Hi,
Ich habe mir den V9 virus eingefangen und kenne mich nicht gut mit pcs aus.
wenn ich nen browser öffne dann steht da nur v9.com statt google oder so.
und mein pc ist auch sehr langsam geworden.

hoffe ihr könnt mir helfen.

mfg,

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:

• Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
• Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
• Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
• Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
• Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
• Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort

• die Logdatei von TDSS-Killer,
• die beiden neuen Logdateien von FRST.

ok hier das frst logfile:

Code: Alles auswählenAufklappen

ATTFilter

 Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2015
durchgeführt von Karp (Administrator) auf BENUTZER-PC (14-08-2015 21:08:48)
Gestartet von C:\Users\Karp\Desktop
Geladene Profile: Karp (Verfügbare Profile: Karp)
Platform: Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\Comodo\COMODO Internet Security\cistray.exe [1361088 2015-08-10] (COMODO)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\RunOnce: [AddVizzedIeTrustedSite] => C:\Program Files\Vizzed\Vizzed Retro Game Room\VizzedRgrUtil.exe [61440 2015-02-19] (Vizzed.com)
HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
AppInit_DLLs: c:\progra~1\movies~1\datamngr\mgrldr.dll => c:\progra~1\movies~1\datamngr\mgrldr.dll Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ACHTUNG
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://internet%20explorer/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=488&systemid=406&v=a10781-139&apn_uid=4862200831154289&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=135&systemid=431&v=u9397-139&apn_uid=4862200831154289&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> DefaultScope {66C0DB7F-4EA2-42C6-8CE5-4BB8958A3A5E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {66C0DB7F-4EA2-42C6-8CE5-4BB8958A3A5E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = 
BHO: Webexp Enhanced -> {3c4a3412-4561-485c-b517-d8c4ef287b82} -> C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha8261\ie\WebexpEnhancedV1alpha8261.dll Keine Datei
BHO: Kein Name -> {3d86a75b-cb6b-4764-885d-ca6336f04ba2} ->  Keine Datei
BHO: Media Player -> {69c7805c-aa2b-432a-b96c-f5e8c4c9cbb9} -> C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha4838\ie\MediaPlayerV1alpha4838.dll Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Video Player -> {8141f558-010e-4814-a392-2d87f572ffe1} -> C:\Program Files\VideoPlayerV3\VideoPlayerV3beta584\ie\VideoPlayerV3beta584.dll Keine Datei
BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll Keine Datei
BHO: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll [2014-01-27] (Conduit Ltd.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll Keine Datei
Toolbar: HKLM - Kein Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} -  Keine Datei
Toolbar: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in  Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4113CB53-AC85-4F02-AE19-75BD079F4D79}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387642054&from=amt&uid=SAMSUNGXHD161HJ_S0V3J90QA23363

FireFox:
========
FF ProfilePath: C:\Users\Karp\AppData\Roaming\Mozilla\Firefox\Profiles\r3g1qp90.default-1402928437602
FF Homepage: www.google.com
FF Plugin: @vizzed.com/VizzedRGR -> C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll [2015-02-19] (Vizzed.com)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-02-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\nationzoom.xml [2013-12-21]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-18]
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha8261.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha8261\ff
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta584.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta584\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha4838.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha4838\ff

Chrome: 
=======
CHR Profile: C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Extended Protection) - C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2013-12-21]
CHR Extension: (Lightning Newtab) - C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-06]
CHR Extension: (VideoDownloadConverter) - C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkmljihjgjdghdhggolmhbjekicljfci [2014-02-26]
CHR Extension: (Value apps) - C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2014-02-27]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Karp\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-21]
CHR HKLM\...\Chrome\Extension: [jhkeeajapedhapdpkoomkgfcnhokeacb] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta584\ch\VideoPlayerV3beta584.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

BFE" service konnte nicht entsperrt werden. <===== ACHTUNG

U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-08-10] (COMODO)
U3 cmdvirth; C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-10] (COMODO)
U3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [235696 2015-08-01] (McAfee, Inc.)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2013-12-21] () [Datei ist nicht signiert]
U2 NewPlayerUpdaterService; "C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-05] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [626776 2015-08-05] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
U5 BFE;  <===== ACHTUNG: Gesperrter Dienst
U3 catchme; \??\C:\Users\Karp\AppData\Local\Temp\catchme.sys [X]
U3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-14 21:03 - 2015-08-14 21:03 - 00000003 _____ C:\Users\Karp\Desktop\2
2015-08-14 21:02 - 2015-08-14 21:03 - 00028270 _____ C:\Users\Karp\Desktop\Addition.txt
2015-08-14 21:01 - 2015-08-14 21:08 - 00013922 _____ C:\Users\Karp\Desktop\FRST.txt
2015-08-14 20:57 - 2015-08-14 20:58 - 01678336 _____ (Farbar) C:\Users\Karp\Desktop\FRST.exe
2015-08-14 20:55 - 2015-08-14 20:56 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Karp\Desktop\tdsskiller.exe
2015-08-14 18:45 - 2015-08-14 18:45 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-14 18:45 - 2015-08-14 18:45 - 00001109 _____ C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-08-13 16:45 - 2015-08-13 16:45 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-13 16:36 - 2015-08-13 14:15 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-13 16:36 - 2015-08-13 14:15 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-13 16:36 - 2015-08-13 14:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-13 16:36 - 2015-08-13 14:11 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 16:36 - 2015-08-13 14:11 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-13 16:36 - 2015-08-13 14:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-13 16:35 - 2015-08-13 14:15 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-13 16:35 - 2015-08-13 14:14 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 16:35 - 2015-08-13 14:14 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-13 16:35 - 2015-08-13 14:11 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 16:35 - 2015-08-13 14:11 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-13 16:34 - 2015-08-13 14:13 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-13 16:34 - 2015-08-13 14:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 16:34 - 2015-08-13 14:13 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-13 14:34 - 2015-08-13 14:34 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-13 14:34 - 2015-08-13 14:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-13 14:34 - 2015-08-13 14:34 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 19870208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-13 14:33 - 2015-08-13 14:33 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-13 14:33 - 2015-08-13 14:33 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-13 14:33 - 2015-08-13 14:33 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-13 14:33 - 2015-08-13 14:33 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-13 14:33 - 2015-08-13 14:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-13 14:33 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-13 14:33 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-13 14:14 - 2015-08-13 14:14 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 14:14 - 2015-08-13 14:14 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 14:11 - 2015-08-13 14:11 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-13 14:11 - 2015-08-13 14:11 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-13 14:05 - 2015-08-13 14:05 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 14:05 - 2015-08-13 14:05 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 14:05 - 2015-08-13 14:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 14:05 - 2015-08-13 14:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-13 14:05 - 2015-08-13 14:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-13 12:54 - 2015-08-14 18:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-01 18:47 - 2015-08-01 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-01 18:47 - 2015-08-01 18:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-16 19:47 - 2015-07-16 19:47 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 19:47 - 2015-07-16 19:47 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 19:46 - 2015-07-16 19:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 19:46 - 2015-07-16 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 19:46 - 2015-07-16 19:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-16 19:45 - 2015-07-16 19:45 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-14 21:07 - 2012-08-08 18:37 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-08-14 20:59 - 2012-08-09 17:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-14 20:57 - 2014-12-14 21:45 - 00081438 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-14 19:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-14 19:31 - 2011-03-31 13:39 - 01257690 _____ C:\Windows\WindowsUpdate.log
2015-08-14 18:45 - 2012-08-08 10:08 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-14 18:45 - 2012-08-08 10:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 18:18 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-14 17:37 - 2009-07-14 06:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-14 17:37 - 2009-07-14 06:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-14 17:29 - 2013-12-21 18:07 - 00000352 _____ C:\Windows\Tasks\AmiUpdXp.job
2015-08-14 17:28 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-14 17:28 - 2009-07-14 06:39 - 00097822 _____ C:\Windows\setupact.log
2015-08-14 17:28 - 2009-07-14 06:33 - 00409016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 16:54 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2015-08-13 16:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-13 15:03 - 2013-08-22 19:50 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 14:45 - 2010-02-09 22:01 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-13 14:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-08-13 14:20 - 2014-06-27 13:03 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-13 14:20 - 2011-03-31 13:42 - 00000000 ____D C:\Users\Karp
2015-08-13 14:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-08-13 13:06 - 2011-03-31 14:33 - 00198934 _____ C:\Windows\PFRO.log
2015-08-10 17:49 - 2012-08-08 18:35 - 00002284 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-08-10 17:49 - 2012-08-08 18:35 - 00002284 _____ C:\ProgramData\Desktop\COMODO Internet Security.lnk
2015-08-05 02:31 - 2012-03-11 21:13 - 00626776 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys
2015-08-05 02:31 - 2012-03-11 21:13 - 00041736 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-05 02:31 - 2012-03-11 21:13 - 00017064 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-05 02:31 - 2012-02-03 19:27 - 00091176 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-05 02:29 - 2012-03-11 21:13 - 00445472 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-08-05 02:29 - 2012-03-11 21:13 - 00033496 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-05 02:27 - 2014-05-17 20:58 - 00288448 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-08-05 02:26 - 2014-05-17 20:58 - 00040640 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-07-20 12:11 - 2012-08-09 17:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-20 12:11 - 2012-08-09 17:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-14 19:08 - 2014-04-14 23:08 - 10137600 _____ () C:\Program Files\GUT7657.tmp
2012-08-29 17:58 - 2012-08-29 17:58 - 0007606 _____ () C:\Users\Karp\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Karp\AppData\Local\temp\APNSetup.exe
C:\Users\Karp\AppData\Local\temp\BackupSetup.exe
C:\Users\Karp\AppData\Local\temp\bstrapInstall.exe
C:\Users\Karp\AppData\Local\temp\BundleSweetIMSetup.exe
C:\Users\Karp\AppData\Local\temp\Delta.exe
C:\Users\Karp\AppData\Local\temp\DeltaTB.exe
C:\Users\Karp\AppData\Local\temp\dlLogic.exe
C:\Users\Karp\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Karp\AppData\Local\temp\EnableExtDll.dll
C:\Users\Karp\AppData\Local\temp\GoogleToolbarStandaloneSetup_7_5_4501_1952.exe
C:\Users\Karp\AppData\Local\temp\IEHistory.exe
C:\Users\Karp\AppData\Local\temp\InstalledPrograms.exe
C:\Users\Karp\AppData\Local\temp\install_flashplayer13x32au_gtba_chra_dy_aaa_aih.exe
C:\Users\Karp\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Karp\AppData\Local\temp\jre-8u31-windows-au.exe
C:\Users\Karp\AppData\Local\temp\mMamStub.exe
C:\Users\Karp\AppData\Local\temp\MybabylonTB.exe
C:\Users\Karp\AppData\Local\temp\nsaC84.exe
C:\Users\Karp\AppData\Local\temp\nsbA703.exe
C:\Users\Karp\AppData\Local\temp\nscA31E.exe
C:\Users\Karp\AppData\Local\temp\nsfB7C1.exe
C:\Users\Karp\AppData\Local\temp\nsgB250.exe
C:\Users\Karp\AppData\Local\temp\nshCC9D.exe
C:\Users\Karp\AppData\Local\temp\nskDF1D.exe
C:\Users\Karp\AppData\Local\temp\nsm31D.exe
C:\Users\Karp\AppData\Local\temp\nsm543E.exe
C:\Users\Karp\AppData\Local\temp\nso2764.exe
C:\Users\Karp\AppData\Local\temp\nsoFA14.exe
C:\Users\Karp\AppData\Local\temp\nstACE0.exe
C:\Users\Karp\AppData\Local\temp\nsvF9AB.exe
C:\Users\Karp\AppData\Local\temp\nswAE79.exe
C:\Users\Karp\AppData\Local\temp\propsys.dll
C:\Users\Karp\AppData\Local\temp\SDShelEx-win32.dll
C:\Users\Karp\AppData\Local\temp\SHSetup.exe
C:\Users\Karp\AppData\Local\temp\UNINSTALL.EXE
C:\Users\Karp\AppData\Local\temp\WSSetup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-09 18:18

==================== Ende vom raportu ============================
         

und hier das addition logfile:

Code: Alles auswählenAufklappen

ATTFilter

 Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:14-08-2015
durchgeführt von Karp (2015-08-14 21:09:37)
Gestartet von C:\Users\Karp\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1641629647-2017363209-3092020712-500 - Administrator - Disabled)
Gast (S-1-5-21-1641629647-2017363209-3092020712-501 - Limited - Disabled)
Karp (S-1-5-21-1641629647-2017363209-3092020712-1000 - Administrator - Enabled) => C:\Users\Karp

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)


==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 28.0.1500.72 - Google Inc.)
Google Update Helper (Version: 1.3.21.153 - Google Inc.) Hidden
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{FE19B8A3-C79D-4A90-8F7C-1B206DB00CFC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IsoBuster 3.0 (HKLM\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Media Player (HKLM\...\MediaPlayerV1alpha4838) (Version: 1.1 - Media Player) <==== ACHTUNG
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 21.0 (x86 de) (HKLM\...\Mozilla Firefox 21.0 (x86 de)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
Project 64 version 2.1.0.1 (HKLM\...\Project 64_is1) (Version: 2.1.0.1 - )
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Vizzed Retro Game Room (HKLM\...\{931A0F84-1054-48F4-886E-1245C2D58F5B}) (Version: 2.12.0 - Vizzed)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

Wiederherstellungspunkte konnten nicht aufgelistet werden
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2015-08-01 18:48 - 00000057 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {11845D08-E0AA-45FD-A5CD-2871BB9C8151} - System32\Tasks\{17DC174E-8B2D-4493-933B-9DC3667F1F25} => pcalua.exe -a C:\ProgramData\WPM\wprotectmanager.exe -c -uninstall
Task: {1F642184-124C-4FEF-A469-018B7C09C239} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-10] (COMODO)
Task: {4FC91E7E-9C42-4836-9238-95128BA47866} - System32\Tasks\{AA88900B-4495-47E4-BAC5-7C352B6F9B93} => pcalua.exe -a C:\Users\Karp\Downloads\Setup.exe -d C:\Users\Karp\Downloads
Task: {733F151D-32B1-41B0-ABC5-4BB22DDFB0AE} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-10] (COMODO)
Task: {73EB8173-7E7E-429E-9503-20ECBC86E8A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {BD6116D5-87A4-4EE9-8F4F-0463D2FEBBDC} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-10] (COMODO)
Task: {F396686B-2693-4333-8F98-1C3C90169564} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-10] (COMODO)
Task: {F9A8326D-9AE8-4E02-A142-A0879FAC21F7} - System32\Tasks\AmiUpdXp => C:\Users\Karp\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: {F9CA095E-37B3-488E-B564-3A627A3DD320} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-10] (COMODO)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Karp\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7fe73291ebf1.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RDReminder.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job => C:\Program Files\Ask.com\UpdateTask.exeAsk.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-19 18:59 - 2015-01-09 00:02 - 00061152 _____ () C:\Program Files\Comodo\COMODO Internet Security\scanners\smart.cav
2015-08-14 18:45 - 2013-05-12 00:26 - 03128728 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-07-20 12:11 - 2015-07-20 12:11 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:04BC9A2C
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2F141B68
AlternateDataStreams: C:\ProgramData\TEMP:72A1B66A
AlternateDataStreams: C:\ProgramData\TEMP:7CB2D3F8
AlternateDataStreams: C:\Users\Karp\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Karp\Desktop\FRST.exe:$CmdZnID
AlternateDataStreams: C:\Users\Karp\Desktop\tdsskiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Karp\Desktop\tdsskiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Karp\Downloads\ReimageRepair.exe:$CmdTcID
AlternateDataStreams: C:\Users\Karp\Downloads\ReimageRepair.exe:$CmdZnID
AlternateDataStreams: C:\Users\Karp\Downloads\VizzedRgrPlugin-2.12.msi:$CmdTcID
AlternateDataStreams: C:\Users\Karp\Downloads\VizzedRgrPlugin-2.12.msi:$CmdZnID

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\...\vizzed.com -> www.vizzed.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1641629647-2017363209-3092020712-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Karp\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Dienst läuft nicht.
MpsSvc Firewall Dienst läuft nicht.
bfe Firewall Dienst läuft nicht.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: vToolbarUpdater15.3.0 => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0BFB0771-9FF0-4D02-9B65-80D3B236F90A}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{EB6BD719-5609-4573-BBB4-839D0601157D}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{8EF4FF34-DFEF-4241-B61C-3E20AD4CDA2D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{18414D14-2AD5-4CDA-AB89-83751110FE04}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{717CFF49-EC6E-4837-AC3B-E25A2BE8606D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81E7E932-4240-4279-94B0-3ABD2312375B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Der Dienst der Ereignisanzeige konnte nicht gestartet werden, Einträge konnten nicht gelesen werden.

Systemfehler 123 aufgetreten.

Die Syntax f�r den Dateinamen, Verzeichnisnamen oder die Datentr�gerbezeichnung ist falsch.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 1015.31 MB
Verfügbarer physikalischer RAM: 194.69 MB
Summe virtueller Speicher: 2039.31 MB
Verfügbarer virtueller Speicher: 809.55 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:112.92 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 9D459D45)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Ende vom raportu ============================
         

ich habe frst ausgeführt aber die logfiles wurden in keinem verzeichniss gespeichert.
ausser im editor,der 2 mal abgekackt ist


tdskiller kommt gleich.....

hier das tdss killer logfile:

Code: Alles auswählenAufklappen

ATTFilter

  21:19:41.0078 0x0070  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:19:44.0441 0x0070  ============================================================
21:19:44.0441 0x0070  Current date / time: 2015/08/14 21:19:44.0441
21:19:44.0441 0x0070  SystemInfo:
21:19:44.0441 0x0070  
21:19:44.0442 0x0070  OS Version: 6.1.7601 ServicePack: 1.0
21:19:44.0442 0x0070  Product type: Workstation
21:19:44.0442 0x0070  ComputerName: BENUTZER-PC
21:19:44.0443 0x0070  UserName: Karp
21:19:44.0443 0x0070  Windows directory: C:\Windows
21:19:44.0443 0x0070  System windows directory: C:\Windows
21:19:44.0443 0x0070  Processor architecture: Intel x86
21:19:44.0443 0x0070  Number of processors: 2
21:19:44.0443 0x0070  Page size: 0x1000
21:19:44.0443 0x0070  Boot type: Normal boot
21:19:44.0443 0x0070  ============================================================
21:19:46.0314 0x0070  KLMD registered as C:\Windows\system32\drivers\91561263.sys
21:19:46.0988 0x0070  System UUID: {F5915070-879E-0CBF-FFF7-79F6614B4A0E}
21:19:48.0548 0x0070  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:19:48.0551 0x0070  ============================================================
21:19:48.0551 0x0070  \Device\Harddisk0\DR0:
21:19:48.0551 0x0070  MBR partitions:
21:19:48.0551 0x0070  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:19:48.0551 0x0070  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
21:19:48.0551 0x0070  ============================================================
21:19:48.0583 0x0070  C: <-> \Device\Harddisk0\DR0\Partition2
21:19:48.0583 0x0070  ============================================================
21:19:48.0583 0x0070  Initialize success
21:19:48.0583 0x0070  ============================================================
21:21:09.0150 0x0d98  ============================================================
21:21:09.0150 0x0d98  Scan started
21:21:09.0150 0x0d98  Mode: Manual; SigCheck; TDLFS; 
21:21:09.0150 0x0d98  ============================================================
21:21:09.0150 0x0d98  KSN ping started
21:21:11.0623 0x0d98  KSN ping finished: true
21:21:12.0125 0x0d98  ================ Scan system memory ========================
21:21:12.0125 0x0d98  System memory - ok
21:21:12.0125 0x0d98  ================ Scan services =============================
21:21:12.0317 0x0d98  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:21:12.0483 0x0d98  1394ohci - ok
21:21:12.0615 0x0d98  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:21:12.0646 0x0d98  ACPI - ok
21:21:12.0675 0x0d98  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:21:12.0752 0x0d98  AcpiPmi - ok
21:21:12.0831 0x0d98  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:12.0858 0x0d98  AdobeFlashPlayerUpdateSvc - ok
21:21:12.0947 0x0d98  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:21:12.0982 0x0d98  adp94xx - ok
21:21:13.0000 0x0d98  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:21:13.0032 0x0d98  adpahci - ok
21:21:13.0047 0x0d98  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:21:13.0073 0x0d98  adpu320 - ok
21:21:13.0104 0x0d98  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:21:13.0165 0x0d98  AeLookupSvc - ok
21:21:13.0212 0x0d98  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
21:21:13.0282 0x0d98  AFD - ok
21:21:13.0318 0x0d98  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:21:13.0340 0x0d98  agp440 - ok
21:21:13.0374 0x0d98  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:21:13.0397 0x0d98  aic78xx - ok
21:21:13.0436 0x0d98  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:21:13.0496 0x0d98  ALG - ok
21:21:13.0528 0x0d98  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:21:13.0550 0x0d98  aliide - ok
21:21:13.0583 0x0d98  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:21:13.0604 0x0d98  amdagp - ok
21:21:13.0625 0x0d98  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:21:13.0646 0x0d98  amdide - ok
21:21:13.0687 0x0d98  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:21:13.0721 0x0d98  AmdK8 - ok
21:21:13.0741 0x0d98  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:21:13.0779 0x0d98  AmdPPM - ok
21:21:13.0802 0x0d98  [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:21:13.0826 0x0d98  amdsata - ok
21:21:13.0852 0x0d98  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:21:13.0878 0x0d98  amdsbs - ok
21:21:13.0897 0x0d98  [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:21:13.0921 0x0d98  amdxata - ok
21:21:13.0960 0x0d98  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
21:21:13.0999 0x0d98  AppID - ok
21:21:14.0029 0x0d98  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:21:14.0054 0x0d98  AppIDSvc - ok
21:21:14.0093 0x0d98  [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo         C:\Windows\System32\appinfo.dll
21:21:14.0138 0x0d98  Appinfo - ok
21:21:14.0178 0x0d98  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:21:14.0237 0x0d98  AppMgmt - ok
21:21:14.0276 0x0d98  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:21:14.0299 0x0d98  arc - ok
21:21:14.0323 0x0d98  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:21:14.0345 0x0d98  arcsas - ok
21:21:14.0379 0x0d98  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:14.0472 0x0d98  AsyncMac - ok
21:21:14.0501 0x0d98  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:21:14.0523 0x0d98  atapi - ok
21:21:14.0584 0x0d98  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:21:14.0624 0x0d98  AudioEndpointBuilder - ok
21:21:14.0643 0x0d98  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:21:14.0683 0x0d98  Audiosrv - ok
21:21:14.0723 0x0d98  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:21:14.0802 0x0d98  AxInstSV - ok
21:21:14.0851 0x0d98  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:21:14.0924 0x0d98  b06bdrv - ok
21:21:14.0969 0x0d98  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:21:15.0015 0x0d98  b57nd60x - ok
21:21:15.0070 0x0d98  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:21:15.0104 0x0d98  BDESVC - ok
21:21:15.0121 0x0d98  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:21:15.0182 0x0d98  Beep - ok
21:21:15.0252 0x0d98  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:21:15.0320 0x0d98  BFE - ok
21:21:15.0369 0x0d98  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
21:21:15.0502 0x0d98  BITS - ok
21:21:15.0526 0x0d98  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:21:15.0567 0x0d98  blbdrive - ok
21:21:15.0616 0x0d98  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:21:15.0679 0x0d98  bowser - ok
21:21:15.0710 0x0d98  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:21:15.0773 0x0d98  BrFiltLo - ok
21:21:15.0791 0x0d98  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:21:15.0829 0x0d98  BrFiltUp - ok
21:21:15.0860 0x0d98  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:21:15.0921 0x0d98  BridgeMP - ok
21:21:15.0956 0x0d98  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:21:16.0015 0x0d98  Browser - ok
21:21:16.0052 0x0d98  [ 08C7E41FF10F56E83B4F10B5E8B1E8B6, AF75E3EDFECC145B8389E4AA6EB8A7456CD60B4462BED7EE7C2C70C534697A9F ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
21:21:16.0122 0x0d98  BrSerIb - ok
21:21:16.0148 0x0d98  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:21:16.0201 0x0d98  Brserid - ok
21:21:16.0225 0x0d98  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:21:16.0269 0x0d98  BrSerWdm - ok
21:21:16.0293 0x0d98  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:21:16.0336 0x0d98  BrUsbMdm - ok
21:21:16.0364 0x0d98  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:21:16.0388 0x0d98  BrUsbSer - ok
21:21:16.0433 0x0d98  [ 2132A117160F2A96A13C044AE9BCED91, 97ADC66B6FEFA369237E989027C57A0DF28DE031DD2E885325DDB2F54F17745A ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
21:21:16.0472 0x0d98  BrUsbSIb - ok
21:21:16.0499 0x0d98  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:21:16.0528 0x0d98  BTHMODEM - ok
21:21:16.0572 0x0d98  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:21:16.0624 0x0d98  bthserv - ok
21:21:16.0730 0x0d98  catchme - ok
21:21:16.0761 0x0d98  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:21:16.0833 0x0d98  cdfs - ok
21:21:16.0893 0x0d98  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:21:16.0941 0x0d98  cdrom - ok
21:21:16.0983 0x0d98  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:21:17.0037 0x0d98  CertPropSvc - ok
21:21:17.0074 0x0d98  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:21:17.0101 0x0d98  circlass - ok
21:21:17.0147 0x0d98  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
21:21:17.0179 0x0d98  CLFS - ok
21:21:17.0254 0x0d98  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:17.0279 0x0d98  clr_optimization_v2.0.50727_32 - ok
21:21:17.0353 0x0d98  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:21:17.0377 0x0d98  clr_optimization_v4.0.30319_32 - ok
21:21:17.0396 0x0d98  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:17.0432 0x0d98  CmBatt - ok
21:21:17.0696 0x0d98  [ B5E4B93A273635C177A8E94F95BB51AD, 5B0CAC7C47D963A60FA96C1C00A73673142F28EB51AE74716C759216A0755E78 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
21:21:17.0899 0x0d98  cmdAgent - ok
21:21:17.0950 0x0d98  [ 5976375EB1C44B6B1D9723597D8E8830, B00DB7A4DF7F9B570B1587D959B0DFCBFA4724D9CC5A268F7C213A572D69E2BB ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
21:21:17.0969 0x0d98  cmderd - ok
21:21:18.0020 0x0d98  [ 48BE7107E2FD2424236F7007E8321401, 63D6A0B360DDD3C050DB57733B17A09728CAAF8395B2BC40B565C9BD9613CE71 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
21:21:18.0059 0x0d98  cmdGuard - ok
21:21:18.0083 0x0d98  [ 19B64DE22CC9E76F16583E6A1613E89B, 3BEEB477B590B8D0EB9470D60E020F9B8F17A8FC04DE13912E6EB9B75FC82038 ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
21:21:18.0103 0x0d98  cmdHlp - ok
21:21:18.0133 0x0d98  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:21:18.0157 0x0d98  cmdide - ok
21:21:18.0256 0x0d98  [ 30405046646F209675ACF0193B76D8E0, 34E8D0D91617F8476B18F57053EC1AC0214482686B4C69334CEF4D689D9309C8 ] cmdvirth        C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe
21:21:18.0329 0x0d98  cmdvirth - ok
21:21:18.0417 0x0d98  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
21:21:18.0457 0x0d98  CNG - ok
21:21:18.0499 0x0d98  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:21:18.0520 0x0d98  Compbatt - ok
21:21:18.0554 0x0d98  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:21:18.0599 0x0d98  CompositeBus - ok
21:21:18.0618 0x0d98  COMSysApp - ok
21:21:18.0637 0x0d98  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:21:18.0663 0x0d98  crcdisk - ok
21:21:18.0697 0x0d98  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:21:18.0742 0x0d98  CryptSvc - ok
21:21:18.0790 0x0d98  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
21:21:18.0857 0x0d98  CSC - ok
21:21:18.0898 0x0d98  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
21:21:18.0956 0x0d98  CscService - ok
21:21:19.0000 0x0d98  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:21:19.0051 0x0d98  DcomLaunch - ok
21:21:19.0089 0x0d98  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:21:19.0138 0x0d98  defragsvc - ok
21:21:19.0185 0x0d98  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:21:19.0239 0x0d98  DfsC - ok
21:21:19.0300 0x0d98  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:21:19.0365 0x0d98  Dhcp - ok
21:21:19.0406 0x0d98  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:21:19.0445 0x0d98  discache - ok
21:21:19.0479 0x0d98  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:21:19.0501 0x0d98  Disk - ok
21:21:19.0533 0x0d98  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:21:19.0592 0x0d98  Dnscache - ok
21:21:19.0631 0x0d98  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:21:19.0693 0x0d98  dot3svc - ok
21:21:19.0728 0x0d98  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:21:19.0793 0x0d98  DPS - ok
21:21:19.0841 0x0d98  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:21:19.0897 0x0d98  drmkaud - ok
21:21:19.0949 0x0d98  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:21:19.0993 0x0d98  DXGKrnl - ok
21:21:20.0040 0x0d98  [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:21:20.0085 0x0d98  E1G60 - ok
21:21:20.0117 0x0d98  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:21:20.0176 0x0d98  EapHost - ok
21:21:20.0318 0x0d98  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:21:20.0471 0x0d98  ebdrv - ok
21:21:20.0513 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] EFS             C:\Windows\System32\lsass.exe
21:21:20.0577 0x0d98  EFS - ok
21:21:20.0655 0x0d98  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:21:20.0735 0x0d98  ehRecvr - ok
21:21:20.0763 0x0d98  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:21:20.0820 0x0d98  ehSched - ok
21:21:20.0872 0x0d98  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:21:20.0906 0x0d98  elxstor - ok
21:21:20.0938 0x0d98  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:21:20.0973 0x0d98  ErrDev - ok
21:21:21.0032 0x0d98  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:21:21.0094 0x0d98  EventSystem - ok
21:21:21.0127 0x0d98  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:21:21.0198 0x0d98  exfat - ok
21:21:21.0222 0x0d98  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:21:21.0280 0x0d98  fastfat - ok
21:21:21.0340 0x0d98  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:21:21.0416 0x0d98  Fax - ok
21:21:21.0444 0x0d98  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:21:21.0487 0x0d98  fdc - ok
21:21:21.0521 0x0d98  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:21:21.0579 0x0d98  fdPHost - ok
21:21:21.0607 0x0d98  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:21:21.0676 0x0d98  FDResPub - ok
21:21:21.0701 0x0d98  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:21:21.0725 0x0d98  FileInfo - ok
21:21:21.0742 0x0d98  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:21:21.0780 0x0d98  Filetrace - ok
21:21:21.0798 0x0d98  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:21.0841 0x0d98  flpydisk - ok
21:21:21.0880 0x0d98  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:21:21.0908 0x0d98  FltMgr - ok
21:21:21.0991 0x0d98  [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache       C:\Windows\system32\FntCache.dll
21:21:22.0066 0x0d98  FontCache - ok
21:21:22.0133 0x0d98  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:21:22.0152 0x0d98  FontCache3.0.0.0 - ok
21:21:22.0170 0x0d98  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:21:22.0196 0x0d98  FsDepends - ok
21:21:22.0223 0x0d98  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:21:22.0245 0x0d98  Fs_Rec - ok
21:21:22.0302 0x0d98  [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:21:22.0332 0x0d98  fvevol - ok
21:21:22.0372 0x0d98  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:21:22.0394 0x0d98  gagp30kx - ok
21:21:22.0450 0x0d98  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:21:22.0525 0x0d98  gpsvc - ok
21:21:22.0615 0x0d98  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:21:22.0636 0x0d98  gupdate - ok
21:21:22.0658 0x0d98  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:21:22.0677 0x0d98  gupdatem - ok
21:21:22.0698 0x0d98  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:21:22.0740 0x0d98  hcw85cir - ok
21:21:22.0806 0x0d98  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:21:22.0840 0x0d98  HdAudAddService - ok
21:21:22.0875 0x0d98  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:21:22.0922 0x0d98  HDAudBus - ok
21:21:22.0932 0x0d98  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:21:22.0969 0x0d98  HidBatt - ok
21:21:23.0004 0x0d98  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:21:23.0046 0x0d98  HidBth - ok
21:21:23.0071 0x0d98  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:21:23.0097 0x0d98  HidIr - ok
21:21:23.0131 0x0d98  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
21:21:23.0185 0x0d98  hidserv - ok
21:21:23.0225 0x0d98  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:21:23.0281 0x0d98  HidUsb - ok
21:21:23.0315 0x0d98  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:21:23.0369 0x0d98  hkmsvc - ok
21:21:23.0415 0x0d98  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:21:23.0486 0x0d98  HomeGroupListener - ok
21:21:23.0529 0x0d98  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:21:23.0560 0x0d98  HomeGroupProvider - ok
21:21:23.0594 0x0d98  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:21:23.0617 0x0d98  HpSAMD - ok
21:21:23.0672 0x0d98  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:21:23.0748 0x0d98  HTTP - ok
21:21:23.0774 0x0d98  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:21:23.0795 0x0d98  hwpolicy - ok
21:21:23.0837 0x0d98  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:21:23.0877 0x0d98  i8042prt - ok
21:21:23.0922 0x0d98  [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:21:23.0957 0x0d98  iaStorV - ok
21:21:24.0035 0x0d98  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:21:24.0084 0x0d98  idsvc - ok
21:21:24.0123 0x0d98  IEEtwCollectorService - ok
21:21:24.0362 0x0d98  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:21:24.0821 0x0d98  igfx - ok
21:21:25.0075 0x0d98  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:21:25.0123 0x0d98  iirsp - ok
21:21:25.0532 0x0d98  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:21:25.0749 0x0d98  IKEEXT - ok
21:21:25.0936 0x0d98  [ 4198E206AB735E1565B3634CFDC15F94, BFCDAF67BC8D6741BBE07C9985BCF5C809ECF86CBCD43289BCC02F31CD07D4F1 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
21:21:25.0981 0x0d98  inspect - ok
21:21:26.0155 0x0d98  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:21:26.0197 0x0d98  intelide - ok
21:21:26.0419 0x0d98  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:21:26.0470 0x0d98  intelppm - ok
21:21:26.0523 0x0d98  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:21:26.0583 0x0d98  IPBusEnum - ok
21:21:26.0605 0x0d98  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:26.0659 0x0d98  IpFilterDriver - ok
21:21:26.0716 0x0d98  [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:21:26.0786 0x0d98  iphlpsvc - ok
21:21:26.0816 0x0d98  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:21:26.0859 0x0d98  IPMIDRV - ok
21:21:26.0876 0x0d98  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:21:26.0932 0x0d98  IPNAT - ok
21:21:26.0953 0x0d98  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:21:27.0001 0x0d98  IRENUM - ok
21:21:27.0014 0x0d98  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:21:27.0037 0x0d98  isapnp - ok
21:21:27.0065 0x0d98  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:21:27.0093 0x0d98  iScsiPrt - ok
21:21:27.0115 0x0d98  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:21:27.0138 0x0d98  kbdclass - ok
21:21:27.0180 0x0d98  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:21:27.0206 0x0d98  kbdhid - ok
21:21:27.0229 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] KeyIso          C:\Windows\system32\lsass.exe
21:21:27.0255 0x0d98  KeyIso - ok
21:21:27.0291 0x0d98  [ 48732BFA0C692BEC15DBBFE754E594C6, A39DD1181CF51534C18C2ECFE02E961363769482BAF9F206E57B014C5B246921 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:21:27.0314 0x0d98  KSecDD - ok
21:21:27.0333 0x0d98  [ 46B1F590C06AF25BCADCCAE0148C2074, 62447A906E5D7D20B3955A1EF99C971F1E0522A7D68C3D2C88EF174A5A5ECD29 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:21:27.0359 0x0d98  KSecPkg - ok
21:21:27.0397 0x0d98  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:21:27.0470 0x0d98  KtmRm - ok
21:21:27.0513 0x0d98  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:21:27.0576 0x0d98  LanmanServer - ok
21:21:27.0601 0x0d98  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:21:27.0644 0x0d98  LanmanWorkstation - ok
21:21:27.0693 0x0d98  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:21:27.0752 0x0d98  lltdio - ok
21:21:27.0791 0x0d98  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:21:27.0850 0x0d98  lltdsvc - ok
21:21:27.0875 0x0d98  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:21:27.0924 0x0d98  lmhosts - ok
21:21:27.0959 0x0d98  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:21:27.0983 0x0d98  LSI_FC - ok
21:21:28.0011 0x0d98  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:21:28.0035 0x0d98  LSI_SAS - ok
21:21:28.0060 0x0d98  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:21:28.0083 0x0d98  LSI_SAS2 - ok
21:21:28.0098 0x0d98  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:21:28.0125 0x0d98  LSI_SCSI - ok
21:21:28.0159 0x0d98  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:21:28.0223 0x0d98  luafv - ok
21:21:28.0403 0x0d98  [ 92F429AC9294DCFDE44441C93E7D185F, 2A127E89ADC22C4F196A645835A224DD47E068B2D24E40E7BCDF12FB0F8379DB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
21:21:28.0431 0x0d98  McComponentHostService - ok
21:21:28.0469 0x0d98  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:21:28.0500 0x0d98  Mcx2Svc - ok
21:21:28.0521 0x0d98  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:21:28.0543 0x0d98  megasas - ok
21:21:28.0587 0x0d98  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:21:28.0616 0x0d98  MegaSR - ok
21:21:28.0674 0x0d98  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:21:28.0694 0x0d98  Microsoft Office Groove Audit Service - ok
21:21:28.0721 0x0d98  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:21:28.0768 0x0d98  MMCSS - ok
21:21:28.0782 0x0d98  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:21:28.0836 0x0d98  Modem - ok
21:21:28.0870 0x0d98  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:21:28.0913 0x0d98  monitor - ok
21:21:28.0945 0x0d98  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:21:28.0967 0x0d98  mouclass - ok
21:21:28.0996 0x0d98  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:21:29.0039 0x0d98  mouhid - ok
21:21:29.0072 0x0d98  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:21:29.0096 0x0d98  mountmgr - ok
21:21:29.0156 0x0d98  [ 906DD5FE29BC912A87F66C9ACD87C720, 599CEE2D3AF0E52607C6984CE7F745C52BBBE6AE407E817AC25AD4D742098035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:21:29.0181 0x0d98  MozillaMaintenance - ok
21:21:29.0208 0x0d98  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:21:29.0234 0x0d98  mpio - ok
21:21:29.0268 0x0d98  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:21:29.0321 0x0d98  mpsdrv - ok
21:21:29.0374 0x0d98  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:21:29.0431 0x0d98  MpsSvc - ok
21:21:29.0467 0x0d98  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:21:29.0513 0x0d98  MRxDAV - ok
21:21:29.0547 0x0d98  [ FEDAAB6716B44DE8B9EFC14DD9A26215, 765890CDEADF6851C5C9014D12422733D7E7833690F560B94AE2BE9E7E08F130 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:29.0589 0x0d98  mrxsmb - ok
21:21:29.0623 0x0d98  [ 77DD652AB8708CDB55FDB7073B868784, AC88E2BFFE3EC62269216FD1B52DA8D85AFD0AF3E69B7B876F531258977BA372 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:29.0654 0x0d98  mrxsmb10 - ok
21:21:29.0680 0x0d98  [ 4ACDB6414918D8920875B00B286E1FBC, 404F5AC75DFD7C5CEF08A8D2FC24CD806941BF2B16FF7BC3BECBEABCBFA1B64A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:29.0706 0x0d98  mrxsmb20 - ok
21:21:29.0729 0x0d98  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:21:29.0750 0x0d98  msahci - ok
21:21:29.0781 0x0d98  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:21:29.0805 0x0d98  msdsm - ok
21:21:29.0828 0x0d98  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:21:29.0878 0x0d98  MSDTC - ok
21:21:29.0930 0x0d98  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:21:29.0982 0x0d98  Msfs - ok
21:21:30.0013 0x0d98  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:21:30.0070 0x0d98  mshidkmdf - ok
21:21:30.0091 0x0d98  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:21:30.0114 0x0d98  msisadrv - ok
21:21:30.0159 0x0d98  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:21:30.0217 0x0d98  MSiSCSI - ok
21:21:30.0226 0x0d98  msiserver - ok
21:21:30.0267 0x0d98  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:21:30.0318 0x0d98  MSKSSRV - ok
21:21:30.0343 0x0d98  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:30.0396 0x0d98  MSPCLOCK - ok
21:21:30.0416 0x0d98  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:21:30.0472 0x0d98  MSPQM - ok
21:21:30.0506 0x0d98  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:21:30.0536 0x0d98  MsRPC - ok
21:21:30.0558 0x0d98  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:21:30.0581 0x0d98  mssmbios - ok
21:21:30.0616 0x0d98  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:21:30.0654 0x0d98  MSTEE - ok
21:21:30.0669 0x0d98  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:21:30.0709 0x0d98  MTConfig - ok
21:21:30.0738 0x0d98  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:21:30.0759 0x0d98  Mup - ok
21:21:30.0802 0x0d98  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:21:30.0852 0x0d98  napagent - ok
21:21:30.0897 0x0d98  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:21:30.0932 0x0d98  NativeWifiP - ok
21:21:30.0976 0x0d98  [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:21:31.0021 0x0d98  NDIS - ok
21:21:31.0051 0x0d98  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:21:31.0101 0x0d98  NdisCap - ok
21:21:31.0137 0x0d98  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:21:31.0174 0x0d98  NdisTapi - ok
21:21:31.0202 0x0d98  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:21:31.0258 0x0d98  Ndisuio - ok
21:21:31.0297 0x0d98  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:21:31.0336 0x0d98  NdisWan - ok
21:21:31.0367 0x0d98  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:21:31.0416 0x0d98  NDProxy - ok
21:21:31.0449 0x0d98  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:21:31.0515 0x0d98  NetBIOS - ok
21:21:31.0559 0x0d98  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:21:31.0600 0x0d98  NetBT - ok
21:21:31.0619 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] Netlogon        C:\Windows\system32\lsass.exe
21:21:31.0643 0x0d98  Netlogon - ok
21:21:31.0681 0x0d98  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:21:31.0731 0x0d98  Netman - ok
21:21:31.0752 0x0d98  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:21:31.0807 0x0d98  netprofm - ok
21:21:31.0843 0x0d98  [ 005C38BA492291801AA5F71DAE3C1A7B, E43F0CE95D646B41FC681E0B95721598EA74C45975BEEE1C5EFFB0D238253B0E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:21:31.0868 0x0d98  NetTcpPortSharing - ok
21:21:31.0894 0x0d98  NewPlayerUpdaterService - ok
21:21:31.0917 0x0d98  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:21:31.0941 0x0d98  nfrd960 - ok
21:21:31.0973 0x0d98  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:21:32.0051 0x0d98  NlaSvc - ok
21:21:32.0074 0x0d98  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:21:32.0126 0x0d98  Npfs - ok
21:21:32.0163 0x0d98  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:21:32.0223 0x0d98  nsi - ok
21:21:32.0250 0x0d98  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:21:32.0311 0x0d98  nsiproxy - ok
21:21:32.0387 0x0d98  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:21:32.0448 0x0d98  Ntfs - ok
21:21:32.0480 0x0d98  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:21:32.0532 0x0d98  Null - ok
21:21:32.0567 0x0d98  [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:21:32.0591 0x0d98  nvraid - ok
21:21:32.0615 0x0d98  [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:21:32.0640 0x0d98  nvstor - ok
21:21:32.0667 0x0d98  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:21:32.0692 0x0d98  nv_agp - ok
21:21:32.0776 0x0d98  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:21:32.0809 0x0d98  odserv - ok
21:21:32.0838 0x0d98  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:21:32.0878 0x0d98  ohci1394 - ok
21:21:32.0936 0x0d98  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:21:32.0958 0x0d98  ose - ok
21:21:32.0996 0x0d98  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:21:33.0075 0x0d98  p2pimsvc - ok
21:21:33.0135 0x0d98  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:21:33.0198 0x0d98  p2psvc - ok
21:21:33.0250 0x0d98  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:21:33.0295 0x0d98  Parport - ok
21:21:33.0337 0x0d98  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:21:33.0361 0x0d98  partmgr - ok
21:21:33.0373 0x0d98  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:21:33.0416 0x0d98  Parvdm - ok
21:21:33.0455 0x0d98  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:21:33.0504 0x0d98  PcaSvc - ok
21:21:33.0542 0x0d98  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:21:33.0571 0x0d98  pci - ok
21:21:33.0608 0x0d98  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:21:33.0630 0x0d98  pciide - ok
21:21:33.0664 0x0d98  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:21:33.0690 0x0d98  pcmcia - ok
21:21:33.0725 0x0d98  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:21:33.0747 0x0d98  pcw - ok
21:21:33.0807 0x0d98  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:21:33.0871 0x0d98  PEAUTH - ok
21:21:33.0951 0x0d98  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:21:34.0049 0x0d98  PeerDistSvc - ok
21:21:34.0244 0x0d98  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:21:34.0348 0x0d98  pla - ok
21:21:34.0399 0x0d98  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:21:34.0473 0x0d98  PlugPlay - ok
21:21:34.0509 0x0d98  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:21:34.0552 0x0d98  PNRPAutoReg - ok
21:21:34.0583 0x0d98  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:21:34.0617 0x0d98  PNRPsvc - ok
21:21:34.0654 0x0d98  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:21:34.0727 0x0d98  PolicyAgent - ok
21:21:34.0770 0x0d98  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:21:34.0834 0x0d98  Power - ok
21:21:34.0878 0x0d98  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:21:34.0934 0x0d98  PptpMiniport - ok
21:21:34.0969 0x0d98  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:21:35.0014 0x0d98  Processor - ok
21:21:35.0063 0x0d98  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:21:35.0104 0x0d98  ProfSvc - ok
21:21:35.0126 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] ProtectedStorage C:\Windows\system32\lsass.exe
21:21:35.0153 0x0d98  ProtectedStorage - ok
21:21:35.0188 0x0d98  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:21:35.0245 0x0d98  Psched - ok
21:21:35.0318 0x0d98  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:21:35.0385 0x0d98  ql2300 - ok
21:21:35.0406 0x0d98  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:21:35.0431 0x0d98  ql40xx - ok
21:21:35.0467 0x0d98  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:21:35.0505 0x0d98  QWAVE - ok
21:21:35.0525 0x0d98  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:21:35.0580 0x0d98  QWAVEdrv - ok
21:21:35.0608 0x0d98  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:21:35.0666 0x0d98  RasAcd - ok
21:21:35.0712 0x0d98  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:21:35.0750 0x0d98  RasAgileVpn - ok
21:21:35.0786 0x0d98  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:21:35.0830 0x0d98  RasAuto - ok
21:21:35.0848 0x0d98  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:21:35.0901 0x0d98  Rasl2tp - ok
21:21:35.0957 0x0d98  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:21:36.0004 0x0d98  RasMan - ok
21:21:36.0025 0x0d98  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:21:36.0080 0x0d98  RasPppoe - ok
21:21:36.0108 0x0d98  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:21:36.0147 0x0d98  RasSstp - ok
21:21:36.0186 0x0d98  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:21:36.0247 0x0d98  rdbss - ok
21:21:36.0271 0x0d98  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:21:36.0317 0x0d98  rdpbus - ok
21:21:36.0355 0x0d98  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:21:36.0410 0x0d98  RDPCDD - ok
21:21:36.0462 0x0d98  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:21:36.0509 0x0d98  RDPDR - ok
21:21:36.0537 0x0d98  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:21:36.0589 0x0d98  RDPENCDD - ok
21:21:36.0626 0x0d98  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:21:36.0678 0x0d98  RDPREFMP - ok
21:21:36.0739 0x0d98  [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:21:36.0801 0x0d98  RdpVideoMiniport - ok
21:21:36.0843 0x0d98  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:21:36.0912 0x0d98  RDPWD - ok
21:21:36.0965 0x0d98  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:21:36.0992 0x0d98  rdyboost - ok
21:21:37.0036 0x0d98  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:21:37.0090 0x0d98  RemoteAccess - ok
21:21:37.0167 0x0d98  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:21:37.0236 0x0d98  RemoteRegistry - ok
21:21:37.0256 0x0d98  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:21:37.0314 0x0d98  RpcEptMapper - ok
21:21:37.0352 0x0d98  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:21:37.0397 0x0d98  RpcLocator - ok
21:21:37.0445 0x0d98  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:21:37.0514 0x0d98  RpcSs - ok
21:21:37.0566 0x0d98  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:21:37.0624 0x0d98  rspndr - ok
21:21:37.0656 0x0d98  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:21:37.0703 0x0d98  s3cap - ok
21:21:37.0719 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] SamSs           C:\Windows\system32\lsass.exe
21:21:37.0745 0x0d98  SamSs - ok
21:21:37.0775 0x0d98  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:21:37.0798 0x0d98  sbp2port - ok
21:21:37.0846 0x0d98  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:21:37.0890 0x0d98  SCardSvr - ok
21:21:37.0905 0x0d98  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:21:37.0942 0x0d98  scfilter - ok
21:21:37.0998 0x0d98  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:21:38.0074 0x0d98  Schedule - ok
21:21:38.0104 0x0d98  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:21:38.0145 0x0d98  SCPolicySvc - ok
21:21:38.0189 0x0d98  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:21:38.0261 0x0d98  SDRSVC - ok
21:21:38.0300 0x0d98  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:21:38.0353 0x0d98  secdrv - ok
21:21:38.0387 0x0d98  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:21:38.0444 0x0d98  seclogon - ok
21:21:38.0476 0x0d98  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
21:21:38.0537 0x0d98  SENS - ok
21:21:38.0573 0x0d98  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:21:38.0636 0x0d98  SensrSvc - ok
21:21:38.0662 0x0d98  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:21:38.0706 0x0d98  Serenum - ok
21:21:38.0737 0x0d98  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:21:38.0765 0x0d98  Serial - ok
21:21:38.0814 0x0d98  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:21:38.0855 0x0d98  sermouse - ok
21:21:38.0913 0x0d98  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:21:38.0970 0x0d98  SessionEnv - ok
21:21:38.0998 0x0d98  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:21:39.0038 0x0d98  sffdisk - ok
21:21:39.0057 0x0d98  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:21:39.0082 0x0d98  sffp_mmc - ok
21:21:39.0097 0x0d98  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:21:39.0176 0x0d98  sffp_sd - ok
21:21:39.0210 0x0d98  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:21:39.0236 0x0d98  sfloppy - ok
21:21:39.0290 0x0d98  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:21:39.0353 0x0d98  SharedAccess - ok
21:21:39.0404 0x0d98  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:21:39.0465 0x0d98  ShellHWDetection - ok
21:21:39.0514 0x0d98  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:21:39.0536 0x0d98  sisagp - ok
21:21:39.0572 0x0d98  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:21:39.0594 0x0d98  SiSRaid2 - ok
21:21:39.0616 0x0d98  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:21:39.0640 0x0d98  SiSRaid4 - ok
21:21:39.0677 0x0d98  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:21:39.0732 0x0d98  Smb - ok
21:21:39.0796 0x0d98  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:21:39.0825 0x0d98  SNMPTRAP - ok
21:21:39.0842 0x0d98  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:21:39.0868 0x0d98  spldr - ok
21:21:39.0911 0x0d98  [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler         C:\Windows\System32\spoolsv.exe
21:21:39.0959 0x0d98  Spooler - ok
21:21:40.0092 0x0d98  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:21:40.0235 0x0d98  sppsvc - ok
21:21:40.0275 0x0d98  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:21:40.0333 0x0d98  sppuinotify - ok
21:21:40.0379 0x0d98  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:21:40.0449 0x0d98  srv - ok
21:21:40.0471 0x0d98  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:21:40.0519 0x0d98  srv2 - ok
21:21:40.0550 0x0d98  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:21:40.0596 0x0d98  srvnet - ok
21:21:40.0636 0x0d98  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:21:40.0683 0x0d98  SSDPSRV - ok
21:21:40.0703 0x0d98  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:21:40.0764 0x0d98  SstpSvc - ok
21:21:40.0809 0x0d98  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:21:40.0831 0x0d98  stexstor - ok
21:21:40.0879 0x0d98  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:21:40.0968 0x0d98  StiSvc - ok
21:21:40.0990 0x0d98  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:21:41.0013 0x0d98  storflt - ok
21:21:41.0057 0x0d98  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:21:41.0079 0x0d98  storvsc - ok
21:21:41.0100 0x0d98  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:21:41.0126 0x0d98  swenum - ok
21:21:41.0172 0x0d98  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:21:41.0241 0x0d98  swprv - ok
21:21:41.0284 0x0d98  Synth3dVsc - ok
21:21:41.0353 0x0d98  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
21:21:41.0455 0x0d98  SysMain - ok
21:21:41.0490 0x0d98  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:21:41.0535 0x0d98  TabletInputService - ok
21:21:41.0578 0x0d98  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:21:41.0645 0x0d98  TapiSrv - ok
21:21:41.0682 0x0d98  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:21:41.0725 0x0d98  TBS - ok
21:21:41.0811 0x0d98  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:21:41.0874 0x0d98  Tcpip - ok
21:21:41.0941 0x0d98  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:21:41.0994 0x0d98  TCPIP6 - ok
21:21:42.0034 0x0d98  [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:21:42.0083 0x0d98  tcpipreg - ok
21:21:42.0129 0x0d98  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:21:42.0195 0x0d98  TDPIPE - ok
21:21:42.0210 0x0d98  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:21:42.0257 0x0d98  TDTCP - ok
21:21:42.0295 0x0d98  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:21:42.0353 0x0d98  tdx - ok
21:21:42.0401 0x0d98  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:21:42.0424 0x0d98  TermDD - ok
21:21:42.0469 0x0d98  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
21:21:42.0525 0x0d98  TermService - ok
21:21:42.0561 0x0d98  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:21:42.0605 0x0d98  Themes - ok
21:21:42.0635 0x0d98  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:21:42.0679 0x0d98  THREADORDER - ok
21:21:42.0719 0x0d98  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:21:42.0764 0x0d98  TrkWks - ok
21:21:42.0809 0x0d98  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:21:42.0852 0x0d98  TrustedInstaller - ok
21:21:42.0897 0x0d98  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:21:42.0991 0x0d98  tssecsrv - ok
21:21:43.0048 0x0d98  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:21:43.0135 0x0d98  TsUsbFlt - ok
21:21:43.0144 0x0d98  tsusbhub - ok
21:21:43.0199 0x0d98  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:21:43.0250 0x0d98  tunnel - ok
21:21:43.0284 0x0d98  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:21:43.0306 0x0d98  uagp35 - ok
21:21:43.0345 0x0d98  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:21:43.0410 0x0d98  udfs - ok
21:21:43.0465 0x0d98  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:21:43.0518 0x0d98  UI0Detect - ok
21:21:43.0547 0x0d98  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:21:43.0571 0x0d98  uliagpkx - ok
21:21:43.0609 0x0d98  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:21:43.0657 0x0d98  umbus - ok
21:21:43.0688 0x0d98  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:21:43.0726 0x0d98  UmPass - ok
21:21:43.0766 0x0d98  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:21:43.0815 0x0d98  UmRdpService - ok
21:21:43.0851 0x0d98  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:21:43.0920 0x0d98  upnphost - ok
21:21:43.0959 0x0d98  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:21:43.0996 0x0d98  usbccgp - ok
21:21:44.0026 0x0d98  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:21:44.0061 0x0d98  usbcir - ok
21:21:44.0092 0x0d98  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:21:44.0131 0x0d98  usbehci - ok
21:21:44.0176 0x0d98  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:21:44.0220 0x0d98  usbhub - ok
21:21:44.0257 0x0d98  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:21:44.0296 0x0d98  usbohci - ok
21:21:44.0340 0x0d98  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:21:44.0367 0x0d98  usbprint - ok
21:21:44.0400 0x0d98  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:21:44.0458 0x0d98  usbscan - ok
21:21:44.0493 0x0d98  [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:21:44.0519 0x0d98  USBSTOR - ok
21:21:44.0539 0x0d98  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:21:44.0579 0x0d98  usbuhci - ok
21:21:44.0613 0x0d98  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:21:44.0669 0x0d98  UxSms - ok
21:21:44.0693 0x0d98  [ 3AD57B7A84035A05079226D1DE47E771, 4DABE420AB2CDAA1D7214B2569DA4AF335E49D31731CBE91DC18B450874F494B ] VaultSvc        C:\Windows\system32\lsass.exe
21:21:44.0719 0x0d98  VaultSvc - ok
21:21:44.0760 0x0d98  [ 94D73B62E458FB56C9CE60AA96D914F9, EF0FAC91A1207DA28600000141C26686A7BD6B70EE05F5B78459D3D615454151 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
21:21:44.0819 0x0d98  VClone - ok
21:21:44.0853 0x0d98  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:21:44.0876 0x0d98  vdrvroot - ok
21:21:44.0915 0x0d98  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:21:44.0986 0x0d98  vds - ok
21:21:45.0027 0x0d98  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:21:45.0071 0x0d98  vga - ok
21:21:45.0112 0x0d98  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:21:45.0163 0x0d98  VgaSave - ok
21:21:45.0190 0x0d98  VGPU - ok
21:21:45.0212 0x0d98  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:21:45.0239 0x0d98  vhdmp - ok
21:21:45.0267 0x0d98  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:21:45.0290 0x0d98  viaagp - ok
21:21:45.0322 0x0d98  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:21:45.0348 0x0d98  ViaC7 - ok
21:21:45.0385 0x0d98  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:21:45.0406 0x0d98  viaide - ok
21:21:45.0431 0x0d98  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:21:45.0458 0x0d98  vmbus - ok
21:21:45.0480 0x0d98  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:21:45.0520 0x0d98  VMBusHID - ok
21:21:45.0544 0x0d98  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:21:45.0567 0x0d98  volmgr - ok
21:21:45.0596 0x0d98  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:21:45.0627 0x0d98  volmgrx - ok
21:21:45.0657 0x0d98  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:21:45.0688 0x0d98  volsnap - ok
21:21:45.0712 0x0d98  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:21:45.0738 0x0d98  vsmraid - ok
21:21:45.0797 0x0d98  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:21:45.0886 0x0d98  VSS - ok
21:21:45.0918 0x0d98  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:21:45.0962 0x0d98  vwifibus - ok
21:21:46.0000 0x0d98  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:21:46.0051 0x0d98  W32Time - ok
21:21:46.0075 0x0d98  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:21:46.0123 0x0d98  WacomPen - ok
21:21:46.0200 0x0d98  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:21:46.0269 0x0d98  WANARP - ok
21:21:46.0278 0x0d98  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:21:46.0317 0x0d98  Wanarpv6 - ok
21:21:46.0385 0x0d98  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:21:46.0558 0x0d98  wbengine - ok
21:21:46.0627 0x0d98  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:21:46.0684 0x0d98  WbioSrvc - ok
21:21:46.0734 0x0d98  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:21:46.0790 0x0d98  wcncsvc - ok
21:21:46.0821 0x0d98  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:21:46.0888 0x0d98  WcsPlugInService - ok
21:21:46.0925 0x0d98  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:21:46.0950 0x0d98  Wd - ok
21:21:46.0998 0x0d98  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:21:47.0036 0x0d98  Wdf01000 - ok
21:21:47.0070 0x0d98  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:21:47.0148 0x0d98  WdiServiceHost - ok
21:21:47.0158 0x0d98  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:21:47.0197 0x0d98  WdiSystemHost - ok
21:21:47.0238 0x0d98  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
21:21:47.0310 0x0d98  WebClient - ok
21:21:47.0337 0x0d98  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:21:47.0385 0x0d98  Wecsvc - ok
21:21:47.0405 0x0d98  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:21:47.0465 0x0d98  wercplsupport - ok
21:21:47.0503 0x0d98  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:21:47.0561 0x0d98  WerSvc - ok
21:21:47.0601 0x0d98  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:21:47.0652 0x0d98  WfpLwf - ok
21:21:47.0686 0x0d98  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:21:47.0708 0x0d98  WIMMount - ok
21:21:47.0762 0x0d98  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:21:47.0833 0x0d98  WinDefend - ok
21:21:47.0862 0x0d98  WinHttpAutoProxySvc - ok
21:21:47.0924 0x0d98  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:21:47.0989 0x0d98  Winmgmt - ok
21:21:48.0134 0x0d98  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:21:48.0229 0x0d98  WinRM - ok
21:21:48.0297 0x0d98  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:21:48.0326 0x0d98  WinUsb - ok
21:21:48.0383 0x0d98  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:21:48.0455 0x0d98  Wlansvc - ok
21:21:48.0509 0x0d98  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:21:48.0534 0x0d98  WmiAcpi - ok
21:21:48.0579 0x0d98  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:21:48.0607 0x0d98  wmiApSrv - ok
21:21:48.0698 0x0d98  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:21:48.0800 0x0d98  WMPNetworkSvc - ok
21:21:48.0841 0x0d98  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:21:48.0902 0x0d98  WPCSvc - ok
21:21:48.0942 0x0d98  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:21:49.0012 0x0d98  WPDBusEnum - ok
21:21:49.0095 0x0d98  Wpm - ok
21:21:49.0134 0x0d98  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:21:49.0195 0x0d98  ws2ifsl - ok
21:21:49.0220 0x0d98  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:21:49.0267 0x0d98  wscsvc - ok
21:21:49.0276 0x0d98  WSearch - ok
21:21:49.0399 0x0d98  [ A7A67674E51F2B050AAC4C477297EEE2, FA6DA2AA7869A99AB3D19509D7F2411E5E2C9ADB6D8DB97D7B8FAF1F6E160687 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:21:49.0542 0x0d98  wuauserv - ok
21:21:49.0587 0x0d98  [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:21:49.0642 0x0d98  WudfPf - ok
21:21:49.0681 0x0d98  [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:21:49.0741 0x0d98  WUDFRd - ok
21:21:49.0784 0x0d98  [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:21:49.0839 0x0d98  wudfsvc - ok
21:21:49.0880 0x0d98  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:21:49.0933 0x0d98  WwanSvc - ok
21:21:49.0956 0x0d98  ================ Scan global ===============================
21:21:49.0990 0x0d98  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
21:21:50.0023 0x0d98  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
21:21:50.0044 0x0d98  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
21:21:50.0080 0x0d98  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:21:50.0121 0x0d98  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
21:21:50.0133 0x0d98  [ Global ] - ok
21:21:50.0134 0x0d98  ================ Scan MBR ==================================
21:21:50.0146 0x0d98  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:21:50.0388 0x0d98  \Device\Harddisk0\DR0 - ok
21:21:50.0389 0x0d98  ================ Scan VBR ==================================
21:21:50.0393 0x0d98  [ 877CD73ED8BDDD61AFF8DBDF7223EFD7 ] \Device\Harddisk0\DR0\Partition1
21:21:50.0397 0x0d98  \Device\Harddisk0\DR0\Partition1 - ok
21:21:50.0402 0x0d98  [ 133272D375B65033554018ED46132FE1 ] \Device\Harddisk0\DR0\Partition2
21:21:50.0408 0x0d98  \Device\Harddisk0\DR0\Partition2 - ok
21:21:50.0409 0x0d98  ================ Scan generic autorun ======================
21:21:50.0471 0x0d98  [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
21:21:50.0488 0x0d98  HP Software Update - ok
21:21:50.0595 0x0d98  [ 03373C2C6EF2DA0AC68F89C7BA33C16A, 892A70BED26D8A1F18D4349627363B9354F81B7DB1C8837C22AE61A54A8C702F ] C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
21:21:50.0652 0x0d98  COMODO Internet Security - ok
21:21:50.0656 0x0d98  mobilegeni daemon - ok
21:21:50.0677 0x0d98  Spiele Post - ok
21:21:50.0678 0x0d98  Waiting for KSN requests completion. In queue: 65
21:21:51.0678 0x0d98  Waiting for KSN requests completion. In queue: 65
21:21:52.0678 0x0d98  Waiting for KSN requests completion. In queue: 65
21:21:53.0847 0x0d98  AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61000 ( enabled : updated )
21:21:53.0850 0x0d98  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61010 ( enabled )
21:21:56.0281 0x0d98  ============================================================
21:21:56.0281 0x0d98  Scan finished
21:21:56.0281 0x0d98  ============================================================
21:21:56.0295 0x0c24  Detected object count: 0
21:21:56.0295 0x0c24  Actual detected object count: 0
         

Servus,




Schritt 1
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers








Schritt 2
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

ok hier das logfile von mbar:

Code: Alles auswählenAufklappen

ATTFilter

    Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.15.03
  rootkit: v2015.08.06.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17959
Karp :: BENUTZER-PC [administrator]

15.08.2015 15:56:09
mbar-log-2015-08-15 (15-56-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 327832
Time elapsed: 21 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Karp\AppData\Local\temp\android\android.exe (Backdoor.Bot) -> Delete on reboot. [849bf71273182214d96dc95770916c94]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

und dann hab ich nochmal dammit gescannt dann hat er noch was gefunden
hier das 2te logfile von mbar:

Code: Alles auswählenAufklappen

ATTFilter

    Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.15.03
  rootkit: v2015.08.06.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17959
Karp :: BENUTZER-PC [administrator]

15.08.2015 17:02:45
mbar-log-2015-08-15 (17-02-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 327378
Time elapsed: 20 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\Comodo\Cis\Quarantine\data\{7FB6EDA7-D2F1-4C3D-B118-ABCB53662879} (Backdoor.Bot) -> Delete on reboot. [fe219f6acfbcbc7ac38344dc7c85a45c]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

dann habe ich mit combofix gescannt,er hat über ne stunde gescannt und ist bei stufe 58 einfach abgekackt und der pc hat sich neu gestartet und es wurde kein logfile unter C:/ gespeichert.