x0db0 [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
15:48:29.0515 0x0db0 BTHUSB - ok
15:48:29.0593 0x0db0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:48:29.0812 0x0db0 cbidf2k - ok
15:48:29.0890 0x0db0 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:48:30.0156 0x0db0 CCDECODE - ok
15:48:30.0171 0x0db0 cd20xrnt - ok
15:48:30.0265 0x0db0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:48:30.0531 0x0db0 Cdaudio - ok
15:48:30.0625 0x0db0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:48:30.0921 0x0db0 Cdfs - ok
15:48:31.0015 0x0db0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:48:31.0281 0x0db0 Cdrom - ok
15:48:31.0281 0x0db0 Changer - ok
15:48:31.0359 0x0db0 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:48:31.0625 0x0db0 CiSvc - ok
15:48:31.0703 0x0db0 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:48:31.0937 0x0db0 ClipSrv - ok
15:48:32.0046 0x0db0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:32.0234 0x0db0 clr_optimization_v2.0.50727_32 - ok
15:48:32.0437 0x0db0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:48:32.0562 0x0db0 clr_optimization_v4.0.30319_32 - ok
15:48:32.0609 0x0db0 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:48:32.0843 0x0db0 CmBatt - ok
15:48:32.0859 0x0db0 CmdIde - ok
15:48:32.0921 0x0db0 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:48:33.0187 0x0db0 Compbatt - ok
15:48:33.0203 0x0db0 COMSysApp - ok
15:48:33.0218 0x0db0 Cpqarray - ok
15:48:33.0328 0x0db0 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:48:33.0625 0x0db0 CryptSvc - ok
15:48:33.0625 0x0db0 dac2w2k - ok
15:48:33.0640 0x0db0 dac960nt - ok
15:48:33.0937 0x0db0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:48:34.0468 0x0db0 DcomLaunch - ok
15:48:34.0609 0x0db0 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:48:34.0906 0x0db0 Dhcp - ok
15:48:35.0750 0x0db0 [ 589C7025A04F697B3D140ACCEC5F8592, 8470CB7BD2892E9452A8BD713F85D573AC6B4BFAE25D28A578D329311196EA34 ] Disc Soft Lite Bus Service C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
15:48:36.0296 0x0db0 Disc Soft Lite Bus Service - ok
15:48:36.0359 0x0db0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:48:36.0718 0x0db0 Disk - ok
15:48:36.0718 0x0db0 dmadmin - ok
15:48:37.0265 0x0db0 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:48:38.0312 0x0db0 dmboot - ok
15:48:38.0484 0x0db0 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:48:38.0875 0x0db0 dmio - ok
15:48:38.0937 0x0db0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:48:39.0250 0x0db0 dmload - ok
15:48:39.0328 0x0db0 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:48:39.0562 0x0db0 dmserver - ok
15:48:39.0640 0x0db0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:48:39.0875 0x0db0 DMusic - ok
15:48:39.0968 0x0db0 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:48:40.0062 0x0db0 Dnscache - ok
15:48:40.0171 0x0db0 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:48:40.0500 0x0db0 Dot3svc - ok
15:48:40.0500 0x0db0 dpti2o - ok
15:48:40.0562 0x0db0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:48:40.0750 0x0db0 drmkaud - ok
15:48:40.0843 0x0db0 [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus C:\WINDOWS\system32\DRIVERS\dtlitescsibus.sys
15:48:40.0875 0x0db0 dtlitescsibus - ok
15:48:40.0937 0x0db0 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:48:41.0156 0x0db0 EapHost - ok
15:48:41.0250 0x0db0 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:48:41.0546 0x0db0 ERSvc - ok
15:48:41.0656 0x0db0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
15:48:41.0781 0x0db0 Eventlog - ok
15:48:41.0984 0x0db0 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
15:48:42.0250 0x0db0 EventSystem - ok
15:48:42.0375 0x0db0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:48:42.0921 0x0db0 Fastfat - ok
15:48:43.0093 0x0db0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:48:43.0234 0x0db0 FastUserSwitchingCompatibility - ok
15:48:43.0265 0x0db0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:48:43.0468 0x0db0 Fdc - ok
15:48:43.0515 0x0db0 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:48:43.0843 0x0db0 Fips - ok
15:48:43.0906 0x0db0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:48:44.0125 0x0db0 Flpydisk - ok
15:48:44.0265 0x0db0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:48:44.0625 0x0db0 FltMgr - ok
15:48:44.0687 0x0db0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:48:44.0906 0x0db0 Fs_Rec - ok
15:48:45.0046 0x0db0 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:48:45.0390 0x0db0 Ftdisk - ok
15:48:45.0500 0x0db0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:48:45.0718 0x0db0 Gpc - ok
15:48:45.0859 0x0db0 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:48:46.0187 0x0db0 HDAudBus - ok
15:48:46.0328 0x0db0 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:48:46.0562 0x0db0 helpsvc - ok
15:48:46.0609 0x0db0 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:48:46.0937 0x0db0 HidServ - ok
15:48:47.0015 0x0db0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:48:47.0234 0x0db0 HidUsb - ok
15:48:47.0359 0x0db0 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:48:47.0687 0x0db0 hkmsvc - ok
15:48:47.0703 0x0db0 hpn - ok
15:48:47.0937 0x0db0 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:48:48.0187 0x0db0 HTTP - ok
15:48:48.0234 0x0db0 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:48:48.0546 0x0db0 HTTPFilter - ok
15:48:48.0546 0x0db0 i2omgmt - ok
15:48:48.0562 0x0db0 i2omp - ok
15:48:48.0609 0x0db0 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:48:48.0859 0x0db0 i8042prt - ok
15:48:52.0578 0x0db0 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:49:00.0109 0x0db0 ialm - ok
15:49:00.0203 0x0db0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:49:00.0468 0x0db0 Imapi - ok
15:49:00.0640 0x0db0 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:49:00.0984 0x0db0 ImapiService - ok
15:49:01.0000 0x0db0 ini910u - ok
15:49:04.0859 0x0db0 [ 2E9CDF1766FA55E88443E1EF48923BC8, 34194B34A0D5974B3207E774265A533F3D9181CBBDD382ABD0E3AB85BBCB76A7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:49:13.0000 0x0db0 IntcAzAudAddService - ok
15:49:13.0031 0x0db0 IntelIde - ok
15:49:13.0109 0x0db0 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:49:13.0359 0x0db0 intelppm - ok
15:49:13.0437 0x0db0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:49:13.0671 0x0db0 Ip6Fw - ok
15:49:13.0765 0x0db0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:49:14.0015 0x0db0 IpFilterDriver - ok
15:49:14.0093 0x0db0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:49:14.0453 0x0db0 IpInIp - ok
15:49:14.0562 0x0db0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:49:15.0031 0x0db0 IpNat - ok
15:49:15.0140 0x0db0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:49:15.0437 0x0db0 IPSec - ok
15:49:15.0468 0x0db0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:49:15.0703 0x0db0 IRENUM - ok
15:49:15.0765 0x0db0 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:49:16.0015 0x0db0 isapnp - ok
15:49:16.0078 0x0db0 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:49:16.0281 0x0db0 Kbdclass - ok
15:49:16.0484 0x0db0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:49:16.0812 0x0db0 kmixer - ok
15:49:16.0937 0x0db0 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:49:17.0140 0x0db0 KSecDD - ok
15:49:17.0250 0x0db0 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:49:17.0421 0x0db0 lanmanserver - ok
15:49:17.0546 0x0db0 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:49:17.0703 0x0db0 lanmanworkstation - ok
15:49:17.0703 0x0db0 lbrtfdc - ok
15:49:17.0765 0x0db0 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:49:18.0000 0x0db0 LmHosts - ok
15:49:18.0140 0x0db0 [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
15:49:18.0250 0x0db0 mbamchameleon - ok
15:49:18.0312 0x0db0 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:49:18.0578 0x0db0 Messenger - ok
15:49:18.0640 0x0db0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:49:18.0859 0x0db0 mnmdd - ok
15:49:18.0953 0x0db0 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:49:19.0296 0x0db0 mnmsrvc - ok
15:49:19.0406 0x0db0 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:49:19.0625 0x0db0 Modem - ok
15:49:20.0703 0x0db0 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
15:49:22.0546 0x0db0 Monfilt - ok
15:49:22.0593 0x0db0 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:49:23.0015 0x0db0 Mouclass - ok
15:49:23.0093 0x0db0 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:49:23.0328 0x0db0 mouhid - ok
15:49:23.0437 0x0db0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:49:23.0703 0x0db0 MountMgr - ok
15:49:23.0718 0x0db0 mraid35x - ok
15:49:23.0843 0x0db0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:49:24.0187 0x0db0 MRxDAV - ok
15:49:24.0578 0x0db0 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:49:25.0125 0x0db0 MRxSmb - ok
15:49:25.0171 0x0db0 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:49:25.0390 0x0db0 MSDTC - ok
15:49:25.0453 0x0db0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:49:25.0687 0x0db0 Msfs - ok
15:49:25.0687 0x0db0 MSIServer - ok
15:49:25.0718 0x0db0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:49:25.0953 0x0db0 MSKSSRV - ok
15:49:26.0000 0x0db0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:49:26.0187 0x0db0 MSPCLOCK - ok
15:49:26.0265 0x0db0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:49:26.0515 0x0db0 MSPQM - ok
15:49:26.0562 0x0db0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:49:26.0796 0x0db0 mssmbios - ok
15:49:26.0875 0x0db0 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:49:27.0125 0x0db0 MSTEE - ok
15:49:27.0250 0x0db0 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:49:27.0375 0x0db0 Mup - ok
15:49:27.0453 0x0db0 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:49:27.0750 0x0db0 NABTSFEC - ok
15:49:28.0015 0x0db0 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:49:28.0453 0x0db0 napagent - ok
15:49:28.0609 0x0db0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:49:28.0937 0x0db0 NDIS - ok
15:49:29.0031 0x0db0 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:49:29.0281 0x0db0 NdisIP - ok
15:49:29.0359 0x0db0 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:49:29.0421 0x0db0 NdisTapi - ok
15:49:29.0453 0x0db0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:49:29.0671 0x0db0 Ndisuio - ok
15:49:29.0781 0x0db0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:49:30.0078 0x0db0 NdisWan - ok
15:49:30.0156 0x0db0 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:49:30.0265 0x0db0 NDProxy - ok
15:49:30.0312 0x0db0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:49:30.0546 0x0db0 NetBIOS - ok
15:49:30.0703 0x0db0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:49:31.0093 0x0db0 NetBT - ok
15:49:31.0203 0x0db0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
15:49:31.0484 0x0db0 NetDDE - ok
15:49:31.0609 0x0db0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:49:31.0859 0x0db0 NetDDEdsdm - ok
15:49:31.0937 0x0db0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:49:32.0250 0x0db0 Netlogon - ok
15:49:32.0390 0x0db0 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
15:49:32.0734 0x0db0 Netman - ok
15:49:32.0906 0x0db0 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
15:49:33.0109 0x0db0 Nla - ok
15:49:33.0171 0x0db0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:49:33.0453 0x0db0 Npfs - ok
15:49:33.0812 0x0db0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:49:34.0625 0x0db0 Ntfs - ok
15:49:34.0687 0x0db0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:49:34.0875 0x0db0 NtLmSsp - ok
15:49:35.0218 0x0db0 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:49:35.0859 0x0db0 NtmsSvc - ok
15:49:35.0906 0x0db0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:49:36.0140 0x0db0 Null - ok
15:49:36.0203 0x0db0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:49:36.0437 0x0db0 NwlnkFlt - ok
15:49:36.0468 0x0db0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:49:36.0718 0x0db0 NwlnkFwd - ok
15:49:36.0843 0x0db0 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:49:37.0109 0x0db0 Parport - ok
15:49:37.0171 0x0db0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:49:37.0500 0x0db0 PartMgr - ok
15:49:37.0593 0x0db0 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:49:37.0812 0x0db0 ParVdm - ok
15:49:37.0906 0x0db0 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:49:38.0250 0x0db0 PCI - ok
15:49:38.0250 0x0db0 PCIDump - ok
15:49:38.0281 0x0db0 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:49:38.0484 0x0db0 PCIIde - ok
15:49:38.0640 0x0db0 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:49:38.0921 0x0db0 Pcmcia - ok
15:49:38.0921 0x0db0 PDCOMP - ok
15:49:38.0937 0x0db0 PDFRAME - ok
15:49:38.0953 0x0db0 PDRELI - ok
15:49:38.0953 0x0db0 PDRFRAME - ok
15:49:38.0968 0x0db0 perc2 - ok
15:49:38.0968 0x0db0 perc2hib - ok
15:49:39.0109 0x0db0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
15:49:39.0156 0x0db0 PlugPlay - ok
15:49:39.0265 0x0db0 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
15:49:39.0296 0x0db0 PnkBstrA - ok
15:49:39.0312 0x0db0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:49:39.0546 0x0db0 PolicyAgent - ok
15:49:39.0656 0x0db0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:49:39.0921 0x0db0 PptpMiniport - ok
15:49:39.0984 0x0db0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:49:40.0234 0x0db0 ProtectedStorage - ok
15:49:40.0312 0x0db0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:49:40.0609 0x0db0 PSched - ok
15:49:40.0625 0x0db0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:49:40.0906 0x0db0 Ptilink - ok
15:49:40.0906 0x0db0 ql1080 - ok
15:49:40.0921 0x0db0 Ql10wnt - ok
15:49:40.0921 0x0db0 ql12160 - ok
15:49:40.0937 0x0db0 ql1240 - ok
15:49:40.0953 0x0db0 ql1280 - ok
15:49:41.0015 0x0db0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:49:41.0234 0x0db0 RasAcd - ok
15:49:41.0328 0x0db0 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:49:41.0609 0x0db0 RasAuto - ok
15:49:41.0703 0x0db0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:49:42.0000 0x0db0 Rasl2tp - ok
15:49:42.0187 0x0db0 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:49:42.0515 0x0db0 RasMan - ok
15:49:42.0625 0x0db0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:49:42.0921 0x0db0 RasPppoe - ok
15:49:42.0953 0x0db0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:49:43.0203 0x0db0 Raspti - ok
15:49:43.0375 0x0db0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:49:43.0703 0x0db0 Rdbss - ok
15:49:43.0765 0x0db0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:49:43.0968 0x0db0 RDPCDD - ok
15:49:44.0171 0x0db0 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:49:44.0515 0x0db0 rdpdr - ok
15:49:44.0687 0x0db0 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:49:44.0843 0x0db0 RDPWD - ok
15:49:44.0984 0x0db0 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:49:45.0343 0x0db0 RDSessMgr - ok
15:49:45.0437 0x0db0 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:49:45.0703 0x0db0 redbook - ok
15:49:45.0796 0x0db0 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:49:46.0125 0x0db0 RemoteAccess - ok
15:49:46.0218 0x0db0 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:49:46.0484 0x0db0 RemoteRegistry - ok
15:49:46.0578 0x0db0 [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:49:46.0843 0x0db0 RFCOMM - ok
15:49:46.0937 0x0db0 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:49:47.0281 0x0db0 RpcLocator - ok
15:49:47.0546 0x0db0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:49:47.0796 0x0db0 RpcSs - ok
15:49:47.0937 0x0db0 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:49:48.0265 0x0db0 RSVP - ok
15:49:48.0296 0x0db0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
15:49:48.0531 0x0db0 SamSs - ok
15:49:48.0671 0x0db0 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:49:48.0953 0x0db0 SCardSvr - ok
15:49:49.0140 0x0db0 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:49:49.0515 0x0db0 Schedule - ok
15:49:49.0609 0x0db0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:49:49.0828 0x0db0 Secdrv - ok
15:49:49.0906 0x0db0 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
15:49:50.0156 0x0db0 seclogon - ok
15:49:50.0234 0x0db0 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
15:49:50.0484 0x0db0 SENS - ok
15:49:50.0593 0x0db0 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:49:50.0890 0x0db0 Serial - ok
15:49:50.0968 0x0db0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:49:51.0218 0x0db0 Sfloppy - ok
15:49:51.0546 0x0db0 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:49:52.0187 0x0db0 SharedAccess - ok
15:49:52.0328 0x0db0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:49:52.0406 0x0db0 ShellHWDetection - ok
15:49:52.0421 0x0db0 Simbad - ok
15:49:52.0468 0x0db0 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:49:52.0671 0x0db0 SLIP - ok
15:49:52.0687 0x0db0 Sparrow - ok
15:49:52.0734 0x0db0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:49:52.0953 0x0db0 splitter - ok
15:49:53.0078 0x0db0 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:49:53.0171 0x0db0 Spooler - ok
15:49:53.0250 0x0db0 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:49:53.0531 0x0db0 sr - ok
15:49:53.0718 0x0db0 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
15:49:54.0093 0x0db0 srservice - ok
15:49:54.0421 0x0db0 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:49:54.0890 0x0db0 Srv - ok
15:49:54.0984 0x0db0 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:49:55.0250 0x0db0 SSDPSRV - ok
15:49:55.0343 0x0db0 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:49:55.0390 0x0db0 ssmdrv - ok
15:49:55.0671 0x0db0 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:49:56.0281 0x0db0 stisvc - ok
15:49:56.0359 0x0db0 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:49:56.0625 0x0db0 streamip - ok
15:49:56.0703 0x0db0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:49:56.0921 0x0db0 swenum - ok
15:49:57.0046 0x0db0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:49:57.0359 0x0db0 swmidi - ok
15:49:57.0375 0x0db0 SwPrv - ok
15:49:57.0390 0x0db0 symc810 - ok
15:49:57.0390 0x0db0 symc8xx - ok
15:49:57.0406 0x0db0 sym_hi - ok
15:49:57.0421 0x0db0 sym_u3 - ok
15:49:57.0484 0x0db0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:49:57.0781 0x0db0 sysaudio - ok
15:49:57.0937 0x0db0 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:49:58.0328 0x0db0 SysmonLog - ok
15:49:58.0546 0x0db0 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:49:58.0968 0x0db0 TapiSrv - ok
15:49:59.0281 0x0db0 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:49:59.0734 0x0db0 Tcpip - ok
15:49:59.0781 0x0db0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:50:00.0171 0x0db0 TDPIPE - ok
15:50:00.0234 0x0db0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:50:00.0484 0x0db0 TDTCP - ok
15:50:00.0546 0x0db0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:50:00.0953 0x0db0 TermDD - ok
15:50:01.0218 0x0db0 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
15:50:01.0484 0x0db0 TermService - ok
15:50:01.0734 0x0db0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:50:01.0765 0x0db0 Themes - ok
15:50:01.0859 0x0db0 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:50:02.0171 0x0db0 TlntSvr - ok
15:50:02.0171 0x0db0 TosIde - ok
15:50:02.0312 0x0db0 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:50:02.0734 0x0db0 TrkWks - ok
15:50:02.0859 0x0db0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:50:03.0265 0x0db0 Udfs - ok
15:50:03.0265 0x0db0 ultra - ok
15:50:03.0390 0x0db0 [ 1977313E362C8732C1AF4D1BCB9C06B7, C87AD4D2ECBA736C2B2FA55983C543FF5EB19BBBDF689462884CD7819217458F ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
15:50:03.0437 0x0db0 UMWdf - detected UnsignedFile.Multi.Generic ( 1 )
15:50:05.0843 0x0db0 Detect skipped due to KSN trusted
15:50:05.0843 0x0db0 UMWdf - ok
15:50:06.0187 0x0db0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:50:06.0953 0x0db0 Update - ok
15:50:07.0140 0x0db0 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:50:07.0484 0x0db0 upnphost - ok
15:50:07.0531 0x0db0 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
15:50:07.0828 0x0db0 UPS - ok
15:50:07.0937 0x0db0 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:50:08.0078 0x0db0 usbaudio - ok
15:50:08.0140 0x0db0 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:50:08.0234 0x0db0 usbccgp - ok
15:50:08.0281 0x0db0 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:50:08.0328 0x0db0 usbehci - ok
15:50:08.0406 0x0db0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:50:08.0718 0x0db0 usbhub - ok
15:50:08.0781 0x0db0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:50:09.0000 0x0db0 usbstor - ok
15:50:09.0078 0x0db0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:50:09.0281 0x0db0 usbuhci - ok
15:50:09.0421 0x0db0 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
15:50:09.0609 0x0db0 usbvideo - ok
15:50:09.0640 0x0db0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:50:09.0859 0x0db0 VgaSave - ok
15:50:09.0875 0x0db0 ViaIde - ok
15:50:09.0968 0x0db0 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:50:10.0218 0x0db0 VolSnap - ok
15:50:10.0546 0x0db0 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
15:50:11.0015 0x0db0 VSS - ok
15:50:11.0187 0x0db0 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
15:50:11.0515 0x0db0 W32Time - ok
15:50:11.0593 0x0db0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:50:11.0875 0x0db0 Wanarp - ok
15:50:12.0218 0x0db0 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
15:50:12.0734 0x0db0 Wdf01000 - ok
15:50:12.0750 0x0db0 WDICA - ok
15:50:12.0828 0x0db0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:50:13.0187 0x0db0 wdmaud - ok
15:50:13.0296 0x0db0 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
15:50:13.0578 0x0db0 WebClient - ok
15:50:13.0812 0x0db0 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:50:14.0218 0x0db0 winmgmt - ok
15:50:14.0328 0x0db0 [ 5FDCCC838CD95F61097D8A637F842AA8, 9EB9E7BEFFF061E1BABABB13C6C9194E835E53F2D550F5C666F5A4B2FAC2B6D5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:50:14.0343 0x0db0 WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
15:50:16.0750 0x0db0 Detect skipped due to KSN trusted
15:50:16.0750 0x0db0 WmdmPmSN - ok
15:50:17.0234 0x0db0 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:50:18.0125 0x0db0 Wmi - ok
15:50:18.0171 0x0db0 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:50:18.0484 0x0db0 WmiAcpi - ok
15:50:18.0656 0x0db0 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:50:19.0031 0x0db0 WmiApSrv - ok
15:50:19.0703 0x0db0 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:50:21.0046 0x0db0 WPFFontCache_v0400 - ok
15:50:21.0156 0x0db0 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:50:21.0468 0x0db0 wscsvc - ok
15:50:21.0562 0x0db0 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:50:21.0812 0x0db0 WSTCODEC - ok
15:50:21.0875 0x0db0 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:50:22.0156 0x0db0 wuauserv - ok
15:50:22.0546 0x0db0 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:50:23.0312 0x0db0 WZCSVC - ok
15:50:23.0453 0x0db0 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:50:23.0703 0x0db0 xmlprov - ok
15:50:23.0812 0x0db0 [ 09E5340BD9B2CB730BF4DC6BE7721291, 785DEFAE550CAB5BDFA15CF195A1DEF5AD188EFEAD2D8B1508972CF892BB75A9 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
15:50:23.0875 0x0db0 xusb21 - ok
15:50:23.0890 0x0db0 ================ Scan global ===============================
15:50:23.0953 0x0db0 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
15:50:24.0234 0x0db0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:50:24.0640 0x0db0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:50:24.0765 0x0db0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
15:50:24.0765 0x0db0 [ Global ] - ok
15:50:24.0765 0x0db0 ================ Scan MBR ==================================
15:50:24.0812 0x0db0 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:50:25.0234 0x0db0 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
15:50:25.0234 0x0db0 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:50:27.0625 0x0db0 ================ Scan VBR ==================================
15:50:27.0625 0x0db0 [ 61832E024DE1742A9A6FEAB7F4168BC8 ] \Device\Harddisk0\DR0\Partition1
15:50:27.0656 0x0db0 \Device\Harddisk0\DR0\Partition1 - ok
15:50:27.0656 0x0db0 ================ Scan generic autorun ======================
15:50:39.0421 0x0db0 [ 496974CF715C9129D38539A4972E01E4, 00B682BDF37D33391C387F2B84F2688083860A511405B9492196DD6C85C7646C ] C:\WINDOWS\RTHDCPL.EXE
15:50:51.0734 0x0db0 RTHDCPL - ok
15:50:51.0796 0x0db0 BluetoothAuthenticationAgent - ok
15:50:52.0296 0x0db0 [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
15:50:52.0671 0x0db0 avgnt - ok
15:50:52.0796 0x0db0 [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
15:50:52.0953 0x0db0 IgfxTray - ok
15:50:53.0109 0x0db0 [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
15:50:53.0265 0x0db0 HotKeysCmds - ok
15:50:53.0359 0x0db0 [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
15:50:53.0468 0x0db0 Persistence - ok
15:50:53.0484 0x0db0 KernelFaultCheck - ok
15:50:54.0000 0x0db0 [ C4AA81EA4434C2C14B6648AD7CD8294E, 6D1502770912BD50B310BD068A43188E4CF2C674631BB7A20EAF2E0CFA9C870A ] c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
15:50:54.0359 0x0db0 XboxStat - ok
15:50:54.0406 0x0db0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:50:54.0625 0x0db0 CTFMON.EXE - ok
15:50:54.0703 0x0db0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:50:54.0921 0x0db0 CTFMON.EXE - ok
15:50:54.0984 0x0db0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:50:55.0218 0x0db0 CTFMON.EXE - ok
15:50:55.0281 0x0db0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
15:50:55.0500 0x0db0 CTFMON.EXE - ok
15:50:57.0812 0x0db0 [ 6CB0A7EFED5A8B3AAF82D8FF1BF6CB72, 5E306C3145120F14EA407AB431513FA0F6DBFB8B7B2AEE443E1BEC4BD9393F77 ] C:\Programme\DAEMON Tools Lite\DTAgent.exe
15:51:02.0187 0x0db0 DAEMON Tools Lite Automount - ok
15:51:02.0296 0x0db0 Akamai NetSession Interface - ok
15:51:02.0296 0x0db0 Waiting for KSN requests completion. In queue: 1
15:51:03.0296 0x0db0 Waiting for KSN requests completion. In queue: 1
15:51:04.0296 0x0db0 Waiting for KSN requests completion. In queue: 1
15:51:05.0453 0x0db0 AV detected via SS1: Avira Antivirus, 15.0.11.572, enabled, updated
15:51:05.0468 0x0db0 Win FW state via NFM: enabled
15:51:07.0859 0x0db0 ============================================================
15:51:07.0859 0x0db0 Scan finished
15:51:07.0859 0x0db0 ============================================================
15:51:07.0890 0x04e8 Detected object count: 1
15:51:07.0890 0x04e8 Actual detected object count: 1
15:52:00.0781 0x04e8 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:52:00.0781 0x04e8 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:52:34.0781 0x0660 Deinitialize success

Es handelt sich wohl um den Trojaner : TR/ATRAPS.Gen2

In wie weit ist der Gefährlich und Schrauber kannst du sehen wie und wann der Trojaner auf das System gekommen ist ?

Grüße
__________________

Geändert von Anti-Trojana (16.06.2015 um 15:21 Uhr)

Alt 17.06.2015, 15:20   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Warum machst Du 2 Themen auf????

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.06.2015, 23:10   #5
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Sorry ich dachte Problem und Logfiles werden verschieden gepostet .

Hier die Logfile aus TDSSKiller mit dn ersten Fund . Beim Zeiten Scan wurden auch 2 Dinge gefunden. Ich gehe von einen BackDoor Trojaner aus der Mutwillig aufs System geshleuchst wurde.

Hier die Files :

18:27:51.0453 0x063c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:27:54.0421 0x063c ============================================================
18:27:54.0421 0x063c Current date / time: 2015/06/16 18:27:54.0421
18:27:54.0421 0x063c SystemInfo:
18:27:54.0421 0x063c
18:27:54.0421 0x063c OS Version: 5.1.2600 ServicePack: 3.0
18:27:54.0421 0x063c Product type: Workstation
18:27:54.0437 0x063c ComputerName: ASPIRE
18:27:54.0437 0x063c UserName: Administrator
18:27:54.0437 0x063c Windows directory: C:\WINDOWS
18:27:54.0437 0x063c System windows directory: C:\WINDOWS
18:27:54.0437 0x063c Processor architecture: Intel x86
18:27:54.0437 0x063c Number of processors: 2
18:27:54.0437 0x063c Page size: 0x1000
18:27:54.0437 0x063c Boot type: Normal boot
18:27:54.0437 0x063c ============================================================
18:27:57.0718 0x063c KLMD registered as C:\WINDOWS\system32\drivers\66617678.sys
18:27:57.0875 0x063c System UUID: {27CBF010-E887-F38E-70A1-AB45267BF284}
18:27:58.0734 0x063c Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:27:58.0750 0x063c ============================================================
18:27:58.0750 0x063c \Device\Harddisk0\DR0:
18:27:58.0750 0x063c MBR partitions:
18:27:58.0750 0x063c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
18:27:58.0750 0x063c ============================================================
18:27:58.0765 0x063c C: <-> \Device\Harddisk0\DR0\Partition1
18:27:58.0765 0x063c ============================================================
18:27:58.0765 0x063c Initialize success
18:27:58.0765 0x063c ============================================================
18:28:05.0109 0x0b28 ============================================================
18:28:05.0109 0x0b28 Scan started
18:28:05.0109 0x0b28 Mode: Manual; SigCheck; TDLFS;
18:28:05.0109 0x0b28 ============================================================
18:28:05.0109 0x0b28 KSN ping started
18:28:07.0625 0x0b28 KSN ping finished: true
18:28:08.0421 0x0b28 ================ Scan system memory ========================
18:28:08.0421 0x0b28 System memory - ok
18:28:08.0421 0x0b28 ================ Scan services =============================
18:28:08.0531 0x0b28 Abiosdsk - ok
18:28:08.0531 0x0b28 abp480n5 - ok
18:28:08.0593 0x0b28 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:28:09.0281 0x0b28 ACPI - ok
18:28:09.0437 0x0b28 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:28:09.0640 0x0b28 ACPIEC - ok
18:28:09.0656 0x0b28 adpu160m - ok
18:28:09.0703 0x0b28 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:28:09.0953 0x0b28 aec - ok
18:28:10.0031 0x0b28 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:28:10.0078 0x0b28 AFD - ok
18:28:10.0078 0x0b28 Aha154x - ok
18:28:10.0093 0x0b28 aic78u2 - ok
18:28:10.0093 0x0b28 aic78xx - ok
18:28:10.0125 0x0b28 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:28:10.0359 0x0b28 Alerter - ok
18:28:10.0390 0x0b28 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
18:28:10.0593 0x0b28 ALG - ok
18:28:10.0609 0x0b28 AliIde - ok
18:28:10.0796 0x0b28 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:28:11.0031 0x0b28 Ambfilt - ok
18:28:11.0046 0x0b28 amsint - ok
18:28:11.0203 0x0b28 [ 6C82CA438DBBB56EBF46506360411BC9, 61B95C2B92586C80173D12B0D0435DB20DC941A9E1594A90A39569F5888BE4F4 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
18:28:11.0281 0x0b28 AntiVirMailService - ok
18:28:11.0359 0x0b28 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
18:28:11.0406 0x0b28 AntiVirSchedulerService - ok
18:28:11.0484 0x0b28 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
18:28:11.0546 0x0b28 AntiVirService - ok
18:28:11.0671 0x0b28 [ A9861F16762ABF8C1710E599FBBA6A7E, 42E3E1DDB6BA608928537AA83FF4312A6D6FE7DB0DEF4A1DFA69132F2394E899 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:28:11.0781 0x0b28 AntiVirWebService - ok
18:28:11.0875 0x0b28 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:28:12.0171 0x0b28 AppMgmt - ok
18:28:12.0359 0x0b28 [ 7CAE93FE5511D0C0688CFA56CF241E31, EF02A5A8FE71A8DAA99D2D82573EA91706B580DFB2A212B4D862C6500498CD87 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
18:28:12.0531 0x0b28 AR5416 - ok
18:28:12.0546 0x0b28 asc - ok
18:28:12.0562 0x0b28 asc3350p - ok
18:28:12.0562 0x0b28 asc3550 - ok
18:28:12.0656 0x0b28 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:28:12.0687 0x0b28 aspnet_state - ok
18:28:12.0718 0x0b28 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:28:12.0968 0x0b28 AsyncMac - ok
18:28:13.0046 0x0b28 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:28:13.0312 0x0b28 atapi - ok
18:28:13.0312 0x0b28 Atdisk - ok
18:28:13.0390 0x0b28 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:28:13.0656 0x0b28 Atmarpc - ok
18:28:13.0734 0x0b28 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:28:14.0000 0x0b28 AudioSrv - ok
18:28:14.0078 0x0b28 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:28:14.0312 0x0b28 audstub - ok
18:28:14.0359 0x0b28 [ 18FB1022DAFC9036ADA9ECF432FAFD06, AFA23C96BDAE15DF4AB32F4CCA04A9D5C5C242E704DC12237CBF57757EBC35AE ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:28:14.0390 0x0b28 avgntflt - ok
18:28:14.0453 0x0b28 [ 062494C204553210FFC0FC33EA58EB36, 2A02003334D3F736907E743C5AB04604228E89DD918E060CCA346F8E739BEB16 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:28:14.0484 0x0b28 avipbb - ok
18:28:14.0531 0x0b28 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:28:14.0546 0x0b28 avkmgr - ok
18:28:14.0593 0x0b28 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:28:14.0843 0x0b28 Beep - ok
18:28:14.0968 0x0b28 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
18:28:15.0234 0x0b28 BITS - ok
18:28:15.0312 0x0b28 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
18:28:15.0359 0x0b28 Browser - ok
18:28:15.0390 0x0b28 [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
18:28:15.0656 0x0b28 BthEnum - ok
18:28:15.0718 0x0b28 [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
18:28:15.0921 0x0b28 BTHMODEM - ok
18:28:15.0968 0x0b28 [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
18:28:16.0187 0x0b28 BthPan - ok
18:28:16.0281 0x0b28 [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
18:28:16.0328 0x0b28 BTHPORT - ok
18:28:16.0375 0x0b28 [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ C:\WINDOWS\System32\bthserv.dll
18:28:16.0578 0x0b28 BthServ - ok
18:28:16.0656 0x0b28 [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
18:28:16.0906 0x0b28 BTHUSB - ok
18:28:16.0968 0x0b28 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:28:17.0156 0x0b28 cbidf2k - ok
18:28:17.0218 0x0b28 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:28:17.0437 0x0b28 CCDECODE - ok
18:28:17.0437 0x0b28 cd20xrnt - ok
18:28:17.0515 0x0b28 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:28:17.0718 0x0b28 Cdaudio - ok
18:28:17.0781 0x0b28 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:28:18.0000 0x0b28 Cdfs - ok
18:28:18.0046 0x0b28 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:28:18.0250 0x0b28 Cdrom - ok
18:28:18.0265 0x0b28 Changer - ok
18:28:18.0328 0x0b28 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:28:18.0531 0x0b28 CiSvc - ok
18:28:18.0578 0x0b28 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:28:18.0796 0x0b28 ClipSrv - ok
18:28:18.0875 0x0b28 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:18.0890 0x0b28 clr_optimization_v2.0.50727_32 - ok
18:28:18.0968 0x0b28 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:19.0000 0x0b28 clr_optimization_v4.0.30319_32 - ok
18:28:19.0046 0x0b28 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:28:19.0250 0x0b28 CmBatt - ok
18:28:19.0250 0x0b28 CmdIde - ok
18:28:19.0312 0x0b28 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:28:19.0546 0x0b28 Compbatt - ok
18:28:19.0562 0x0b28 COMSysApp - ok
18:28:19.0578 0x0b28 Cpqarray - ok
18:28:19.0640 0x0b28 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:28:19.0859 0x0b28 CryptSvc - ok
18:28:19.0875 0x0b28 dac2w2k - ok
18:28:19.0875 0x0b28 dac960nt - ok
18:28:19.0984 0x0b28 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:28:20.0062 0x0b28 DcomLaunch - ok
18:28:20.0109 0x0b28 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:28:20.0328 0x0b28 Dhcp - ok
18:28:20.0515 0x0b28 [ 589C7025A04F697B3D140ACCEC5F8592, 8470CB7BD2892E9452A8BD713F85D573AC6B4BFAE25D28A578D329311196EA34 ] Disc Soft Lite Bus Service C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
18:28:20.0640 0x0b28 Disc Soft Lite Bus Service - ok
18:28:20.0703 0x0b28 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:28:20.0937 0x0b28 Disk - ok
18:28:20.0953 0x0b28 dmadmin - ok
18:28:21.0062 0x0b28 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:28:21.0468 0x0b28 dmboot - ok
18:28:21.0531 0x0b28 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:28:21.0781 0x0b28 dmio - ok
18:28:21.0843 0x0b28 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:28:22.0093 0x0b28 dmload - ok
18:28:22.0171 0x0b28 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:28:22.0421 0x0b28 dmserver - ok
18:28:22.0500 0x0b28 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:28:22.0750 0x0b28 DMusic - ok
18:28:22.0843 0x0b28 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:28:22.0859 0x0b28 Dnscache - ok
18:28:22.0906 0x0b28 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:28:23.0171 0x0b28 Dot3svc - ok
18:28:23.0187 0x0b28 dpti2o - ok
18:28:23.0234 0x0b28 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:28:23.0468 0x0b28 drmkaud - ok
18:28:23.0546 0x0b28 [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus C:\WINDOWS\system32\DRIVERS\dtlitescsibus.sys
18:28:23.0578 0x0b28 dtlitescsibus - ok
18:28:23.0609 0x0b28 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:28:23.0859 0x0b28 EapHost - ok
18:28:23.0937 0x0b28 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:28:24.0218 0x0b28 ERSvc - ok
18:28:24.0312 0x0b28 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
18:28:24.0359 0x0b28 Eventlog - ok
18:28:24.0421 0x0b28 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
18:28:24.0468 0x0b28 EventSystem - ok
18:28:24.0515 0x0b28 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:28:24.0718 0x0b28 Fastfat - ok
18:28:24.0812 0x0b28 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:28:24.0859 0x0b28 FastUserSwitchingCompatibility - ok
18:28:24.0875 0x0b28 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:28:25.0062 0x0b28 Fdc - ok
18:28:25.0078 0x0b28 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:28:25.0328 0x0b28 Fips - ok
18:28:25.0375 0x0b28 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:28:25.0578 0x0b28 Flpydisk - ok
18:28:25.0640 0x0b28 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:28:25.0843 0x0b28 FltMgr - ok
18:28:25.0906 0x0b28 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:28:26.0109 0x0b28 Fs_Rec - ok
18:28:26.0203 0x0b28 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:28:26.0421 0x0b28 Ftdisk - ok
18:28:26.0453 0x0b28 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:28:26.0671 0x0b28 Gpc - ok
18:28:26.0718 0x0b28 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:28:26.0937 0x0b28 HDAudBus - ok
18:28:27.0031 0x0b28 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:28:27.0234 0x0b28 helpsvc - ok
18:28:27.0296 0x0b28 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:28:27.0515 0x0b28 HidServ - ok
18:28:27.0593 0x0b28 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:28:27.0812 0x0b28 HidUsb - ok
18:28:27.0890 0x0b28 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:28:28.0125 0x0b28 hkmsvc - ok
18:28:28.0140 0x0b28 hpn - ok
18:28:28.0218 0x0b28 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:28:28.0296 0x0b28 HTTP - ok
18:28:28.0343 0x0b28 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:28:28.0593 0x0b28 HTTPFilter - ok
18:28:28.0609 0x0b28 i2omgmt - ok
18:28:28.0609 0x0b28 i2omp - ok
18:28:28.0671 0x0b28 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:28:28.0875 0x0b28 i8042prt - ok
18:28:29.0375 0x0b28 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:28:30.0015 0x0b28 ialm - ok
18:28:30.0078 0x0b28 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:28:30.0296 0x0b28 Imapi - ok
18:28:30.0375 0x0b28 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:28:30.0656 0x0b28 ImapiService - ok
18:28:30.0671 0x0b28 ini910u - ok
18:28:31.0218 0x0b28 [ 2E9CDF1766FA55E88443E1EF48923BC8, 34194B34A0D5974B3207E774265A533F3D9181CBBDD382ABD0E3AB85BBCB76A7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:28:31.0765 0x0b28 IntcAzAudAddService - ok
18:28:31.0796 0x0b28 IntelIde - ok
18:28:31.0875 0x0b28 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:28:32.0078 0x0b28 intelppm - ok
18:28:32.0125 0x0b28 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:28:32.0375 0x0b28 Ip6Fw - ok
18:28:32.0421 0x0b28 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:28:32.0625 0x0b28 IpFilterDriver - ok
18:28:32.0671 0x0b28 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:28:32.0890 0x0b28 IpInIp - ok
18:28:32.0953 0x0b28 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:28:33.0171 0x0b28 IpNat - ok
18:28:33.0234 0x0b28 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:28:33.0437 0x0b28 IPSec - ok
18:28:33.0484 0x0b28 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:28:33.0687 0x0b28 IRENUM - ok
18:28:33.0750 0x0b28 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:28:33.0937 0x0b28 isapnp - ok
18:28:34.0000 0x0b28 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:28:34.0187 0x0b28 Kbdclass - ok
18:28:34.0265 0x0b28 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:28:34.0484 0x0b28 kmixer - ok
18:28:34.0546 0x0b28 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:28:34.0578 0x0b28 KSecDD - ok
18:28:34.0625 0x0b28 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:28:34.0656 0x0b28 lanmanserver - ok
18:28:34.0703 0x0b28 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:28:34.0750 0x0b28 lanmanworkstation - ok
18:28:34.0750 0x0b28 lbrtfdc - ok
18:28:34.0812 0x0b28 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:28:35.0015 0x0b28 LmHosts - ok
18:28:35.0062 0x0b28 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:28:35.0281 0x0b28 Messenger - ok
18:28:35.0328 0x0b28 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:28:35.0531 0x0b28 mnmdd - ok
18:28:35.0609 0x0b28 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:28:35.0812 0x0b28 mnmsrvc - ok
18:28:35.0875 0x0b28 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:28:36.0093 0x0b28 Modem - ok
18:28:36.0250 0x0b28 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:28:36.0390 0x0b28 Monfilt - ok
18:28:36.0421 0x0b28 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:28:36.0625 0x0b28 Mouclass - ok
18:28:36.0687 0x0b28 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:28:36.0890 0x0b28 mouhid - ok
18:28:36.0968 0x0b28 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:28:37.0156 0x0b28 MountMgr - ok
18:28:37.0171 0x0b28 mraid35x - ok
18:28:37.0234 0x0b28 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:28:37.0453 0x0b28 MRxDAV - ok
18:28:37.0546 0x0b28 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:28:37.0640 0x0b28 MRxSmb - ok
18:28:37.0687 0x0b28 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:28:37.0875 0x0b28 MSDTC - ok
18:28:37.0937 0x0b28 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:28:38.0140 0x0b28 Msfs - ok
18:28:38.0140 0x0b28 MSIServer - ok
18:28:38.0203 0x0b28 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:28:38.0437 0x0b28 MSKSSRV - ok
18:28:38.0468 0x0b28 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:28:38.0671 0x0b28 MSPCLOCK - ok
18:28:38.0718 0x0b28 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:28:38.0937 0x0b28 MSPQM - ok
18:28:39.0015 0x0b28 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:28:39.0203 0x0b28 mssmbios - ok
18:28:39.0265 0x0b28 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:28:39.0484 0x0b28 MSTEE - ok
18:28:39.0562 0x0b28 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:28:39.0609 0x0b28 Mup - ok
18:28:39.0625 0x0b28 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:28:39.0890 0x0b28 NABTSFEC - ok
18:28:39.0968 0x0b28 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:28:40.0234 0x0b28 napagent - ok
18:28:40.0296 0x0b28 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:28:40.0515 0x0b28 NDIS - ok
18:28:40.0578 0x0b28 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:28:40.0781 0x0b28 NdisIP - ok
18:28:40.0843 0x0b28 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:28:40.0875 0x0b28 NdisTapi - ok
18:28:40.0906 0x0b28 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:28:41.0109 0x0b28 Ndisuio - ok
18:28:41.0125 0x0b28 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:28:41.0328 0x0b28 NdisWan - ok
18:28:41.0421 0x0b28 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:28:41.0468 0x0b28 NDProxy - ok
18:28:41.0500 0x0b28 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:28:41.0718 0x0b28 NetBIOS - ok
18:28:41.0781 0x0b28 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:28:42.0000 0x0b28 NetBT - ok
18:28:42.0078 0x0b28 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
18:28:42.0296 0x0b28 NetDDE - ok
18:28:42.0359 0x0b28 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:28:42.0578 0x0b28 NetDDEdsdm - ok
18:28:42.0640 0x0b28 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:28:42.0859 0x0b28 Netlogon - ok
18:28:42.0921 0x0b28 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
18:28:43.0140 0x0b28 Netman - ok
18:28:43.0218 0x0b28 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
18:28:43.0281 0x0b28 Nla - ok
18:28:43.0328 0x0b28 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:28:43.0562 0x0b28 Npfs - ok
18:28:43.0609 0x0b28 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:28:43.0890 0x0b28 Ntfs - ok
18:28:43.0953 0x0b28 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:28:44.0140 0x0b28 NtLmSsp - ok
18:28:44.0234 0x0b28 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:28:44.0484 0x0b28 NtmsSvc - ok
18:28:44.0546 0x0b28 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:28:44.0734 0x0b28 Null - ok
18:28:44.0812 0x0b28 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:28:45.0015 0x0b28 NwlnkFlt - ok
18:28:45.0031 0x0b28 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:28:45.0218 0x0b28 NwlnkFwd - ok
18:28:45.0296 0x0b28 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
18:28:45.0500 0x0b28 Parport - ok
18:28:45.0546 0x0b28 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:28:45.0750 0x0b28 PartMgr - ok
18:28:45.0796 0x0b28 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:28:46.0000 0x0b28 ParVdm - ok
18:28:46.0062 0x0b28 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:28:46.0265 0x0b28 PCI - ok
18:28:46.0265 0x0b28 PCIDump - ok
18:28:46.0328 0x0b28 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:28:46.0515 0x0b28 PCIIde - ok
18:28:46.0578 0x0b28 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:28:46.0781 0x0b28 Pcmcia - ok
18:28:46.0796 0x0b28 PDCOMP - ok
18:28:46.0796 0x0b28 PDFRAME - ok
18:28:46.0812 0x0b28 PDRELI - ok
18:28:46.0828 0x0b28 PDRFRAME - ok
18:28:46.0828 0x0b28 perc2 - ok
18:28:46.0843 0x0b28 perc2hib - ok
18:28:46.0921 0x0b28 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
18:28:46.0953 0x0b28 PlugPlay - ok
18:28:47.0000 0x0b28 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
18:28:47.0031 0x0b28 PnkBstrA - ok
18:28:47.0031 0x0b28 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:28:47.0234 0x0b28 PolicyAgent - ok
18:28:47.0312 0x0b28 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:28:47.0531 0x0b28 PptpMiniport - ok
18:28:47.0578 0x0b28 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:28:47.0781 0x0b28 ProtectedStorage - ok
18:28:47.0843 0x0b28 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:28:48.0093 0x0b28 PSched - ok
18:28:48.0093 0x0b28 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:28:48.0359 0x0b28 Ptilink - ok
18:28:48.0375 0x0b28 ql1080 - ok
18:28:48.0390 0x0b28 Ql10wnt - ok
18:28:48.0390 0x0b28 ql12160 - ok
18:28:48.0406 0x0b28 ql1240 - ok
18:28:48.0406 0x0b28 ql1280 - ok
18:28:48.0468 0x0b28 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:28:48.0671 0x0b28 RasAcd - ok
18:28:48.0750 0x0b28 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:28:48.0968 0x0b28 RasAuto - ok
18:28:49.0015 0x0b28 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:28:49.0218 0x0b28 Rasl2tp - ok
18:28:49.0296 0x0b28 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:28:49.0531 0x0b28 RasMan - ok
18:28:49.0593 0x0b28 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:28:49.0796 0x0b28 RasPppoe - ok
18:28:49.0859 0x0b28 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:28:50.0062 0x0b28 Raspti - ok
18:28:50.0125 0x0b28 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:28:50.0343 0x0b28 Rdbss - ok
18:28:50.0390 0x0b28 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:28:50.0593 0x0b28 RDPCDD - ok
18:28:50.0671 0x0b28 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:28:50.0890 0x0b28 rdpdr - ok
18:28:50.0968 0x0b28 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:28:51.0015 0x0b28 RDPWD - ok
18:28:51.0078 0x0b28 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:28:51.0296 0x0b28 RDSessMgr - ok
18:28:51.0343 0x0b28 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:28:51.0546 0x0b28 redbook - ok
18:28:51.0625 0x0b28 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:28:51.0843 0x0b28 RemoteAccess - ok
18:28:51.0890 0x0b28 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:28:52.0109 0x0b28 RemoteRegistry - ok
18:28:52.0187 0x0b28 [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
18:28:52.0390 0x0b28 RFCOMM - ok
18:28:52.0406 0x0b28 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:28:52.0625 0x0b28 RpcLocator - ok
18:28:52.0703 0x0b28 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:28:52.0765 0x0b28 RpcSs - ok
18:28:52.0812 0x0b28 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:28:53.0031 0x0b28 RSVP - ok
18:28:53.0078 0x0b28 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
18:28:53.0281 0x0b28 SamSs - ok
18:28:53.0359 0x0b28 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:28:53.0593 0x0b28 SCardSvr - ok
18:28:53.0640 0x0b28 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:28:53.0859 0x0b28 Schedule - ok
18:28:53.0937 0x0b28 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:28:54.0140 0x0b28 Secdrv - ok
18:28:54.0203 0x0b28 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
18:28:54.0421 0x0b28 seclogon - ok
18:28:54.0500 0x0b28 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
18:28:54.0687 0x0b28 SENS - ok
18:28:54.0765 0x0b28 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
18:28:54.0984 0x0b28 Serial - ok
18:28:55.0046 0x0b28 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:28:55.0250 0x0b28 Sfloppy - ok
18:28:55.0343 0x0b28 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:28:55.0640 0x0b28 SharedAccess - ok
18:28:55.0718 0x0b28 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:28:55.0750 0x0b28 ShellHWDetection - ok
18:28:55.0765 0x0b28 Simbad - ok
18:28:55.0796 0x0b28 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:28:56.0046 0x0b28 SLIP - ok
18:28:56.0062 0x0b28 Sparrow - ok
18:28:56.0125 0x0b28 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:28:56.0375 0x0b28 splitter - ok
18:28:56.0437 0x0b28 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:28:56.0468 0x0b28 Spooler - ok
18:28:56.0515 0x0b28 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:28:56.0750 0x0b28 sr - ok
18:28:56.0828 0x0b28 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
18:28:57.0093 0x0b28 srservice - ok
18:28:57.0187 0x0b28 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:28:57.0250 0x0b28 Srv - ok
18:28:57.0296 0x0b28 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:28:57.0546 0x0b28 SSDPSRV - ok
18:28:57.0625 0x0b28 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:28:57.0656 0x0b28 ssmdrv - ok
18:28:57.0734 0x0b28 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:28:58.0015 0x0b28 stisvc - ok
18:28:58.0078 0x0b28 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:28:58.0343 0x0b28 streamip - ok
18:28:58.0406 0x0b28 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:28:58.0640 0x0b28 swenum - ok
18:28:58.0718 0x0b28 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:28:58.0953 0x0b28 swmidi - ok
18:28:58.0968 0x0b28 SwPrv - ok
18:28:58.0984 0x0b28 symc810 - ok
18:28:59.0000 0x0b28 symc8xx - ok
18:28:59.0000 0x0b28 sym_hi - ok
18:28:59.0015 0x0b28 sym_u3 - ok
18:28:59.0046 0x0b28 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:28:59.0250 0x0b28 sysaudio - ok
18:28:59.0328 0x0b28 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:28:59.0546 0x0b28 SysmonLog - ok
18:28:59.0625 0x0b28 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:28:59.0859 0x0b28 TapiSrv - ok
18:28:59.0968 0x0b28 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:29:00.0031 0x0b28 Tcpip - ok
18:29:00.0062 0x0b28 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:29:00.0312 0x0b28 TDPIPE - ok
18:29:00.0359 0x0b28 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:29:00.0609 0x0b28 TDTCP - ok
18:29:00.0656 0x0b28 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:29:00.0875 0x0b28 TermDD - ok
18:29:00.0953 0x0b28 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
18:29:01.0187 0x0b28 TermService - ok
18:29:01.0250 0x0b28 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:29:01.0281 0x0b28 Themes - ok
18:29:01.0328 0x0b28 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:29:01.0531 0x0b28 TlntSvr - ok
18:29:01.0546 0x0b28 TosIde - ok
18:29:01.0625 0x0b28 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:29:01.0828 0x0b28 TrkWks - ok
18:29:01.0906 0x0b28 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:29:02.0125 0x0b28 Udfs - ok
18:29:02.0140 0x0b28 ultra - ok
18:29:02.0203 0x0b28 [ 1977313E362C8732C1AF4D1BCB9C06B7, C87AD4D2ECBA736C2B2FA55983C543FF5EB19BBBDF689462884CD7819217458F ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
18:29:02.0218 0x0b28 UMWdf - detected UnsignedFile.Multi.Generic ( 1 )
18:29:04.0843 0x0b28 Detect skipped due to KSN trusted
18:29:04.0843 0x0b28 UMWdf - ok
18:29:04.0953 0x0b28 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:29:05.0312 0x0b28 Update - ok
18:29:05.0406 0x0b28 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:29:05.0609 0x0b28 upnphost - ok
18:29:05.0671 0x0b28 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
18:29:05.0875 0x0b28 UPS - ok
18:29:05.0953 0x0b28 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:29:05.0984 0x0b28 usbaudio - ok
18:29:06.0031 0x0b28 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:29:06.0062 0x0b28 usbccgp - ok
18:29:06.0093 0x0b28 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:29:06.0109 0x0b28 usbehci - ok
18:29:06.0140 0x0b28 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:29:06.0359 0x0b28 usbhub - ok
18:29:06.0390 0x0b28 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:29:06.0578 0x0b28 usbstor - ok
18:29:06.0640 0x0b28 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:29:06.0828 0x0b28 usbuhci - ok
18:29:06.0890 0x0b28 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
18:29:06.0921 0x0b28 usbvideo - ok
18:29:06.0953 0x0b28 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:29:07.0156 0x0b28 VgaSave - ok
18:29:07.0156 0x0b28 ViaIde - ok
18:29:07.0234 0x0b28 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:29:07.0437 0x0b28 VolSnap - ok
18:29:07.0500 0x0b28 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
18:29:07.0718 0x0b28 VSS - ok
18:29:07.0781 0x0b28 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
18:29:08.0000 0x0b28 W32Time - ok
18:29:08.0046 0x0b28 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:29:08.0265 0x0b28 Wanarp - ok
18:29:08.0359 0x0b28 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:29:08.0421 0x0b28 Wdf01000 - ok
18:29:08.0421 0x0b28 WDICA - ok
18:29:08.0453 0x0b28 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:29:08.0671 0x0b28 wdmaud - ok
18:29:08.0750 0x0b28 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
18:29:08.0953 0x0b28 WebClient - ok
18:29:09.0078 0x0b28 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:29:09.0296 0x0b28 winmgmt - ok
18:29:09.0406 0x0b28 [ 5FDCCC838CD95F61097D8A637F842AA8, 9EB9E7BEFFF061E1BABABB13C6C9194E835E53F2D550F5C666F5A4B2FAC2B6D5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
18:29:09.0406 0x0b28 WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
18:29:11.0828 0x0b28 Detect skipped due to KSN trusted
18:29:11.0828 0x0b28 WmdmPmSN - ok
18:29:11.0968 0x0b28 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:29:12.0109 0x0b28 Wmi - ok
18:29:12.0140 0x0b28 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:29:12.0343 0x0b28 WmiAcpi - ok
18:29:12.0406 0x0b28 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:29:12.0625 0x0b28 WmiApSrv - ok
18:29:12.0765 0x0b28 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:29:12.0859 0x0b28 WPFFontCache_v0400 - ok
18:29:12.0906 0x0b28 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:29:13.0125 0x0b28 wscsvc - ok
18:29:13.0187 0x0b28 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:29:13.0390 0x0b28 WSTCODEC - ok
18:29:13.0421 0x0b28 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:29:13.0625 0x0b28 wuauserv - ok
18:29:13.0734 0x0b28 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:29:13.0984 0x0b28 WZCSVC - ok
18:29:14.0046 0x0b28 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:29:14.0296 0x0b28 xmlprov - ok
18:29:14.0359 0x0b28 [ 09E5340BD9B2CB730BF4DC6BE7721291, 785DEFAE550CAB5BDFA15CF195A1DEF5AD188EFEAD2D8B1508972CF892BB75A9 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
18:29:14.0390 0x0b28 xusb21 - ok
18:29:14.0406 0x0b28 ================ Scan global ===============================
18:29:14.0437 0x0b28 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:29:14.0609 0x0b28 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0687 0x0b28 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0812 0x0b28 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:29:14.0828 0x0b28 [ Global ] - ok
18:29:14.0828 0x0b28 ================ Scan MBR ==================================
18:29:14.0843 0x0b28 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
18:29:15.0062 0x0b28 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:29:15.0062 0x0b28 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:29:17.0453 0x0b28 ================ Scan VBR ==================================
18:29:17.0468 0x0b28 [ 61832E024DE1742A9A6FEAB7F4168BC8 ] \Device\Harddisk0\DR0\Partition1
18:29:17.0468 0x0b28 \Device\Harddisk0\DR0\Partition1 - ok
18:29:17.0468 0x0b28 ================ Scan generic autorun ======================
18:29:18.0984 0x0b28 [ 496974CF715C9129D38539A4972E01E4, 00B682BDF37D33391C387F2B84F2688083860A511405B9492196DD6C85C7646C ] C:\WINDOWS\RTHDCPL.EXE
18:29:20.0593 0x0b28 RTHDCPL - ok
18:29:20.0656 0x0b28 BluetoothAuthenticationAgent - ok
18:29:20.0750 0x0b28 [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
18:29:20.0812 0x0b28 avgnt - ok
18:29:20.0843 0x0b28 [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
18:29:20.0890 0x0b28 IgfxTray - ok
18:29:20.0921 0x0b28 [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
18:29:20.0968 0x0b28 HotKeysCmds - ok
18:29:20.0984 0x0b28 [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
18:29:21.0031 0x0b28 Persistence - ok
18:29:21.0046 0x0b28 KernelFaultCheck - ok
18:29:21.0125 0x0b28 [ C4AA81EA4434C2C14B6648AD7CD8294E, 6D1502770912BD50B310BD068A43188E4CF2C674631BB7A20EAF2E0CFA9C870A ] c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
18:29:21.0203 0x0b28 XboxStat - ok
18:29:21.0218 0x0b28 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0437 0x0b28 CTFMON.EXE - ok
18:29:21.0468 0x0b28 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0671 0x0b28 CTFMON.EXE - ok
18:29:21.0734 0x0b28 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0921 0x0b28 CTFMON.EXE - ok
18:29:21.0968 0x0b28 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
18:29:22.0156 0x0b28 CTFMON.EXE - ok
18:29:22.0484 0x0b28 [ 6CB0A7EFED5A8B3AAF82D8FF1BF6CB72, 5E306C3145120F14EA407AB431513FA0F6DBFB8B7B2AEE443E1BEC4BD9393F77 ] C:\Programme\DAEMON Tools Lite\DTAgent.exe
18:29:22.0812 0x0b28 DAEMON Tools Lite Automount - ok
18:29:22.0890 0x0b28 Akamai NetSession Interface - ok
18:29:22.0890 0x0b28 Waiting for KSN requests completion. In queue: 11
18:29:23.0890 0x0b28 Waiting for KSN requests completion. In queue: 11
18:29:24.0890 0x0b28 Waiting for KSN requests completion. In queue: 11
18:29:25.0984 0x0b28 AV detected via SS1: Avira Antivirus, 15.0.11.572, enabled, updated
18:29:26.0000 0x0b28 Win FW state via NFM: enabled
18:29:28.0390 0x0b28 ============================================================
18:29:28.0390 0x0b28 Scan finished
18:29:28.0390 0x0b28 ============================================================
18:29:28.0437 0x0fa0 Detected object count: 1
18:29:28.0437 0x0fa0 Actual detected object count: 1
18:37:45.0687 0x0fa0 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:37:45.0687 0x0fa0 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
18:38:19.0734 0x01bc Deinitialize success
Code:
ATTFilter
Sorry ich dachte Problem und Logfiles werden verschieden gepostet .

Hier die Logfile aus TDSSKiller mit dn ersten Fund . Beim Zeiten Scan wurden auch 2 Dinge gefunden.  Ich gehe von einen BackDoor Trojaner aus der Mutwillig aufs System geshleuchst wurde.

Hier die Files :

18:27:51.0453 0x063c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:27:54.0421 0x063c  ============================================================
18:27:54.0421 0x063c  Current date / time: 2015/06/16 18:27:54.0421
18:27:54.0421 0x063c  SystemInfo:
18:27:54.0421 0x063c  
18:27:54.0421 0x063c  OS Version: 5.1.2600 ServicePack: 3.0
18:27:54.0421 0x063c  Product type: Workstation
18:27:54.0437 0x063c  ComputerName: ASPIRE
18:27:54.0437 0x063c  UserName: Administrator
18:27:54.0437 0x063c  Windows directory: C:\WINDOWS
18:27:54.0437 0x063c  System windows directory: C:\WINDOWS
18:27:54.0437 0x063c  Processor architecture: Intel x86
18:27:54.0437 0x063c  Number of processors: 2
18:27:54.0437 0x063c  Page size: 0x1000
18:27:54.0437 0x063c  Boot type: Normal boot
18:27:54.0437 0x063c  ============================================================
18:27:57.0718 0x063c  KLMD registered as C:\WINDOWS\system32\drivers\66617678.sys
18:27:57.0875 0x063c  System UUID: {27CBF010-E887-F38E-70A1-AB45267BF284}
18:27:58.0734 0x063c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:27:58.0750 0x063c  ============================================================
18:27:58.0750 0x063c  \Device\Harddisk0\DR0:
18:27:58.0750 0x063c  MBR partitions:
18:27:58.0750 0x063c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
18:27:58.0750 0x063c  ============================================================
18:27:58.0765 0x063c  C: <-> \Device\Harddisk0\DR0\Partition1
18:27:58.0765 0x063c  ============================================================
18:27:58.0765 0x063c  Initialize success
18:27:58.0765 0x063c  ============================================================
18:28:05.0109 0x0b28  ============================================================
18:28:05.0109 0x0b28  Scan started
18:28:05.0109 0x0b28  Mode: Manual; SigCheck; TDLFS; 
18:28:05.0109 0x0b28  ============================================================
18:28:05.0109 0x0b28  KSN ping started
18:28:07.0625 0x0b28  KSN ping finished: true
18:28:08.0421 0x0b28  ================ Scan system memory ========================
18:28:08.0421 0x0b28  System memory - ok
18:28:08.0421 0x0b28  ================ Scan services =============================
18:28:08.0531 0x0b28  Abiosdsk - ok
18:28:08.0531 0x0b28  abp480n5 - ok
18:28:08.0593 0x0b28  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:28:09.0281 0x0b28  ACPI - ok
18:28:09.0437 0x0b28  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:28:09.0640 0x0b28  ACPIEC - ok
18:28:09.0656 0x0b28  adpu160m - ok
18:28:09.0703 0x0b28  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:28:09.0953 0x0b28  aec - ok
18:28:10.0031 0x0b28  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:28:10.0078 0x0b28  AFD - ok
18:28:10.0078 0x0b28  Aha154x - ok
18:28:10.0093 0x0b28  aic78u2 - ok
18:28:10.0093 0x0b28  aic78xx - ok
18:28:10.0125 0x0b28  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:28:10.0359 0x0b28  Alerter - ok
18:28:10.0390 0x0b28  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
18:28:10.0593 0x0b28  ALG - ok
18:28:10.0609 0x0b28  AliIde - ok
18:28:10.0796 0x0b28  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
18:28:11.0031 0x0b28  Ambfilt - ok
18:28:11.0046 0x0b28  amsint - ok
18:28:11.0203 0x0b28  [ 6C82CA438DBBB56EBF46506360411BC9, 61B95C2B92586C80173D12B0D0435DB20DC941A9E1594A90A39569F5888BE4F4 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
18:28:11.0281 0x0b28  AntiVirMailService - ok
18:28:11.0359 0x0b28  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
18:28:11.0406 0x0b28  AntiVirSchedulerService - ok
18:28:11.0484 0x0b28  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
18:28:11.0546 0x0b28  AntiVirService - ok
18:28:11.0671 0x0b28  [ A9861F16762ABF8C1710E599FBBA6A7E, 42E3E1DDB6BA608928537AA83FF4312A6D6FE7DB0DEF4A1DFA69132F2394E899 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:28:11.0781 0x0b28  AntiVirWebService - ok
18:28:11.0875 0x0b28  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:28:12.0171 0x0b28  AppMgmt - ok
18:28:12.0359 0x0b28  [ 7CAE93FE5511D0C0688CFA56CF241E31, EF02A5A8FE71A8DAA99D2D82573EA91706B580DFB2A212B4D862C6500498CD87 ] AR5416          C:\WINDOWS\system32\DRIVERS\athw.sys
18:28:12.0531 0x0b28  AR5416 - ok
18:28:12.0546 0x0b28  asc - ok
18:28:12.0562 0x0b28  asc3350p - ok
18:28:12.0562 0x0b28  asc3550 - ok
18:28:12.0656 0x0b28  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:28:12.0687 0x0b28  aspnet_state - ok
18:28:12.0718 0x0b28  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:28:12.0968 0x0b28  AsyncMac - ok
18:28:13.0046 0x0b28  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:28:13.0312 0x0b28  atapi - ok
18:28:13.0312 0x0b28  Atdisk - ok
18:28:13.0390 0x0b28  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:28:13.0656 0x0b28  Atmarpc - ok
18:28:13.0734 0x0b28  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:28:14.0000 0x0b28  AudioSrv - ok
18:28:14.0078 0x0b28  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:28:14.0312 0x0b28  audstub - ok
18:28:14.0359 0x0b28  [ 18FB1022DAFC9036ADA9ECF432FAFD06, AFA23C96BDAE15DF4AB32F4CCA04A9D5C5C242E704DC12237CBF57757EBC35AE ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:28:14.0390 0x0b28  avgntflt - ok
18:28:14.0453 0x0b28  [ 062494C204553210FFC0FC33EA58EB36, 2A02003334D3F736907E743C5AB04604228E89DD918E060CCA346F8E739BEB16 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:28:14.0484 0x0b28  avipbb - ok
18:28:14.0531 0x0b28  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:28:14.0546 0x0b28  avkmgr - ok
18:28:14.0593 0x0b28  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:28:14.0843 0x0b28  Beep - ok
18:28:14.0968 0x0b28  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
18:28:15.0234 0x0b28  BITS - ok
18:28:15.0312 0x0b28  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
18:28:15.0359 0x0b28  Browser - ok
18:28:15.0390 0x0b28  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
18:28:15.0656 0x0b28  BthEnum - ok
18:28:15.0718 0x0b28  [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
18:28:15.0921 0x0b28  BTHMODEM - ok
18:28:15.0968 0x0b28  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
18:28:16.0187 0x0b28  BthPan - ok
18:28:16.0281 0x0b28  [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
18:28:16.0328 0x0b28  BTHPORT - ok
18:28:16.0375 0x0b28  [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ         C:\WINDOWS\System32\bthserv.dll
18:28:16.0578 0x0b28  BthServ - ok
18:28:16.0656 0x0b28  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
18:28:16.0906 0x0b28  BTHUSB - ok
18:28:16.0968 0x0b28  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:28:17.0156 0x0b28  cbidf2k - ok
18:28:17.0218 0x0b28  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:28:17.0437 0x0b28  CCDECODE - ok
18:28:17.0437 0x0b28  cd20xrnt - ok
18:28:17.0515 0x0b28  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:28:17.0718 0x0b28  Cdaudio - ok
18:28:17.0781 0x0b28  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:28:18.0000 0x0b28  Cdfs - ok
18:28:18.0046 0x0b28  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:28:18.0250 0x0b28  Cdrom - ok
18:28:18.0265 0x0b28  Changer - ok
18:28:18.0328 0x0b28  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:28:18.0531 0x0b28  CiSvc - ok
18:28:18.0578 0x0b28  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:28:18.0796 0x0b28  ClipSrv - ok
18:28:18.0875 0x0b28  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:18.0890 0x0b28  clr_optimization_v2.0.50727_32 - ok
18:28:18.0968 0x0b28  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:19.0000 0x0b28  clr_optimization_v4.0.30319_32 - ok
18:28:19.0046 0x0b28  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:28:19.0250 0x0b28  CmBatt - ok
18:28:19.0250 0x0b28  CmdIde - ok
18:28:19.0312 0x0b28  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:28:19.0546 0x0b28  Compbatt - ok
18:28:19.0562 0x0b28  COMSysApp - ok
18:28:19.0578 0x0b28  Cpqarray - ok
18:28:19.0640 0x0b28  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:28:19.0859 0x0b28  CryptSvc - ok
18:28:19.0875 0x0b28  dac2w2k - ok
18:28:19.0875 0x0b28  dac960nt - ok
18:28:19.0984 0x0b28  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:28:20.0062 0x0b28  DcomLaunch - ok
18:28:20.0109 0x0b28  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:28:20.0328 0x0b28  Dhcp - ok
18:28:20.0515 0x0b28  [ 589C7025A04F697B3D140ACCEC5F8592, 8470CB7BD2892E9452A8BD713F85D573AC6B4BFAE25D28A578D329311196EA34 ] Disc Soft Lite Bus Service C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
18:28:20.0640 0x0b28  Disc Soft Lite Bus Service - ok
18:28:20.0703 0x0b28  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:28:20.0937 0x0b28  Disk - ok
18:28:20.0953 0x0b28  dmadmin - ok
18:28:21.0062 0x0b28  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:28:21.0468 0x0b28  dmboot - ok
18:28:21.0531 0x0b28  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:28:21.0781 0x0b28  dmio - ok
18:28:21.0843 0x0b28  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:28:22.0093 0x0b28  dmload - ok
18:28:22.0171 0x0b28  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:28:22.0421 0x0b28  dmserver - ok
18:28:22.0500 0x0b28  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:28:22.0750 0x0b28  DMusic - ok
18:28:22.0843 0x0b28  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:28:22.0859 0x0b28  Dnscache - ok
18:28:22.0906 0x0b28  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:28:23.0171 0x0b28  Dot3svc - ok
18:28:23.0187 0x0b28  dpti2o - ok
18:28:23.0234 0x0b28  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:28:23.0468 0x0b28  drmkaud - ok
18:28:23.0546 0x0b28  [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus   C:\WINDOWS\system32\DRIVERS\dtlitescsibus.sys
18:28:23.0578 0x0b28  dtlitescsibus - ok
18:28:23.0609 0x0b28  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:28:23.0859 0x0b28  EapHost - ok
18:28:23.0937 0x0b28  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:28:24.0218 0x0b28  ERSvc - ok
18:28:24.0312 0x0b28  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
18:28:24.0359 0x0b28  Eventlog - ok
18:28:24.0421 0x0b28  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
18:28:24.0468 0x0b28  EventSystem - ok
18:28:24.0515 0x0b28  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:28:24.0718 0x0b28  Fastfat - ok
18:28:24.0812 0x0b28  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:28:24.0859 0x0b28  FastUserSwitchingCompatibility - ok
18:28:24.0875 0x0b28  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:28:25.0062 0x0b28  Fdc - ok
18:28:25.0078 0x0b28  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:28:25.0328 0x0b28  Fips - ok
18:28:25.0375 0x0b28  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:28:25.0578 0x0b28  Flpydisk - ok
18:28:25.0640 0x0b28  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:28:25.0843 0x0b28  FltMgr - ok
18:28:25.0906 0x0b28  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:28:26.0109 0x0b28  Fs_Rec - ok
18:28:26.0203 0x0b28  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:28:26.0421 0x0b28  Ftdisk - ok
18:28:26.0453 0x0b28  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:28:26.0671 0x0b28  Gpc - ok
18:28:26.0718 0x0b28  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:28:26.0937 0x0b28  HDAudBus - ok
18:28:27.0031 0x0b28  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:28:27.0234 0x0b28  helpsvc - ok
18:28:27.0296 0x0b28  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:28:27.0515 0x0b28  HidServ - ok
18:28:27.0593 0x0b28  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:28:27.0812 0x0b28  HidUsb - ok
18:28:27.0890 0x0b28  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:28:28.0125 0x0b28  hkmsvc - ok
18:28:28.0140 0x0b28  hpn - ok
18:28:28.0218 0x0b28  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:28:28.0296 0x0b28  HTTP - ok
18:28:28.0343 0x0b28  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:28:28.0593 0x0b28  HTTPFilter - ok
18:28:28.0609 0x0b28  i2omgmt - ok
18:28:28.0609 0x0b28  i2omp - ok
18:28:28.0671 0x0b28  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:28:28.0875 0x0b28  i8042prt - ok
18:28:29.0375 0x0b28  [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:28:30.0015 0x0b28  ialm - ok
18:28:30.0078 0x0b28  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:28:30.0296 0x0b28  Imapi - ok
18:28:30.0375 0x0b28  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:28:30.0656 0x0b28  ImapiService - ok
18:28:30.0671 0x0b28  ini910u - ok
18:28:31.0218 0x0b28  [ 2E9CDF1766FA55E88443E1EF48923BC8, 34194B34A0D5974B3207E774265A533F3D9181CBBDD382ABD0E3AB85BBCB76A7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:28:31.0765 0x0b28  IntcAzAudAddService - ok
18:28:31.0796 0x0b28  IntelIde - ok
18:28:31.0875 0x0b28  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:28:32.0078 0x0b28  intelppm - ok
18:28:32.0125 0x0b28  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:28:32.0375 0x0b28  Ip6Fw - ok
18:28:32.0421 0x0b28  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:28:32.0625 0x0b28  IpFilterDriver - ok
18:28:32.0671 0x0b28  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:28:32.0890 0x0b28  IpInIp - ok
18:28:32.0953 0x0b28  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:28:33.0171 0x0b28  IpNat - ok
18:28:33.0234 0x0b28  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:28:33.0437 0x0b28  IPSec - ok
18:28:33.0484 0x0b28  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:28:33.0687 0x0b28  IRENUM - ok
18:28:33.0750 0x0b28  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:28:33.0937 0x0b28  isapnp - ok
18:28:34.0000 0x0b28  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:28:34.0187 0x0b28  Kbdclass - ok
18:28:34.0265 0x0b28  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:28:34.0484 0x0b28  kmixer - ok
18:28:34.0546 0x0b28  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:28:34.0578 0x0b28  KSecDD - ok
18:28:34.0625 0x0b28  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:28:34.0656 0x0b28  lanmanserver - ok
18:28:34.0703 0x0b28  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:28:34.0750 0x0b28  lanmanworkstation - ok
18:28:34.0750 0x0b28  lbrtfdc - ok
18:28:34.0812 0x0b28  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:28:35.0015 0x0b28  LmHosts - ok
18:28:35.0062 0x0b28  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:28:35.0281 0x0b28  Messenger - ok
18:28:35.0328 0x0b28  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:28:35.0531 0x0b28  mnmdd - ok
18:28:35.0609 0x0b28  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:28:35.0812 0x0b28  mnmsrvc - ok
18:28:35.0875 0x0b28  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:28:36.0093 0x0b28  Modem - ok
18:28:36.0250 0x0b28  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
18:28:36.0390 0x0b28  Monfilt - ok
18:28:36.0421 0x0b28  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:28:36.0625 0x0b28  Mouclass - ok
18:28:36.0687 0x0b28  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:28:36.0890 0x0b28  mouhid - ok
18:28:36.0968 0x0b28  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:28:37.0156 0x0b28  MountMgr - ok
18:28:37.0171 0x0b28  mraid35x - ok
18:28:37.0234 0x0b28  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:28:37.0453 0x0b28  MRxDAV - ok
18:28:37.0546 0x0b28  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:28:37.0640 0x0b28  MRxSmb - ok
18:28:37.0687 0x0b28  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:28:37.0875 0x0b28  MSDTC - ok
18:28:37.0937 0x0b28  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:28:38.0140 0x0b28  Msfs - ok
18:28:38.0140 0x0b28  MSIServer - ok
18:28:38.0203 0x0b28  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:28:38.0437 0x0b28  MSKSSRV - ok
18:28:38.0468 0x0b28  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:28:38.0671 0x0b28  MSPCLOCK - ok
18:28:38.0718 0x0b28  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:28:38.0937 0x0b28  MSPQM - ok
18:28:39.0015 0x0b28  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:28:39.0203 0x0b28  mssmbios - ok
18:28:39.0265 0x0b28  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:28:39.0484 0x0b28  MSTEE - ok
18:28:39.0562 0x0b28  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:28:39.0609 0x0b28  Mup - ok
18:28:39.0625 0x0b28  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:28:39.0890 0x0b28  NABTSFEC - ok
18:28:39.0968 0x0b28  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:28:40.0234 0x0b28  napagent - ok
18:28:40.0296 0x0b28  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:28:40.0515 0x0b28  NDIS - ok
18:28:40.0578 0x0b28  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:28:40.0781 0x0b28  NdisIP - ok
18:28:40.0843 0x0b28  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:28:40.0875 0x0b28  NdisTapi - ok
18:28:40.0906 0x0b28  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:28:41.0109 0x0b28  Ndisuio - ok
18:28:41.0125 0x0b28  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:28:41.0328 0x0b28  NdisWan - ok
18:28:41.0421 0x0b28  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:28:41.0468 0x0b28  NDProxy - ok
18:28:41.0500 0x0b28  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:28:41.0718 0x0b28  NetBIOS - ok
18:28:41.0781 0x0b28  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:28:42.0000 0x0b28  NetBT - ok
18:28:42.0078 0x0b28  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:28:42.0296 0x0b28  NetDDE - ok
18:28:42.0359 0x0b28  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:28:42.0578 0x0b28  NetDDEdsdm - ok
18:28:42.0640 0x0b28  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:28:42.0859 0x0b28  Netlogon - ok
18:28:42.0921 0x0b28  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
18:28:43.0140 0x0b28  Netman - ok
18:28:43.0218 0x0b28  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:28:43.0281 0x0b28  Nla - ok
18:28:43.0328 0x0b28  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:28:43.0562 0x0b28  Npfs - ok
18:28:43.0609 0x0b28  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:28:43.0890 0x0b28  Ntfs - ok
18:28:43.0953 0x0b28  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:28:44.0140 0x0b28  NtLmSsp - ok
18:28:44.0234 0x0b28  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:28:44.0484 0x0b28  NtmsSvc - ok
18:28:44.0546 0x0b28  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:28:44.0734 0x0b28  Null - ok
18:28:44.0812 0x0b28  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:28:45.0015 0x0b28  NwlnkFlt - ok
18:28:45.0031 0x0b28  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:28:45.0218 0x0b28  NwlnkFwd - ok
18:28:45.0296 0x0b28  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
18:28:45.0500 0x0b28  Parport - ok
18:28:45.0546 0x0b28  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:28:45.0750 0x0b28  PartMgr - ok
18:28:45.0796 0x0b28  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:28:46.0000 0x0b28  ParVdm - ok
18:28:46.0062 0x0b28  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:28:46.0265 0x0b28  PCI - ok
18:28:46.0265 0x0b28  PCIDump - ok
18:28:46.0328 0x0b28  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:28:46.0515 0x0b28  PCIIde - ok
18:28:46.0578 0x0b28  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:28:46.0781 0x0b28  Pcmcia - ok
18:28:46.0796 0x0b28  PDCOMP - ok
18:28:46.0796 0x0b28  PDFRAME - ok
18:28:46.0812 0x0b28  PDRELI - ok
18:28:46.0828 0x0b28  PDRFRAME - ok
18:28:46.0828 0x0b28  perc2 - ok
18:28:46.0843 0x0b28  perc2hib - ok
18:28:46.0921 0x0b28  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
18:28:46.0953 0x0b28  PlugPlay - ok
18:28:47.0000 0x0b28  [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
18:28:47.0031 0x0b28  PnkBstrA - ok
18:28:47.0031 0x0b28  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:28:47.0234 0x0b28  PolicyAgent - ok
18:28:47.0312 0x0b28  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:28:47.0531 0x0b28  PptpMiniport - ok
18:28:47.0578 0x0b28  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:28:47.0781 0x0b28  ProtectedStorage - ok
18:28:47.0843 0x0b28  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:28:48.0093 0x0b28  PSched - ok
18:28:48.0093 0x0b28  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:28:48.0359 0x0b28  Ptilink - ok
18:28:48.0375 0x0b28  ql1080 - ok
18:28:48.0390 0x0b28  Ql10wnt - ok
18:28:48.0390 0x0b28  ql12160 - ok
18:28:48.0406 0x0b28  ql1240 - ok
18:28:48.0406 0x0b28  ql1280 - ok
18:28:48.0468 0x0b28  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:28:48.0671 0x0b28  RasAcd - ok
18:28:48.0750 0x0b28  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:28:48.0968 0x0b28  RasAuto - ok
18:28:49.0015 0x0b28  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:28:49.0218 0x0b28  Rasl2tp - ok
18:28:49.0296 0x0b28  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:28:49.0531 0x0b28  RasMan - ok
18:28:49.0593 0x0b28  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:28:49.0796 0x0b28  RasPppoe - ok
18:28:49.0859 0x0b28  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:28:50.0062 0x0b28  Raspti - ok
18:28:50.0125 0x0b28  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:28:50.0343 0x0b28  Rdbss - ok
18:28:50.0390 0x0b28  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:28:50.0593 0x0b28  RDPCDD - ok
18:28:50.0671 0x0b28  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:28:50.0890 0x0b28  rdpdr - ok
18:28:50.0968 0x0b28  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:28:51.0015 0x0b28  RDPWD - ok
18:28:51.0078 0x0b28  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:28:51.0296 0x0b28  RDSessMgr - ok
18:28:51.0343 0x0b28  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:28:51.0546 0x0b28  redbook - ok
18:28:51.0625 0x0b28  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:28:51.0843 0x0b28  RemoteAccess - ok
18:28:51.0890 0x0b28  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:28:52.0109 0x0b28  RemoteRegistry - ok
18:28:52.0187 0x0b28  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
18:28:52.0390 0x0b28  RFCOMM - ok
18:28:52.0406 0x0b28  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:28:52.0625 0x0b28  RpcLocator - ok
18:28:52.0703 0x0b28  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:28:52.0765 0x0b28  RpcSs - ok
18:28:52.0812 0x0b28  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:28:53.0031 0x0b28  RSVP - ok
18:28:53.0078 0x0b28  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:28:53.0281 0x0b28  SamSs - ok
18:28:53.0359 0x0b28  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:28:53.0593 0x0b28  SCardSvr - ok
18:28:53.0640 0x0b28  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:28:53.0859 0x0b28  Schedule - ok
18:28:53.0937 0x0b28  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:28:54.0140 0x0b28  Secdrv - ok
18:28:54.0203 0x0b28  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:28:54.0421 0x0b28  seclogon - ok
18:28:54.0500 0x0b28  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
18:28:54.0687 0x0b28  SENS - ok
18:28:54.0765 0x0b28  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
18:28:54.0984 0x0b28  Serial - ok
18:28:55.0046 0x0b28  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:28:55.0250 0x0b28  Sfloppy - ok
18:28:55.0343 0x0b28  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:28:55.0640 0x0b28  SharedAccess - ok
18:28:55.0718 0x0b28  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:28:55.0750 0x0b28  ShellHWDetection - ok
18:28:55.0765 0x0b28  Simbad - ok
18:28:55.0796 0x0b28  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:28:56.0046 0x0b28  SLIP - ok
18:28:56.0062 0x0b28  Sparrow - ok
18:28:56.0125 0x0b28  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:28:56.0375 0x0b28  splitter - ok
18:28:56.0437 0x0b28  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:28:56.0468 0x0b28  Spooler - ok
18:28:56.0515 0x0b28  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:28:56.0750 0x0b28  sr - ok
18:28:56.0828 0x0b28  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
18:28:57.0093 0x0b28  srservice - ok
18:28:57.0187 0x0b28  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:28:57.0250 0x0b28  Srv - ok
18:28:57.0296 0x0b28  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:28:57.0546 0x0b28  SSDPSRV - ok
18:28:57.0625 0x0b28  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:28:57.0656 0x0b28  ssmdrv - ok
18:28:57.0734 0x0b28  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:28:58.0015 0x0b28  stisvc - ok
18:28:58.0078 0x0b28  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:28:58.0343 0x0b28  streamip - ok
18:28:58.0406 0x0b28  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:28:58.0640 0x0b28  swenum - ok
18:28:58.0718 0x0b28  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:28:58.0953 0x0b28  swmidi - ok
18:28:58.0968 0x0b28  SwPrv - ok
18:28:58.0984 0x0b28  symc810 - ok
18:28:59.0000 0x0b28  symc8xx - ok
18:28:59.0000 0x0b28  sym_hi - ok
18:28:59.0015 0x0b28  sym_u3 - ok
18:28:59.0046 0x0b28  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:28:59.0250 0x0b28  sysaudio - ok
18:28:59.0328 0x0b28  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:28:59.0546 0x0b28  SysmonLog - ok
18:28:59.0625 0x0b28  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:28:59.0859 0x0b28  TapiSrv - ok
18:28:59.0968 0x0b28  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:29:00.0031 0x0b28  Tcpip - ok
18:29:00.0062 0x0b28  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:29:00.0312 0x0b28  TDPIPE - ok
18:29:00.0359 0x0b28  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:29:00.0609 0x0b28  TDTCP - ok
18:29:00.0656 0x0b28  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:29:00.0875 0x0b28  TermDD - ok
18:29:00.0953 0x0b28  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
18:29:01.0187 0x0b28  TermService - ok
18:29:01.0250 0x0b28  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:29:01.0281 0x0b28  Themes - ok
18:29:01.0328 0x0b28  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:29:01.0531 0x0b28  TlntSvr - ok
18:29:01.0546 0x0b28  TosIde - ok
18:29:01.0625 0x0b28  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:29:01.0828 0x0b28  TrkWks - ok
18:29:01.0906 0x0b28  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:29:02.0125 0x0b28  Udfs - ok
18:29:02.0140 0x0b28  ultra - ok
18:29:02.0203 0x0b28  [ 1977313E362C8732C1AF4D1BCB9C06B7, C87AD4D2ECBA736C2B2FA55983C543FF5EB19BBBDF689462884CD7819217458F ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
18:29:02.0218 0x0b28  UMWdf - detected UnsignedFile.Multi.Generic ( 1 )
18:29:04.0843 0x0b28  Detect skipped due to KSN trusted
18:29:04.0843 0x0b28  UMWdf - ok
18:29:04.0953 0x0b28  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:29:05.0312 0x0b28  Update - ok
18:29:05.0406 0x0b28  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:29:05.0609 0x0b28  upnphost - ok
18:29:05.0671 0x0b28  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
18:29:05.0875 0x0b28  UPS - ok
18:29:05.0953 0x0b28  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
18:29:05.0984 0x0b28  usbaudio - ok
18:29:06.0031 0x0b28  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:29:06.0062 0x0b28  usbccgp - ok
18:29:06.0093 0x0b28  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:29:06.0109 0x0b28  usbehci - ok
18:29:06.0140 0x0b28  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:29:06.0359 0x0b28  usbhub - ok
18:29:06.0390 0x0b28  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:29:06.0578 0x0b28  usbstor - ok
18:29:06.0640 0x0b28  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:29:06.0828 0x0b28  usbuhci - ok
18:29:06.0890 0x0b28  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
18:29:06.0921 0x0b28  usbvideo - ok
18:29:06.0953 0x0b28  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:29:07.0156 0x0b28  VgaSave - ok
18:29:07.0156 0x0b28  ViaIde - ok
18:29:07.0234 0x0b28  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:29:07.0437 0x0b28  VolSnap - ok
18:29:07.0500 0x0b28  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
18:29:07.0718 0x0b28  VSS - ok
18:29:07.0781 0x0b28  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:29:08.0000 0x0b28  W32Time - ok
18:29:08.0046 0x0b28  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:29:08.0265 0x0b28  Wanarp - ok
18:29:08.0359 0x0b28  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:29:08.0421 0x0b28  Wdf01000 - ok
18:29:08.0421 0x0b28  WDICA - ok
18:29:08.0453 0x0b28  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:29:08.0671 0x0b28  wdmaud - ok
18:29:08.0750 0x0b28  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:29:08.0953 0x0b28  WebClient - ok
18:29:09.0078 0x0b28  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:29:09.0296 0x0b28  winmgmt - ok
18:29:09.0406 0x0b28  [ 5FDCCC838CD95F61097D8A637F842AA8, 9EB9E7BEFFF061E1BABABB13C6C9194E835E53F2D550F5C666F5A4B2FAC2B6D5 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:29:09.0406 0x0b28  WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
18:29:11.0828 0x0b28  Detect skipped due to KSN trusted
18:29:11.0828 0x0b28  WmdmPmSN - ok
18:29:11.0968 0x0b28  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:29:12.0109 0x0b28  Wmi - ok
18:29:12.0140 0x0b28  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:29:12.0343 0x0b28  WmiAcpi - ok
18:29:12.0406 0x0b28  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:29:12.0625 0x0b28  WmiApSrv - ok
18:29:12.0765 0x0b28  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:29:12.0859 0x0b28  WPFFontCache_v0400 - ok
18:29:12.0906 0x0b28  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:29:13.0125 0x0b28  wscsvc - ok
18:29:13.0187 0x0b28  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:29:13.0390 0x0b28  WSTCODEC - ok
18:29:13.0421 0x0b28  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:29:13.0625 0x0b28  wuauserv - ok
18:29:13.0734 0x0b28  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:29:13.0984 0x0b28  WZCSVC - ok
18:29:14.0046 0x0b28  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:29:14.0296 0x0b28  xmlprov - ok
18:29:14.0359 0x0b28  [ 09E5340BD9B2CB730BF4DC6BE7721291, 785DEFAE550CAB5BDFA15CF195A1DEF5AD188EFEAD2D8B1508972CF892BB75A9 ] xusb21          C:\WINDOWS\system32\DRIVERS\xusb21.sys
18:29:14.0390 0x0b28  xusb21 - ok
18:29:14.0406 0x0b28  ================ Scan global ===============================
18:29:14.0437 0x0b28  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:29:14.0609 0x0b28  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0687 0x0b28  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0812 0x0b28  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:29:14.0828 0x0b28  [ Global ] - ok
18:29:14.0828 0x0b28  ================ Scan MBR ==================================
18:29:14.0843 0x0b28  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
18:29:15.0062 0x0b28  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:29:15.0062 0x0b28  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:29:17.0453 0x0b28  ================ Scan VBR ==================================
18:29:17.0468 0x0b28  [ 61832E024DE1742A9A6FEAB7F4168BC8 ] \Device\Harddisk0\DR0\Partition1
18:29:17.0468 0x0b28  \Device\Harddisk0\DR0\Partition1 - ok
18:29:17.0468 0x0b28  ================ Scan generic autorun ======================
18:29:18.0984 0x0b28  [ 496974CF715C9129D38539A4972E01E4, 00B682BDF37D33391C387F2B84F2688083860A511405B9492196DD6C85C7646C ] C:\WINDOWS\RTHDCPL.EXE
18:29:20.0593 0x0b28  RTHDCPL - ok
18:29:20.0656 0x0b28  BluetoothAuthenticationAgent - ok
18:29:20.0750 0x0b28  [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
18:29:20.0812 0x0b28  avgnt - ok
18:29:20.0843 0x0b28  [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
18:29:20.0890 0x0b28  IgfxTray - ok
18:29:20.0921 0x0b28  [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
18:29:20.0968 0x0b28  HotKeysCmds - ok
18:29:20.0984 0x0b28  [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
18:29:21.0031 0x0b28  Persistence - ok
18:29:21.0046 0x0b28  KernelFaultCheck - ok
18:29:21.0125 0x0b28  [ C4AA81EA4434C2C14B6648AD7CD8294E, 6D1502770912BD50B310BD068A43188E4CF2C674631BB7A20EAF2E0CFA9C870A ] c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
18:29:21.0203 0x0b28  XboxStat - ok
18:29:21.0218 0x0b28  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0437 0x0b28  CTFMON.EXE - ok
18:29:21.0468 0x0b28  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0671 0x0b28  CTFMON.EXE - ok
18:29:21.0734 0x0b28  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:29:21.0921 0x0b28  CTFMON.EXE - ok
18:29:21.0968 0x0b28  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
18:29:22.0156 0x0b28  CTFMON.EXE - ok
18:29:22.0484 0x0b28  [ 6CB0A7EFED5A8B3AAF82D8FF1BF6CB72, 5E306C3145120F14EA407AB431513FA0F6DBFB8B7B2AEE443E1BEC4BD9393F77 ] C:\Programme\DAEMON Tools Lite\DTAgent.exe
18:29:22.0812 0x0b28  DAEMON Tools Lite Automount - ok
18:29:22.0890 0x0b28  Akamai NetSession Interface - ok
18:29:22.0890 0x0b28  Waiting for KSN requests completion. In queue: 11
18:29:23.0890 0x0b28  Waiting for KSN requests completion. In queue: 11
18:29:24.0890 0x0b28  Waiting for KSN requests completion. In queue: 11
18:29:25.0984 0x0b28  AV detected via SS1: Avira Antivirus, 15.0.11.572, enabled, updated
18:29:26.0000 0x0b28  Win FW state via NFM: enabled
18:29:28.0390 0x0b28  ============================================================
18:29:28.0390 0x0b28  Scan finished
18:29:28.0390 0x0b28  ============================================================
18:29:28.0437 0x0fa0  Detected object count: 1
18:29:28.0437 0x0fa0  Actual detected object count: 1
18:37:45.0687 0x0fa0  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:37:45.0687 0x0fa0  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
18:38:19.0734 0x01bc  Deinitialize success
         


Geändert von Anti-Trojana (17.06.2015 um 23:23 Uhr)

Alt 17.06.2015, 23:25   #6
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



LOGFILE 2
Code:
ATTFilter
20:00:56.0406 0x0854  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:00:59.0484 0x0854  ============================================================
20:00:59.0484 0x0854  Current date / time: 2015/06/16 20:00:59.0484
20:00:59.0484 0x0854  SystemInfo:
20:00:59.0484 0x0854  
20:00:59.0484 0x0854  OS Version: 5.1.2600 ServicePack: 3.0
20:00:59.0484 0x0854  Product type: Workstation
20:00:59.0484 0x0854  ComputerName: ASPIRE
20:00:59.0484 0x0854  UserName: Administrator
20:00:59.0484 0x0854  Windows directory: C:\WINDOWS
20:00:59.0484 0x0854  System windows directory: C:\WINDOWS
20:00:59.0484 0x0854  Processor architecture: Intel x86
20:00:59.0484 0x0854  Number of processors: 2
20:00:59.0484 0x0854  Page size: 0x1000
20:00:59.0484 0x0854  Boot type: Normal boot
20:00:59.0484 0x0854  ============================================================
20:01:02.0609 0x0854  KLMD registered as C:\WINDOWS\system32\drivers\47635482.sys
20:01:02.0812 0x0854  System UUID: {27CBF010-E887-F38E-70A1-AB45267BF284}
20:01:03.0906 0x0854  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:01:03.0937 0x0854  ============================================================
20:01:03.0937 0x0854  \Device\Harddisk0\DR0:
20:01:03.0937 0x0854  MBR partitions:
20:01:03.0937 0x0854  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
20:01:03.0937 0x0854  ============================================================
20:01:03.0953 0x0854  C: <-> \Device\Harddisk0\DR0\Partition1
20:01:03.0953 0x0854  ============================================================
20:01:03.0953 0x0854  Initialize success
20:01:03.0953 0x0854  ============================================================
20:01:10.0156 0x0fa4  ============================================================
20:01:10.0156 0x0fa4  Scan started
20:01:10.0156 0x0fa4  Mode: Manual; SigCheck; TDLFS; 
20:01:10.0156 0x0fa4  ============================================================
20:01:10.0156 0x0fa4  KSN ping started
20:01:10.0328 0x0fa4  KSN ping finished: false
20:01:10.0937 0x0fa4  ================ Scan system memory ========================
20:01:10.0937 0x0fa4  System memory - ok
20:01:10.0937 0x0fa4  ================ Scan services =============================
20:01:11.0078 0x0fa4  Abiosdsk - ok
20:01:11.0093 0x0fa4  abp480n5 - ok
20:01:11.0171 0x0fa4  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:01:12.0437 0x0fa4  ACPI - ok
20:01:12.0546 0x0fa4  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:01:12.0750 0x0fa4  ACPIEC - ok
20:01:12.0765 0x0fa4  adpu160m - ok
20:01:12.0843 0x0fa4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:01:13.0125 0x0fa4  aec - ok
20:01:13.0171 0x0fa4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:01:13.0234 0x0fa4  AFD - ok
20:01:13.0250 0x0fa4  Aha154x - ok
20:01:13.0250 0x0fa4  aic78u2 - ok
20:01:13.0265 0x0fa4  aic78xx - ok
20:01:13.0296 0x0fa4  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:01:13.0562 0x0fa4  Alerter - ok
20:01:13.0578 0x0fa4  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
20:01:13.0796 0x0fa4  ALG - ok
20:01:13.0812 0x0fa4  AliIde - ok
20:01:14.0000 0x0fa4  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
20:01:14.0187 0x0fa4  Ambfilt - ok
20:01:14.0203 0x0fa4  amsint - ok
20:01:14.0406 0x0fa4  [ 6C82CA438DBBB56EBF46506360411BC9, 61B95C2B92586C80173D12B0D0435DB20DC941A9E1594A90A39569F5888BE4F4 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
20:01:14.0578 0x0fa4  AntiVirMailService - ok
20:01:14.0656 0x0fa4  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:01:14.0750 0x0fa4  AntiVirSchedulerService - ok
20:01:14.0828 0x0fa4  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:01:14.0906 0x0fa4  AntiVirService - ok
20:01:15.0062 0x0fa4  [ A9861F16762ABF8C1710E599FBBA6A7E, 42E3E1DDB6BA608928537AA83FF4312A6D6FE7DB0DEF4A1DFA69132F2394E899 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:01:15.0234 0x0fa4  AntiVirWebService - ok
20:01:15.0296 0x0fa4  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:01:15.0656 0x0fa4  AppMgmt - ok
20:01:15.0796 0x0fa4  [ 7CAE93FE5511D0C0688CFA56CF241E31, EF02A5A8FE71A8DAA99D2D82573EA91706B580DFB2A212B4D862C6500498CD87 ] AR5416          C:\WINDOWS\system32\DRIVERS\athw.sys
20:01:15.0984 0x0fa4  AR5416 - ok
20:01:16.0000 0x0fa4  asc - ok
20:01:16.0000 0x0fa4  asc3350p - ok
20:01:16.0015 0x0fa4  asc3550 - ok
20:01:16.0109 0x0fa4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:01:16.0171 0x0fa4  aspnet_state - ok
20:01:16.0218 0x0fa4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:01:16.0546 0x0fa4  AsyncMac - ok
20:01:16.0593 0x0fa4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:01:16.0859 0x0fa4  atapi - ok
20:01:16.0859 0x0fa4  Atdisk - ok
20:01:16.0890 0x0fa4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:01:17.0125 0x0fa4  Atmarpc - ok
20:01:17.0187 0x0fa4  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:01:17.0406 0x0fa4  AudioSrv - ok
20:01:17.0484 0x0fa4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:01:17.0687 0x0fa4  audstub - ok
20:01:17.0750 0x0fa4  [ 18FB1022DAFC9036ADA9ECF432FAFD06, AFA23C96BDAE15DF4AB32F4CCA04A9D5C5C242E704DC12237CBF57757EBC35AE ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:01:17.0781 0x0fa4  avgntflt - ok
20:01:17.0828 0x0fa4  [ 062494C204553210FFC0FC33EA58EB36, 2A02003334D3F736907E743C5AB04604228E89DD918E060CCA346F8E739BEB16 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:01:17.0843 0x0fa4  avipbb - ok
20:01:17.0890 0x0fa4  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:01:17.0906 0x0fa4  avkmgr - ok
20:01:17.0968 0x0fa4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:01:18.0234 0x0fa4  Beep - ok
20:01:18.0312 0x0fa4  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
20:01:18.0609 0x0fa4  BITS - ok
20:01:18.0687 0x0fa4  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
20:01:18.0765 0x0fa4  Browser - ok
20:01:18.0796 0x0fa4  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:01:19.0062 0x0fa4  BthEnum - ok
20:01:19.0109 0x0fa4  [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
20:01:19.0421 0x0fa4  BTHMODEM - ok
20:01:19.0453 0x0fa4  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:01:19.0656 0x0fa4  BthPan - ok
20:01:19.0750 0x0fa4  [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
20:01:19.0828 0x0fa4  BTHPORT - ok
20:01:19.0859 0x0fa4  [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ         C:\WINDOWS\System32\bthserv.dll
20:01:20.0078 0x0fa4  BthServ - ok
20:01:20.0125 0x0fa4  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:01:20.0390 0x0fa4  BTHUSB - ok
20:01:20.0421 0x0fa4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:01:20.0625 0x0fa4  cbidf2k - ok
20:01:20.0703 0x0fa4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:01:20.0953 0x0fa4  CCDECODE - ok
20:01:20.0953 0x0fa4  cd20xrnt - ok
20:01:21.0031 0x0fa4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:01:21.0296 0x0fa4  Cdaudio - ok
20:01:21.0343 0x0fa4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:01:21.0656 0x0fa4  Cdfs - ok
20:01:21.0687 0x0fa4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:01:21.0906 0x0fa4  Cdrom - ok
20:01:21.0906 0x0fa4  Changer - ok
20:01:21.0984 0x0fa4  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:01:22.0187 0x0fa4  CiSvc - ok
20:01:22.0250 0x0fa4  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:01:22.0468 0x0fa4  ClipSrv - ok
20:01:22.0531 0x0fa4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:22.0593 0x0fa4  clr_optimization_v2.0.50727_32 - ok
20:01:22.0671 0x0fa4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:22.0687 0x0fa4  clr_optimization_v4.0.30319_32 - ok
20:01:22.0734 0x0fa4  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:01:22.0953 0x0fa4  CmBatt - ok
20:01:22.0953 0x0fa4  CmdIde - ok
20:01:23.0000 0x0fa4  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:01:23.0265 0x0fa4  Compbatt - ok
20:01:23.0265 0x0fa4  COMSysApp - ok
20:01:23.0281 0x0fa4  Cpqarray - ok
20:01:23.0343 0x0fa4  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:01:23.0562 0x0fa4  CryptSvc - ok
20:01:23.0562 0x0fa4  dac2w2k - ok
20:01:23.0578 0x0fa4  dac960nt - ok
20:01:23.0687 0x0fa4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:01:23.0781 0x0fa4  DcomLaunch - ok
20:01:23.0828 0x0fa4  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:01:24.0046 0x0fa4  Dhcp - ok
20:01:24.0265 0x0fa4  [ 589C7025A04F697B3D140ACCEC5F8592, 8470CB7BD2892E9452A8BD713F85D573AC6B4BFAE25D28A578D329311196EA34 ] Disc Soft Lite Bus Service C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
20:01:24.0437 0x0fa4  Disc Soft Lite Bus Service - ok
20:01:24.0484 0x0fa4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:01:24.0796 0x0fa4  Disk - ok
20:01:24.0812 0x0fa4  dmadmin - ok
20:01:24.0906 0x0fa4  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:01:25.0234 0x0fa4  dmboot - ok
20:01:25.0296 0x0fa4  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:01:25.0515 0x0fa4  dmio - ok
20:01:25.0593 0x0fa4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:01:25.0859 0x0fa4  dmload - ok
20:01:25.0906 0x0fa4  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:01:26.0187 0x0fa4  dmserver - ok
20:01:26.0312 0x0fa4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:01:26.0703 0x0fa4  DMusic - ok
20:01:26.0750 0x0fa4  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:01:26.0796 0x0fa4  Dnscache - ok
20:01:26.0843 0x0fa4  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:01:27.0265 0x0fa4  Dot3svc - ok
20:01:27.0265 0x0fa4  dpti2o - ok
20:01:27.0296 0x0fa4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:01:27.0578 0x0fa4  drmkaud - ok
20:01:27.0625 0x0fa4  [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus   C:\WINDOWS\system32\DRIVERS\dtlitescsibus.sys
20:01:27.0656 0x0fa4  dtlitescsibus - ok
20:01:27.0703 0x0fa4  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:01:28.0015 0x0fa4  EapHost - ok
20:01:28.0062 0x0fa4  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:01:28.0328 0x0fa4  ERSvc - ok
20:01:28.0390 0x0fa4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
20:01:28.0421 0x0fa4  Eventlog - ok
20:01:28.0484 0x0fa4  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
20:01:28.0546 0x0fa4  EventSystem - ok
20:01:28.0593 0x0fa4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:01:28.0796 0x0fa4  Fastfat - ok
20:01:28.0875 0x0fa4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:01:28.0953 0x0fa4  FastUserSwitchingCompatibility - ok
20:01:28.0968 0x0fa4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
20:01:29.0171 0x0fa4  Fdc - ok
20:01:29.0187 0x0fa4  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:01:29.0421 0x0fa4  Fips - ok
20:01:29.0500 0x0fa4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
20:01:29.0687 0x0fa4  Flpydisk - ok
20:01:29.0765 0x0fa4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:01:30.0046 0x0fa4  FltMgr - ok
20:01:30.0062 0x0fa4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:01:30.0328 0x0fa4  Fs_Rec - ok
20:01:30.0421 0x0fa4  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:01:30.0750 0x0fa4  Ftdisk - ok
20:01:30.0812 0x0fa4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:01:31.0156 0x0fa4  Gpc - ok
20:01:31.0203 0x0fa4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:01:31.0484 0x0fa4  HDAudBus - ok
20:01:31.0593 0x0fa4  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:01:31.0843 0x0fa4  helpsvc - ok
20:01:31.0890 0x0fa4  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:01:32.0109 0x0fa4  HidServ - ok
20:01:32.0156 0x0fa4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:01:32.0359 0x0fa4  HidUsb - ok
20:01:32.0437 0x0fa4  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:01:32.0718 0x0fa4  hkmsvc - ok
20:01:32.0718 0x0fa4  hpn - ok
20:01:32.0781 0x0fa4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:01:32.0828 0x0fa4  HTTP - ok
20:01:32.0859 0x0fa4  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:01:33.0156 0x0fa4  HTTPFilter - ok
20:01:33.0156 0x0fa4  i2omgmt - ok
20:01:33.0171 0x0fa4  i2omp - ok
20:01:33.0234 0x0fa4  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:01:33.0437 0x0fa4  i8042prt - ok
20:01:33.0937 0x0fa4  [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:01:34.0812 0x0fa4  ialm - ok
20:01:34.0890 0x0fa4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:01:35.0125 0x0fa4  Imapi - ok
20:01:35.0171 0x0fa4  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:01:35.0406 0x0fa4  ImapiService - ok
20:01:35.0421 0x0fa4  ini910u - ok
20:01:35.0921 0x0fa4  [ 2E9CDF1766FA55E88443E1EF48923BC8, 34194B34A0D5974B3207E774265A533F3D9181CBBDD382ABD0E3AB85BBCB76A7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:01:36.0703 0x0fa4  IntcAzAudAddService - ok
20:01:36.0734 0x0fa4  IntelIde - ok
20:01:36.0812 0x0fa4  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:01:37.0125 0x0fa4  intelppm - ok
20:01:37.0156 0x0fa4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:01:37.0437 0x0fa4  Ip6Fw - ok
20:01:37.0500 0x0fa4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:01:37.0750 0x0fa4  IpFilterDriver - ok
20:01:37.0781 0x0fa4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:01:38.0000 0x0fa4  IpInIp - ok
20:01:38.0062 0x0fa4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:01:38.0312 0x0fa4  IpNat - ok
20:01:38.0375 0x0fa4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:01:38.0625 0x0fa4  IPSec - ok
20:01:38.0656 0x0fa4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:01:38.0859 0x0fa4  IRENUM - ok
20:01:38.0921 0x0fa4  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:01:39.0140 0x0fa4  isapnp - ok
20:01:39.0171 0x0fa4  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:01:39.0375 0x0fa4  Kbdclass - ok
20:01:39.0437 0x0fa4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:01:39.0656 0x0fa4  kmixer - ok
20:01:39.0734 0x0fa4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:01:39.0828 0x0fa4  KSecDD - ok
20:01:39.0859 0x0fa4  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:01:39.0937 0x0fa4  lanmanserver - ok
20:01:40.0000 0x0fa4  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:01:40.0046 0x0fa4  lanmanworkstation - ok
20:01:40.0062 0x0fa4  lbrtfdc - ok
20:01:40.0125 0x0fa4  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:01:40.0390 0x0fa4  LmHosts - ok
20:01:40.0406 0x0fa4  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:01:40.0609 0x0fa4  Messenger - ok
20:01:40.0687 0x0fa4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:01:40.0906 0x0fa4  mnmdd - ok
20:01:40.0968 0x0fa4  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:01:41.0187 0x0fa4  mnmsrvc - ok
20:01:41.0250 0x0fa4  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:01:41.0531 0x0fa4  Modem - ok
20:01:41.0687 0x0fa4  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
20:01:41.0843 0x0fa4  Monfilt - ok
20:01:41.0875 0x0fa4  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:01:42.0093 0x0fa4  Mouclass - ok
20:01:42.0140 0x0fa4  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:01:42.0359 0x0fa4  mouhid - ok
20:01:42.0421 0x0fa4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:01:42.0671 0x0fa4  MountMgr - ok
20:01:42.0671 0x0fa4  mraid35x - ok
20:01:42.0703 0x0fa4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:01:42.0921 0x0fa4  MRxDAV - ok
20:01:43.0000 0x0fa4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:01:43.0125 0x0fa4  MRxSmb - ok
20:01:43.0156 0x0fa4  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:01:43.0359 0x0fa4  MSDTC - ok
20:01:43.0421 0x0fa4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:01:43.0656 0x0fa4  Msfs - ok
20:01:43.0656 0x0fa4  MSIServer - ok
20:01:43.0687 0x0fa4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:01:43.0906 0x0fa4  MSKSSRV - ok
20:01:43.0968 0x0fa4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:01:44.0156 0x0fa4  MSPCLOCK - ok
20:01:44.0187 0x0fa4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:01:44.0406 0x0fa4  MSPQM - ok
20:01:44.0484 0x0fa4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:01:44.0718 0x0fa4  mssmbios - ok
20:01:44.0750 0x0fa4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:01:44.0968 0x0fa4  MSTEE - ok
20:01:45.0046 0x0fa4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:01:45.0109 0x0fa4  Mup - ok
20:01:45.0140 0x0fa4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:01:45.0406 0x0fa4  NABTSFEC - ok
20:01:45.0484 0x0fa4  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:01:45.0828 0x0fa4  napagent - ok
20:01:45.0859 0x0fa4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:01:46.0140 0x0fa4  NDIS - ok
20:01:46.0187 0x0fa4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:01:46.0468 0x0fa4  NdisIP - ok
20:01:46.0515 0x0fa4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:01:46.0578 0x0fa4  NdisTapi - ok
20:01:46.0609 0x0fa4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:01:46.0812 0x0fa4  Ndisuio - ok
20:01:46.0859 0x0fa4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:01:47.0093 0x0fa4  NdisWan - ok
20:01:47.0140 0x0fa4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:01:47.0234 0x0fa4  NDProxy - ok
20:01:47.0281 0x0fa4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:01:47.0531 0x0fa4  NetBIOS - ok
20:01:47.0593 0x0fa4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:01:47.0906 0x0fa4  NetBT - ok
20:01:47.0937 0x0fa4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:01:48.0171 0x0fa4  NetDDE - ok
20:01:48.0234 0x0fa4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:01:48.0453 0x0fa4  NetDDEdsdm - ok
20:01:48.0515 0x0fa4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:01:48.0750 0x0fa4  Netlogon - ok
20:01:48.0828 0x0fa4  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
20:01:49.0093 0x0fa4  Netman - ok
20:01:49.0140 0x0fa4  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:01:49.0187 0x0fa4  Nla - ok
20:01:49.0234 0x0fa4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:01:49.0437 0x0fa4  Npfs - ok
20:01:49.0484 0x0fa4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:01:49.0765 0x0fa4  Ntfs - ok
20:01:49.0812 0x0fa4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:01:50.0062 0x0fa4  NtLmSsp - ok
20:01:50.0125 0x0fa4  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:01:50.0375 0x0fa4  NtmsSvc - ok
20:01:50.0437 0x0fa4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:01:50.0640 0x0fa4  Null - ok
20:01:50.0703 0x0fa4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:01:50.0906 0x0fa4  NwlnkFlt - ok
20:01:50.0921 0x0fa4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:01:51.0140 0x0fa4  NwlnkFwd - ok
20:01:51.0187 0x0fa4  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
20:01:51.0406 0x0fa4  Parport - ok
20:01:51.0468 0x0fa4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:01:51.0671 0x0fa4  PartMgr - ok
20:01:51.0718 0x0fa4  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:01:51.0921 0x0fa4  ParVdm - ok
20:01:51.0984 0x0fa4  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:01:52.0234 0x0fa4  PCI - ok
20:01:52.0250 0x0fa4  PCIDump - ok
20:01:52.0296 0x0fa4  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:01:52.0500 0x0fa4  PCIIde - ok
20:01:52.0578 0x0fa4  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:01:52.0781 0x0fa4  Pcmcia - ok
20:01:52.0781 0x0fa4  PDCOMP - ok
20:01:52.0796 0x0fa4  PDFRAME - ok
20:01:52.0812 0x0fa4  PDRELI - ok
20:01:52.0812 0x0fa4  PDRFRAME - ok
20:01:52.0828 0x0fa4  perc2 - ok
20:01:52.0843 0x0fa4  perc2hib - ok
20:01:52.0906 0x0fa4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
20:01:52.0937 0x0fa4  PlugPlay - ok
20:01:53.0000 0x0fa4  [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
20:01:53.0031 0x0fa4  PnkBstrA - ok
20:01:53.0062 0x0fa4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:01:53.0250 0x0fa4  PolicyAgent - ok
20:01:53.0343 0x0fa4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:01:53.0578 0x0fa4  PptpMiniport - ok
20:01:53.0625 0x0fa4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:01:53.0812 0x0fa4  ProtectedStorage - ok
20:01:53.0828 0x0fa4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:01:54.0109 0x0fa4  PSched - ok
20:01:54.0125 0x0fa4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:01:54.0359 0x0fa4  Ptilink - ok
20:01:54.0359 0x0fa4  ql1080 - ok
20:01:54.0375 0x0fa4  Ql10wnt - ok
20:01:54.0390 0x0fa4  ql12160 - ok
20:01:54.0390 0x0fa4  ql1240 - ok
20:01:54.0406 0x0fa4  ql1280 - ok
20:01:54.0468 0x0fa4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:01:54.0671 0x0fa4  RasAcd - ok
20:01:54.0734 0x0fa4  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:01:54.0968 0x0fa4  RasAuto - ok
20:01:55.0015 0x0fa4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:01:55.0312 0x0fa4  Rasl2tp - ok
20:01:55.0359 0x0fa4  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:01:55.0593 0x0fa4  RasMan - ok
20:01:55.0640 0x0fa4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:01:55.0859 0x0fa4  RasPppoe - ok
20:01:55.0859 0x0fa4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:01:56.0109 0x0fa4  Raspti - ok
20:01:56.0140 0x0fa4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:01:56.0359 0x0fa4  Rdbss - ok
20:01:56.0406 0x0fa4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:01:56.0609 0x0fa4  RDPCDD - ok
20:01:56.0703 0x0fa4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:01:56.0921 0x0fa4  rdpdr - ok
20:01:57.0015 0x0fa4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:01:57.0109 0x0fa4  RDPWD - ok
20:01:57.0171 0x0fa4  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:01:57.0375 0x0fa4  RDSessMgr - ok
20:01:57.0437 0x0fa4  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:01:57.0687 0x0fa4  redbook - ok
20:01:57.0750 0x0fa4  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:01:57.0968 0x0fa4  RemoteAccess - ok
20:01:58.0031 0x0fa4  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:01:58.0281 0x0fa4  RemoteRegistry - ok
20:01:58.0312 0x0fa4  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:01:58.0500 0x0fa4  RFCOMM - ok
20:01:58.0593 0x0fa4  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:01:58.0796 0x0fa4  RpcLocator - ok
20:01:58.0890 0x0fa4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:01:58.0937 0x0fa4  RpcSs - ok
20:01:59.0000 0x0fa4  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:01:59.0296 0x0fa4  RSVP - ok
20:01:59.0312 0x0fa4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:01:59.0515 0x0fa4  SamSs - ok
20:01:59.0578 0x0fa4  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:01:59.0781 0x0fa4  SCardSvr - ok
20:01:59.0875 0x0fa4  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:02:00.0078 0x0fa4  Schedule - ok
20:02:00.0140 0x0fa4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:02:00.0390 0x0fa4  Secdrv - ok
20:02:00.0421 0x0fa4  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:02:00.0625 0x0fa4  seclogon - ok
20:02:00.0687 0x0fa4  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
20:02:00.0890 0x0fa4  SENS - ok
20:02:00.0968 0x0fa4  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
20:02:01.0203 0x0fa4  Serial - ok
20:02:01.0265 0x0fa4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:02:01.0515 0x0fa4  Sfloppy - ok
20:02:01.0578 0x0fa4  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:02:01.0890 0x0fa4  SharedAccess - ok
20:02:01.0968 0x0fa4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:02:02.0015 0x0fa4  ShellHWDetection - ok
20:02:02.0015 0x0fa4  Simbad - ok
20:02:02.0062 0x0fa4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:02:02.0312 0x0fa4  SLIP - ok
20:02:02.0328 0x0fa4  Sparrow - ok
20:02:02.0406 0x0fa4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:02:02.0656 0x0fa4  splitter - ok
20:02:02.0687 0x0fa4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:02:02.0750 0x0fa4  Spooler - ok
20:02:02.0796 0x0fa4  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:02:03.0015 0x0fa4  sr - ok
20:02:03.0093 0x0fa4  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
20:02:03.0312 0x0fa4  srservice - ok
20:02:03.0406 0x0fa4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:02:03.0531 0x0fa4  Srv - ok
20:02:03.0578 0x0fa4  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:02:03.0781 0x0fa4  SSDPSRV - ok
20:02:03.0859 0x0fa4  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:02:03.0890 0x0fa4  ssmdrv - ok
20:02:03.0953 0x0fa4  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:02:04.0250 0x0fa4  stisvc - ok
20:02:04.0312 0x0fa4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:02:04.0593 0x0fa4  streamip - ok
20:02:04.0640 0x0fa4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:02:04.0875 0x0fa4  swenum - ok
20:02:04.0953 0x0fa4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:02:05.0218 0x0fa4  swmidi - ok
20:02:05.0234 0x0fa4  SwPrv - ok
20:02:05.0250 0x0fa4  symc810 - ok
20:02:05.0250 0x0fa4  symc8xx - ok
20:02:05.0265 0x0fa4  sym_hi - ok
20:02:05.0281 0x0fa4  sym_u3 - ok
20:02:05.0328 0x0fa4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:02:05.0578 0x0fa4  sysaudio - ok
20:02:05.0625 0x0fa4  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:02:05.0828 0x0fa4  SysmonLog - ok
20:02:05.0921 0x0fa4  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:02:06.0156 0x0fa4  TapiSrv - ok
20:02:06.0203 0x0fa4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:02:06.0281 0x0fa4  Tcpip - ok
20:02:06.0328 0x0fa4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:02:06.0593 0x0fa4  TDPIPE - ok
20:02:06.0625 0x0fa4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:02:06.0828 0x0fa4  TDTCP - ok
20:02:06.0875 0x0fa4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:02:07.0109 0x0fa4  TermDD - ok
20:02:07.0171 0x0fa4  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
20:02:07.0453 0x0fa4  TermService - ok
20:02:07.0515 0x0fa4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:02:07.0578 0x0fa4  Themes - ok
20:02:07.0609 0x0fa4  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:02:07.0828 0x0fa4  TlntSvr - ok
20:02:07.0843 0x0fa4  TosIde - ok
20:02:07.0921 0x0fa4  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:02:08.0156 0x0fa4  TrkWks - ok
20:02:08.0250 0x0fa4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:02:08.0453 0x0fa4  Udfs - ok
20:02:08.0453 0x0fa4  ultra - ok
20:02:08.0531 0x0fa4  [ 1977313E362C8732C1AF4D1BCB9C06B7, C87AD4D2ECBA736C2B2FA55983C543FF5EB19BBBDF689462884CD7819217458F ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
20:02:08.0562 0x0fa4  UMWdf - detected UnsignedFile.Multi.Generic ( 1 )
20:02:08.0734 0x0fa4  UMWdf ( UnsignedFile.Multi.Generic ) - warning
20:02:08.0796 0x0fa4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:02:09.0109 0x0fa4  Update - ok
20:02:09.0156 0x0fa4  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:02:09.0406 0x0fa4  upnphost - ok
20:02:09.0453 0x0fa4  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
20:02:09.0656 0x0fa4  UPS - ok
20:02:09.0734 0x0fa4  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:02:09.0812 0x0fa4  usbaudio - ok
20:02:09.0859 0x0fa4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:02:09.0921 0x0fa4  usbccgp - ok
20:02:09.0937 0x0fa4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:02:09.0968 0x0fa4  usbehci - ok
20:02:09.0984 0x0fa4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:02:10.0187 0x0fa4  usbhub - ok
20:02:10.0234 0x0fa4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:02:10.0484 0x0fa4  usbstor - ok
20:02:10.0515 0x0fa4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:02:10.0718 0x0fa4  usbuhci - ok
20:02:10.0781 0x0fa4  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
20:02:10.0812 0x0fa4  usbvideo - ok
20:02:10.0843 0x0fa4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:02:11.0109 0x0fa4  VgaSave - ok
20:02:11.0109 0x0fa4  ViaIde - ok
20:02:11.0156 0x0fa4  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:02:11.0375 0x0fa4  VolSnap - ok
20:02:11.0468 0x0fa4  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
20:02:11.0796 0x0fa4  VSS - ok
20:02:11.0828 0x0fa4  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
20:02:12.0031 0x0fa4  W32Time - ok
20:02:12.0109 0x0fa4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:02:12.0312 0x0fa4  Wanarp - ok
20:02:12.0421 0x0fa4  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
20:02:12.0500 0x0fa4  Wdf01000 - ok
20:02:12.0500 0x0fa4  WDICA - ok
20:02:12.0531 0x0fa4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:02:12.0765 0x0fa4  wdmaud - ok
20:02:12.0812 0x0fa4  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:02:13.0078 0x0fa4  WebClient - ok
20:02:13.0156 0x0fa4  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:02:13.0437 0x0fa4  winmgmt - ok
20:02:13.0484 0x0fa4  [ 5FDCCC838CD95F61097D8A637F842AA8, 9EB9E7BEFFF061E1BABABB13C6C9194E835E53F2D550F5C666F5A4B2FAC2B6D5 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
20:02:13.0500 0x0fa4  WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
20:02:13.0500 0x0fa4  WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
20:02:13.0593 0x0fa4  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:02:13.0718 0x0fa4  Wmi - ok
20:02:13.0750 0x0fa4  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:02:13.0937 0x0fa4  WmiAcpi - ok
20:02:14.0015 0x0fa4  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:02:14.0281 0x0fa4  WmiApSrv - ok
20:02:14.0406 0x0fa4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:02:14.0500 0x0fa4  WPFFontCache_v0400 - ok
20:02:14.0546 0x0fa4  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:02:14.0781 0x0fa4  wscsvc - ok
20:02:14.0859 0x0fa4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:02:15.0093 0x0fa4  WSTCODEC - ok
20:02:15.0140 0x0fa4  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:02:15.0406 0x0fa4  wuauserv - ok
20:02:15.0515 0x0fa4  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:02:15.0906 0x0fa4  WZCSVC - ok
20:02:15.0937 0x0fa4  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:02:16.0203 0x0fa4  xmlprov - ok
20:02:16.0296 0x0fa4  [ 09E5340BD9B2CB730BF4DC6BE7721291, 785DEFAE550CAB5BDFA15CF195A1DEF5AD188EFEAD2D8B1508972CF892BB75A9 ] xusb21          C:\WINDOWS\system32\DRIVERS\xusb21.sys
20:02:16.0328 0x0fa4  xusb21 - ok
20:02:16.0343 0x0fa4  ================ Scan global ===============================
20:02:16.0390 0x0fa4  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
20:02:16.0437 0x0fa4  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
20:02:16.0500 0x0fa4  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
20:02:16.0546 0x0fa4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
20:02:16.0546 0x0fa4  [ Global ] - ok
20:02:16.0546 0x0fa4  ================ Scan MBR ==================================
20:02:16.0562 0x0fa4  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:02:16.0843 0x0fa4  \Device\Harddisk0\DR0 - ok
20:02:16.0843 0x0fa4  ================ Scan VBR ==================================
20:02:16.0843 0x0fa4  [ 61832E024DE1742A9A6FEAB7F4168BC8 ] \Device\Harddisk0\DR0\Partition1
20:02:16.0843 0x0fa4  \Device\Harddisk0\DR0\Partition1 - ok
20:02:16.0843 0x0fa4  ================ Scan generic autorun ======================
20:02:18.0328 0x0fa4  [ 496974CF715C9129D38539A4972E01E4, 00B682BDF37D33391C387F2B84F2688083860A511405B9492196DD6C85C7646C ] C:\WINDOWS\RTHDCPL.EXE
20:02:20.0359 0x0fa4  RTHDCPL - ok
20:02:20.0437 0x0fa4  BluetoothAuthenticationAgent - ok
20:02:20.0515 0x0fa4  [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
20:02:20.0640 0x0fa4  avgnt - ok
20:02:20.0656 0x0fa4  [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
20:02:20.0718 0x0fa4  IgfxTray - ok
20:02:20.0734 0x0fa4  [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
20:02:20.0796 0x0fa4  HotKeysCmds - ok
20:02:20.0812 0x0fa4  [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
20:02:20.0875 0x0fa4  Persistence - ok
20:02:20.0890 0x0fa4  KernelFaultCheck - ok
20:02:20.0968 0x0fa4  [ C4AA81EA4434C2C14B6648AD7CD8294E, 6D1502770912BD50B310BD068A43188E4CF2C674631BB7A20EAF2E0CFA9C870A ] c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
20:02:21.0093 0x0fa4  XboxStat - ok
20:02:21.0109 0x0fa4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0421 0x0fa4  CTFMON.EXE - ok
20:02:21.0453 0x0fa4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0687 0x0fa4  CTFMON.EXE - ok
20:02:21.0734 0x0fa4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0953 0x0fa4  CTFMON.EXE - ok
20:02:22.0015 0x0fa4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
20:02:22.0203 0x0fa4  CTFMON.EXE - ok
20:02:22.0515 0x0fa4  [ 6CB0A7EFED5A8B3AAF82D8FF1BF6CB72, 5E306C3145120F14EA407AB431513FA0F6DBFB8B7B2AEE443E1BEC4BD9393F77 ] C:\Programme\DAEMON Tools Lite\DTAgent.exe
20:02:23.0015 0x0fa4  DAEMON Tools Lite Automount - ok
20:02:23.0125 0x0fa4  Akamai NetSession Interface - ok
20:02:23.0203 0x0fa4  AV detected via SS1: Avira Antivirus, 15.0.11.572, enabled, updated
20:02:23.0218 0x0fa4  Win FW state via NFM: enabled
20:02:23.0218 0x0fa4  ============================================================
20:02:23.0218 0x0fa4  Scan finished
20:02:23.0218 0x0fa4  ============================================================
20:02:23.0234 0x0e4c  Detected object count: 2
20:02:23.0234 0x0e4c  Actual detected object count: 2
20:02:24.0812 0x0e4c  UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:24.0812 0x0e4c  UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:02:24.0828 0x0e4c  WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:24.0828 0x0e4c  WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:02:27.0812 0x0d20  Deinitialize success
         
20:00:56.0406 0x0854 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:00:59.0484 0x0854 ============================================================
20:00:59.0484 0x0854 Current date / time: 2015/06/16 20:00:59.0484
20:00:59.0484 0x0854 SystemInfo:
20:00:59.0484 0x0854
20:00:59.0484 0x0854 OS Version: 5.1.2600 ServicePack: 3.0
20:00:59.0484 0x0854 Product type: Workstation
20:00:59.0484 0x0854 ComputerName: ASPIRE
20:00:59.0484 0x0854 UserName: Administrator
20:00:59.0484 0x0854 Windows directory: C:\WINDOWS
20:00:59.0484 0x0854 System windows directory: C:\WINDOWS
20:00:59.0484 0x0854 Processor architecture: Intel x86
20:00:59.0484 0x0854 Number of processors: 2
20:00:59.0484 0x0854 Page size: 0x1000
20:00:59.0484 0x0854 Boot type: Normal boot
20:00:59.0484 0x0854 ============================================================
20:01:02.0609 0x0854 KLMD registered as C:\WINDOWS\system32\drivers\47635482.sys
20:01:02.0812 0x0854 System UUID: {27CBF010-E887-F38E-70A1-AB45267BF284}
20:01:03.0906 0x0854 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:01:03.0937 0x0854 ============================================================
20:01:03.0937 0x0854 \Device\Harddisk0\DR0:
20:01:03.0937 0x0854 MBR partitions:
20:01:03.0937 0x0854 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
20:01:03.0937 0x0854 ============================================================
20:01:03.0953 0x0854 C: <-> \Device\Harddisk0\DR0\Partition1
20:01:03.0953 0x0854 ============================================================
20:01:03.0953 0x0854 Initialize success
20:01:03.0953 0x0854 ============================================================
20:01:10.0156 0x0fa4 ============================================================
20:01:10.0156 0x0fa4 Scan started
20:01:10.0156 0x0fa4 Mode: Manual; SigCheck; TDLFS;
20:01:10.0156 0x0fa4 ============================================================
20:01:10.0156 0x0fa4 KSN ping started
20:01:10.0328 0x0fa4 KSN ping finished: false
20:01:10.0937 0x0fa4 ================ Scan system memory ========================
20:01:10.0937 0x0fa4 System memory - ok
20:01:10.0937 0x0fa4 ================ Scan services =============================
20:01:11.0078 0x0fa4 Abiosdsk - ok
20:01:11.0093 0x0fa4 abp480n5 - ok
20:01:11.0171 0x0fa4 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:01:12.0437 0x0fa4 ACPI - ok
20:01:12.0546 0x0fa4 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:01:12.0750 0x0fa4 ACPIEC - ok
20:01:12.0765 0x0fa4 adpu160m - ok
20:01:12.0843 0x0fa4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:01:13.0125 0x0fa4 aec - ok
20:01:13.0171 0x0fa4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:01:13.0234 0x0fa4 AFD - ok
20:01:13.0250 0x0fa4 Aha154x - ok
20:01:13.0250 0x0fa4 aic78u2 - ok
20:01:13.0265 0x0fa4 aic78xx - ok
20:01:13.0296 0x0fa4 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:01:13.0562 0x0fa4 Alerter - ok
20:01:13.0578 0x0fa4 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
20:01:13.0796 0x0fa4 ALG - ok
20:01:13.0812 0x0fa4 AliIde - ok
20:01:14.0000 0x0fa4 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
20:01:14.0187 0x0fa4 Ambfilt - ok
20:01:14.0203 0x0fa4 amsint - ok
20:01:14.0406 0x0fa4 [ 6C82CA438DBBB56EBF46506360411BC9, 61B95C2B92586C80173D12B0D0435DB20DC941A9E1594A90A39569F5888BE4F4 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
20:01:14.0578 0x0fa4 AntiVirMailService - ok
20:01:14.0656 0x0fa4 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:01:14.0750 0x0fa4 AntiVirSchedulerService - ok
20:01:14.0828 0x0fa4 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:01:14.0906 0x0fa4 AntiVirService - ok
20:01:15.0062 0x0fa4 [ A9861F16762ABF8C1710E599FBBA6A7E, 42E3E1DDB6BA608928537AA83FF4312A6D6FE7DB0DEF4A1DFA69132F2394E899 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:01:15.0234 0x0fa4 AntiVirWebService - ok
20:01:15.0296 0x0fa4 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:01:15.0656 0x0fa4 AppMgmt - ok
20:01:15.0796 0x0fa4 [ 7CAE93FE5511D0C0688CFA56CF241E31, EF02A5A8FE71A8DAA99D2D82573EA91706B580DFB2A212B4D862C6500498CD87 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
20:01:15.0984 0x0fa4 AR5416 - ok
20:01:16.0000 0x0fa4 asc - ok
20:01:16.0000 0x0fa4 asc3350p - ok
20:01:16.0015 0x0fa4 asc3550 - ok
20:01:16.0109 0x0fa4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:01:16.0171 0x0fa4 aspnet_state - ok
20:01:16.0218 0x0fa4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:01:16.0546 0x0fa4 AsyncMac - ok
20:01:16.0593 0x0fa4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:01:16.0859 0x0fa4 atapi - ok
20:01:16.0859 0x0fa4 Atdisk - ok
20:01:16.0890 0x0fa4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:01:17.0125 0x0fa4 Atmarpc - ok
20:01:17.0187 0x0fa4 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:01:17.0406 0x0fa4 AudioSrv - ok
20:01:17.0484 0x0fa4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:01:17.0687 0x0fa4 audstub - ok
20:01:17.0750 0x0fa4 [ 18FB1022DAFC9036ADA9ECF432FAFD06, AFA23C96BDAE15DF4AB32F4CCA04A9D5C5C242E704DC12237CBF57757EBC35AE ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:01:17.0781 0x0fa4 avgntflt - ok
20:01:17.0828 0x0fa4 [ 062494C204553210FFC0FC33EA58EB36, 2A02003334D3F736907E743C5AB04604228E89DD918E060CCA346F8E739BEB16 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:01:17.0843 0x0fa4 avipbb - ok
20:01:17.0890 0x0fa4 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:01:17.0906 0x0fa4 avkmgr - ok
20:01:17.0968 0x0fa4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:01:18.0234 0x0fa4 Beep - ok
20:01:18.0312 0x0fa4 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
20:01:18.0609 0x0fa4 BITS - ok
20:01:18.0687 0x0fa4 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
20:01:18.0765 0x0fa4 Browser - ok
20:01:18.0796 0x0fa4 [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:01:19.0062 0x0fa4 BthEnum - ok
20:01:19.0109 0x0fa4 [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
20:01:19.0421 0x0fa4 BTHMODEM - ok
20:01:19.0453 0x0fa4 [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:01:19.0656 0x0fa4 BthPan - ok
20:01:19.0750 0x0fa4 [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
20:01:19.0828 0x0fa4 BTHPORT - ok
20:01:19.0859 0x0fa4 [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ C:\WINDOWS\System32\bthserv.dll
20:01:20.0078 0x0fa4 BthServ - ok
20:01:20.0125 0x0fa4 [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:01:20.0390 0x0fa4 BTHUSB - ok
20:01:20.0421 0x0fa4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:01:20.0625 0x0fa4 cbidf2k - ok
20:01:20.0703 0x0fa4 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:01:20.0953 0x0fa4 CCDECODE - ok
20:01:20.0953 0x0fa4 cd20xrnt - ok
20:01:21.0031 0x0fa4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:01:21.0296 0x0fa4 Cdaudio - ok
20:01:21.0343 0x0fa4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:01:21.0656 0x0fa4 Cdfs - ok
20:01:21.0687 0x0fa4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:01:21.0906 0x0fa4 Cdrom - ok
20:01:21.0906 0x0fa4 Changer - ok
20:01:21.0984 0x0fa4 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:01:22.0187 0x0fa4 CiSvc - ok
20:01:22.0250 0x0fa4 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:01:22.0468 0x0fa4 ClipSrv - ok
20:01:22.0531 0x0fa4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:22.0593 0x0fa4 clr_optimization_v2.0.50727_32 - ok
20:01:22.0671 0x0fa4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:22.0687 0x0fa4 clr_optimization_v4.0.30319_32 - ok
20:01:22.0734 0x0fa4 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:01:22.0953 0x0fa4 CmBatt - ok
20:01:22.0953 0x0fa4 CmdIde - ok
20:01:23.0000 0x0fa4 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:01:23.0265 0x0fa4 Compbatt - ok
20:01:23.0265 0x0fa4 COMSysApp - ok
20:01:23.0281 0x0fa4 Cpqarray - ok
20:01:23.0343 0x0fa4 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:01:23.0562 0x0fa4 CryptSvc - ok
20:01:23.0562 0x0fa4 dac2w2k - ok
20:01:23.0578 0x0fa4 dac960nt - ok
20:01:23.0687 0x0fa4 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:01:23.0781 0x0fa4 DcomLaunch - ok
20:01:23.0828 0x0fa4 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:01:24.0046 0x0fa4 Dhcp - ok
20:01:24.0265 0x0fa4 [ 589C7025A04F697B3D140ACCEC5F8592, 8470CB7BD2892E9452A8BD713F85D573AC6B4BFAE25D28A578D329311196EA34 ] Disc Soft Lite Bus Service C:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
20:01:24.0437 0x0fa4 Disc Soft Lite Bus Service - ok
20:01:24.0484 0x0fa4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:01:24.0796 0x0fa4 Disk - ok
20:01:24.0812 0x0fa4 dmadmin - ok
20:01:24.0906 0x0fa4 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:01:25.0234 0x0fa4 dmboot - ok
20:01:25.0296 0x0fa4 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:01:25.0515 0x0fa4 dmio - ok
20:01:25.0593 0x0fa4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:01:25.0859 0x0fa4 dmload - ok
20:01:25.0906 0x0fa4 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:01:26.0187 0x0fa4 dmserver - ok
20:01:26.0312 0x0fa4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:01:26.0703 0x0fa4 DMusic - ok
20:01:26.0750 0x0fa4 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:01:26.0796 0x0fa4 Dnscache - ok
20:01:26.0843 0x0fa4 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:01:27.0265 0x0fa4 Dot3svc - ok
20:01:27.0265 0x0fa4 dpti2o - ok
20:01:27.0296 0x0fa4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:01:27.0578 0x0fa4 drmkaud - ok
20:01:27.0625 0x0fa4 [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus C:\WINDOWS\system32\DRIVERS\dtlitescsibus.sys
20:01:27.0656 0x0fa4 dtlitescsibus - ok
20:01:27.0703 0x0fa4 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:01:28.0015 0x0fa4 EapHost - ok
20:01:28.0062 0x0fa4 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:01:28.0328 0x0fa4 ERSvc - ok
20:01:28.0390 0x0fa4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
20:01:28.0421 0x0fa4 Eventlog - ok
20:01:28.0484 0x0fa4 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
20:01:28.0546 0x0fa4 EventSystem - ok
20:01:28.0593 0x0fa4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:01:28.0796 0x0fa4 Fastfat - ok
20:01:28.0875 0x0fa4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:01:28.0953 0x0fa4 FastUserSwitchingCompatibility - ok
20:01:28.0968 0x0fa4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:01:29.0171 0x0fa4 Fdc - ok
20:01:29.0187 0x0fa4 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:01:29.0421 0x0fa4 Fips - ok
20:01:29.0500 0x0fa4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:01:29.0687 0x0fa4 Flpydisk - ok
20:01:29.0765 0x0fa4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:01:30.0046 0x0fa4 FltMgr - ok
20:01:30.0062 0x0fa4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:01:30.0328 0x0fa4 Fs_Rec - ok
20:01:30.0421 0x0fa4 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:01:30.0750 0x0fa4 Ftdisk - ok
20:01:30.0812 0x0fa4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:01:31.0156 0x0fa4 Gpc - ok
20:01:31.0203 0x0fa4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:01:31.0484 0x0fa4 HDAudBus - ok
20:01:31.0593 0x0fa4 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:01:31.0843 0x0fa4 helpsvc - ok
20:01:31.0890 0x0fa4 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:01:32.0109 0x0fa4 HidServ - ok
20:01:32.0156 0x0fa4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:01:32.0359 0x0fa4 HidUsb - ok
20:01:32.0437 0x0fa4 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:01:32.0718 0x0fa4 hkmsvc - ok
20:01:32.0718 0x0fa4 hpn - ok
20:01:32.0781 0x0fa4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:01:32.0828 0x0fa4 HTTP - ok
20:01:32.0859 0x0fa4 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:01:33.0156 0x0fa4 HTTPFilter - ok
20:01:33.0156 0x0fa4 i2omgmt - ok
20:01:33.0171 0x0fa4 i2omp - ok
20:01:33.0234 0x0fa4 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:01:33.0437 0x0fa4 i8042prt - ok
20:01:33.0937 0x0fa4 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:01:34.0812 0x0fa4 ialm - ok
20:01:34.0890 0x0fa4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:01:35.0125 0x0fa4 Imapi - ok
20:01:35.0171 0x0fa4 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:01:35.0406 0x0fa4 ImapiService - ok
20:01:35.0421 0x0fa4 ini910u - ok
20:01:35.0921 0x0fa4 [ 2E9CDF1766FA55E88443E1EF48923BC8, 34194B34A0D5974B3207E774265A533F3D9181CBBDD382ABD0E3AB85BBCB76A7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:01:36.0703 0x0fa4 IntcAzAudAddService - ok
20:01:36.0734 0x0fa4 IntelIde - ok
20:01:36.0812 0x0fa4 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:01:37.0125 0x0fa4 intelppm - ok
20:01:37.0156 0x0fa4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:01:37.0437 0x0fa4 Ip6Fw - ok
20:01:37.0500 0x0fa4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:01:37.0750 0x0fa4 IpFilterDriver - ok
20:01:37.0781 0x0fa4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:01:38.0000 0x0fa4 IpInIp - ok
20:01:38.0062 0x0fa4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:01:38.0312 0x0fa4 IpNat - ok
20:01:38.0375 0x0fa4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:01:38.0625 0x0fa4 IPSec - ok
20:01:38.0656 0x0fa4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:01:38.0859 0x0fa4 IRENUM - ok
20:01:38.0921 0x0fa4 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:01:39.0140 0x0fa4 isapnp - ok
20:01:39.0171 0x0fa4 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:01:39.0375 0x0fa4 Kbdclass - ok
20:01:39.0437 0x0fa4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:01:39.0656 0x0fa4 kmixer - ok
20:01:39.0734 0x0fa4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:01:39.0828 0x0fa4 KSecDD - ok
20:01:39.0859 0x0fa4 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:01:39.0937 0x0fa4 lanmanserver - ok
20:01:40.0000 0x0fa4 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:01:40.0046 0x0fa4 lanmanworkstation - ok
20:01:40.0062 0x0fa4 lbrtfdc - ok
20:01:40.0125 0x0fa4 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:01:40.0390 0x0fa4 LmHosts - ok
20:01:40.0406 0x0fa4 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:01:40.0609 0x0fa4 Messenger - ok
20:01:40.0687 0x0fa4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:01:40.0906 0x0fa4 mnmdd - ok
20:01:40.0968 0x0fa4 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:01:41.0187 0x0fa4 mnmsrvc - ok
20:01:41.0250 0x0fa4 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:01:41.0531 0x0fa4 Modem - ok
20:01:41.0687 0x0fa4 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
20:01:41.0843 0x0fa4 Monfilt - ok
20:01:41.0875 0x0fa4 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:01:42.0093 0x0fa4 Mouclass - ok
20:01:42.0140 0x0fa4 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:01:42.0359 0x0fa4 mouhid - ok
20:01:42.0421 0x0fa4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:01:42.0671 0x0fa4 MountMgr - ok
20:01:42.0671 0x0fa4 mraid35x - ok
20:01:42.0703 0x0fa4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:01:42.0921 0x0fa4 MRxDAV - ok
20:01:43.0000 0x0fa4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:01:43.0125 0x0fa4 MRxSmb - ok
20:01:43.0156 0x0fa4 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:01:43.0359 0x0fa4 MSDTC - ok
20:01:43.0421 0x0fa4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:01:43.0656 0x0fa4 Msfs - ok
20:01:43.0656 0x0fa4 MSIServer - ok
20:01:43.0687 0x0fa4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:01:43.0906 0x0fa4 MSKSSRV - ok
20:01:43.0968 0x0fa4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:01:44.0156 0x0fa4 MSPCLOCK - ok
20:01:44.0187 0x0fa4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:01:44.0406 0x0fa4 MSPQM - ok
20:01:44.0484 0x0fa4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:01:44.0718 0x0fa4 mssmbios - ok
20:01:44.0750 0x0fa4 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:01:44.0968 0x0fa4 MSTEE - ok
20:01:45.0046 0x0fa4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:01:45.0109 0x0fa4 Mup - ok
20:01:45.0140 0x0fa4 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:01:45.0406 0x0fa4 NABTSFEC - ok
20:01:45.0484 0x0fa4 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:01:45.0828 0x0fa4 napagent - ok
20:01:45.0859 0x0fa4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:01:46.0140 0x0fa4 NDIS - ok
20:01:46.0187 0x0fa4 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:01:46.0468 0x0fa4 NdisIP - ok
20:01:46.0515 0x0fa4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:01:46.0578 0x0fa4 NdisTapi - ok
20:01:46.0609 0x0fa4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:01:46.0812 0x0fa4 Ndisuio - ok
20:01:46.0859 0x0fa4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:01:47.0093 0x0fa4 NdisWan - ok
20:01:47.0140 0x0fa4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:01:47.0234 0x0fa4 NDProxy - ok
20:01:47.0281 0x0fa4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:01:47.0531 0x0fa4 NetBIOS - ok
20:01:47.0593 0x0fa4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:01:47.0906 0x0fa4 NetBT - ok
20:01:47.0937 0x0fa4 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
20:01:48.0171 0x0fa4 NetDDE - ok
20:01:48.0234 0x0fa4 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:01:48.0453 0x0fa4 NetDDEdsdm - ok
20:01:48.0515 0x0fa4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:01:48.0750 0x0fa4 Netlogon - ok
20:01:48.0828 0x0fa4 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
20:01:49.0093 0x0fa4 Netman - ok
20:01:49.0140 0x0fa4 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
20:01:49.0187 0x0fa4 Nla - ok
20:01:49.0234 0x0fa4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:01:49.0437 0x0fa4 Npfs - ok
20:01:49.0484 0x0fa4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:01:49.0765 0x0fa4 Ntfs - ok
20:01:49.0812 0x0fa4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:01:50.0062 0x0fa4 NtLmSsp - ok
20:01:50.0125 0x0fa4 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:01:50.0375 0x0fa4 NtmsSvc - ok
20:01:50.0437 0x0fa4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:01:50.0640 0x0fa4 Null - ok
20:01:50.0703 0x0fa4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:01:50.0906 0x0fa4 NwlnkFlt - ok
20:01:50.0921 0x0fa4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:01:51.0140 0x0fa4 NwlnkFwd - ok
20:01:51.0187 0x0fa4 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:01:51.0406 0x0fa4 Parport - ok
20:01:51.0468 0x0fa4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:01:51.0671 0x0fa4 PartMgr - ok
20:01:51.0718 0x0fa4 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:01:51.0921 0x0fa4 ParVdm - ok
20:01:51.0984 0x0fa4 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:01:52.0234 0x0fa4 PCI - ok
20:01:52.0250 0x0fa4 PCIDump - ok
20:01:52.0296 0x0fa4 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:01:52.0500 0x0fa4 PCIIde - ok
20:01:52.0578 0x0fa4 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:01:52.0781 0x0fa4 Pcmcia - ok
20:01:52.0781 0x0fa4 PDCOMP - ok
20:01:52.0796 0x0fa4 PDFRAME - ok
20:01:52.0812 0x0fa4 PDRELI - ok
20:01:52.0812 0x0fa4 PDRFRAME - ok
20:01:52.0828 0x0fa4 perc2 - ok
20:01:52.0843 0x0fa4 perc2hib - ok
20:01:52.0906 0x0fa4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
20:01:52.0937 0x0fa4 PlugPlay - ok
20:01:53.0000 0x0fa4 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
20:01:53.0031 0x0fa4 PnkBstrA - ok
20:01:53.0062 0x0fa4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:01:53.0250 0x0fa4 PolicyAgent - ok
20:01:53.0343 0x0fa4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:01:53.0578 0x0fa4 PptpMiniport - ok
20:01:53.0625 0x0fa4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:01:53.0812 0x0fa4 ProtectedStorage - ok
20:01:53.0828 0x0fa4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:01:54.0109 0x0fa4 PSched - ok
20:01:54.0125 0x0fa4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:01:54.0359 0x0fa4 Ptilink - ok
20:01:54.0359 0x0fa4 ql1080 - ok
20:01:54.0375 0x0fa4 Ql10wnt - ok
20:01:54.0390 0x0fa4 ql12160 - ok
20:01:54.0390 0x0fa4 ql1240 - ok
20:01:54.0406 0x0fa4 ql1280 - ok
20:01:54.0468 0x0fa4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:01:54.0671 0x0fa4 RasAcd - ok
20:01:54.0734 0x0fa4 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:01:54.0968 0x0fa4 RasAuto - ok
20:01:55.0015 0x0fa4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:01:55.0312 0x0fa4 Rasl2tp - ok
20:01:55.0359 0x0fa4 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:01:55.0593 0x0fa4 RasMan - ok
20:01:55.0640 0x0fa4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:01:55.0859 0x0fa4 RasPppoe - ok
20:01:55.0859 0x0fa4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:01:56.0109 0x0fa4 Raspti - ok
20:01:56.0140 0x0fa4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:01:56.0359 0x0fa4 Rdbss - ok
20:01:56.0406 0x0fa4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:01:56.0609 0x0fa4 RDPCDD - ok
20:01:56.0703 0x0fa4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:01:56.0921 0x0fa4 rdpdr - ok
20:01:57.0015 0x0fa4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:01:57.0109 0x0fa4 RDPWD - ok
20:01:57.0171 0x0fa4 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:01:57.0375 0x0fa4 RDSessMgr - ok
20:01:57.0437 0x0fa4 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:01:57.0687 0x0fa4 redbook - ok
20:01:57.0750 0x0fa4 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:01:57.0968 0x0fa4 RemoteAccess - ok
20:01:58.0031 0x0fa4 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:01:58.0281 0x0fa4 RemoteRegistry - ok
20:01:58.0312 0x0fa4 [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:01:58.0500 0x0fa4 RFCOMM - ok
20:01:58.0593 0x0fa4 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:01:58.0796 0x0fa4 RpcLocator - ok
20:01:58.0890 0x0fa4 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:01:58.0937 0x0fa4 RpcSs - ok
20:01:59.0000 0x0fa4 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:01:59.0296 0x0fa4 RSVP - ok
20:01:59.0312 0x0fa4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
20:01:59.0515 0x0fa4 SamSs - ok
20:01:59.0578 0x0fa4 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:01:59.0781 0x0fa4 SCardSvr - ok
20:01:59.0875 0x0fa4 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:02:00.0078 0x0fa4 Schedule - ok
20:02:00.0140 0x0fa4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:02:00.0390 0x0fa4 Secdrv - ok
20:02:00.0421 0x0fa4 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:02:00.0625 0x0fa4 seclogon - ok
20:02:00.0687 0x0fa4 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
20:02:00.0890 0x0fa4 SENS - ok
20:02:00.0968 0x0fa4 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:02:01.0203 0x0fa4 Serial - ok
20:02:01.0265 0x0fa4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:02:01.0515 0x0fa4 Sfloppy - ok
20:02:01.0578 0x0fa4 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:02:01.0890 0x0fa4 SharedAccess - ok
20:02:01.0968 0x0fa4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:02:02.0015 0x0fa4 ShellHWDetection - ok
20:02:02.0015 0x0fa4 Simbad - ok
20:02:02.0062 0x0fa4 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:02:02.0312 0x0fa4 SLIP - ok
20:02:02.0328 0x0fa4 Sparrow - ok
20:02:02.0406 0x0fa4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:02:02.0656 0x0fa4 splitter - ok
20:02:02.0687 0x0fa4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:02:02.0750 0x0fa4 Spooler - ok
20:02:02.0796 0x0fa4 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:02:03.0015 0x0fa4 sr - ok
20:02:03.0093 0x0fa4 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
20:02:03.0312 0x0fa4 srservice - ok
20:02:03.0406 0x0fa4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:02:03.0531 0x0fa4 Srv - ok
20:02:03.0578 0x0fa4 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:02:03.0781 0x0fa4 SSDPSRV - ok
20:02:03.0859 0x0fa4 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:02:03.0890 0x0fa4 ssmdrv - ok
20:02:03.0953 0x0fa4 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:02:04.0250 0x0fa4 stisvc - ok
20:02:04.0312 0x0fa4 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:02:04.0593 0x0fa4 streamip - ok
20:02:04.0640 0x0fa4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:02:04.0875 0x0fa4 swenum - ok
20:02:04.0953 0x0fa4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:02:05.0218 0x0fa4 swmidi - ok
20:02:05.0234 0x0fa4 SwPrv - ok
20:02:05.0250 0x0fa4 symc810 - ok
20:02:05.0250 0x0fa4 symc8xx - ok
20:02:05.0265 0x0fa4 sym_hi - ok
20:02:05.0281 0x0fa4 sym_u3 - ok
20:02:05.0328 0x0fa4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:02:05.0578 0x0fa4 sysaudio - ok
20:02:05.0625 0x0fa4 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:02:05.0828 0x0fa4 SysmonLog - ok
20:02:05.0921 0x0fa4 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:02:06.0156 0x0fa4 TapiSrv - ok
20:02:06.0203 0x0fa4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:02:06.0281 0x0fa4 Tcpip - ok
20:02:06.0328 0x0fa4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:02:06.0593 0x0fa4 TDPIPE - ok
20:02:06.0625 0x0fa4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:02:06.0828 0x0fa4 TDTCP - ok
20:02:06.0875 0x0fa4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:02:07.0109 0x0fa4 TermDD - ok
20:02:07.0171 0x0fa4 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
20:02:07.0453 0x0fa4 TermService - ok
20:02:07.0515 0x0fa4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:02:07.0578 0x0fa4 Themes - ok
20:02:07.0609 0x0fa4 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:02:07.0828 0x0fa4 TlntSvr - ok
20:02:07.0843 0x0fa4 TosIde - ok
20:02:07.0921 0x0fa4 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:02:08.0156 0x0fa4 TrkWks - ok
20:02:08.0250 0x0fa4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:02:08.0453 0x0fa4 Udfs - ok
20:02:08.0453 0x0fa4 ultra - ok
20:02:08.0531 0x0fa4 [ 1977313E362C8732C1AF4D1BCB9C06B7, C87AD4D2ECBA736C2B2FA55983C543FF5EB19BBBDF689462884CD7819217458F ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
20:02:08.0562 0x0fa4 UMWdf - detected UnsignedFile.Multi.Generic ( 1 )
20:02:08.0734 0x0fa4 UMWdf ( UnsignedFile.Multi.Generic ) - warning
20:02:08.0796 0x0fa4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:02:09.0109 0x0fa4 Update - ok
20:02:09.0156 0x0fa4 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:02:09.0406 0x0fa4 upnphost - ok
20:02:09.0453 0x0fa4 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
20:02:09.0656 0x0fa4 UPS - ok
20:02:09.0734 0x0fa4 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:02:09.0812 0x0fa4 usbaudio - ok
20:02:09.0859 0x0fa4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:02:09.0921 0x0fa4 usbccgp - ok
20:02:09.0937 0x0fa4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:02:09.0968 0x0fa4 usbehci - ok
20:02:09.0984 0x0fa4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:02:10.0187 0x0fa4 usbhub - ok
20:02:10.0234 0x0fa4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:02:10.0484 0x0fa4 usbstor - ok
20:02:10.0515 0x0fa4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:02:10.0718 0x0fa4 usbuhci - ok
20:02:10.0781 0x0fa4 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:02:10.0812 0x0fa4 usbvideo - ok
20:02:10.0843 0x0fa4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:02:11.0109 0x0fa4 VgaSave - ok
20:02:11.0109 0x0fa4 ViaIde - ok
20:02:11.0156 0x0fa4 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:02:11.0375 0x0fa4 VolSnap - ok
20:02:11.0468 0x0fa4 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
20:02:11.0796 0x0fa4 VSS - ok
20:02:11.0828 0x0fa4 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
20:02:12.0031 0x0fa4 W32Time - ok
20:02:12.0109 0x0fa4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:02:12.0312 0x0fa4 Wanarp - ok
20:02:12.0421 0x0fa4 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:02:12.0500 0x0fa4 Wdf01000 - ok
20:02:12.0500 0x0fa4 WDICA - ok
20:02:12.0531 0x0fa4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:02:12.0765 0x0fa4 wdmaud - ok
20:02:12.0812 0x0fa4 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
20:02:13.0078 0x0fa4 WebClient - ok
20:02:13.0156 0x0fa4 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:02:13.0437 0x0fa4 winmgmt - ok
20:02:13.0484 0x0fa4 [ 5FDCCC838CD95F61097D8A637F842AA8, 9EB9E7BEFFF061E1BABABB13C6C9194E835E53F2D550F5C666F5A4B2FAC2B6D5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:02:13.0500 0x0fa4 WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
20:02:13.0500 0x0fa4 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
20:02:13.0593 0x0fa4 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:02:13.0718 0x0fa4 Wmi - ok
20:02:13.0750 0x0fa4 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:02:13.0937 0x0fa4 WmiAcpi - ok
20:02:14.0015 0x0fa4 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:02:14.0281 0x0fa4 WmiApSrv - ok
20:02:14.0406 0x0fa4 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:02:14.0500 0x0fa4 WPFFontCache_v0400 - ok
20:02:14.0546 0x0fa4 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:02:14.0781 0x0fa4 wscsvc - ok
20:02:14.0859 0x0fa4 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:02:15.0093 0x0fa4 WSTCODEC - ok
20:02:15.0140 0x0fa4 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:02:15.0406 0x0fa4 wuauserv - ok
20:02:15.0515 0x0fa4 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:02:15.0906 0x0fa4 WZCSVC - ok
20:02:15.0937 0x0fa4 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:02:16.0203 0x0fa4 xmlprov - ok
20:02:16.0296 0x0fa4 [ 09E5340BD9B2CB730BF4DC6BE7721291, 785DEFAE550CAB5BDFA15CF195A1DEF5AD188EFEAD2D8B1508972CF892BB75A9 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
20:02:16.0328 0x0fa4 xusb21 - ok
20:02:16.0343 0x0fa4 ================ Scan global ===============================
20:02:16.0390 0x0fa4 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
20:02:16.0437 0x0fa4 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
20:02:16.0500 0x0fa4 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
20:02:16.0546 0x0fa4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
20:02:16.0546 0x0fa4 [ Global ] - ok
20:02:16.0546 0x0fa4 ================ Scan MBR ==================================
20:02:16.0562 0x0fa4 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:02:16.0843 0x0fa4 \Device\Harddisk0\DR0 - ok
20:02:16.0843 0x0fa4 ================ Scan VBR ==================================
20:02:16.0843 0x0fa4 [ 61832E024DE1742A9A6FEAB7F4168BC8 ] \Device\Harddisk0\DR0\Partition1
20:02:16.0843 0x0fa4 \Device\Harddisk0\DR0\Partition1 - ok
20:02:16.0843 0x0fa4 ================ Scan generic autorun ======================
20:02:18.0328 0x0fa4 [ 496974CF715C9129D38539A4972E01E4, 00B682BDF37D33391C387F2B84F2688083860A511405B9492196DD6C85C7646C ] C:\WINDOWS\RTHDCPL.EXE
20:02:20.0359 0x0fa4 RTHDCPL - ok
20:02:20.0437 0x0fa4 BluetoothAuthenticationAgent - ok
20:02:20.0515 0x0fa4 [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
20:02:20.0640 0x0fa4 avgnt - ok
20:02:20.0656 0x0fa4 [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
20:02:20.0718 0x0fa4 IgfxTray - ok
20:02:20.0734 0x0fa4 [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
20:02:20.0796 0x0fa4 HotKeysCmds - ok
20:02:20.0812 0x0fa4 [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
20:02:20.0875 0x0fa4 Persistence - ok
20:02:20.0890 0x0fa4 KernelFaultCheck - ok
20:02:20.0968 0x0fa4 [ C4AA81EA4434C2C14B6648AD7CD8294E, 6D1502770912BD50B310BD068A43188E4CF2C674631BB7A20EAF2E0CFA9C870A ] c:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
20:02:21.0093 0x0fa4 XboxStat - ok
20:02:21.0109 0x0fa4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0421 0x0fa4 CTFMON.EXE - ok
20:02:21.0453 0x0fa4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0687 0x0fa4 CTFMON.EXE - ok
20:02:21.0734 0x0fa4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
20:02:21.0953 0x0fa4 CTFMON.EXE - ok
20:02:22.0015 0x0fa4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
20:02:22.0203 0x0fa4 CTFMON.EXE - ok
20:02:22.0515 0x0fa4 [ 6CB0A7EFED5A8B3AAF82D8FF1BF6CB72, 5E306C3145120F14EA407AB431513FA0F6DBFB8B7B2AEE443E1BEC4BD9393F77 ] C:\Programme\DAEMON Tools Lite\DTAgent.exe
20:02:23.0015 0x0fa4 DAEMON Tools Lite Automount - ok
20:02:23.0125 0x0fa4 Akamai NetSession Interface - ok
20:02:23.0203 0x0fa4 AV detected via SS1: Avira Antivirus, 15.0.11.572, enabled, updated
20:02:23.0218 0x0fa4 Win FW state via NFM: enabled
20:02:23.0218 0x0fa4 ============================================================
20:02:23.0218 0x0fa4 Scan finished
20:02:23.0218 0x0fa4 ============================================================
20:02:23.0234 0x0e4c Detected object count: 2
20:02:23.0234 0x0e4c Actual detected object count: 2
20:02:24.0812 0x0e4c UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:24.0812 0x0e4c UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:02:24.0828 0x0e4c WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:24.0828 0x0e4c WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:02:27.0812 0x0d20 Deinitialize success

Alt 18.06.2015, 17:13   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.06.2015, 19:48   #8
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Combofix Logfile:
Code:
ATTFilter
ComboFix 15-06-18.01 - Administrator 18.06.2015  19:46:14.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1012.527 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Administrator\WINDOWS
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-18 bis 2015-06-18  ))))))))))))))))))))))))))))))
.
.
2015-06-18 11:24 . 2015-06-18 11:24	--------	d-----w-	c:\programme\Brutal Chess
2015-06-17 20:43 . 2015-06-17 20:43	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\PunkBuster
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Electronic_Arts_Inc
2015-06-17 20:41 . 2015-06-17 20:41	--------	d--h--w-	c:\windows\PIF
2015-06-17 20:36 . 2015-06-17 20:36	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Ashampoo
2015-06-16 15:39 . 2015-06-16 15:39	--------	d-----w-	c:\windows\system32\wbem\Repository
2015-06-16 11:53 . 2015-06-16 13:22	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-06-15 18:51 . 2015-06-17 20:42	--------	d-----w-	C:\FRST
2015-06-12 17:33 . 2015-06-12 17:33	137176	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.exe
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.xtr
2015-06-12 17:33 . 2015-06-12 17:33	75136	----a-w-	c:\windows\system32\PnkBstrA.exe
2015-06-10 17:26 . 2015-06-12 17:33	--------	d-----w-	c:\windows\system32\Logfiles
2015-06-07 17:28 . 1998-07-30 10:51	305152	----a-w-	c:\windows\IsUninst.exe
2015-06-04 19:19 . 2008-03-21 11:57	14640	------w-	c:\windows\system32\spmsgXP_2k3.dll
2015-06-04 19:19 . 2009-09-09 16:24	62424	----a-w-	c:\windows\system32\drivers\xusb21.sys
2015-06-04 19:19 . 2009-08-13 20:40	1112288	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2015-06-04 19:18 . 2015-06-17 20:41	--------	d-----w-	c:\programme\Microsoft Xbox 360 Accessories
2015-06-04 17:55 . 2015-06-04 17:55	--------	d-----w-	C:\WESTWOOD
2015-05-31 20:14 . 2008-02-15 10:49	192512	----a-w-	c:\windows\system32\igfxres.dll
2015-05-31 17:16 . 2015-05-31 17:16	25016	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\programme\DAEMON Tools Lite
2015-05-30 18:01 . 2015-05-30 18:01	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 17:47 . 2015-05-30 17:47	--------	d-----w-	c:\programme\Microsoft.NET
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-09 08:56 . 2015-05-04 15:15	136728	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-06-09 08:56 . 2015-05-04 15:15	108448	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-05-05 10:46 . 2015-05-04 15:15	37896	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2015-04-01 19:26 . 2015-03-23 19:42	778928	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-04-01 19:26 . 2015-03-23 19:42	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\programme\DAEMON Tools Lite\DTAgent.exe" [2015-05-21 3579120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-22 18789920]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2015-06-09 730416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"XboxStat"="c:\programme\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [04.05.2015 17:15 37896]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [04.05.2015 17:15 450808]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\programme\DAEMON Tools Lite\DiscSoftBusService.exe [21.05.2015 07:48 1026288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\drivers\dtlitescsibus.sys [31.05.2015 19:16 25016]
S2 AntiVirMailService;Avira Email-Schutz;c:\programme\Avira\AntiVir Desktop\avmailc.exe [04.05.2015 19:31 825136]
S2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [04.05.2015 17:15 1187336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04.10.2014 19:56 1691480]
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-18 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
2015-06-08 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = <local>
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
SafeBoot-44211017.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2015-06-18 19:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\igfxdev.dll
.
Zeit der Fertigstellung: 2015-06-18  19:54:04
ComboFix-quarantined-files.txt  2015-06-18 17:54
.
Vor Suchlauf: 9 Verzeichnis(se), 34.824.708.096 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 34.787.528.704 Bytes frei
.
- - End Of File - - 8790954396FA444CBCDD1AF8D83BF832
         
--- --- ---
72B8CE41AF0DE751C946802B3ED844B4
Combofix Logfile:
Code:
ATTFilter
ComboFix 15-06-18.01 - Administrator 18.06.2015  19:46:14.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1012.527 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Administrator\WINDOWS
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-18 bis 2015-06-18  ))))))))))))))))))))))))))))))
.
.
2015-06-18 11:24 . 2015-06-18 11:24	--------	d-----w-	c:\programme\Brutal Chess
2015-06-17 20:43 . 2015-06-17 20:43	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\PunkBuster
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Electronic_Arts_Inc
2015-06-17 20:41 . 2015-06-17 20:41	--------	d--h--w-	c:\windows\PIF
2015-06-17 20:36 . 2015-06-17 20:36	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Ashampoo
2015-06-16 15:39 . 2015-06-16 15:39	--------	d-----w-	c:\windows\system32\wbem\Repository
2015-06-16 11:53 . 2015-06-16 13:22	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-06-15 18:51 . 2015-06-17 20:42	--------	d-----w-	C:\FRST
2015-06-12 17:33 . 2015-06-12 17:33	137176	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.exe
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.xtr
2015-06-12 17:33 . 2015-06-12 17:33	75136	----a-w-	c:\windows\system32\PnkBstrA.exe
2015-06-10 17:26 . 2015-06-12 17:33	--------	d-----w-	c:\windows\system32\Logfiles
2015-06-07 17:28 . 1998-07-30 10:51	305152	----a-w-	c:\windows\IsUninst.exe
2015-06-04 19:19 . 2008-03-21 11:57	14640	------w-	c:\windows\system32\spmsgXP_2k3.dll
2015-06-04 19:19 . 2009-09-09 16:24	62424	----a-w-	c:\windows\system32\drivers\xusb21.sys
2015-06-04 19:19 . 2009-08-13 20:40	1112288	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2015-06-04 19:18 . 2015-06-17 20:41	--------	d-----w-	c:\programme\Microsoft Xbox 360 Accessories
2015-06-04 17:55 . 2015-06-04 17:55	--------	d-----w-	C:\WESTWOOD
2015-05-31 20:14 . 2008-02-15 10:49	192512	----a-w-	c:\windows\system32\igfxres.dll
2015-05-31 17:16 . 2015-05-31 17:16	25016	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\programme\DAEMON Tools Lite
2015-05-30 18:01 . 2015-05-30 18:01	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 17:47 . 2015-05-30 17:47	--------	d-----w-	c:\programme\Microsoft.NET
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-09 08:56 . 2015-05-04 15:15	136728	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-06-09 08:56 . 2015-05-04 15:15	108448	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-05-05 10:46 . 2015-05-04 15:15	37896	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2015-04-01 19:26 . 2015-03-23 19:42	778928	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-04-01 19:26 . 2015-03-23 19:42	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\programme\DAEMON Tools Lite\DTAgent.exe" [2015-05-21 3579120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-22 18789920]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2015-06-09 730416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"XboxStat"="c:\programme\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [04.05.2015 17:15 37896]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [04.05.2015 17:15 450808]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\programme\DAEMON Tools Lite\DiscSoftBusService.exe [21.05.2015 07:48 1026288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\drivers\dtlitescsibus.sys [31.05.2015 19:16 25016]
S2 AntiVirMailService;Avira Email-Schutz;c:\programme\Avira\AntiVir Desktop\avmailc.exe [04.05.2015 19:31 825136]
S2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [04.05.2015 17:15 1187336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04.10.2014 19:56 1691480]
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-18 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
2015-06-08 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = <local>
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
SafeBoot-44211017.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-06-18 19:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\igfxdev.dll
.
Zeit der Fertigstellung: 2015-06-18  19:54:04
ComboFix-quarantined-files.txt  2015-06-18 17:54
.
Vor Suchlauf: 9 Verzeichnis(se), 34.824.708.096 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 34.787.528.704 Bytes frei
.
- - End Of File - - 8790954396FA444CBCDD1AF8D83BF832
         
--- --- ---
72B8CE41AF0DE751C946802B3ED844B4
[/CODE]


Es haben sich auch beim ersten Scan neue Ordner gebildet QooBox darin ein Quaratnine Ordner der nun Datein enthält.

Hier das ComboFix File mit Internetverbindung :

Combofix Logfile:
Code:
ATTFilter
ComboFix 15-06-18.01 - Administrator 18.06.2015  20:19:36.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1012.515 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-18 bis 2015-06-18  ))))))))))))))))))))))))))))))
.
.
2015-06-18 11:24 . 2015-06-18 11:24	--------	d-----w-	c:\programme\Brutal Chess
2015-06-17 20:43 . 2015-06-17 20:43	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\PunkBuster
2015-06-17 20:42 . 2015-06-17 20:42	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Electronic_Arts_Inc
2015-06-17 20:41 . 2015-06-17 20:41	--------	d--h--w-	c:\windows\PIF
2015-06-17 20:36 . 2015-06-17 20:36	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Ashampoo
2015-06-16 15:39 . 2015-06-16 15:39	--------	d-----w-	c:\windows\system32\wbem\Repository
2015-06-16 11:53 . 2015-06-16 13:22	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-06-15 18:51 . 2015-06-17 20:42	--------	d-----w-	C:\FRST
2015-06-12 17:33 . 2015-06-12 17:33	137176	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.exe
2015-06-12 17:33 . 2015-06-12 17:33	268952	----a-w-	c:\windows\system32\PnkBstrB.xtr
2015-06-12 17:33 . 2015-06-12 17:33	75136	----a-w-	c:\windows\system32\PnkBstrA.exe
2015-06-10 17:26 . 2015-06-12 17:33	--------	d-----w-	c:\windows\system32\Logfiles
2015-06-07 17:28 . 1998-07-30 10:51	305152	----a-w-	c:\windows\IsUninst.exe
2015-06-04 19:19 . 2008-03-21 11:57	14640	------w-	c:\windows\system32\spmsgXP_2k3.dll
2015-06-04 19:19 . 2009-09-09 16:24	62424	----a-w-	c:\windows\system32\drivers\xusb21.sys
2015-06-04 19:19 . 2009-08-13 20:40	1112288	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2015-06-04 19:18 . 2015-06-17 20:41	--------	d-----w-	c:\programme\Microsoft Xbox 360 Accessories
2015-06-04 17:55 . 2015-06-04 17:55	--------	d-----w-	C:\WESTWOOD
2015-05-31 20:14 . 2008-02-15 10:49	192512	----a-w-	c:\windows\system32\igfxres.dll
2015-05-31 17:16 . 2015-05-31 17:16	25016	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 18:02 . 2015-06-17 20:38	--------	d-----w-	c:\programme\DAEMON Tools Lite
2015-05-30 18:01 . 2015-05-30 18:01	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2015-05-30 17:47 . 2015-05-30 17:47	--------	d-----w-	c:\programme\Microsoft.NET
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-09 08:56 . 2015-05-04 15:15	136728	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-06-09 08:56 . 2015-05-04 15:15	108448	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-05-05 10:46 . 2015-05-04 15:15	37896	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2015-04-01 19:26 . 2015-03-23 19:42	778928	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-04-01 19:26 . 2015-03-23 19:42	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\programme\DAEMON Tools Lite\DTAgent.exe" [2015-05-21 3579120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-22 18789920]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2015-06-09 730416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"XboxStat"="c:\programme\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [04.05.2015 17:15 37896]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [04.05.2015 17:15 450808]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\programme\DAEMON Tools Lite\DiscSoftBusService.exe [21.05.2015 07:48 1026288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\drivers\dtlitescsibus.sys [31.05.2015 19:16 25016]
S2 AntiVirMailService;Avira Email-Schutz;c:\programme\Avira\AntiVir Desktop\avmailc.exe [04.05.2015 19:31 825136]
S2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [04.05.2015 17:15 1187336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04.10.2014 19:56 1691480]
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-18 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
2015-06-08 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2015-05-04 23:28]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2015-06-18 20:25
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\igfxdev.dll
.
Zeit der Fertigstellung: 2015-06-18  20:26:58
ComboFix-quarantined-files.txt  2015-06-18 18:26
ComboFix2.txt  2015-06-18 17:54
.
Vor Suchlauf: 9 Verzeichnis(se), 34.777.812.992 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 34.768.285.696 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E36EE6E8115B6AA1DC94070FD1E6750B
         
--- --- ---
72B8CE41AF0DE751C946802B3ED844B4

Schrauber in einen Ordner von den QooBox ist auch die Datei IsUn0407.exe.vir enthalten.

Bitte kannst du mir nunmal sagen was eigentlich auf dem System los war und was es für Viren sind oder waren und ob das System nun wieder sauber ist ?

Muss ja schon einiges gewesen sein und professionell wenn der Antivir die selbs nicht entdecken konnte.

Ich halte es für möglich das jemnd mit der Schadsoftware gezielt das System ausspioniert hat nur wie weit bleibt meine Frage ?!

Würde mich über Antwort freuen . Grüße ud großes Danke an dich Schrauber

Hier noch die ComboFix Quaratine Files :

2015-06-18 17:53:22 . 2015-06-18 17:53:22 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-44211017.sys.reg.dat
2015-06-18 17:53:04 . 2015-06-18 17:53:04 230 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Akamai NetSession Interface.reg.dat
2015-06-18 17:49:55 . 2015-06-18 18:23:00 7,338 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2015-06-18 17:46:13 . 2015-06-18 18:19:34 512 ----a-w- C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2015-06-18 17:44:01 . 2015-06-18 18:16:38 102 ----a-w- C:\Qoobox\Quarantine\catchme.log
2015-05-05 20:27:48 . 1998-11-17 11:44:44 328,704 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\IsUn0407.exe.vir
Code:
ATTFilter
2015-06-18 17:53:22 . 2015-06-18 17:53:22              558 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\SafeBoot-44211017.sys.reg.dat
2015-06-18 17:53:04 . 2015-06-18 17:53:04              230 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Akamai NetSession Interface.reg.dat
2015-06-18 17:49:55 . 2015-06-18 18:23:00            7,338 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2015-06-18 17:46:13 . 2015-06-18 18:19:34              512 ----a-w-  C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2015-06-18 17:44:01 . 2015-06-18 18:16:38              102 ----a-w-  C:\Qoobox\Quarantine\catchme.log
2015-05-05 20:27:48 . 1998-11-17 11:44:44          328,704 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\IsUn0407.exe.vir
         

Alt 19.06.2015, 16:00   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.06.2015, 17:35   #10
Anti-Trojana
 
Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Hallo Schrauber . Ich habe alle 3 von dir genannten Scans durchgeführt und poste dir jetzt dazu die Logfiles .

Malwarebytes Anti-Malware Logfile :

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 19.06.2015
Suchlauf-Zeit: 17:45:55
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.19.03
Rootkit Datenbank: v2015.06.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 299909
Verstrichene Zeit: 20 Min, 21 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 19.06.2015
Suchlauf-Zeit: 17:45:55
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.19.03
Rootkit Datenbank: v2015.06.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 299909
Verstrichene Zeit: 20 Min, 21 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
AdwCleaner Logfile :AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.206 - Logfile created 19/06/2015 at 18:14:29
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Administrator - ASPIRE
# Running from : C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\OCS
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v


*************************

AdwCleaner[R2].txt - [909 bytes] - [19/06/2015 18:08:26]
AdwCleaner[R3].txt - [967 bytes] - [19/06/2015 18:12:49]
AdwCleaner[S1].txt - [897 bytes] - [19/06/2015 18:14:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [955  bytes] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.206 - Logfile created 19/06/2015 at 18:14:29
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Administrator - ASPIRE
# Running from : C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\OCS
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v


*************************

AdwCleaner[R2].txt - [909 bytes] - [19/06/2015 18:08:26]
AdwCleaner[R3].txt - [967 bytes] - [19/06/2015 18:12:49]
AdwCleaner[S1].txt - [897 bytes] - [19/06/2015 18:14:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [955  bytes] ##########
         
--- --- ---

JRT Logfile PS : "Warum manche Logfiles doppelt postet kann ich nicht sagen nicht meine Absicht "JRT Logfile:
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.2 (06.18.2015:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 19.06.2015 at 18:18:48,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.06.2015 at 18:23:21,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.2 (06.18.2015:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 19.06.2015 at 18:18:48,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.06.2015 at 18:23:21,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


Schrauber kannst du mir nun sagen mit welchen Trojaner das System infiziert ist oder war ? Und vor allem welche Funktion der Trojaner hatte ?

Und was ich mit den Datein in der QooBox Quarantine machen soll ?

Ich hoffe das du mir zu dem ganzen etwas ausführliches sagen kannst und vor allem ob das System nun sauber ist.

Viele Liebe Grüße

Alt 20.06.2015, 11:58   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Standard

Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung



Das war überwiegend Adware, wir machen aber noch Kontrollscans.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung
adware, akamai, antivir, antivirus, avira, browser, cpu, desktop, einstellungen, flash player, google, google analytics, installation, logfile, mozilla, realtek, registry, rundll, software, svchost.exe, system, torbrowser, trojaner, usb, virus, windows, windows xp



Ähnliche Themen: Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung


  1. Noch mehr SSL-Lücken: Mace und andere Poodle-Freunde
    Nachrichten - 16.07.2015 (0)
  2. Laptop Leistung stark beeinträchtigt + diverse andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (28)
  3. ADWARE/Adware.gen7 + vllt noch andere Sachen auf dem PC/ CD-Laufwerk geht nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 30.01.2015 (3)
  4. PC wird langsam, Leistung nicht mehr wie früher. Logs angehängt
    Log-Analyse und Auswertung - 02.06.2014 (10)
  5. PC hat nicht mehr die ursprüngliche Leistung beim Betrieb Flugsimulator FSX
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (10)
  6. PC hat nach Bluescreen nicht mehr die ursprüngliche Leistung
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (44)
  7. PC gesperrt, 100€ zahlen und kamera an. Über anderen Benutzer geht noch zugriff
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (12)
  8. GVU-Trojaner in Windows XP SP3, auch im abgesicherten Modus, 3 Benutzer, viele Partintionen, es geht nix mehr
    Log-Analyse und Auswertung - 02.02.2013 (16)
  9. Pc hat keine Leistung mehr
    Alles rund um Windows - 15.11.2011 (24)
  10. Freesystemscan.exe runtergeldane jetzt kann ich auf dem einen benutzer nichts mehr machen
    Plagegeister aller Art und deren Bekämpfung - 20.06.2011 (6)
  11. PC lässt keine Benutzer mehr zu
    Plagegeister aller Art und deren Bekämpfung - 03.03.2009 (2)
  12. PC absolut keine Leistung mehr! Bitte Hilfe
    Netzwerk und Hardware - 06.09.2008 (25)
  13. windows lässt sich nicht mehr herrunterfahren
    Alles rund um Windows - 13.05.2008 (12)
  14. Internet Zu langsam geworden und cpu leistung beim zoggn deutlich mehr ausgelastet
    Log-Analyse und Auswertung - 08.04.2008 (8)
  15. mehr Leistung?
    Alles rund um Windows - 20.10.2007 (11)
  16. XHkwGo.exe / neuer Benutzer im System / kein vollen Administrator Rechte mehr
    Plagegeister aller Art und deren Bekämpfung - 29.07.2006 (1)
  17. Mehr Rechte für eingeschränkte Benutzer
    Alles rund um Windows - 16.02.2005 (5)

Zum Thema Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung - Ich habe den Verdacht das auf den System meiner Kinder "WinXP" sich ein Trojaner / Virus eingeschlichen hat. Beim Herrunterfahren des Systems kommt oft die Meldung ein anderer Benutzer ist - Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung...
Archiv
Du betrachtest: Plötzliches Herrunterfahren/Andere benutzer noch angemeldet/USB hat mehr Leistung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.