Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bundestrojaner - danach merkwürdige Updates bei Windows 8.1

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.06.2015, 15:26   #1
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo,

ich bin mir jetzt sehr unsicher, nachdem ich mir am Freitag anscheinend einen Trojaner eingefangen habe.

Ich hoffe auch, das ich in diesem Bereich des Forums richtig bin.

Am Freitag kam im Firefox plötzlich die Meldung das ich "merkwürdige Inhalte" gespeichert hätte und daher mein Rechner gesperrt werden würde.

Daraufhin fuhr ich den Rechner herunter. Konnte danach den Rechner auch ganz normal hochfahren. Habe danach zur Sicherheit ein Backup aufgespielt.

Daraufhin führte ich einen Suchlauf mit dem Windows-Defender durch. Dieser war negativ. Daraufhin lud ich mir das Programm Malwarebytes-Anti-Maleware herunter. Auch hier wurde nichts gefunden.

Leider bin ich mir nicht sicher, ob ich den Trojaner wirklich beseitigt habe, da ich nicht wirklich viel Ahnung von Rechnern habe.

Merkwürdig gemacht haben mich nämlich 4 Windows-Updates die ich überhaupt nicht einordnen kann

1. 24712m1dfmmengesha.TestFrameworkBackpublish050515
2. 24712m1dfmmengesha.mxtest2
3. 24712m1dfmmengesha.TestFrameworkBP052015
4. 24712m1dfmmengesha.TestFrameworkwin81appxneutral06

Zum System Lenovo G580 i5, Betriebssystem Windows 8.1

Ich hoffe es könnte mir jemand Hilfestellung geben bei meinem Problem.

Danke im voraus
Matthias

Alt 21.06.2015, 17:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 21.06.2015, 17:32   #3
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo Schrauber,

anbei die beiden Textdateien

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Matthias (administrator) on MATZESLAPTOP on 21-06-2015 18:30:16
Running from C:\Users\Matthias\Desktop
Loaded Profiles: Matthias (Available Profiles: Matthias & Anja & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-09-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-09-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-637481459-3907541351-2715369965-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-09-21]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-03-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-637481459-3907541351-2715369965-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=6c6dcdff000000000000c2143dca3e0b
HKU\S-1-5-21-637481459-3907541351-2715369965-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-637481459-3907541351-2715369965-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-637481459-3907541351-2715369965-1002 -> DefaultScope {1C907D1A-526A-4506-BE51-31641FE36B8C} URL = 
SearchScopes: HKU\S-1-5-21-637481459-3907541351-2715369965-1002 -> {1C907D1A-526A-4506-BE51-31641FE36B8C} URL = 
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\aei9v3ly.default
FF SelectedSearchEngine: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Bitdefender QuickScan - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\aei9v3ly.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-06-19]
FF Extension: Adblock Plus - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\aei9v3ly.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Users\Matthias\Saved Games\FM13\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R4 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [24808 2013-12-06] (Lenovo Group Limited (R))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 18:30 - 2015-06-21 18:30 - 00014714 _____ C:\Users\Matthias\Desktop\FRST.txt
2015-06-21 18:30 - 2015-06-21 18:30 - 00000000 ____D C:\FRST
2015-06-21 18:26 - 2015-06-21 18:27 - 02109952 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2015-06-21 16:28 - 2015-06-21 16:28 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-21 16:27 - 2015-06-21 16:27 - 02870984 _____ (ESET) C:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe
2015-06-20 14:56 - 2015-06-20 14:56 - 00000000 ____D C:\Users\Matthias\AppData\Local\Lenovo
2015-06-19 18:06 - 2015-06-19 18:06 - 00000000 ____D C:\Users\Anja\AppData\Local\GWX
2015-06-19 15:30 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-19 15:30 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-19 15:24 - 2015-06-19 15:24 - 18169520 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-06-19 15:24 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-19 15:24 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-19 15:24 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-19 15:24 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-19 15:24 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-19 15:24 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-19 15:24 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-19 15:24 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-19 15:24 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-19 15:24 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-19 15:24 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-19 15:24 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-19 15:24 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-19 15:24 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-19 15:24 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-19 15:24 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-06-19 15:24 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-06-19 15:24 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-19 15:24 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-06-19 15:24 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-06-19 15:24 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-19 15:24 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-06-19 15:24 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-06-19 15:24 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-19 15:23 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-19 15:23 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-19 15:23 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-06-19 15:23 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-06-19 15:23 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-19 15:23 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-19 15:23 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-19 15:23 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-19 15:23 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-19 15:23 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-06-19 15:23 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-06-19 15:23 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-06-19 15:23 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-19 15:23 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-06-19 15:23 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-06-19 15:23 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-19 15:23 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-19 15:22 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-19 15:22 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-06-19 15:20 - 2015-06-19 15:20 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-19 15:20 - 2015-06-19 15:20 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-19 15:18 - 2015-05-28 09:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-19 15:18 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-19 15:18 - 2015-05-28 09:04 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-06-19 15:10 - 2015-06-19 15:10 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-19 15:10 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-19 15:10 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-19 14:36 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-19 14:36 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-19 14:36 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-19 14:36 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-19 14:36 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-19 14:36 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-19 14:36 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-19 14:36 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-19 14:36 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-19 14:36 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-19 14:36 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-19 14:36 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-19 14:36 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-19 14:36 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-19 14:36 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-06-19 14:36 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-19 14:36 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-19 14:36 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-19 14:36 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-19 14:36 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-19 14:36 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-19 14:36 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-19 14:36 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-19 14:36 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-19 14:36 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-19 14:36 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-19 14:36 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-19 14:36 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-19 14:36 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-19 14:36 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-19 14:36 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-19 14:36 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-19 14:36 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-19 14:36 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-19 14:36 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-19 14:36 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-19 14:36 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-19 14:36 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-19 14:36 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-19 14:36 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-19 14:36 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-19 14:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-19 14:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-19 14:35 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-19 14:35 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-19 14:35 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-19 14:35 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-19 14:35 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-19 14:35 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-19 14:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-19 14:35 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-19 14:35 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-19 14:35 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-19 14:35 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-19 14:35 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-19 14:35 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-19 14:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-19 14:35 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-19 14:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-19 14:35 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-19 14:35 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-19 14:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-19 14:35 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-19 14:35 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-19 14:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-19 14:35 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-19 14:35 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-19 14:35 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-19 14:35 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-19 14:35 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-19 14:35 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-19 14:35 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-19 14:35 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-19 14:35 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-19 14:35 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-19 14:35 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-19 14:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-19 14:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-19 14:35 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-19 14:35 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-19 14:35 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-19 14:35 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-19 14:35 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-06-19 14:35 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-06-19 14:35 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-06-19 14:35 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-19 14:35 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-06-19 14:35 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-06-19 14:35 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-06-19 14:35 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-06-19 14:35 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-19 14:35 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-06-19 14:35 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-06-19 14:35 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-06-19 14:35 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-06-19 14:31 - 2015-06-21 16:15 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-19 14:31 - 2015-06-19 14:31 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-19 14:31 - 2015-06-19 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-19 14:31 - 2015-06-19 14:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-19 14:31 - 2015-06-19 14:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-19 14:31 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-19 14:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-19 14:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-19 14:30 - 2015-06-19 14:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Matthias\Downloads\mbam-setup-2.1.6.1022.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 18:24 - 2015-01-25 13:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-21 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-21 17:28 - 2015-04-07 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-21 17:20 - 2014-06-06 11:40 - 01944196 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-21 15:40 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-21 15:40 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-21 15:40 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-21 15:37 - 2014-06-06 12:22 - 00000000 __RDO C:\Users\Matthias\OneDrive
2015-06-21 14:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-21 14:31 - 2014-03-24 18:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-637481459-3907541351-2715369965-1005
2015-06-21 14:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-20 06:46 - 2014-03-29 20:23 - 00007597 _____ C:\Users\Matthias\AppData\Local\Resmon.ResmonCfg
2015-06-19 20:22 - 2014-03-17 14:59 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-637481459-3907541351-2715369965-1002
2015-06-19 17:27 - 2013-08-22 16:46 - 00510648 _____ C:\WINDOWS\setupact.log
2015-06-19 17:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-19 16:18 - 2012-11-01 20:38 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages
2015-06-19 15:39 - 2014-03-18 03:50 - 00029938 _____ C:\WINDOWS\PFRO.log
2015-06-19 15:39 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-19 15:39 - 2013-08-22 16:44 - 00362760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-19 15:37 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-19 15:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-19 15:34 - 2015-03-30 13:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-19 15:34 - 2015-03-30 13:44 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-19 15:34 - 2014-12-09 22:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-19 15:34 - 2014-07-08 20:40 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-19 15:34 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-19 15:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-19 15:32 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-19 15:30 - 2014-03-17 16:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-19 15:26 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-19 15:24 - 2015-01-25 13:51 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-19 15:20 - 2014-06-06 11:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-19 15:19 - 2014-06-06 11:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-19 15:02 - 2014-08-20 20:37 - 00000000 ____D C:\Users\Matthias\AppData\Local\PackageStaging
2015-06-19 14:48 - 2014-04-06 20:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-06-19 14:41 - 2014-03-17 19:25 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\QuickScan
2015-06-19 14:24 - 2014-06-06 11:48 - 00000000 ____D C:\Users\Matthias
2015-06-03 23:04 - 2014-06-06 14:22 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-03 23:04 - 2014-06-06 14:22 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-03 23:04 - 2014-03-17 19:52 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-03 23:04 - 2014-03-17 19:52 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-28 09:04 - 2015-03-23 15:50 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-28 09:04 - 2015-02-15 19:25 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 09:04 - 2014-05-26 18:02 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-05-26 18:02 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-28 09:04 - 2014-05-26 18:02 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-28 09:04 - 2014-05-26 18:02 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-28 09:04 - 2014-05-26 18:02 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 01059472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-06-06 11:40 - 00579400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-28 06:15 - 2014-06-06 11:40 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-27 12:48 - 2014-06-06 11:40 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-27 00:04 - 2014-03-17 16:08 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-03-29 20:23 - 2015-06-20 06:46 - 0007597 _____ () C:\Users\Matthias\AppData\Local\Resmon.ResmonCfg
2012-09-21 03:48 - 2012-09-21 03:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-20 10:27

==================== End of log ============================
         
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Matthias at 2015-06-21 18:30:53
Running from C:\Users\Matthias\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-637481459-3907541351-2715369965-500 - Administrator - Disabled) => C:\Users\Administrator
Anja (S-1-5-21-637481459-3907541351-2715369965-1005 - Limited - Enabled) => C:\Users\Anja
Gast (S-1-5-21-637481459-3907541351-2715369965-501 - Limited - Disabled)
Matthias (S-1-5-21-637481459-3907541351-2715369965-1002 - Administrator - Enabled) => C:\Users\Matthias

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.0.0 - Electronic Arts)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.3.3 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-637481459-3907541351-2715369965-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

19-06-2015 15:20:47 NVIDIA PhysX wird entfernt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A985AE1-AC72-4CB4-A639-707A2895BC47} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {353671AF-5141-4085-9AFA-54D82A0BB331} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {3E5618E5-3F9A-4718-B97A-ADAAF72F256A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {43ECEB68-3D6F-4F26-933A-28F46788AF27} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {461847A7-BE29-44AB-A2EC-C783A3C39F73} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {5D575F83-7616-42DE-8315-3EEE0BA5BA39} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {68522FEF-4AC5-4BB8-B0EA-E0B792DBD6C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {71AA8D8E-AF48-401A-9031-E26817214375} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {73CD65B8-19FD-4E2F-AE89-B0861445DB07} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
Task: {7E27C8C2-ECD9-4EF0-8DAF-8BF579B7F27A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {80379262-2BB3-4EDE-A5B8-26B50F180603} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {87017FB3-6CFD-482E-A796-9C4607E51181} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {8C78A7A3-782D-4790-8A57-FACA669FA509} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {AAA5205F-6D95-4931-89A8-E6A703B41145} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {AB41484A-DFF5-4B05-AC52-DD5804101781} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {AE85214C-23E2-407B-A56A-BEA650ADD8B0} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {B5AE47C6-EDD6-4C1B-9AA6-1C557AF694D0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B7D78559-A28E-47E1-A2C6-B3E6CA194469} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {BB0F687C-D7C2-4110-A3F5-425FBD2EEF98} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {BC9DEE57-CD15-4687-91BC-B1D0DEFBD000} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-19] (Adobe Systems Incorporated)
Task: {D4CCE5A6-4B03-4137-8E72-9A89B54F82ED} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {DB646C87-2B0B-420F-AC02-7A248B26AB1D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-27] (Microsoft Corporation)
Task: {EB8D514B-ECC9-4AE6-AAB3-49D525D179E6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {F91A8E4B-4D5E-400C-BBFB-130D609FE1DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-26 15:48 - 2012-08-26 15:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2014-05-26 18:02 - 2015-05-28 09:04 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-06 11:40 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-19 14:37 - 2015-06-19 14:37 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-09-21 03:38 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-06 17:37 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-26 18:02 - 2015-05-28 09:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Matthias\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-637481459-3907541351-2715369965-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Matthias\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "EnergyUtility"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{EC7CE209-F6B0-4699-B643-C509D258D543}C:\users\matthias\saved games\wot\wotlauncher.exe] => (Allow) C:\users\matthias\saved games\wot\wotlauncher.exe
FirewallRules: [TCP Query User{6467EC36-C290-4127-A3B8-B48A65EF2670}C:\users\matthias\saved games\wot\wotlauncher.exe] => (Allow) C:\users\matthias\saved games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{FCC06996-2751-4350-9AA9-8E3E060C7D58}C:\users\matthias\saved games\wot\worldoftanks.exe] => (Allow) C:\users\matthias\saved games\wot\worldoftanks.exe
FirewallRules: [TCP Query User{BCBFE462-8E5B-463A-BE4E-EAF241DF345B}C:\users\matthias\saved games\wot\worldoftanks.exe] => (Allow) C:\users\matthias\saved games\wot\worldoftanks.exe
FirewallRules: [{12557A85-8CC3-4F53-959D-371DDEF546C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{141AFF1A-2829-424D-961B-B9488467C7B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90F7C9FC-2160-4389-91EF-1ACE9AF2D355}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1501F4E-EBC2-4153-9447-C2A13F79A071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7DB018BE-B88B-4D96-B9C8-1B61779E8861}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8731B0E5-CEAF-480F-9D8D-19DFF8E9997F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{C32C294E-0A6F-409C-AD99-91D2FDE2CC21}C:\users\matthias\saved games\wot\worldoftanks.exe] => (Allow) C:\users\matthias\saved games\wot\worldoftanks.exe
FirewallRules: [TCP Query User{13928404-F4E8-4716-99AC-4E0E9D688175}C:\users\matthias\saved games\wot\worldoftanks.exe] => (Allow) C:\users\matthias\saved games\wot\worldoftanks.exe
FirewallRules: [{39B38018-EFAD-4DAB-8991-9DAC5F5F5B8D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5B489151-25A8-42F9-9009-770C223D34AE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{6E989CD2-9D88-4319-B718-2C4CD204547B}C:\users\matthias\saved games\wot\wotlauncher.exe] => (Allow) C:\users\matthias\saved games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{ED39812A-D4A3-4F36-9806-3434C5CF8344}C:\users\matthias\saved games\wot\wotlauncher.exe] => (Allow) C:\users\matthias\saved games\wot\wotlauncher.exe
FirewallRules: [{6F2FEF03-ABA5-465C-A05A-A42881E3D401}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CE54A19F-5772-4D9A-94D0-E3EE59C8C452}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BA6FBAF4-CF99-4950-8B5F-F8765718DF62}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F149141C-BACE-477B-ABB8-8CD7BDCFA1A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C3DCBAA-2AE6-4848-A061-66C976DE83E9}] => (Allow) C:\Users\Matthias\Saved Games\Origin\FIFA Manager 13\Manager13.exe
FirewallRules: [{09EC50B4-AC77-440D-A671-95E300DBE4A7}] => (Allow) C:\Users\Matthias\Saved Games\Origin\FIFA Manager 13\Manager13.exe
FirewallRules: [{C35E60B3-1DB9-42AE-A91A-637F41668764}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C64AFFCF-EC13-4CBA-B652-E5286A0333C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{975B82C4-91EA-487D-8A99-F292243EB9A2}C:\users\matthias\saved games\origin\fifa manager 13\manager13.exe] => (Allow) C:\users\matthias\saved games\origin\fifa manager 13\manager13.exe
FirewallRules: [UDP Query User{0D169693-F739-4AE7-8CEA-8BD534E160A1}C:\users\matthias\saved games\origin\fifa manager 13\manager13.exe] => (Allow) C:\users\matthias\saved games\origin\fifa manager 13\manager13.exe
FirewallRules: [TCP Query User{5C696733-EAC4-4034-B1BC-0E6CE2863A1F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4129982D-853F-4024-9C38-6B6910D760EE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{41D5108E-D8CF-4242-98B0-D9002A0A9709}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2015 06:27:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (06/21/2015 05:47:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (06/21/2015 04:28:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (06/21/2015 04:28:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (06/21/2015 04:28:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: Bei der Aktivierung der App „E046963F.LenovoSupport_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: Bei der Aktivierung der App „E046963F.LenovoSupport_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: Bei der Aktivierung der App „E046963F.LenovoSupport_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/19/2015 06:53:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: Bei der Aktivierung der App „E046963F.LenovoSupport_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/21/2015 04:28:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/21/2015 04:28:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys

Error: (06/21/2015 04:28:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/21/2015 04:28:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys

Error: (06/21/2015 04:28:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/21/2015 04:28:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys

Error: (06/21/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: MATZESLAPTOP)
Description: App.AppX1222w7mnscdhak8wye3bynztq2t5x6q9.mca

Error: (06/21/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: MATZESLAPTOP)
Description: App.AppX6v65ke6xy52mzp48tbdgqddy15h0mcbk.mca

Error: (06/21/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: MATZESLAPTOP)
Description: App.AppX98wb6g77tn4g47pmhnngvex75z63bw5e.mca

Error: (06/21/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: MATZESLAPTOP)
Description: App.AppX6v65ke6xy52mzp48tbdgqddy15h0mcbk.mca


Microsoft Office:
=========================
Error: (06/21/2015 06:27:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2015 05:47:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/21/2015 04:28:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2015 04:28:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2015 04:28:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2144927141

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927141

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927141

Error: (06/21/2015 02:53:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927141

Error: (06/19/2015 06:53:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MATZESLAPTOP)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927141


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 8057.77 MB
Available physical RAM: 5378.05 MB
Total Pagefile: 9337.77 MB
Available Pagefile: 6266.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:417.99 GB) (Free:318.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 517A22E4)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________

Geändert von matze1977 (21.06.2015 um 17:49 Uhr)

Alt 22.06.2015, 11:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.06.2015, 12:40   #5
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo Schrauber,

vorab ein Danke für Deine Hilfe.

Gab beim Rootkit, Probleme bei der Installation, siehe im Anhang aus einem anderen Post.
Habe dort leider vorschnell auf "Ja" geklickt. Ich hoffe dies ist nicht schlimm?


Anbei die beiden Logfiles:

Rootkit:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.22.01
  rootkit: v2015.06.15.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
Matthias :: MATZESLAPTOP [administrator]

22.06.2015 13:03:10
mbar-log-2015-06-22 (13-03-10).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 512407
Time elapsed: 30 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Nr. 2 von TDSS:
Code:
ATTFilter
13:35:09.0082 0x17a4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:35:09.0082 0x17a4  UEFI system
13:35:13.0647 0x17a4  ============================================================
13:35:13.0647 0x17a4  Current date / time: 2015/06/22 13:35:13.0647
13:35:13.0647 0x17a4  SystemInfo:
13:35:13.0647 0x17a4  
13:35:13.0647 0x17a4  OS Version: 6.3.9600 ServicePack: 0.0
13:35:13.0647 0x17a4  Product type: Workstation
13:35:13.0647 0x17a4  ComputerName: MATZESLAPTOP
13:35:13.0647 0x17a4  UserName: Matthias
13:35:13.0647 0x17a4  Windows directory: C:\WINDOWS
13:35:13.0647 0x17a4  System windows directory: C:\WINDOWS
13:35:13.0647 0x17a4  Running under WOW64
13:35:13.0647 0x17a4  Processor architecture: Intel x64
13:35:13.0647 0x17a4  Number of processors: 4
13:35:13.0647 0x17a4  Page size: 0x1000
13:35:13.0647 0x17a4  Boot type: Normal boot
13:35:13.0647 0x17a4  ============================================================
13:35:14.0414 0x17a4  KLMD registered as C:\WINDOWS\system32\drivers\13991869.sys
13:35:15.0832 0x17a4  System UUID: {F4BF65A0-F142-523D-9C78-1D0F17AE6C82}
13:35:16.0818 0x17a4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:35:16.0831 0x17a4  ============================================================
13:35:16.0831 0x17a4  \Device\Harddisk0\DR0:
13:35:16.0832 0x17a4  GPT partitions:
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7835C0CE-C657-445D-B792-FCEE2618A5AB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F75395F7-7071-4694-B5B7-87E13D89EC16}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {59FA8929-2E13-4415-803D-935ECE27E101}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {35D0A1AC-8B02-401D-AF12-137703CFB902}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EEB8D1F5-D2FD-4A72-9ABD-B49D928E7F0E}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x343FA800
13:35:16.0863 0x17a4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5EF1A763-1D26-403A-B8F6-5E173E8A9FE1}, Name: , StartLBA 0x348A5000, BlocksNum 0xE1000
13:35:16.0864 0x17a4  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FD18373E-51F3-47F6-AB73-887F54A5E095}, Name: Basic data partition, StartLBA 0x34986000, BlocksNum 0x3200000
13:35:16.0864 0x17a4  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DFEB39D2-E269-4C91-973C-B1FBF22FE538}, Name: Basic data partition, StartLBA 0x37B86000, BlocksNum 0x2800000
13:35:16.0864 0x17a4  MBR partitions:
13:35:16.0864 0x17a4  ============================================================
13:35:17.0002 0x17a4  C: <-> \Device\Harddisk0\DR0\Partition5
13:35:17.0040 0x17a4  D: <-> \Device\Harddisk0\DR0\Partition7
13:35:17.0040 0x17a4  ============================================================
13:35:17.0040 0x17a4  Initialize success
13:35:17.0040 0x17a4  ============================================================
13:36:14.0743 0x13c8  ============================================================
13:36:14.0743 0x13c8  Scan started
13:36:14.0743 0x13c8  Mode: Manual; SigCheck; TDLFS; 
13:36:14.0743 0x13c8  ============================================================
13:36:14.0743 0x13c8  KSN ping started
13:36:17.0051 0x13c8  KSN ping finished: true
13:36:18.0090 0x13c8  ================ Scan system memory ========================
13:36:18.0090 0x13c8  System memory - ok
13:36:18.0091 0x13c8  ================ Scan services =============================
13:36:18.0304 0x13c8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:36:18.0429 0x13c8  1394ohci - ok
13:36:18.0480 0x13c8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:36:18.0490 0x13c8  3ware - ok
13:36:18.0539 0x13c8  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:36:18.0564 0x13c8  ACPI - ok
13:36:18.0574 0x13c8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:36:18.0583 0x13c8  acpiex - ok
13:36:18.0595 0x13c8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:36:18.0612 0x13c8  acpipagr - ok
13:36:18.0639 0x13c8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:36:18.0676 0x13c8  AcpiPmi - ok
13:36:18.0683 0x13c8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:36:18.0698 0x13c8  acpitime - ok
13:36:18.0725 0x13c8  [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
13:36:18.0744 0x13c8  ACPIVPC - ok
13:36:18.0834 0x13c8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:36:18.0850 0x13c8  AdobeARMservice - ok
13:36:18.0967 0x13c8  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:18.0989 0x13c8  AdobeFlashPlayerUpdateSvc - ok
13:36:19.0050 0x13c8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:36:19.0077 0x13c8  ADP80XX - ok
13:36:19.0113 0x13c8  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
13:36:19.0177 0x13c8  AeLookupSvc - ok
13:36:19.0225 0x13c8  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:36:19.0280 0x13c8  AFD - ok
13:36:19.0298 0x13c8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:36:19.0306 0x13c8  agp440 - ok
13:36:19.0325 0x13c8  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:36:19.0372 0x13c8  ahcache - ok
13:36:19.0406 0x13c8  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
13:36:19.0468 0x13c8  ALG - ok
13:36:19.0487 0x13c8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:36:19.0526 0x13c8  AmdK8 - ok
13:36:19.0539 0x13c8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:36:19.0570 0x13c8  AmdPPM - ok
13:36:19.0604 0x13c8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:36:19.0615 0x13c8  amdsata - ok
13:36:19.0628 0x13c8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:36:19.0641 0x13c8  amdsbs - ok
13:36:19.0648 0x13c8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:36:19.0656 0x13c8  amdxata - ok
13:36:19.0694 0x13c8  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:36:19.0762 0x13c8  AppID - ok
13:36:19.0803 0x13c8  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:36:19.0839 0x13c8  AppIDSvc - ok
13:36:19.0877 0x13c8  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:36:19.0952 0x13c8  Appinfo - ok
13:36:20.0065 0x13c8  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:36:20.0079 0x13c8  Apple Mobile Device Service - ok
13:36:20.0125 0x13c8  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:36:20.0214 0x13c8  AppReadiness - ok
13:36:20.0296 0x13c8  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:36:20.0431 0x13c8  AppXSvc - ok
13:36:20.0463 0x13c8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:36:20.0474 0x13c8  arcsas - ok
13:36:20.0491 0x13c8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:36:20.0516 0x13c8  atapi - ok
13:36:20.0552 0x13c8  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:36:20.0611 0x13c8  AudioEndpointBuilder - ok
13:36:20.0675 0x13c8  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:36:20.0703 0x13c8  Audiosrv - ok
13:36:20.0737 0x13c8  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:36:20.0781 0x13c8  AxInstSV - ok
13:36:20.0842 0x13c8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:36:20.0868 0x13c8  b06bdrv - ok
13:36:20.0909 0x13c8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:36:20.0938 0x13c8  BasicDisplay - ok
13:36:20.0942 0x13c8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:36:20.0993 0x13c8  BasicRender - ok
13:36:21.0029 0x13c8  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
13:36:21.0050 0x13c8  bcbtums - ok
13:36:21.0303 0x13c8  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
13:36:21.0562 0x13c8  BCM43XX - ok
13:36:21.0660 0x13c8  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
13:36:21.0757 0x13c8  BcmBtRSupport - ok
13:36:21.0794 0x13c8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:36:21.0799 0x13c8  bcmfn2 - ok
13:36:21.0838 0x13c8  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:36:21.0888 0x13c8  BDESVC - ok
13:36:21.0924 0x13c8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:36:21.0993 0x13c8  Beep - ok
13:36:22.0055 0x13c8  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\WINDOWS\System32\bfe.dll
13:36:22.0147 0x13c8  BFE - ok
13:36:22.0213 0x13c8  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:36:22.0267 0x13c8  BITS - ok
13:36:22.0300 0x13c8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:36:22.0313 0x13c8  Bonjour Service - ok
13:36:22.0349 0x13c8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:36:22.0385 0x13c8  bowser - ok
13:36:22.0436 0x13c8  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:36:22.0506 0x13c8  BrokerInfrastructure - ok
13:36:22.0552 0x13c8  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
13:36:22.0624 0x13c8  Browser - ok
13:36:22.0658 0x13c8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:36:22.0710 0x13c8  BthAvrcpTg - ok
13:36:22.0754 0x13c8  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
13:36:22.0822 0x13c8  BthEnum - ok
13:36:22.0849 0x13c8  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:36:22.0889 0x13c8  BthHFEnum - ok
13:36:22.0914 0x13c8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:36:22.0954 0x13c8  bthhfhid - ok
13:36:23.0092 0x13c8  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:36:23.0156 0x13c8  BthHFSrv - ok
13:36:23.0196 0x13c8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:36:23.0239 0x13c8  BthLEEnum - ok
13:36:23.0281 0x13c8  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:36:23.0314 0x13c8  BTHMODEM - ok
13:36:23.0341 0x13c8  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
13:36:23.0389 0x13c8  BthPan - ok
13:36:23.0467 0x13c8  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
13:36:23.0575 0x13c8  BTHPORT - ok
13:36:23.0623 0x13c8  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:36:23.0689 0x13c8  bthserv - ok
13:36:23.0740 0x13c8  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
13:36:23.0781 0x13c8  BTHUSB - ok
13:36:23.0811 0x13c8  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
13:36:23.0828 0x13c8  btwampfl - ok
13:36:23.0857 0x13c8  [ 220B09B63C1FF7869ACDB8E574DDFC63, 97BAA46544F2D76F502013B25F9F1EF403AAD853C2AC8730C794F228CFA6EDB4 ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys
13:36:23.0868 0x13c8  btwaudio - ok
13:36:23.0900 0x13c8  [ F707AF3B94BE7AD7AA5F8886CCCADF80, 3E37BD52AE019711EA6D07A31958D9F65EDEDE5B5C24C38B30F6241CCB669EE7 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys
13:36:23.0910 0x13c8  btwavdt - ok
13:36:24.0012 0x13c8  [ B0AAB7F9638D1315760F5C48A24CFEAB, 45AA7701A1F3A8C0593174886727A223BC17E4F3F128E98099E8CE85CB2DA9C7 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
13:36:24.0043 0x13c8  btwdins - ok
13:36:24.0074 0x13c8  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
13:36:24.0074 0x13c8  btwl2cap - ok
13:36:24.0090 0x13c8  [ 54DCF9127FD6548F9C04B40635C59F77, E0E2175CE3FFBFD8439FA145259479416CAE7035C4FF0F8F2A3ACBFBAABFF1CE ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys
13:36:24.0090 0x13c8  btwrchid - ok
13:36:24.0106 0x13c8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:36:24.0153 0x13c8  cdfs - ok
13:36:24.0199 0x13c8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:36:24.0231 0x13c8  cdrom - ok
13:36:24.0278 0x13c8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:36:24.0340 0x13c8  CertPropSvc - ok
13:36:24.0371 0x13c8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:36:24.0403 0x13c8  circlass - ok
13:36:24.0449 0x13c8  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:36:24.0465 0x13c8  CLFS - ok
13:36:24.0481 0x13c8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:36:24.0512 0x13c8  CmBatt - ok
13:36:24.0574 0x13c8  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:36:24.0590 0x13c8  CNG - ok
13:36:24.0668 0x13c8  [ 1F925AA990A6A446E8BA926B2D0A5201, F278C272E3F40C37D04935CE19938C4B63A4BC2AA378D0F56C32FE78308D6993 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
13:36:24.0715 0x13c8  CnxtHdAudService - ok
13:36:24.0746 0x13c8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
13:36:24.0746 0x13c8  CompositeBus - ok
13:36:24.0746 0x13c8  COMSysApp - ok
13:36:24.0762 0x13c8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:36:24.0809 0x13c8  condrv - ok
13:36:24.0887 0x13c8  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:36:24.0949 0x13c8  cphs - ok
13:36:24.0996 0x13c8  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:36:25.0090 0x13c8  CryptSvc - ok
13:36:25.0153 0x13c8  [ 48AED45DF009081AF3F5144F7D624674, 4425C15EB9E1177EE5134A33F63DAF7FF876577946DBF1EAD92C5614025113BB ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
13:36:25.0168 0x13c8  CxAudMsg - ok
13:36:25.0199 0x13c8  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:36:25.0215 0x13c8  dam - ok
13:36:25.0278 0x13c8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:36:25.0356 0x13c8  DcomLaunch - ok
13:36:25.0434 0x13c8  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:36:25.0528 0x13c8  defragsvc - ok
13:36:25.0590 0x13c8  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:36:25.0668 0x13c8  DeviceAssociationService - ok
13:36:25.0715 0x13c8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:36:25.0778 0x13c8  DeviceInstall - ok
13:36:25.0825 0x13c8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:36:25.0871 0x13c8  Dfsc - ok
13:36:25.0918 0x13c8  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:36:25.0996 0x13c8  Dhcp - ok
13:36:26.0075 0x13c8  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:36:26.0168 0x13c8  DiagTrack - ok
13:36:26.0215 0x13c8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:36:26.0246 0x13c8  disk - ok
13:36:26.0278 0x13c8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:36:26.0309 0x13c8  dmvsc - ok
13:36:26.0340 0x13c8  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:36:26.0403 0x13c8  Dnscache - ok
13:36:26.0450 0x13c8  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:36:26.0512 0x13c8  dot3svc - ok
13:36:26.0559 0x13c8  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
13:36:26.0606 0x13c8  DPS - ok
13:36:26.0637 0x13c8  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:36:26.0653 0x13c8  drmkaud - ok
13:36:26.0684 0x13c8  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:36:26.0715 0x13c8  DsmSvc - ok
13:36:26.0793 0x13c8  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:36:26.0887 0x13c8  DXGKrnl - ok
13:36:26.0918 0x13c8  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:36:26.0997 0x13c8  Eaphost - ok
13:36:27.0122 0x13c8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:36:27.0262 0x13c8  ebdrv - ok
13:36:27.0293 0x13c8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
13:36:27.0309 0x13c8  EFS - ok
13:36:27.0325 0x13c8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:36:27.0325 0x13c8  EhStorClass - ok
13:36:27.0340 0x13c8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:36:27.0356 0x13c8  EhStorTcgDrv - ok
13:36:27.0372 0x13c8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:36:27.0403 0x13c8  ErrDev - ok
13:36:27.0434 0x13c8  [ 14D498FB39BB60D1A36160F22BB4CA8E, 488EB9D0574EB091D3B04D0C7C94CD531CDF3AE08EE39A11582A0B6380FBD887 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
13:36:27.0450 0x13c8  ETD - ok
13:36:27.0512 0x13c8  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
13:36:27.0544 0x13c8  EventSystem - ok
13:36:27.0559 0x13c8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:36:27.0637 0x13c8  exfat - ok
13:36:27.0668 0x13c8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:36:27.0684 0x13c8  fastfat - ok
13:36:27.0731 0x13c8  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:36:27.0840 0x13c8  Fax - ok
13:36:27.0872 0x13c8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:36:27.0903 0x13c8  fdc - ok
13:36:27.0934 0x13c8  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:36:27.0981 0x13c8  fdPHost - ok
13:36:28.0028 0x13c8  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:36:28.0059 0x13c8  FDResPub - ok
13:36:28.0090 0x13c8  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:36:28.0168 0x13c8  fhsvc - ok
13:36:28.0200 0x13c8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:36:28.0215 0x13c8  FileInfo - ok
13:36:28.0247 0x13c8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:36:28.0278 0x13c8  Filetrace - ok
13:36:28.0294 0x13c8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:36:28.0309 0x13c8  flpydisk - ok
13:36:28.0356 0x13c8  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:36:28.0387 0x13c8  FltMgr - ok
13:36:28.0434 0x13c8  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:36:28.0590 0x13c8  FontCache - ok
13:36:28.0700 0x13c8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:36:28.0716 0x13c8  FontCache3.0.0.0 - ok
13:36:28.0747 0x13c8  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:36:28.0778 0x13c8  FsDepends - ok
13:36:28.0809 0x13c8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:36:28.0825 0x13c8  Fs_Rec - ok
13:36:28.0903 0x13c8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:36:28.0934 0x13c8  fvevol - ok
13:36:28.0950 0x13c8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
13:36:28.0966 0x13c8  FxPPM - ok
13:36:28.0981 0x13c8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:36:28.0997 0x13c8  gagp30kx - ok
13:36:29.0012 0x13c8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:36:29.0028 0x13c8  GEARAspiWDM - ok
13:36:29.0059 0x13c8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:36:29.0075 0x13c8  gencounter - ok
13:36:29.0184 0x13c8  [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:36:29.0216 0x13c8  GfExperienceService - ok
13:36:29.0247 0x13c8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:36:29.0247 0x13c8  GPIOClx0101 - ok
13:36:29.0325 0x13c8  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:36:29.0419 0x13c8  gpsvc - ok
13:36:29.0450 0x13c8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:36:29.0512 0x13c8  HDAudBus - ok
13:36:29.0528 0x13c8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:36:29.0575 0x13c8  HidBatt - ok
13:36:29.0606 0x13c8  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:36:29.0653 0x13c8  HidBth - ok
13:36:29.0653 0x13c8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:36:29.0684 0x13c8  hidi2c - ok
13:36:29.0716 0x13c8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:36:29.0731 0x13c8  HidIr - ok
13:36:29.0763 0x13c8  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:36:29.0825 0x13c8  hidserv - ok
13:36:29.0856 0x13c8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:36:29.0872 0x13c8  HidUsb - ok
13:36:29.0903 0x13c8  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
13:36:29.0981 0x13c8  hkmsvc - ok
13:36:30.0028 0x13c8  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:36:30.0059 0x13c8  HomeGroupListener - ok
13:36:30.0122 0x13c8  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:36:30.0153 0x13c8  HomeGroupProvider - ok
13:36:30.0184 0x13c8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:36:30.0216 0x13c8  HpSAMD - ok
13:36:30.0263 0x13c8  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:36:30.0294 0x13c8  HTTP - ok
13:36:30.0341 0x13c8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:36:30.0356 0x13c8  hwpolicy - ok
13:36:30.0372 0x13c8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:36:30.0403 0x13c8  hyperkbd - ok
13:36:30.0434 0x13c8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:36:30.0466 0x13c8  HyperVideo - ok
13:36:30.0513 0x13c8  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:36:30.0575 0x13c8  i8042prt - ok
13:36:30.0591 0x13c8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:36:30.0591 0x13c8  iaLPSSi_GPIO - ok
13:36:30.0638 0x13c8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:36:30.0653 0x13c8  iaLPSSi_I2C - ok
13:36:30.0716 0x13c8  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:36:30.0747 0x13c8  iaStorA - ok
13:36:30.0778 0x13c8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:36:30.0809 0x13c8  iaStorAV - ok
13:36:30.0825 0x13c8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:36:30.0841 0x13c8  iaStorV - ok
13:36:30.0856 0x13c8  IEEtwCollectorService - ok
13:36:30.0966 0x13c8  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:36:31.0106 0x13c8  igfx - ok
13:36:31.0169 0x13c8  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:36:31.0200 0x13c8  igfxCUIService1.0.0.0 - ok
13:36:31.0278 0x13c8  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:36:31.0325 0x13c8  IKEEXT - ok
13:36:31.0356 0x13c8  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:36:31.0372 0x13c8  intaud_WaveExtensible - ok
13:36:31.0450 0x13c8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:36:31.0544 0x13c8  IntcDAud - ok
13:36:31.0622 0x13c8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:36:31.0653 0x13c8  Intel(R) Capability Licensing Service Interface - ok
13:36:31.0685 0x13c8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:36:31.0700 0x13c8  intelide - ok
13:36:31.0731 0x13c8  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:36:31.0747 0x13c8  intelpep - ok
13:36:31.0794 0x13c8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:36:31.0810 0x13c8  intelppm - ok
13:36:31.0856 0x13c8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:36:31.0935 0x13c8  IpFilterDriver - ok
13:36:32.0013 0x13c8  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:36:32.0060 0x13c8  iphlpsvc - ok
13:36:32.0075 0x13c8  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:36:32.0153 0x13c8  IPMIDRV - ok
13:36:32.0185 0x13c8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:36:32.0216 0x13c8  IPNAT - ok
13:36:32.0263 0x13c8  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:36:32.0278 0x13c8  iPod Service - ok
13:36:32.0341 0x13c8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:36:32.0372 0x13c8  IRENUM - ok
13:36:32.0419 0x13c8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:36:32.0435 0x13c8  isapnp - ok
13:36:32.0482 0x13c8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:36:32.0497 0x13c8  iScsiPrt - ok
13:36:32.0528 0x13c8  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
13:36:32.0544 0x13c8  iwdbus - ok
13:36:32.0622 0x13c8  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:36:32.0638 0x13c8  jhi_service - ok
13:36:32.0669 0x13c8  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:36:32.0685 0x13c8  kbdclass - ok
13:36:32.0700 0x13c8  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:36:32.0716 0x13c8  kbdhid - ok
13:36:32.0747 0x13c8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:36:32.0763 0x13c8  kdnic - ok
13:36:32.0778 0x13c8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:36:32.0794 0x13c8  KeyIso - ok
13:36:32.0825 0x13c8  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:36:32.0841 0x13c8  KSecDD - ok
13:36:32.0857 0x13c8  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:36:32.0872 0x13c8  KSecPkg - ok
13:36:32.0904 0x13c8  [ 6EFBC82722D0F7B35283993189ECE9D0, C992072A3248C35C5C46E0CCD463C60C6376E7E17AA67BAFF8260C200DC47900 ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
13:36:32.0919 0x13c8  KSS - ok
13:36:32.0935 0x13c8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:36:32.0935 0x13c8  ksthunk - ok
13:36:32.0966 0x13c8  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:36:32.0982 0x13c8  KtmRm - ok
13:36:33.0013 0x13c8  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
13:36:33.0013 0x13c8  L1C - ok
13:36:33.0060 0x13c8  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:36:33.0091 0x13c8  LanmanServer - ok
13:36:33.0138 0x13c8  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:36:33.0169 0x13c8  LanmanWorkstation - ok
13:36:33.0263 0x13c8  [ 1028980F14B4E9051C8CEDFB77D366AB, 7A284F17CAD9FBBCCA3598BC3A21265832808BA9BD0C71764957DFB70A573072 ] ldiagio_uefi    C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys
13:36:33.0278 0x13c8  ldiagio_uefi - ok
13:36:33.0341 0x13c8  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
13:36:33.0404 0x13c8  lfsvc - ok
13:36:33.0450 0x13c8  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
13:36:33.0466 0x13c8  LHDmgr - ok
13:36:33.0513 0x13c8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:36:33.0529 0x13c8  lltdio - ok
13:36:33.0560 0x13c8  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:36:33.0591 0x13c8  lltdsvc - ok
13:36:33.0638 0x13c8  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:36:33.0700 0x13c8  lmhosts - ok
13:36:33.0763 0x13c8  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:36:33.0779 0x13c8  LMS - ok
13:36:33.0810 0x13c8  [ 30223D9D80819C55531F2CF0CCB7C355, 1CA88470D6ECCF84BE23A71B1198B42107789EFD6EE7A37B2F880380F888FC83 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
13:36:33.0825 0x13c8  LSCWinService - ok
13:36:33.0857 0x13c8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:36:33.0872 0x13c8  LSI_SAS - ok
13:36:33.0888 0x13c8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:36:33.0888 0x13c8  LSI_SAS2 - ok
13:36:34.0013 0x13c8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
13:36:34.0044 0x13c8  LSI_SAS3 - ok
13:36:34.0060 0x13c8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:36:34.0060 0x13c8  LSI_SSS - ok
13:36:34.0107 0x13c8  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
13:36:34.0200 0x13c8  LSM - ok
13:36:34.0216 0x13c8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:36:34.0263 0x13c8  luafv - ok
13:36:34.0294 0x13c8  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
13:36:34.0310 0x13c8  MBAMProtector - ok
13:36:34.0388 0x13c8  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:36:34.0419 0x13c8  MBAMService - ok
13:36:34.0435 0x13c8  [ 28B597A61C9AC9B59BC0573D70A62CBF, 032C095ECDAEEE800BD9C7AB08C089E7530A9DD09AE577D1612035F2BFFAA61C ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:36:34.0450 0x13c8  MBAMWebAccessControl - ok
13:36:34.0482 0x13c8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:36:34.0482 0x13c8  megasas - ok
13:36:34.0513 0x13c8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:36:34.0529 0x13c8  megasr - ok
13:36:34.0560 0x13c8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
13:36:34.0560 0x13c8  MEIx64 - ok
13:36:34.0591 0x13c8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
13:36:34.0622 0x13c8  MMCSS - ok
13:36:34.0654 0x13c8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:36:34.0685 0x13c8  Modem - ok
13:36:34.0701 0x13c8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:36:34.0748 0x13c8  monitor - ok
13:36:34.0779 0x13c8  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:36:34.0794 0x13c8  mouclass - ok
13:36:34.0841 0x13c8  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:36:34.0873 0x13c8  mouhid - ok
13:36:34.0904 0x13c8  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:36:34.0935 0x13c8  mountmgr - ok
13:36:34.0966 0x13c8  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:36:34.0982 0x13c8  MozillaMaintenance - ok
13:36:35.0029 0x13c8  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:36:35.0091 0x13c8  mpsdrv - ok
13:36:35.0169 0x13c8  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:36:35.0216 0x13c8  MpsSvc - ok
13:36:35.0263 0x13c8  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:36:35.0310 0x13c8  MRxDAV - ok
13:36:35.0373 0x13c8  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:36:35.0466 0x13c8  mrxsmb - ok
13:36:35.0498 0x13c8  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:36:35.0591 0x13c8  mrxsmb10 - ok
13:36:35.0638 0x13c8  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:36:35.0669 0x13c8  mrxsmb20 - ok
13:36:35.0701 0x13c8  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
13:36:35.0732 0x13c8  MsBridge - ok
13:36:35.0748 0x13c8  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:36:35.0763 0x13c8  MSDTC - ok
13:36:35.0810 0x13c8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:36:35.0857 0x13c8  Msfs - ok
13:36:35.0904 0x13c8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:36:35.0919 0x13c8  msgpiowin32 - ok
13:36:35.0935 0x13c8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:36:35.0966 0x13c8  mshidkmdf - ok
13:36:35.0998 0x13c8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:36:36.0013 0x13c8  mshidumdf - ok
13:36:36.0044 0x13c8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:36:36.0060 0x13c8  msisadrv - ok
13:36:36.0076 0x13c8  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:36:36.0107 0x13c8  MSiSCSI - ok
13:36:36.0107 0x13c8  msiserver - ok
13:36:36.0123 0x13c8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:36:36.0138 0x13c8  MSKSSRV - ok
13:36:36.0185 0x13c8  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:36:36.0232 0x13c8  MsLldp - ok
13:36:36.0248 0x13c8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:36:36.0294 0x13c8  MSPCLOCK - ok
13:36:36.0326 0x13c8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:36:36.0357 0x13c8  MSPQM - ok
13:36:36.0388 0x13c8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:36:36.0419 0x13c8  MsRPC - ok
13:36:36.0435 0x13c8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:36:36.0435 0x13c8  mssmbios - ok
13:36:36.0435 0x13c8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:36:36.0466 0x13c8  MSTEE - ok
13:36:36.0482 0x13c8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:36:36.0513 0x13c8  MTConfig - ok
13:36:36.0544 0x13c8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:36:36.0560 0x13c8  Mup - ok
13:36:36.0576 0x13c8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:36:36.0576 0x13c8  mvumis - ok
13:36:36.0638 0x13c8  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
13:36:36.0670 0x13c8  napagent - ok
13:36:36.0701 0x13c8  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:36:36.0795 0x13c8  NativeWifiP - ok
13:36:36.0826 0x13c8  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:36:36.0904 0x13c8  NcaSvc - ok
13:36:36.0935 0x13c8  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:36:36.0998 0x13c8  NcbService - ok
13:36:37.0029 0x13c8  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:36:37.0107 0x13c8  NcdAutoSetup - ok
13:36:37.0185 0x13c8  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:36:37.0263 0x13c8  NDIS - ok
13:36:37.0295 0x13c8  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:36:37.0326 0x13c8  NdisCap - ok
13:36:37.0357 0x13c8  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:36:37.0404 0x13c8  NdisImPlatform - ok
13:36:37.0435 0x13c8  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:36:37.0467 0x13c8  NdisTapi - ok
13:36:37.0513 0x13c8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:36:37.0560 0x13c8  Ndisuio - ok
13:36:37.0592 0x13c8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:36:37.0623 0x13c8  NdisVirtualBus - ok
13:36:37.0654 0x13c8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:36:37.0685 0x13c8  NdisWan - ok
13:36:37.0701 0x13c8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:36:37.0701 0x13c8  NdisWanLegacy - ok
13:36:37.0748 0x13c8  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:36:37.0779 0x13c8  NDProxy - ok
13:36:37.0810 0x13c8  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:36:37.0888 0x13c8  Ndu - ok
13:36:37.0935 0x13c8  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:36:37.0967 0x13c8  NetBIOS - ok
13:36:37.0998 0x13c8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:36:38.0045 0x13c8  NetBT - ok
13:36:38.0045 0x13c8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:36:38.0060 0x13c8  Netlogon - ok
13:36:38.0107 0x13c8  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
13:36:38.0138 0x13c8  Netman - ok
13:36:38.0201 0x13c8  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:36:38.0217 0x13c8  netprofm - ok
13:36:38.0295 0x13c8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:36:38.0326 0x13c8  NetTcpPortSharing - ok
13:36:38.0357 0x13c8  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
13:36:38.0388 0x13c8  netvsc - ok
13:36:38.0435 0x13c8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:36:38.0467 0x13c8  NlaSvc - ok
13:36:38.0498 0x13c8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:36:38.0545 0x13c8  Npfs - ok
13:36:38.0576 0x13c8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:36:38.0607 0x13c8  npsvctrig - ok
13:36:38.0654 0x13c8  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:36:38.0732 0x13c8  nsi - ok
13:36:38.0779 0x13c8  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:36:38.0826 0x13c8  nsiproxy - ok
13:36:38.0920 0x13c8  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:36:39.0045 0x13c8  Ntfs - ok
13:36:39.0076 0x13c8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:36:39.0107 0x13c8  Null - ok
13:36:39.0420 0x13c8  [ 017E0B4AEFCB291E7CF1CD4BF120A7A8, 5C4B8D1AF91DE041F48E06E58ED71EFDD168942259F39012EB1CC957908B554C ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:36:39.0734 0x13c8  nvlddmkm - ok
13:36:39.0843 0x13c8  [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:36:39.0874 0x13c8  NvNetworkService - ok
13:36:39.0890 0x13c8  [ BED3EDDC4B361B9023022B8ED4B04AEA, BDAE255DB3216525FD8A2C1EA2608FF9A69EA94383A042A897D354048CA30E45 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:36:39.0905 0x13c8  nvpciflt - ok
13:36:39.0921 0x13c8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:36:39.0937 0x13c8  nvraid - ok
13:36:39.0937 0x13c8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:36:39.0968 0x13c8  nvstor - ok
13:36:40.0046 0x13c8  [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:36:40.0062 0x13c8  NvStreamKms - ok
13:36:40.0077 0x13c8  NvStreamSvc - ok
13:36:40.0140 0x13c8  [ 5141D408272B3681ED6A0E8CCF771EF9, C55304DC5EE588F747DF3B26ED08DE12106B79C686DCD22030F5523FC3F62727 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:36:40.0171 0x13c8  nvsvc - ok
13:36:40.0171 0x13c8  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
13:36:40.0187 0x13c8  nvvad_WaveExtensible - ok
13:36:40.0218 0x13c8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:36:40.0234 0x13c8  nv_agp - ok
13:36:40.0406 0x13c8  [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Users\Matthias\Saved Games\FM13\Origin\OriginClientService.exe
13:36:40.0468 0x13c8  Origin Client Service - ok
13:36:40.0515 0x13c8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:36:40.0546 0x13c8  p2pimsvc - ok
13:36:40.0593 0x13c8  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:36:40.0656 0x13c8  p2psvc - ok
13:36:40.0687 0x13c8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:36:40.0718 0x13c8  Parport - ok
13:36:40.0749 0x13c8  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:36:40.0765 0x13c8  partmgr - ok
13:36:40.0812 0x13c8  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:36:40.0859 0x13c8  PcaSvc - ok
13:36:40.0890 0x13c8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:36:40.0906 0x13c8  pci - ok
13:36:40.0937 0x13c8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:36:40.0937 0x13c8  pciide - ok
13:36:40.0968 0x13c8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:36:40.0999 0x13c8  pcmcia - ok
13:36:41.0015 0x13c8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:36:41.0015 0x13c8  pcw - ok
13:36:41.0046 0x13c8  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:36:41.0046 0x13c8  pdc - ok
13:36:41.0093 0x13c8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:36:41.0171 0x13c8  PEAUTH - ok
13:36:41.0265 0x13c8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:36:41.0312 0x13c8  PerfHost - ok
13:36:41.0421 0x13c8  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
13:36:41.0484 0x13c8  pla - ok
13:36:41.0515 0x13c8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:36:41.0531 0x13c8  PlugPlay - ok
13:36:41.0562 0x13c8  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:36:41.0577 0x13c8  PNRPAutoReg - ok
13:36:41.0609 0x13c8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:36:41.0624 0x13c8  PNRPsvc - ok
13:36:41.0656 0x13c8  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:36:41.0687 0x13c8  PolicyAgent - ok
13:36:41.0718 0x13c8  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
13:36:41.0765 0x13c8  Power - ok
13:36:41.0937 0x13c8  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:36:42.0078 0x13c8  PrintNotify - ok
13:36:42.0109 0x13c8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:36:42.0156 0x13c8  Processor - ok
13:36:42.0203 0x13c8  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:36:42.0265 0x13c8  ProfSvc - ok
13:36:42.0296 0x13c8  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
13:36:42.0328 0x13c8  Psched - ok
13:36:42.0359 0x13c8  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:36:42.0421 0x13c8  QWAVE - ok
13:36:42.0484 0x13c8  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:36:42.0515 0x13c8  QWAVEdrv - ok
13:36:42.0531 0x13c8  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:36:42.0578 0x13c8  RasAcd - ok
13:36:42.0609 0x13c8  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:36:42.0640 0x13c8  RasAuto - ok
13:36:42.0703 0x13c8  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:36:42.0765 0x13c8  RasMan - ok
13:36:42.0812 0x13c8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:36:42.0843 0x13c8  RasPppoe - ok
13:36:42.0890 0x13c8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:36:42.0968 0x13c8  rdbss - ok
13:36:43.0000 0x13c8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:36:43.0046 0x13c8  rdpbus - ok
13:36:43.0078 0x13c8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:36:43.0125 0x13c8  RDPDR - ok
13:36:43.0171 0x13c8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:36:43.0187 0x13c8  RdpVideoMiniport - ok
13:36:43.0203 0x13c8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:36:43.0218 0x13c8  rdyboost - ok
13:36:43.0296 0x13c8  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
13:36:43.0328 0x13c8  ReFS - ok
13:36:43.0375 0x13c8  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:36:43.0421 0x13c8  RemoteAccess - ok
13:36:43.0453 0x13c8  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:36:43.0515 0x13c8  RemoteRegistry - ok
13:36:43.0546 0x13c8  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
13:36:43.0562 0x13c8  RFCOMM - ok
13:36:43.0593 0x13c8  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:36:43.0625 0x13c8  RpcEptMapper - ok
13:36:43.0656 0x13c8  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:36:43.0687 0x13c8  RpcLocator - ok
13:36:43.0765 0x13c8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:36:43.0797 0x13c8  RpcSs - ok
13:36:43.0828 0x13c8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:36:43.0859 0x13c8  rspndr - ok
13:36:43.0906 0x13c8  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
13:36:43.0922 0x13c8  RSUSBVSTOR - ok
13:36:43.0937 0x13c8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:36:43.0953 0x13c8  s3cap - ok
13:36:43.0984 0x13c8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
13:36:44.0000 0x13c8  SamSs - ok
13:36:44.0047 0x13c8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:36:44.0062 0x13c8  sbp2port - ok
13:36:44.0109 0x13c8  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:36:44.0140 0x13c8  SCardSvr - ok
13:36:44.0172 0x13c8  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:36:44.0203 0x13c8  ScDeviceEnum - ok
13:36:44.0234 0x13c8  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:36:44.0250 0x13c8  scfilter - ok
13:36:44.0344 0x13c8  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:36:44.0406 0x13c8  Schedule - ok
13:36:44.0437 0x13c8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:36:44.0453 0x13c8  SCPolicySvc - ok
13:36:44.0484 0x13c8  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:36:44.0500 0x13c8  sdbus - ok
13:36:44.0547 0x13c8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:36:44.0562 0x13c8  sdstor - ok
13:36:44.0609 0x13c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
13:36:44.0625 0x13c8  secdrv - ok
13:36:44.0656 0x13c8  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:36:44.0687 0x13c8  seclogon - ok
13:36:44.0703 0x13c8  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
13:36:44.0734 0x13c8  SENS - ok
13:36:44.0781 0x13c8  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:36:44.0812 0x13c8  SensrSvc - ok
13:36:44.0859 0x13c8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:36:44.0859 0x13c8  SerCx - ok
13:36:44.0906 0x13c8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:36:44.0922 0x13c8  SerCx2 - ok
13:36:44.0937 0x13c8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:36:44.0953 0x13c8  Serenum - ok
13:36:44.0969 0x13c8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:36:44.0984 0x13c8  Serial - ok
13:36:45.0000 0x13c8  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:36:45.0016 0x13c8  sermouse - ok
13:36:45.0062 0x13c8  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:36:45.0141 0x13c8  SessionEnv - ok
13:36:45.0141 0x13c8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:36:45.0172 0x13c8  sfloppy - ok
13:36:45.0219 0x13c8  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:36:45.0250 0x13c8  SharedAccess - ok
13:36:45.0312 0x13c8  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:36:45.0391 0x13c8  ShellHWDetection - ok
13:36:45.0391 0x13c8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:36:45.0406 0x13c8  SiSRaid2 - ok
13:36:45.0437 0x13c8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:36:45.0453 0x13c8  SiSRaid4 - ok
13:36:45.0484 0x13c8  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
13:36:45.0516 0x13c8  smphost - ok
13:36:45.0563 0x13c8  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:36:45.0594 0x13c8  SNMPTRAP - ok
13:36:45.0687 0x13c8  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:36:45.0719 0x13c8  spaceport - ok
13:36:45.0734 0x13c8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:36:45.0734 0x13c8  SpbCx - ok
13:36:45.0781 0x13c8  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:36:45.0828 0x13c8  Spooler - ok
13:36:46.0031 0x13c8  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:36:46.0281 0x13c8  sppsvc - ok
13:36:46.0313 0x13c8  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:36:46.0391 0x13c8  srv - ok
13:36:46.0438 0x13c8  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:36:46.0469 0x13c8  srv2 - ok
13:36:46.0469 0x13c8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:36:46.0500 0x13c8  srvnet - ok
13:36:46.0547 0x13c8  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:36:46.0563 0x13c8  SSDPSRV - ok
13:36:46.0609 0x13c8  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:36:46.0641 0x13c8  SstpSvc - ok
13:36:46.0672 0x13c8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:36:46.0672 0x13c8  stexstor - ok
13:36:46.0750 0x13c8  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:36:46.0828 0x13c8  stisvc - ok
13:36:46.0844 0x13c8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:36:46.0859 0x13c8  storahci - ok
13:36:46.0875 0x13c8  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:36:46.0891 0x13c8  storflt - ok
13:36:46.0906 0x13c8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:36:46.0906 0x13c8  stornvme - ok
13:36:46.0938 0x13c8  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:36:46.0984 0x13c8  StorSvc - ok
13:36:47.0000 0x13c8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:36:47.0000 0x13c8  storvsc - ok
13:36:47.0047 0x13c8  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:36:47.0078 0x13c8  svsvc - ok
13:36:47.0109 0x13c8  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:36:47.0125 0x13c8  swenum - ok
13:36:47.0188 0x13c8  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
13:36:47.0234 0x13c8  swprv - ok
13:36:47.0297 0x13c8  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:36:47.0406 0x13c8  SysMain - ok
13:36:47.0438 0x13c8  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:36:47.0484 0x13c8  SystemEventsBroker - ok
13:36:47.0531 0x13c8  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:36:47.0578 0x13c8  TabletInputService - ok
13:36:47.0594 0x13c8  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:36:47.0641 0x13c8  TapiSrv - ok
13:36:47.0750 0x13c8  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:36:47.0828 0x13c8  Tcpip - ok
13:36:47.0907 0x13c8  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:36:47.0953 0x13c8  TCPIP6 - ok
13:36:48.0000 0x13c8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:36:48.0047 0x13c8  tcpipreg - ok
13:36:48.0094 0x13c8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:36:48.0125 0x13c8  tdx - ok
13:36:48.0172 0x13c8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:36:48.0188 0x13c8  terminpt - ok
13:36:48.0250 0x13c8  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
13:36:48.0282 0x13c8  TermService - ok
13:36:48.0328 0x13c8  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
13:36:48.0344 0x13c8  Themes - ok
13:36:48.0375 0x13c8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
13:36:48.0391 0x13c8  THREADORDER - ok
13:36:48.0438 0x13c8  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:36:48.0485 0x13c8  TimeBroker - ok
13:36:48.0500 0x13c8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
13:36:48.0516 0x13c8  TPM - ok
13:36:48.0547 0x13c8  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:36:48.0563 0x13c8  TrkWks - ok
13:36:48.0625 0x13c8  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:36:48.0672 0x13c8  TrustedInstaller - ok
13:36:48.0688 0x13c8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
13:36:48.0735 0x13c8  TsUsbFlt - ok
13:36:48.0766 0x13c8  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:36:48.0797 0x13c8  TsUsbGD - ok
13:36:48.0844 0x13c8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:36:48.0891 0x13c8  tunnel - ok
13:36:48.0922 0x13c8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:36:48.0938 0x13c8  uagp35 - ok
13:36:48.0969 0x13c8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:36:48.0985 0x13c8  UASPStor - ok
13:36:49.0032 0x13c8  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
13:36:49.0063 0x13c8  UCX01000 - ok
13:36:49.0078 0x13c8  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:36:49.0110 0x13c8  udfs - ok
13:36:49.0125 0x13c8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:36:49.0141 0x13c8  UEFI - ok
13:36:49.0188 0x13c8  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:36:49.0203 0x13c8  UI0Detect - ok
13:36:49.0235 0x13c8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:36:49.0235 0x13c8  uliagpkx - ok
13:36:49.0250 0x13c8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:36:49.0266 0x13c8  umbus - ok
13:36:49.0282 0x13c8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:36:49.0313 0x13c8  UmPass - ok
13:36:49.0360 0x13c8  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:36:49.0407 0x13c8  UmRdpService - ok
13:36:49.0500 0x13c8  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:36:49.0532 0x13c8  UNS - ok
13:36:49.0579 0x13c8  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:36:49.0610 0x13c8  upnphost - ok
13:36:49.0641 0x13c8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:36:49.0657 0x13c8  usbccgp - ok
13:36:49.0688 0x13c8  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:36:49.0704 0x13c8  usbcir - ok
13:36:49.0735 0x13c8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:36:49.0750 0x13c8  usbehci - ok
13:36:49.0766 0x13c8  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:36:49.0797 0x13c8  usbhub - ok
13:36:49.0829 0x13c8  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:36:49.0844 0x13c8  USBHUB3 - ok
13:36:49.0891 0x13c8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:36:49.0922 0x13c8  usbohci - ok
13:36:49.0969 0x13c8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:36:50.0001 0x13c8  usbprint - ok
13:36:50.0047 0x13c8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:36:50.0047 0x13c8  USBSTOR - ok
13:36:50.0079 0x13c8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:36:50.0110 0x13c8  usbuhci - ok
13:36:50.0126 0x13c8  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:36:50.0141 0x13c8  USBXHCI - ok
13:36:50.0157 0x13c8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:36:50.0157 0x13c8  VaultSvc - ok
13:36:50.0204 0x13c8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:36:50.0219 0x13c8  vdrvroot - ok
13:36:50.0297 0x13c8  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
13:36:50.0391 0x13c8  vds - ok
13:36:50.0407 0x13c8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:36:50.0422 0x13c8  VerifierExt - ok
13:36:50.0469 0x13c8  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:36:50.0485 0x13c8  vhdmp - ok
13:36:50.0501 0x13c8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
13:36:50.0516 0x13c8  viaide - ok
13:36:50.0547 0x13c8  [ 71B51CF0B12E216D1FA8262B3B8E7DB4, E392CE09E02519AD2E31FB42ECEEDA5D252A9F3F1F9E137AA0726784EF7DFB71 ] vm332avs        C:\WINDOWS\System32\Drivers\vm332avs.sys
13:36:50.0579 0x13c8  vm332avs - ok
13:36:50.0610 0x13c8  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:36:50.0610 0x13c8  vmbus - ok
13:36:50.0626 0x13c8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:36:50.0641 0x13c8  VMBusHID - ok
13:36:50.0688 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:36:50.0719 0x13c8  vmicguestinterface - ok
13:36:50.0735 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:36:50.0751 0x13c8  vmicheartbeat - ok
13:36:50.0766 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:36:50.0782 0x13c8  vmickvpexchange - ok
13:36:50.0797 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:36:50.0813 0x13c8  vmicrdv - ok
13:36:50.0813 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:36:50.0844 0x13c8  vmicshutdown - ok
13:36:50.0844 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:36:50.0860 0x13c8  vmictimesync - ok
13:36:50.0891 0x13c8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:36:50.0907 0x13c8  vmicvss - ok
13:36:50.0922 0x13c8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:36:50.0938 0x13c8  volmgr - ok
13:36:50.0954 0x13c8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:36:50.0969 0x13c8  volmgrx - ok
13:36:51.0001 0x13c8  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:36:51.0016 0x13c8  volsnap - ok
13:36:51.0016 0x13c8  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:36:51.0032 0x13c8  vpci - ok
13:36:51.0047 0x13c8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:36:51.0063 0x13c8  vsmraid - ok
13:36:51.0126 0x13c8  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
13:36:51.0204 0x13c8  VSS - ok
13:36:51.0235 0x13c8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:36:51.0251 0x13c8  VSTXRAID - ok
13:36:51.0313 0x13c8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:36:51.0360 0x13c8  vwifibus - ok
13:36:51.0376 0x13c8  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
13:36:51.0422 0x13c8  vwififlt - ok
13:36:51.0438 0x13c8  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
13:36:51.0469 0x13c8  vwifimp - ok
13:36:51.0516 0x13c8  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
13:36:51.0579 0x13c8  W32Time - ok
13:36:51.0610 0x13c8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:36:51.0626 0x13c8  WacomPen - ok
13:36:51.0735 0x13c8  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:36:51.0813 0x13c8  wbengine - ok
13:36:51.0829 0x13c8  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:36:51.0860 0x13c8  WbioSrvc - ok
13:36:51.0876 0x13c8  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:36:51.0891 0x13c8  Wcmsvc - ok
13:36:51.0923 0x13c8  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:36:51.0954 0x13c8  wcncsvc - ok
13:36:51.0985 0x13c8  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:36:52.0016 0x13c8  WcsPlugInService - ok
13:36:52.0032 0x13c8  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:36:52.0048 0x13c8  WdBoot - ok
13:36:52.0110 0x13c8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:36:52.0141 0x13c8  Wdf01000 - ok
13:36:52.0157 0x13c8  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:36:52.0173 0x13c8  WdFilter - ok
13:36:52.0204 0x13c8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:36:52.0251 0x13c8  WdiServiceHost - ok
13:36:52.0251 0x13c8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:36:52.0266 0x13c8  WdiSystemHost - ok
13:36:52.0298 0x13c8  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:36:52.0313 0x13c8  WdNisDrv - ok
13:36:52.0345 0x13c8  WdNisSvc - ok
13:36:52.0391 0x13c8  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:36:52.0454 0x13c8  WebClient - ok
13:36:52.0485 0x13c8  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:36:52.0516 0x13c8  Wecsvc - ok
13:36:52.0563 0x13c8  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:36:52.0563 0x13c8  WEPHOSTSVC - ok
13:36:52.0610 0x13c8  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:36:52.0704 0x13c8  wercplsupport - ok
13:36:52.0735 0x13c8  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:36:52.0766 0x13c8  WerSvc - ok
13:36:52.0813 0x13c8  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:36:52.0829 0x13c8  WFPLWFS - ok
13:36:52.0845 0x13c8  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:36:52.0876 0x13c8  WiaRpc - ok
13:36:52.0891 0x13c8  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:36:52.0907 0x13c8  WIMMount - ok
13:36:52.0907 0x13c8  WinDefend - ok
13:36:52.0970 0x13c8  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:36:53.0001 0x13c8  WinHttpAutoProxySvc - ok
13:36:53.0079 0x13c8  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:36:53.0126 0x13c8  Winmgmt - ok
13:36:53.0220 0x13c8  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:36:53.0313 0x13c8  WinRM - ok
13:36:53.0407 0x13c8  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:36:53.0485 0x13c8  WlanSvc - ok
13:36:53.0563 0x13c8  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:36:53.0626 0x13c8  wlidsvc - ok
13:36:53.0657 0x13c8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:36:53.0673 0x13c8  WmiAcpi - ok
13:36:53.0720 0x13c8  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:36:53.0751 0x13c8  wmiApSrv - ok
13:36:53.0782 0x13c8  WMPNetworkSvc - ok
13:36:53.0892 0x13c8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:36:53.0923 0x13c8  Wof - ok
13:36:54.0017 0x13c8  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:36:54.0110 0x13c8  workfolderssvc - ok
13:36:54.0142 0x13c8  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:36:54.0157 0x13c8  wpcfltr - ok
13:36:54.0189 0x13c8  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
13:36:54.0204 0x13c8  WPCSvc - ok
13:36:54.0235 0x13c8  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:36:54.0298 0x13c8  WPDBusEnum - ok
13:36:54.0329 0x13c8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:36:54.0360 0x13c8  WpdUpFltr - ok
13:36:54.0392 0x13c8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:36:54.0439 0x13c8  ws2ifsl - ok
13:36:54.0501 0x13c8  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:36:54.0532 0x13c8  wscsvc - ok
13:36:54.0548 0x13c8  WSearch - ok
13:36:54.0673 0x13c8  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
13:36:54.0798 0x13c8  WSService - ok
13:36:54.0845 0x13c8  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
13:36:54.0860 0x13c8  wsvd - ok
13:36:55.0001 0x13c8  [ E000163D322E5BD8E5165C1475A9F9B6, DE60F03B1EE91B658854B4C2FD30E5FBD26E4016EF68964FFC748AEF74A9EE7A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:36:55.0157 0x13c8  wuauserv - ok
13:36:55.0173 0x13c8  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:36:55.0220 0x13c8  WudfPf - ok
13:36:55.0267 0x13c8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:36:55.0314 0x13c8  WUDFRd - ok
13:36:55.0314 0x13c8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
13:36:55.0329 0x13c8  WUDFSensorLP - ok
13:36:55.0361 0x13c8  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:36:55.0407 0x13c8  wudfsvc - ok
13:36:55.0407 0x13c8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
13:36:55.0423 0x13c8  WUDFWpdFs - ok
13:36:55.0470 0x13c8  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:36:55.0517 0x13c8  WwanSvc - ok
13:36:55.0517 0x13c8  ================ Scan global ===============================
13:36:55.0579 0x13c8  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
13:36:55.0642 0x13c8  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
13:36:55.0689 0x13c8  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
13:36:55.0736 0x13c8  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
13:36:55.0751 0x13c8  [ Global ] - ok
13:36:55.0751 0x13c8  ================ Scan MBR ==================================
13:36:55.0751 0x13c8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:36:55.0861 0x13c8  \Device\Harddisk0\DR0 - ok
13:36:55.0861 0x13c8  ================ Scan VBR ==================================
13:36:55.0892 0x13c8  [ 27311B0BB607A7BC5350F3D34758EFD3 ] \Device\Harddisk0\DR0\Partition1
13:36:55.0908 0x13c8  \Device\Harddisk0\DR0\Partition1 - ok
13:36:55.0908 0x13c8  [ 743E9A33E046359F4BE3AD9B9296CEFE ] \Device\Harddisk0\DR0\Partition2
13:36:55.0923 0x13c8  \Device\Harddisk0\DR0\Partition2 - ok
13:36:55.0939 0x13c8  [ 69F0003DF8EA23BCB5EA7CF3464CB372 ] \Device\Harddisk0\DR0\Partition3
13:36:55.0986 0x13c8  \Device\Harddisk0\DR0\Partition3 - ok
13:36:56.0001 0x13c8  [ D5454901590D07E494FDA4B7B26C5E64 ] \Device\Harddisk0\DR0\Partition4
13:36:56.0001 0x13c8  \Device\Harddisk0\DR0\Partition4 - ok
13:36:56.0017 0x13c8  [ D4545092E99FCBB11F055D0C55C3D5D5 ] \Device\Harddisk0\DR0\Partition5
13:36:56.0017 0x13c8  \Device\Harddisk0\DR0\Partition5 - ok
13:36:56.0048 0x13c8  [ 9A96A471EAD2863D6607888D4DAF3FDA ] \Device\Harddisk0\DR0\Partition6
13:36:56.0064 0x13c8  \Device\Harddisk0\DR0\Partition6 - ok
13:36:56.0079 0x13c8  [ 6345F056552769949DD414DD0F63CA00 ] \Device\Harddisk0\DR0\Partition7
13:36:56.0079 0x13c8  \Device\Harddisk0\DR0\Partition7 - ok
13:36:56.0111 0x13c8  [ 52E01E0265E8A8761DAB4E50F9F8345B ] \Device\Harddisk0\DR0\Partition8
13:36:56.0111 0x13c8  \Device\Harddisk0\DR0\Partition8 - ok
13:36:56.0111 0x13c8  ================ Scan generic autorun ======================
13:36:56.0158 0x13c8  ETDCtrl - ok
13:36:56.0642 0x13c8  [ DF99547E3CD8C828202546ED9C4D7D25, 83013EEE760004E812CD63662843D1F3972AFBF83B4739935FC746F470FA7188 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:36:56.0923 0x13c8  Energy Management - ok
13:36:56.0954 0x13c8  [ D41309D7717CC5D62C2E0C5EB6B127B3, 50F46F762320C9B2560AA356B31EB564651F92BDA2DBCE34E3E349A65E347FAC ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:36:56.0954 0x13c8  EnergyUtility - ok
13:36:57.0095 0x13c8  [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:36:57.0142 0x13c8  NvBackend - ok
13:36:57.0189 0x13c8  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
13:36:57.0251 0x13c8  ShadowPlay - ok
13:36:57.0345 0x13c8  [ DD8C5A331E1F83510C5A788CB9AA8727, BDEDB9B9D3B0C16B217A67B9B02C9E339E133E4FE05E144DCB344D80C6786078 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
13:36:57.0376 0x13c8  cAudioFilterAgent - ok
13:36:57.0470 0x13c8  [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
13:36:57.0533 0x13c8  SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
13:37:03.0768 0x13c8  Detect skipped due to KSN trusted
13:37:03.0768 0x13c8  SmartAudio - ok
13:37:03.0799 0x13c8  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
13:37:03.0815 0x13c8  iTunesHelper - ok
13:37:03.0861 0x13c8  [ 3A5D0E1BF0D7B954FD3A8BE474FCAABA, 2B41DF59122496519C8B68518AD566F3B7F28BECD089BF15B50D3D78C7369760 ] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
13:37:03.0893 0x13c8  332BigDog - ok
13:37:03.0986 0x13c8  [ 5C80FBEE03ED1CBF108AFC029D73D857, 472508F140286868051D0AF557D11EB8FF2ACC6352C278970BB4D94F02428B6B ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
13:37:04.0002 0x13c8  Dolby Advanced Audio v2 - ok
13:37:04.0065 0x13c8  [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
13:37:04.0065 0x13c8  YouCam Mirage - ok
13:37:04.0096 0x13c8  [ 79EDDBCBFFC23585BC1495AFC03CC4D7, 325A6C067A52BAD7070C1C758EA69645FD8083AC6D0ABA8340BDBE1A712E005F ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
13:37:04.0111 0x13c8  YouCam Tray - ok
13:37:04.0205 0x13c8  [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
13:37:04.0236 0x13c8  UpdateP2GShortCut - detected UnsignedFile.Multi.Generic ( 1 )
13:37:06.0627 0x13c8  Detect skipped due to KSN trusted
13:37:06.0627 0x13c8  UpdateP2GShortCut - ok
13:37:06.0721 0x13c8  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
13:37:06.0737 0x13c8  RemoteControl10 - ok
13:37:06.0799 0x13c8  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:37:06.0815 0x13c8  Intel AppUp(SM) center - ok
13:37:06.0893 0x13c8  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:37:06.0909 0x13c8  APSDaemon - ok
13:37:06.0987 0x13c8  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:37:07.0018 0x13c8  Adobe ARM - ok
13:37:07.0065 0x13c8  [ 6EFBC82722D0F7B35283993189ECE9D0, C992072A3248C35C5C46E0CCD463C60C6376E7E17AA67BAFF8260C200DC47900 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
13:37:07.0096 0x13c8  KSS - ok
13:37:07.0143 0x13c8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
13:37:07.0190 0x13c8  WAB Migrate - ok
13:37:07.0190 0x13c8  Waiting for KSN requests completion. In queue: 11
13:37:08.0206 0x13c8  Waiting for KSN requests completion. In queue: 11
13:37:09.0221 0x13c8  Waiting for KSN requests completion. In queue: 6
13:37:10.0237 0x13c8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
13:37:10.0237 0x13c8  Win FW state via NFP2: enabled
13:37:12.0566 0x13c8  ============================================================
13:37:12.0566 0x13c8  Scan finished
13:37:12.0566 0x13c8  ============================================================
13:37:12.0581 0x08f0  Detected object count: 0
13:37:12.0581 0x08f0  Actual detected object count: 0
         
Grüße Matthias

Angehängte Dateien
Dateityp: pdf Rootkit.pdf (154,7 KB, 119x aufgerufen)

Geändert von matze1977 (22.06.2015 um 12:58 Uhr)

Alt 23.06.2015, 05:50   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Bitte mal nen Screenshot von den Updates.
__________________
--> Bundestrojaner - danach merkwürdige Updates bei Windows 8.1

Alt 23.06.2015, 06:05   #7
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo,

anbei der Screenshot
Angehängte Dateien
Dateityp: pdf Screenshot-Updates.pdf (130,4 KB, 144x aufgerufen)

Alt 23.06.2015, 12:19   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Klick bei den komischen bitte mal auf Technische Infos und davon dann nochmal nen Screenshot. Und bitte als Bild speichern, JPG, nicht als PDF
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.06.2015, 21:45   #9
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo Schrauber,

also hier die 4 Anhänge, hoffe so ist es besser.

Bin mir halt nur unsicher, da ich nun nicht wirklich so viel Ahnung von Computern habe.

Grüße Matthias
Miniaturansicht angehängter Grafiken
-1..jpg   -2..jpg   -3..jpg   -4..jpg  

Alt 24.06.2015, 10:49   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



hmm, deinstalliere die Updates einfach mal.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.06.2015, 11:06   #11
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo Schrauber,

leider kann ich diese nicht installieren. Sie stehen auch nicht unter "installierte Updates".

Diese 4 "Updates", wenn man sie überhaupt so nennen darf, finde ich nur in meinem Zuverlässigkeitsverlauf.

Hatte an dem Tag ja ein Backup aufgespielt und alle richtigen Updates "ca. 45" gingen durch und waren um 15:47 beendet.

Ab ca. 16:15 wurden dann diverse Apps, also z.B. Microsoft Bing, BingFinance etc. geupdated und zu dieser Zeit wurden auch diese 4 mit aufgespielt.

Habe ja auch kein Problem mit meinem System, war mir nur nicht wirklich sicher, ob ich mir eventuell etwas eingefangen habe.

Grüße Matthias

Geändert von matze1977 (24.06.2015 um 11:38 Uhr)

Alt 25.06.2015, 08:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Bei Google haben noch 2 andere das gleiche Problem. Ich sehe nix böses in den Logs, ich glaube enfach dass die Anzeige da spinnt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.06.2015, 08:25   #13
matze1977
 
Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Hallo Schrauber,

denke auch das dies nix wildes ist. Da Du nix gefunden hast in den Logs und mein Rechner normal läuft, denke ich es ist alles ok.

Wie gesagt war mir nur etwas unsicher.

Sollte es etwas geben, weiß ich ja jetzt wo ich schnelle und kompetente Hilfe herbekomme.

Danke Dir für Deine Hilfestellung.

Kurze Abschlußfrage: Habe ja jetzt noch die Programme von "Dir" drauf, also die ich runterladen sollte. Kann ich die gleich drauflassen, falls es irgendwann mal Probleme geben sollte oder lieber entfernen?

Grüße Matthias

Alt 25.06.2015, 19:00   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Standard

Bundestrojaner - danach merkwürdige Updates bei Windows 8.1



Nee, weil die immer wieder nen Update bekommen, entfernen wir jetzt:



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Bundestrojaner - danach merkwürdige Updates bei Windows 8.1
ahnung, backup, bereich, betriebssystem, bundestrojaner, eingefangen, firefox, freitag, gen, gespeichert, gesperrt, meldung, merkwürdige, nichts, plötzlich, programm, rechner, richtig, sicherheit, system, trojaner, updates, windows, wirklich, überhaupt



Ähnliche Themen: Bundestrojaner - danach merkwürdige Updates bei Windows 8.1


  1. Windows 7 Home Premium: Merkwürdige Scans und Windows Fehlerbehebung
    Log-Analyse und Auswertung - 14.01.2015 (11)
  2. Windows XP: Email Zip Attachment und danach Dateien verschlüsselt
    Log-Analyse und Auswertung - 05.10.2014 (9)
  3. WIndows 7 64bit, installiert automatisch USB Treiber, danach geht nichts mehr !
    Alles rund um Windows - 29.09.2014 (8)
  4. Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)
    Log-Analyse und Auswertung - 31.03.2014 (15)
  5. Nach starten von windows xp kommt kurz der desktop danach weis?
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (34)
  6. Malware löscht alle Dateien und danach Windows
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (5)
  7. Windows friert nach Start für eine Weile ein, danach alles normal
    Log-Analyse und Auswertung - 09.05.2013 (3)
  8. Windows hat sich kurz aufgehangen und danach kam ein Piep Ton
    Alles rund um Windows - 02.02.2013 (7)
  9. Windows Sicherheitscenter Dienst und merkwürdige Redirects
    Log-Analyse und Auswertung - 18.12.2012 (9)
  10. Merkwürdige Stimme via Hostprozess für Windows-Dienste
    Plagegeister aller Art und deren Bekämpfung - 05.11.2012 (3)
  11. Windows Recovery - Probleme danach
    Plagegeister aller Art und deren Bekämpfung - 31.05.2011 (14)
  12. Trojaner TR/Dldr.Peltpox.A' [trojan], danach Windows Recovery
    Plagegeister aller Art und deren Bekämpfung - 23.05.2011 (3)
  13. Virus : Windows Installation danach Blue Screen
    Log-Analyse und Auswertung - 21.05.2011 (17)
  14. Windows Recovery entfernt - Probleme DANACH
    Log-Analyse und Auswertung - 29.04.2011 (9)
  15. Google verlinkt auf merkwürdige Seiten, System langsam, Windows führt keine Updates aus
    Log-Analyse und Auswertung - 04.11.2010 (8)
  16. Windows Updates Funktionieren nicht und andere Updates.
    Log-Analyse und Auswertung - 10.04.2009 (21)
  17. Windows Sicherheitsupdate erstellt merkwürdige Ordner
    Plagegeister aller Art und deren Bekämpfung - 09.01.2007 (18)

Zum Thema Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 - Hallo, ich bin mir jetzt sehr unsicher, nachdem ich mir am Freitag anscheinend einen Trojaner eingefangen habe. Ich hoffe auch, das ich in diesem Bereich des Forums richtig bin. Am - Bundestrojaner - danach merkwürdige Updates bei Windows 8.1...
Archiv
Du betrachtest: Bundestrojaner - danach merkwürdige Updates bei Windows 8.1 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.