| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Key-Logger ProblemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
18.08.2015, 17:46
| #1 |
| |  Windows 7: Key-Logger Problem Hallo liebes Helfer-Team, wie im Titel bereits ersichtlich habe ich vermutlich einen Key-Logger auf meinem Computer. Ich versuche im Folgenden das Problem so kurz und knapp wie möglich zu erläutern. Letzten Donnerstag habe ich bemerkt dass von meinem E-Mail Account haufenweise Spam Emails an alle Personen versendet werden mit denen ich jemals Email Kontakt hatte. Ich habe natürlich sofort das Passwort geändert. Das hat aber nichts genützt und nach einiger Zeit sind wieder sehr viele Mails versendet worden. Auch das nochmalige Ändern des Passwortes hat nicht geholfen. Da lag für mich schon die Vermutung nahe, dass es evtl ein Key-Logger sein könnte. Ich habe daraufhin meinen komplette Rechner platt gemacht. Das bedeutet dass ich die Festplatte formatiert habe und Windows komplett neu installiert habe. Daraufhin habe ich dann wieder das Passwort geändert, aber nach einem Tag sind wieder hunderte Mails versendet worden. Jetzt ist meine Vermutung, dass sich da irgendetwas tiefer in der Festplatte eingenistet haben muss, was auch durch die Formatierung nicht weg geht. Nun seid ihr meine letzte Rettung. Ich habe eure Anleitung für Hilfesuchende gelesen und darauf hin wie beschrieben die verschiedenen Logfiles erstellt: 1. FRST-Log frst.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Korbinian (Administrator) auf LARÖ (18-08-2015 18:18:46)
Gestartet von C:\Users\Korbinian\Desktop
Geladene Profile: Korbinian (Verfügbare Profile: Korbinian)
Platform: Windows 7 Home Premium (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) G:\Programme\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-17] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1275952522-315387896-485487144-1000\...\Run: [Skype] => G:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-17] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-1275952522-315387896-485487144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17] (AVAST Software)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2557505B-1860-46E9-93AC-2A7546768EB3}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-18] ()
FF Extension: WOT - C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-08-18]
FF Extension: Adblock Plus - C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-17]
StartMenuInternet: FIREFOX.EXE - G:\Programme\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-17] (AVAST Software)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S2 SkypeUpdate; G:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-17] (AVAST Software)
S3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation )
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 18:18 - 2015-08-18 18:19 - 00007275 _____ C:\Users\Korbinian\Desktop\FRST.txt
2015-08-18 18:18 - 2015-08-18 18:18 - 00000480 _____ C:\Users\Korbinian\Desktop\defogger_disable.log
2015-08-18 18:15 - 2015-08-18 18:15 - 1173614773 _____ C:\Windows\MEMORY.DMP
2015-08-18 18:15 - 2015-08-18 18:15 - 00462320 _____ C:\Windows\Minidump\081815-7909-01.dmp
2015-08-18 18:15 - 2015-08-18 18:15 - 00000000 ____D C:\Windows\Minidump
2015-08-18 17:30 - 2015-08-18 17:30 - 00380416 _____ C:\Users\Korbinian\Desktop\Gmer-19357.exe
2015-08-18 17:28 - 2015-08-18 18:18 - 00000000 ____D C:\FRST
2015-08-18 17:27 - 2015-08-18 17:28 - 02173440 _____ (Farbar) C:\Users\Korbinian\Desktop\FRST64.exe
2015-08-18 17:27 - 2015-08-18 17:27 - 00000000 ____D C:\$WINDOWS.~BT
2015-08-18 17:27 - 2015-08-18 17:27 - 00000000 _____ C:\Users\Korbinian\defogger_reenable
2015-08-18 17:26 - 2015-08-18 17:26 - 00050477 _____ C:\Users\Korbinian\Desktop\Defogger.exe
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Macromedia
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Adobe
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Macromedia
2015-08-18 15:31 - 2015-08-18 17:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-18 15:31 - 2015-08-18 15:31 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-18 15:31 - 2015-08-18 15:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-18 15:31 - 2015-08-18 15:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-18 15:31 - 2015-08-18 15:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-08-18 15:31 - 2015-08-18 15:31 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-18 15:30 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Adobe
2015-08-18 14:30 - 2015-08-18 14:30 - 19648448 _____ (Microsoft Corporation) C:\Users\Korbinian\Downloads\MediaCreationToolx64(1).exe
2015-08-18 14:30 - 2015-08-18 14:30 - 00000000 ___HD C:\$Windows.~WS
2015-08-18 02:17 - 2015-08-18 02:29 - 00001908 _____ C:\Windows\diagwrn.xml
2015-08-18 02:17 - 2015-08-18 02:29 - 00001908 _____ C:\Windows\diagerr.xml
2015-08-18 01:50 - 2015-08-18 18:16 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Skype
2015-08-18 01:50 - 2015-08-18 01:50 - 00000000 ____D C:\Users\Korbinian\Tracing
2015-08-18 01:50 - 2015-08-18 01:50 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\ProgramData\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\Program Files (x86)\Skype
2015-08-18 01:47 - 2015-08-18 01:47 - 01385504 _____ (Skype Technologies S.A.) C:\Users\Korbinian\Downloads\SkypeSetup.exe
2015-08-18 01:07 - 2015-08-18 01:07 - 19648448 _____ (Microsoft Corporation) C:\Users\Korbinian\Downloads\MediaCreationToolx64.exe
2015-08-18 00:53 - 2015-08-18 00:53 - 00000330 _____ C:\Windows\PFRO.log
2015-08-18 00:53 - 2015-08-18 00:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-18 00:53 - 2015-08-18 00:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-18 00:52 - 2015-08-18 00:52 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-18 00:52 - 2015-08-18 00:52 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-18 00:52 - 2015-08-18 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-08-18 00:52 - 2015-08-18 00:52 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-08-18 00:50 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-08-18 00:50 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-08-18 00:50 - 2009-11-25 21:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-08-18 00:50 - 2009-11-25 21:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____D C:\Program Files\AuthenTec
2015-08-18 00:47 - 2009-10-10 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2015-08-18 00:45 - 2015-08-18 00:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-18 00:45 - 2015-08-18 00:45 - 00000000 ____D C:\Intel
2015-08-18 00:45 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-18 00:45 - 2013-02-19 20:35 - 00056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-08-18 00:45 - 2013-02-19 20:35 - 00056320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-08-18 00:44 - 2015-07-29 22:19 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-18 00:44 - 2015-07-29 22:16 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-18 00:44 - 2015-07-29 22:11 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-18 00:44 - 2015-05-21 15:12 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-18 00:44 - 2015-01-28 01:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-08-18 00:44 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-18 00:44 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-18 00:44 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 01498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-08-18 00:44 - 2010-12-21 08:13 - 02003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-18 00:44 - 2010-12-21 08:13 - 01880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-18 00:44 - 2010-12-21 08:11 - 12369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-18 00:44 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2015-08-18 00:44 - 2010-12-21 07:36 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-18 00:44 - 2010-12-21 07:36 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-18 00:44 - 2010-12-21 07:35 - 10989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-18 00:44 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-18 00:44 - 2010-11-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-18 00:44 - 2010-11-04 08:31 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-18 00:44 - 2010-11-04 07:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-18 00:44 - 2010-11-04 07:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-18 00:44 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-08-18 00:44 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-08-18 00:44 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-08-18 00:44 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-08-18 00:44 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-08-18 00:44 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-08-18 00:44 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-08-18 00:44 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-08-18 00:44 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-08-18 00:44 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-08-18 00:44 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-08-18 00:44 - 2009-12-11 12:29 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-18 00:44 - 2009-12-11 11:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-18 00:44 - 2009-12-11 09:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-18 00:44 - 2009-12-11 09:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-18 00:43 - 2015-03-19 05:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-18 00:43 - 2015-03-19 04:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-18 00:43 - 2015-03-19 04:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-18 00:43 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-18 00:43 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-18 00:43 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-18 00:43 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-18 00:43 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-08-18 00:43 - 2011-08-30 07:21 - 14164480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-18 00:43 - 2011-08-30 06:28 - 12868096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-18 00:43 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-18 00:43 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-08-18 00:43 - 2010-03-24 08:59 - 01736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-18 00:43 - 2010-03-24 08:37 - 01289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-08-18 00:43 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-08-18 00:43 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-08-18 00:43 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-08-18 00:43 - 2009-10-31 08:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-18 00:43 - 2009-10-31 07:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-08-18 00:43 - 2009-10-28 08:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-17 20:55 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Panther
2015-08-17 20:53 - 2015-08-17 20:53 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\AVAST Software
2015-08-17 20:51 - 2015-08-17 20:51 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-17 20:51 - 2015-08-17 20:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-17 20:51 - 2015-08-17 20:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-17 20:51 - 2015-08-17 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-17 20:51 - 2015-08-17 20:51 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-17 20:50 - 2015-08-18 00:56 - 00057952 _____ C:\Users\Korbinian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-17 20:50 - 2015-08-17 20:50 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-17 20:48 - 2015-08-17 20:55 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Mozilla
2015-08-17 20:48 - 2015-08-17 20:49 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Mozilla
2015-08-17 20:48 - 2015-08-17 20:48 - 00000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-17 20:48 - 2015-08-17 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-17 20:47 - 2015-06-23 13:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-08-17 20:42 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-17 20:42 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-17 20:42 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-17 20:42 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-17 20:42 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-17 20:42 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-17 20:40 - 2015-08-18 00:45 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-08-17 20:40 - 2015-08-18 00:45 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-17 20:40 - 2015-08-17 20:40 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Intel
2015-08-17 20:40 - 2015-08-17 20:40 - 00000000 ____D C:\ProgramData\Intel
2015-08-17 20:39 - 2015-08-17 20:40 - 00008912 _____ C:\Windows\DPINST.LOG
2015-08-17 20:39 - 2015-08-17 20:40 - 00000000 ____D C:\Program Files\Intel
2015-08-17 20:39 - 2015-08-17 20:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-17 20:22 - 2015-08-17 20:40 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-08-17 20:20 - 2015-08-17 20:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-17 20:20 - 2015-08-17 20:20 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-17 20:20 - 2014-02-18 19:48 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-08-17 20:20 - 2014-02-18 19:48 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-08-17 20:20 - 2014-02-18 19:48 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-08-17 20:12 - 2015-08-17 20:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-08-17 20:12 - 2014-03-18 22:53 - 00027792 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\RtlvVga.dll
2015-08-17 20:12 - 2014-03-18 22:53 - 00011920 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RtlvVga.sys
2015-08-17 20:12 - 2014-03-17 16:46 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2015-08-17 19:59 - 2015-08-18 18:18 - 00612368 _____ C:\Windows\WindowsUpdate.log
2015-08-17 19:59 - 2015-08-18 17:27 - 00000000 ____D C:\Users\Korbinian
2015-08-17 19:59 - 2015-08-17 19:59 - 00001439 _____ C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 19:59 - 2015-08-17 19:59 - 00001405 _____ C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-17 19:59 - 2015-08-17 19:59 - 00000020 ___SH C:\Users\Korbinian\ntuser.ini
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Netzwerkumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Lokale Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Eigene Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Druckumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 __SHD C:\Recovery
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 ____D C:\Users\Korbinian\AppData\Local\VirtualStore
2015-08-17 19:59 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 19:59 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-17 19:57 - 2015-08-17 19:57 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-08-17 19:57 - 2015-08-17 19:57 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-08-17 19:57 - 2015-08-17 19:57 - 00001313 _____ C:\Windows\TSSysprep.log
2015-08-14 05:01 - 2015-08-14 05:01 - 00156920 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2015-08-14 05:01 - 2015-08-14 05:01 - 00081144 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2015-08-14 05:01 - 2015-08-14 05:01 - 00072912 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2015-08-14 05:01 - 2015-08-14 05:01 - 00050936 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 18:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 18:15 - 2009-07-14 06:51 - 00000544 _____ C:\Windows\setupact.log
2015-08-18 18:03 - 2009-07-14 19:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2015-08-18 18:03 - 2009-07-14 19:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2015-08-18 18:03 - 2009-07-14 07:13 - 01521282 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 15:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-18 14:35 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 14:35 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 14:05 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-08-18 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-18 02:17 - 2009-07-14 06:51 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 00:53 - 2009-07-14 06:45 - 00266400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-18 00:49 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-08-17 20:55 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-08-17 20:55 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-08-17 20:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-17 20:12 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-08-17 19:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2015-08-17 19:57 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-17 19:57 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2015-08-17 19:57 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 19:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-17 21:47
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von Korbinian (2015-08-18 18:19:08)
Gestartet von C:\Users\Korbinian\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1275952522-315387896-485487144-500 - Administrator - Disabled)
Gast (S-1-5-21-1275952522-315387896-485487144-501 - Limited - Disabled)
Korbinian (S-1-5-21-1275952522-315387896-485487144-1000 - Administrator - Enabled) => C:\Users\Korbinian
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c92e37dd-de51-4a9e-abfc-54c4b71d1b72}) (Version: 18.11.0 - Intel Corporation)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.19 - Lenovo)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
17-08-2015 20:12:36 Installiert Realtek WiFi Adapter Software
17-08-2015 20:20:48 Installiert Realtek Ethernet Controller Driver
17-08-2015 20:39:48 Intel® PROSet/Wireless Software
17-08-2015 20:42:27 Windows Update
17-08-2015 20:44:18 Windows Update
17-08-2015 20:51:20 avast! antivirus system restore point
18-08-2015 00:44:41 Windows Update
18-08-2015 00:50:47 Windows Update
18-08-2015 00:52:15 DCInstallRestorePoint
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B33DB5D-4498-4270-A6CD-FF717E31F2B5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {0EAC1994-018A-4DAF-AF4B-3DCB63ED5474} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-18] (Adobe Systems Incorporated)
Task: {2BCAEB0B-2A0B-4DB1-B3C8-924469861E04} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {E4F8CF99-DB14-4ADC-8B41-47575E5A0E10} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-17] (AVAST Software)
Task: {EC1B88EA-C81B-45A7-A507-4DE19F253E3A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-02-19 20:34 - 2013-02-19 20:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-17 20:51 - 2015-08-17 20:51 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-17 20:51 - 2015-08-17 20:51 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-18 14:00 - 2015-08-18 14:00 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081800\algo.dll
2015-08-17 20:51 - 2015-08-17 20:51 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1275952522-315387896-485487144-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{52DD882D-D198-4A67-A430-15F8130C01F9}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{52734F3C-057C-4804-900D-7EFACFF6A80B}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{28838597-F8E0-42DC-A919-A7D2AFD4888D}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{DEE39903-BCA6-408B-A28A-6179FA3D7847}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{A17210DE-A557-4BA6-95EB-88B4F545F297}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{07E0C547-D298-4B4F-ACF5-D77A7C115DDA}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{183F9F56-F3A5-4DFA-ADD5-382BFA8ABF18}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{8E1B4143-51AF-44A6-8007-9C95830292BB}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{A4622A6F-1290-445C-A4EA-0B60700D111C}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{293948F6-A884-4733-8F76-E734B8E1D110}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{F5AC7C44-5841-4F9B-B79A-C4594952E485}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{ABC44752-387C-4E77-BFC7-515D79E86DF3}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{EEF9981A-F7D9-407D-9E99-41CCA8E8BDAC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0BE303E7-C866-470B-B519-865B5CABDEEA}] => (Allow) G:\Programme\firefox.exe
FirewallRules: [{13A90623-20B1-4288-83D7-3B159D3C43D9}] => (Allow) G:\Programme\firefox.exe
FirewallRules: [{230D9FA2-ACE2-4753-B27F-3EE329AA01B0}] => (Allow) G:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2015 06:18:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
Error: (08/18/2015 06:18:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
Error: (08/18/2015 05:58:48 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{37c9560c-4509-11e5-8ad9-806e6f6e6963} - 0000000000000108,0x0053c008,000000000051E810,0,0000000000367FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 05:48:44 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/18/2015 12:52:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/18/2015 12:50:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/18/2015 12:44:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/18/2015 12:43:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (08/17/2015 08:51:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/17/2015 08:40:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (08/18/2015 06:15:53 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa80066fdb60, 0xfffff80003c414d0)C:\Windows\MEMORY.DMP081815-7909-01
Error: (08/18/2015 05:58:48 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/18/2015 12:55:30 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (08/18/2015 12:55:25 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (08/18/2015 12:53:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (08/17/2015 08:38:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
Error: (08/17/2015 08:19:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
Error: (08/17/2015 08:19:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
Error: (08/17/2015 08:19:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
Error: (08/17/2015 08:19:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
Microsoft Office:
=========================
Error: (08/18/2015 06:18:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (08/18/2015 06:18:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (08/18/2015 05:58:48 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{37c9560c-4509-11e5-8ad9-806e6f6e6963} - 0000000000000108,0x0053c008,000000000051E810,0,0000000000367FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 05:48:44 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/18/2015 12:52:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/18/2015 12:50:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/18/2015 12:44:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/18/2015 12:43:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (08/17/2015 08:51:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary pqpgghym.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/17/2015 08:40:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 7794.23 MB
Verfügbarer physikalischer RAM: 6112.75 MB
Summe virtueller Speicher: 15586.6 MB
Verfügbarer virtueller Speicher: 13878.01 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:88.2 GB) NTFS
Drive g: (Volume) (Fixed) (Total:465.66 GB) (Free:464.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 46F9E851)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 46F9E829)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
Ich den Scan mit GMER zwar ausführen, aber das Log-File am Ende nicht speichern. Wenn ich auf "Save" klicke passiert gar nichts. Ich bedanke mich jetzt schonmal für die Bearbeitung meines Threads und die Mühe die Ihr euch macht. Viele Grüße Kornwild P.S. Gerade ist ein weiterer Thread aufgemacht worden, welches genau mein Problem darstellt. (http://www.trojaner-board.de/169939-...l-adresse.html) Geändert von Kornwild (18.08.2015 um 18:03 Uhr) |
|
18.08.2015, 18:08
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Key-Logger Problem hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
18.08.2015, 18:39
| #3 |
| | Windows 7: Key-Logger Problem Hallo Schrauber,
__________________danke für deine Hilfe! Hier die Logfiles: 1. Malwarebytes Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.18.05
rootkit: v2015.08.16.01
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Korbinian :: LARÖ [administrator]
18.08.2015 19:16:11
mbar-log-2015-08-18 (19-16-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 329834
Time elapsed: 5 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:35:03.0699 0x0190 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:35:07.0613 0x0190 ============================================================
19:35:07.0614 0x0190 Current date / time: 2015/08/18 19:35:07.0613
19:35:07.0614 0x0190 SystemInfo:
19:35:07.0614 0x0190
19:35:07.0614 0x0190 OS Version: 6.1.7600 ServicePack: 0.0
19:35:07.0614 0x0190 Product type: Workstation
19:35:07.0614 0x0190 ComputerName: LARÖ
19:35:07.0614 0x0190 UserName: Korbinian
19:35:07.0614 0x0190 Windows directory: C:\Windows
19:35:07.0614 0x0190 System windows directory: C:\Windows
19:35:07.0614 0x0190 Running under WOW64
19:35:07.0614 0x0190 Processor architecture: Intel x64
19:35:07.0614 0x0190 Number of processors: 4
19:35:07.0614 0x0190 Page size: 0x1000
19:35:07.0614 0x0190 Boot type: Normal boot
19:35:07.0614 0x0190 ============================================================
19:35:07.0899 0x0190 KLMD registered as C:\Windows\system32\drivers\38144247.sys
19:35:07.0999 0x0190 System UUID: {50EB40A2-2C82-22F8-8ECA-2FF7A8913532}
19:35:08.0692 0x0190 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:08.0693 0x0190 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:08.0713 0x0190 ============================================================
19:35:08.0713 0x0190 \Device\Harddisk1\DR1:
19:35:08.0717 0x0190 MBR partitions:
19:35:08.0717 0x0190 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:35:08.0718 0x0190 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800
19:35:08.0718 0x0190 \Device\Harddisk0\DR0:
19:35:08.0718 0x0190 MBR partitions:
19:35:08.0718 0x0190 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000
19:35:08.0718 0x0190 ============================================================
19:35:08.0720 0x0190 C: <-> \Device\Harddisk0\DR0\Partition1
19:35:08.0736 0x0190 G: <-> \Device\Harddisk1\DR1\Partition2
19:35:08.0736 0x0190 ============================================================
19:35:08.0737 0x0190 Initialize success
19:35:08.0737 0x0190 ============================================================
19:35:57.0830 0x02e4 ============================================================
19:35:57.0830 0x02e4 Scan started
19:35:57.0830 0x02e4 Mode: Manual; SigCheck; TDLFS;
19:35:57.0830 0x02e4 ============================================================
19:35:57.0830 0x02e4 KSN ping started
19:36:11.0541 0x02e4 KSN ping finished: true
19:36:11.0877 0x02e4 ================ Scan system memory ========================
19:36:11.0877 0x02e4 System memory - ok
19:36:11.0878 0x02e4 ================ Scan services =============================
19:36:11.0914 0x02e4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:36:11.0963 0x02e4 1394ohci - ok
19:36:11.0976 0x02e4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:36:11.0990 0x02e4 ACPI - ok
19:36:11.0993 0x02e4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:36:12.0007 0x02e4 AcpiPmi - ok
19:36:12.0031 0x02e4 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:36:12.0043 0x02e4 AdobeFlashPlayerUpdateSvc - ok
19:36:12.0056 0x02e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:36:12.0072 0x02e4 adp94xx - ok
19:36:12.0082 0x02e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:36:12.0096 0x02e4 adpahci - ok
19:36:12.0102 0x02e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:36:12.0112 0x02e4 adpu320 - ok
19:36:12.0118 0x02e4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:36:12.0148 0x02e4 AeLookupSvc - ok
19:36:12.0161 0x02e4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
19:36:12.0200 0x02e4 AFD - ok
19:36:12.0205 0x02e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:36:12.0212 0x02e4 agp440 - ok
19:36:12.0217 0x02e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:36:12.0228 0x02e4 ALG - ok
19:36:12.0231 0x02e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:36:12.0238 0x02e4 aliide - ok
19:36:12.0241 0x02e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:36:12.0247 0x02e4 amdide - ok
19:36:12.0251 0x02e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:36:12.0262 0x02e4 AmdK8 - ok
19:36:12.0266 0x02e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:36:12.0276 0x02e4 AmdPPM - ok
19:36:12.0282 0x02e4 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:36:12.0291 0x02e4 amdsata - ok
19:36:12.0298 0x02e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:36:12.0308 0x02e4 amdsbs - ok
19:36:12.0311 0x02e4 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:36:12.0318 0x02e4 amdxata - ok
19:36:12.0322 0x02e4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
19:36:12.0339 0x02e4 AppID - ok
19:36:12.0343 0x02e4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:36:12.0371 0x02e4 AppIDSvc - ok
19:36:12.0375 0x02e4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
19:36:12.0404 0x02e4 Appinfo - ok
19:36:12.0408 0x02e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:36:12.0416 0x02e4 arc - ok
19:36:12.0421 0x02e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:36:12.0429 0x02e4 arcsas - ok
19:36:12.0432 0x02e4 [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
19:36:12.0448 0x02e4 aswHwid - ok
19:36:12.0453 0x02e4 [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:36:12.0460 0x02e4 aswMonFlt - ok
19:36:12.0465 0x02e4 [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
19:36:12.0472 0x02e4 aswRdr - ok
19:36:12.0476 0x02e4 [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:36:12.0482 0x02e4 aswRvrt - ok
19:36:12.0507 0x02e4 [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:36:12.0534 0x02e4 aswSnx - ok
19:36:12.0549 0x02e4 [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:36:12.0564 0x02e4 aswSP - ok
19:36:12.0570 0x02e4 [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\Windows\system32\drivers\aswStm.sys
19:36:12.0579 0x02e4 aswStm - ok
19:36:12.0587 0x02e4 [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:36:12.0598 0x02e4 aswVmm - ok
19:36:12.0602 0x02e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:12.0629 0x02e4 AsyncMac - ok
19:36:12.0633 0x02e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:36:12.0639 0x02e4 atapi - ok
19:36:12.0657 0x02e4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:36:12.0700 0x02e4 AudioEndpointBuilder - ok
19:36:12.0718 0x02e4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:36:12.0761 0x02e4 AudioSrv - ok
19:36:12.0769 0x02e4 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:36:12.0777 0x02e4 avast! Antivirus - ok
19:36:12.0783 0x02e4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:36:12.0798 0x02e4 AxInstSV - ok
19:36:12.0811 0x02e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:36:12.0830 0x02e4 b06bdrv - ok
19:36:12.0839 0x02e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:12.0855 0x02e4 b57nd60a - ok
19:36:12.0861 0x02e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:36:12.0873 0x02e4 BDESVC - ok
19:36:12.0876 0x02e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:36:12.0904 0x02e4 Beep - ok
19:36:12.0921 0x02e4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
19:36:12.0965 0x02e4 BFE - ok
19:36:12.0988 0x02e4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
19:36:13.0037 0x02e4 BITS - ok
19:36:13.0042 0x02e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:36:13.0053 0x02e4 blbdrive - ok
19:36:13.0057 0x02e4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:36:13.0087 0x02e4 bowser - ok
19:36:13.0090 0x02e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:36:13.0102 0x02e4 BrFiltLo - ok
19:36:13.0105 0x02e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:36:13.0116 0x02e4 BrFiltUp - ok
19:36:13.0122 0x02e4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
19:36:13.0152 0x02e4 Browser - ok
19:36:13.0161 0x02e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:36:13.0178 0x02e4 Brserid - ok
19:36:13.0182 0x02e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:13.0194 0x02e4 BrSerWdm - ok
19:36:13.0197 0x02e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:13.0209 0x02e4 BrUsbMdm - ok
19:36:13.0212 0x02e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:13.0221 0x02e4 BrUsbSer - ok
19:36:13.0225 0x02e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:36:13.0239 0x02e4 BTHMODEM - ok
19:36:13.0244 0x02e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:36:13.0274 0x02e4 bthserv - ok
19:36:13.0279 0x02e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:36:13.0309 0x02e4 cdfs - ok
19:36:13.0314 0x02e4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:36:13.0327 0x02e4 cdrom - ok
19:36:13.0335 0x02e4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
19:36:13.0365 0x02e4 CertPropSvc - ok
19:36:13.0369 0x02e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:36:13.0381 0x02e4 circlass - ok
19:36:13.0394 0x02e4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:36:13.0408 0x02e4 CLFS - ok
19:36:13.0415 0x02e4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:13.0422 0x02e4 clr_optimization_v2.0.50727_32 - ok
19:36:13.0428 0x02e4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:36:13.0435 0x02e4 clr_optimization_v2.0.50727_64 - ok
19:36:13.0443 0x02e4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:13.0451 0x02e4 clr_optimization_v4.0.30319_32 - ok
19:36:13.0459 0x02e4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:36:13.0467 0x02e4 clr_optimization_v4.0.30319_64 - ok
19:36:13.0470 0x02e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:36:13.0480 0x02e4 CmBatt - ok
19:36:13.0484 0x02e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:36:13.0490 0x02e4 cmdide - ok
19:36:13.0503 0x02e4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
19:36:13.0522 0x02e4 CNG - ok
19:36:13.0529 0x02e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:36:13.0536 0x02e4 Compbatt - ok
19:36:13.0542 0x02e4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:36:13.0554 0x02e4 CompositeBus - ok
19:36:13.0557 0x02e4 COMSysApp - ok
19:36:13.0567 0x02e4 [ EB726E02074FDC44EBE97E01A2660AA6, D4C64BF00D71BB7A3DB429EF8B648056067A3FE857F72DD9CE4944A1359BE05D ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:36:13.0578 0x02e4 cphs - ok
19:36:13.0582 0x02e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:36:13.0589 0x02e4 crcdisk - ok
19:36:13.0596 0x02e4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:36:13.0628 0x02e4 CryptSvc - ok
19:36:13.0643 0x02e4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:36:13.0684 0x02e4 DcomLaunch - ok
19:36:13.0693 0x02e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:36:13.0728 0x02e4 defragsvc - ok
19:36:13.0733 0x02e4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:36:13.0762 0x02e4 DfsC - ok
19:36:13.0772 0x02e4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:36:13.0795 0x02e4 Dhcp - ok
19:36:13.0799 0x02e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:36:13.0827 0x02e4 discache - ok
19:36:13.0831 0x02e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:36:13.0839 0x02e4 Disk - ok
19:36:13.0845 0x02e4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:36:13.0878 0x02e4 Dnscache - ok
19:36:13.0887 0x02e4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
19:36:13.0922 0x02e4 dot3svc - ok
19:36:13.0929 0x02e4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
19:36:13.0962 0x02e4 DPS - ok
19:36:13.0965 0x02e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:36:13.0980 0x02e4 drmkaud - ok
19:36:14.0003 0x02e4 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:36:14.0031 0x02e4 DXGKrnl - ok
19:36:14.0037 0x02e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:36:14.0068 0x02e4 EapHost - ok
19:36:14.0141 0x02e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:36:14.0228 0x02e4 ebdrv - ok
19:36:14.0235 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
19:36:14.0247 0x02e4 EFS - ok
19:36:14.0266 0x02e4 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:36:14.0292 0x02e4 ehRecvr - ok
19:36:14.0297 0x02e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:36:14.0310 0x02e4 ehSched - ok
19:36:14.0324 0x02e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:36:14.0340 0x02e4 elxstor - ok
19:36:14.0344 0x02e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:36:14.0353 0x02e4 ErrDev - ok
19:36:14.0368 0x02e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:36:14.0406 0x02e4 EventSystem - ok
19:36:14.0423 0x02e4 [ 8828725F79A93611CB4AB80B65DEC4F9, C208641DAD2EEBB07BAC489352CED7D6B3C7574836DD9D3158BB58089185C7C0 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:36:14.0442 0x02e4 EvtEng - ok
19:36:14.0450 0x02e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:36:14.0482 0x02e4 exfat - ok
19:36:14.0488 0x02e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:36:14.0521 0x02e4 fastfat - ok
19:36:14.0538 0x02e4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
19:36:14.0564 0x02e4 Fax - ok
19:36:14.0568 0x02e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:36:14.0578 0x02e4 fdc - ok
19:36:14.0581 0x02e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:36:14.0610 0x02e4 fdPHost - ok
19:36:14.0614 0x02e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:36:14.0643 0x02e4 FDResPub - ok
19:36:14.0648 0x02e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:36:14.0656 0x02e4 FileInfo - ok
19:36:14.0660 0x02e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:36:14.0688 0x02e4 Filetrace - ok
19:36:14.0692 0x02e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:36:14.0701 0x02e4 flpydisk - ok
19:36:14.0710 0x02e4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:36:14.0722 0x02e4 FltMgr - ok
19:36:14.0749 0x02e4 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
19:36:14.0785 0x02e4 FontCache - ok
19:36:14.0792 0x02e4 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:36:14.0798 0x02e4 FontCache3.0.0.0 - ok
19:36:14.0802 0x02e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:36:14.0809 0x02e4 FsDepends - ok
19:36:14.0812 0x02e4 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:36:14.0818 0x02e4 Fs_Rec - ok
19:36:14.0826 0x02e4 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:36:14.0838 0x02e4 fvevol - ok
19:36:14.0843 0x02e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:36:14.0851 0x02e4 gagp30kx - ok
19:36:14.0870 0x02e4 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
19:36:14.0902 0x02e4 gpsvc - ok
19:36:14.0906 0x02e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:36:14.0916 0x02e4 hcw85cir - ok
19:36:14.0926 0x02e4 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:36:14.0945 0x02e4 HdAudAddService - ok
19:36:14.0954 0x02e4 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:36:14.0968 0x02e4 HDAudBus - ok
19:36:14.0971 0x02e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:36:14.0981 0x02e4 HidBatt - ok
19:36:14.0986 0x02e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:36:14.0999 0x02e4 HidBth - ok
19:36:15.0003 0x02e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:36:15.0016 0x02e4 HidIr - ok
19:36:15.0019 0x02e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:36:15.0049 0x02e4 hidserv - ok
19:36:15.0052 0x02e4 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:36:15.0062 0x02e4 HidUsb - ok
19:36:15.0067 0x02e4 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
19:36:15.0098 0x02e4 hkmsvc - ok
19:36:15.0110 0x02e4 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:36:15.0125 0x02e4 HomeGroupListener - ok
19:36:15.0132 0x02e4 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:36:15.0147 0x02e4 HomeGroupProvider - ok
19:36:15.0151 0x02e4 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:36:15.0159 0x02e4 HpSAMD - ok
19:36:15.0177 0x02e4 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:36:15.0223 0x02e4 HTTP - ok
19:36:15.0228 0x02e4 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:36:15.0235 0x02e4 hwpolicy - ok
19:36:15.0240 0x02e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:36:15.0251 0x02e4 i8042prt - ok
19:36:15.0264 0x02e4 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
19:36:15.0279 0x02e4 iaStorV - ok
19:36:15.0283 0x02e4 [ 410DAF4801FD8C0BBE01CBA068EAA709, DC1C8EAFBDE02291FBCED344D8D59B9446A6F9EC54F727529C790A17FBC5F38F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
19:36:15.0290 0x02e4 IBMPMDRV - ok
19:36:15.0297 0x02e4 [ B3FEA410DB3745D9273D046250575963, 10EC7009736D6211CB5B4A319223A01ECE97B142129B5EB6C9EA58A7BF49C015 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
19:36:15.0305 0x02e4 IBMPMSVC - ok
19:36:15.0327 0x02e4 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:36:15.0350 0x02e4 idsvc - ok
19:36:15.0558 0x02e4 [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:36:15.0793 0x02e4 igfx - ok
19:36:15.0808 0x02e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:36:15.0815 0x02e4 iirsp - ok
19:36:15.0836 0x02e4 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
19:36:15.0884 0x02e4 IKEEXT - ok
19:36:15.0894 0x02e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:36:15.0901 0x02e4 intelide - ok
19:36:15.0905 0x02e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:36:15.0916 0x02e4 intelppm - ok
19:36:15.0921 0x02e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:36:15.0952 0x02e4 IPBusEnum - ok
19:36:15.0956 0x02e4 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:36:15.0985 0x02e4 IpFilterDriver - ok
19:36:16.0000 0x02e4 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:36:16.0044 0x02e4 iphlpsvc - ok
19:36:16.0050 0x02e4 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:36:16.0061 0x02e4 IPMIDRV - ok
19:36:16.0066 0x02e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:36:16.0096 0x02e4 IPNAT - ok
19:36:16.0099 0x02e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:36:16.0112 0x02e4 IRENUM - ok
19:36:16.0116 0x02e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:36:16.0122 0x02e4 isapnp - ok
19:36:16.0129 0x02e4 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:36:16.0140 0x02e4 iScsiPrt - ok
19:36:16.0144 0x02e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:36:16.0151 0x02e4 kbdclass - ok
19:36:16.0155 0x02e4 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:36:16.0165 0x02e4 kbdhid - ok
19:36:16.0169 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
19:36:16.0180 0x02e4 KeyIso - ok
19:36:16.0185 0x02e4 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:36:16.0193 0x02e4 KSecDD - ok
19:36:16.0199 0x02e4 [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:36:16.0208 0x02e4 KSecPkg - ok
19:36:16.0212 0x02e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:36:16.0240 0x02e4 ksthunk - ok
19:36:16.0250 0x02e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:36:16.0288 0x02e4 KtmRm - ok
19:36:16.0295 0x02e4 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
19:36:16.0331 0x02e4 LanmanServer - ok
19:36:16.0336 0x02e4 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:36:16.0369 0x02e4 LanmanWorkstation - ok
19:36:16.0374 0x02e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:36:16.0403 0x02e4 lltdio - ok
19:36:16.0412 0x02e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:36:16.0448 0x02e4 lltdsvc - ok
19:36:16.0452 0x02e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:36:16.0480 0x02e4 lmhosts - ok
19:36:16.0487 0x02e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:36:16.0495 0x02e4 LSI_FC - ok
19:36:16.0500 0x02e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:36:16.0508 0x02e4 LSI_SAS - ok
19:36:16.0512 0x02e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:36:16.0520 0x02e4 LSI_SAS2 - ok
19:36:16.0525 0x02e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:36:16.0533 0x02e4 LSI_SCSI - ok
19:36:16.0538 0x02e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:36:16.0568 0x02e4 luafv - ok
19:36:16.0572 0x02e4 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:36:16.0584 0x02e4 Mcx2Svc - ok
19:36:16.0588 0x02e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:36:16.0595 0x02e4 megasas - ok
19:36:16.0603 0x02e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:36:16.0615 0x02e4 MegaSR - ok
19:36:16.0621 0x02e4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:36:16.0627 0x02e4 MEIx64 - ok
19:36:16.0633 0x02e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:36:16.0663 0x02e4 MMCSS - ok
19:36:16.0667 0x02e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:36:16.0695 0x02e4 Modem - ok
19:36:16.0699 0x02e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:36:16.0710 0x02e4 monitor - ok
19:36:16.0714 0x02e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:36:16.0722 0x02e4 mouclass - ok
19:36:16.0725 0x02e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:36:16.0737 0x02e4 mouhid - ok
19:36:16.0741 0x02e4 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:36:16.0749 0x02e4 mountmgr - ok
19:36:16.0757 0x02e4 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:36:16.0765 0x02e4 MozillaMaintenance - ok
19:36:16.0772 0x02e4 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:36:16.0781 0x02e4 mpio - ok
19:36:16.0785 0x02e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:36:16.0814 0x02e4 mpsdrv - ok
19:36:16.0834 0x02e4 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:36:16.0883 0x02e4 MpsSvc - ok
19:36:16.0891 0x02e4 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:36:16.0907 0x02e4 MRxDAV - ok
19:36:16.0913 0x02e4 [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:36:16.0944 0x02e4 mrxsmb - ok
19:36:16.0952 0x02e4 [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:36:16.0987 0x02e4 mrxsmb10 - ok
19:36:16.0992 0x02e4 [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:36:17.0023 0x02e4 mrxsmb20 - ok
19:36:17.0026 0x02e4 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:36:17.0033 0x02e4 msahci - ok
19:36:17.0038 0x02e4 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:36:17.0047 0x02e4 msdsm - ok
19:36:17.0053 0x02e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:36:17.0067 0x02e4 MSDTC - ok
19:36:17.0073 0x02e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:36:17.0101 0x02e4 Msfs - ok
19:36:17.0104 0x02e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:36:17.0133 0x02e4 mshidkmdf - ok
19:36:17.0136 0x02e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:36:17.0143 0x02e4 msisadrv - ok
19:36:17.0150 0x02e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:36:17.0183 0x02e4 MSiSCSI - ok
19:36:17.0185 0x02e4 msiserver - ok
19:36:17.0189 0x02e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:36:17.0217 0x02e4 MSKSSRV - ok
19:36:17.0220 0x02e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:36:17.0248 0x02e4 MSPCLOCK - ok
19:36:17.0251 0x02e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:36:17.0278 0x02e4 MSPQM - ok
19:36:17.0289 0x02e4 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:36:17.0302 0x02e4 MsRPC - ok
19:36:17.0307 0x02e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:36:17.0314 0x02e4 mssmbios - ok
19:36:17.0317 0x02e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:36:17.0345 0x02e4 MSTEE - ok
19:36:17.0348 0x02e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:36:17.0357 0x02e4 MTConfig - ok
19:36:17.0361 0x02e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:36:17.0368 0x02e4 Mup - ok
19:36:17.0377 0x02e4 [ F41102EEE5B1D6001CD003CED1D63812, 1A879823FAF5240A6CFAEBE999EB4097284C2D5541E4499B6D87CA6C214DD9CE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:36:17.0387 0x02e4 MyWiFiDHCPDNS - ok
19:36:17.0401 0x02e4 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
19:36:17.0442 0x02e4 napagent - ok
19:36:17.0452 0x02e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:36:17.0472 0x02e4 NativeWifiP - ok
19:36:17.0495 0x02e4 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
19:36:17.0520 0x02e4 NDIS - ok
19:36:17.0525 0x02e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:36:17.0553 0x02e4 NdisCap - ok
19:36:17.0556 0x02e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:36:17.0584 0x02e4 NdisTapi - ok
19:36:17.0588 0x02e4 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:36:17.0629 0x02e4 Ndisuio - ok
19:36:17.0635 0x02e4 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:36:17.0667 0x02e4 NdisWan - ok
19:36:17.0671 0x02e4 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:36:17.0701 0x02e4 NDProxy - ok
19:36:17.0704 0x02e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:36:17.0733 0x02e4 NetBIOS - ok
19:36:17.0741 0x02e4 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:36:17.0775 0x02e4 NetBT - ok
19:36:17.0778 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
19:36:17.0789 0x02e4 Netlogon - ok
19:36:17.0799 0x02e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:36:17.0837 0x02e4 Netman - ok
19:36:17.0852 0x02e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:36:17.0892 0x02e4 netprofm - ok
19:36:17.0897 0x02e4 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:36:17.0904 0x02e4 NetTcpPortSharing - ok
19:36:18.0169 0x02e4 [ D37577809DF3AF6A6269E6381E755722, 4C016817390DA5F934A9DE10D30E31A9D848E907B1BBD837E48FE5ED12D9155F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw00.sys
19:36:18.0408 0x02e4 NETwNs64 - ok
19:36:18.0425 0x02e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:36:18.0436 0x02e4 nfrd960 - ok
19:36:18.0447 0x02e4 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
19:36:18.0482 0x02e4 NlaSvc - ok
19:36:18.0486 0x02e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:36:18.0514 0x02e4 Npfs - ok
19:36:18.0518 0x02e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:36:18.0550 0x02e4 nsi - ok
19:36:18.0554 0x02e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:36:18.0583 0x02e4 nsiproxy - ok
19:36:18.0622 0x02e4 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:36:18.0662 0x02e4 Ntfs - ok
19:36:18.0668 0x02e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:36:18.0696 0x02e4 Null - ok
19:36:18.0702 0x02e4 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
19:36:18.0711 0x02e4 nvraid - ok
19:36:18.0717 0x02e4 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
19:36:18.0727 0x02e4 nvstor - ok
19:36:18.0732 0x02e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:36:18.0740 0x02e4 nv_agp - ok
19:36:18.0745 0x02e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:36:18.0755 0x02e4 ohci1394 - ok
19:36:18.0765 0x02e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:36:18.0783 0x02e4 p2pimsvc - ok
19:36:18.0795 0x02e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:36:18.0816 0x02e4 p2psvc - ok
19:36:18.0821 0x02e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:36:18.0833 0x02e4 Parport - ok
19:36:18.0837 0x02e4 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:36:18.0845 0x02e4 partmgr - ok
19:36:18.0852 0x02e4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:36:18.0871 0x02e4 PcaSvc - ok
19:36:18.0878 0x02e4 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
19:36:18.0888 0x02e4 pci - ok
19:36:18.0891 0x02e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:36:18.0897 0x02e4 pciide - ok
19:36:18.0905 0x02e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:18.0915 0x02e4 pcmcia - ok
19:36:18.0919 0x02e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:36:18.0926 0x02e4 pcw - ok
19:36:18.0942 0x02e4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:36:18.0985 0x02e4 PEAUTH - ok
19:36:18.0992 0x02e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:36:19.0004 0x02e4 PerfHost - ok
19:36:19.0039 0x02e4 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
19:36:19.0102 0x02e4 pla - ok
19:36:19.0116 0x02e4 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:36:19.0156 0x02e4 PlugPlay - ok
19:36:19.0159 0x02e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:36:19.0170 0x02e4 PNRPAutoReg - ok
19:36:19.0180 0x02e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:36:19.0198 0x02e4 PNRPsvc - ok
19:36:19.0212 0x02e4 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:36:19.0252 0x02e4 PolicyAgent - ok
19:36:19.0261 0x02e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:36:19.0295 0x02e4 Power - ok
19:36:19.0300 0x02e4 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:36:19.0330 0x02e4 PptpMiniport - ok
19:36:19.0334 0x02e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:36:19.0345 0x02e4 Processor - ok
19:36:19.0352 0x02e4 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
19:36:19.0386 0x02e4 ProfSvc - ok
19:36:19.0390 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:36:19.0403 0x02e4 ProtectedStorage - ok
19:36:19.0408 0x02e4 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:36:19.0439 0x02e4 Psched - ok
19:36:19.0474 0x02e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:36:19.0511 0x02e4 ql2300 - ok
19:36:19.0519 0x02e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:19.0528 0x02e4 ql40xx - ok
19:36:19.0536 0x02e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:36:19.0556 0x02e4 QWAVE - ok
19:36:19.0560 0x02e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:36:19.0574 0x02e4 QWAVEdrv - ok
19:36:19.0577 0x02e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:36:19.0605 0x02e4 RasAcd - ok
19:36:19.0609 0x02e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:19.0638 0x02e4 RasAgileVpn - ok
19:36:19.0645 0x02e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:36:19.0676 0x02e4 RasAuto - ok
19:36:19.0682 0x02e4 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:19.0713 0x02e4 Rasl2tp - ok
19:36:19.0723 0x02e4 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
19:36:19.0760 0x02e4 RasMan - ok
19:36:19.0764 0x02e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:19.0794 0x02e4 RasPppoe - ok
19:36:19.0798 0x02e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:36:19.0828 0x02e4 RasSstp - ok
19:36:19.0837 0x02e4 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:36:19.0872 0x02e4 rdbss - ok
19:36:19.0875 0x02e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:19.0887 0x02e4 rdpbus - ok
19:36:19.0890 0x02e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:19.0918 0x02e4 RDPCDD - ok
19:36:19.0923 0x02e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:36:19.0951 0x02e4 RDPENCDD - ok
19:36:19.0955 0x02e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:36:19.0983 0x02e4 RDPREFMP - ok
19:36:19.0989 0x02e4 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:36:20.0022 0x02e4 RDPWD - ok
19:36:20.0029 0x02e4 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:36:20.0040 0x02e4 rdyboost - ok
19:36:20.0047 0x02e4 [ 0060A50F5E3A397E1F84B0C8F5F9898B, 685452985AF6BF68A63A8A306E7BFA4051B0E8C41CA67EE74D506E6F560FF5DD ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:36:20.0055 0x02e4 RegSrvc - ok
19:36:20.0060 0x02e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:36:20.0091 0x02e4 RemoteAccess - ok
19:36:20.0097 0x02e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:36:20.0130 0x02e4 RemoteRegistry - ok
19:36:20.0135 0x02e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:36:20.0166 0x02e4 RpcEptMapper - ok
19:36:20.0169 0x02e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:36:20.0180 0x02e4 RpcLocator - ok
19:36:20.0193 0x02e4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
19:36:20.0234 0x02e4 RpcSs - ok
19:36:20.0239 0x02e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:36:20.0268 0x02e4 rspndr - ok
19:36:20.0292 0x02e4 [ 46596144363B912105F70016F0E2F908, 199FF8BFA60D8E9662F3C785146FAED3231B514D260F795B2B9857DC1EEB2E4B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:36:20.0315 0x02e4 RTL8167 - ok
19:36:20.0319 0x02e4 [ 2C139A3D76AD5F87506EEC0F11206E6F, C38BB56ADEFBF50F2BDF71DC04DD74112956A6614CA899A6069A82EF3D4E32BC ] RtlvVga C:\Windows\system32\DRIVERS\RtlvVga.sys
19:36:20.0325 0x02e4 RtlvVga - ok
19:36:20.0328 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
19:36:20.0340 0x02e4 SamSs - ok
19:36:20.0344 0x02e4 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:36:20.0353 0x02e4 sbp2port - ok
19:36:20.0359 0x02e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:36:20.0394 0x02e4 SCardSvr - ok
19:36:20.0397 0x02e4 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:36:20.0425 0x02e4 scfilter - ok
19:36:20.0451 0x02e4 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
19:36:20.0507 0x02e4 Schedule - ok
19:36:20.0513 0x02e4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:36:20.0542 0x02e4 SCPolicySvc - ok
19:36:20.0549 0x02e4 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:36:20.0564 0x02e4 SDRSVC - ok
19:36:20.0567 0x02e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:36:20.0596 0x02e4 secdrv - ok
19:36:20.0599 0x02e4 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
19:36:20.0629 0x02e4 seclogon - ok
19:36:20.0633 0x02e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:36:20.0664 0x02e4 SENS - ok
19:36:20.0667 0x02e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:36:20.0679 0x02e4 SensrSvc - ok
19:36:20.0683 0x02e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:36:20.0693 0x02e4 Serenum - ok
19:36:20.0698 0x02e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:36:20.0709 0x02e4 Serial - ok
19:36:20.0712 0x02e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:36:20.0722 0x02e4 sermouse - ok
19:36:20.0732 0x02e4 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
19:36:20.0764 0x02e4 SessionEnv - ok
19:36:20.0767 0x02e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:36:20.0776 0x02e4 sffdisk - ok
19:36:20.0779 0x02e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:36:20.0788 0x02e4 sffp_mmc - ok
19:36:20.0791 0x02e4 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:36:20.0801 0x02e4 sffp_sd - ok
19:36:20.0804 0x02e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:20.0813 0x02e4 sfloppy - ok
19:36:20.0823 0x02e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:36:20.0860 0x02e4 SharedAccess - ok
19:36:20.0870 0x02e4 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:36:20.0895 0x02e4 ShellHWDetection - ok
19:36:20.0898 0x02e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:20.0905 0x02e4 SiSRaid2 - ok
19:36:20.0910 0x02e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:20.0918 0x02e4 SiSRaid4 - ok
19:36:21.0273 0x02e4 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate G:\Program Files (x86)\Skype\Updater\Updater.exe
19:36:21.0299 0x02e4 SkypeUpdate - ok
19:36:21.0307 0x02e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:36:21.0338 0x02e4 Smb - ok
19:36:21.0344 0x02e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:36:21.0357 0x02e4 SNMPTRAP - ok
19:36:21.0360 0x02e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:36:21.0367 0x02e4 spldr - ok
19:36:21.0381 0x02e4 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
19:36:21.0408 0x02e4 Spooler - ok
19:36:21.0486 0x02e4 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
19:36:21.0581 0x02e4 sppsvc - ok
19:36:21.0589 0x02e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:36:21.0620 0x02e4 sppuinotify - ok
19:36:21.0633 0x02e4 [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:36:21.0672 0x02e4 srv - ok
19:36:21.0683 0x02e4 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:36:21.0720 0x02e4 srv2 - ok
19:36:21.0726 0x02e4 [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:36:21.0757 0x02e4 srvnet - ok
19:36:21.0764 0x02e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:36:21.0797 0x02e4 SSDPSRV - ok
19:36:21.0802 0x02e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:36:21.0833 0x02e4 SstpSvc - ok
19:36:21.0837 0x02e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:36:21.0844 0x02e4 stexstor - ok
19:36:21.0859 0x02e4 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
19:36:21.0888 0x02e4 stisvc - ok
19:36:21.0892 0x02e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:36:21.0898 0x02e4 swenum - ok
19:36:21.0912 0x02e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:36:21.0954 0x02e4 swprv - ok
19:36:21.0996 0x02e4 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
19:36:22.0053 0x02e4 SysMain - ok
19:36:22.0061 0x02e4 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:36:22.0078 0x02e4 TabletInputService - ok
19:36:22.0089 0x02e4 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:36:22.0126 0x02e4 TapiSrv - ok
19:36:22.0130 0x02e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:36:22.0161 0x02e4 TBS - ok
19:36:22.0204 0x02e4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:36:22.0249 0x02e4 Tcpip - ok
19:36:22.0294 0x02e4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:36:22.0339 0x02e4 TCPIP6 - ok
19:36:22.0347 0x02e4 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:36:22.0376 0x02e4 tcpipreg - ok
19:36:22.0381 0x02e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:36:22.0409 0x02e4 TDPIPE - ok
19:36:22.0412 0x02e4 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:36:22.0441 0x02e4 TDTCP - ok
19:36:22.0446 0x02e4 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:36:22.0476 0x02e4 tdx - ok
19:36:22.0480 0x02e4 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:36:22.0487 0x02e4 TermDD - ok
19:36:22.0505 0x02e4 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
19:36:22.0552 0x02e4 TermService - ok
19:36:22.0557 0x02e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:36:22.0573 0x02e4 Themes - ok
19:36:22.0577 0x02e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:36:22.0607 0x02e4 THREADORDER - ok
19:36:22.0611 0x02e4 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
19:36:22.0621 0x02e4 TPM - ok
19:36:22.0627 0x02e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:36:22.0660 0x02e4 TrkWks - ok
19:36:22.0666 0x02e4 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:36:22.0680 0x02e4 TrustedInstaller - ok
19:36:22.0685 0x02e4 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:22.0714 0x02e4 tssecsrv - ok
19:36:22.0719 0x02e4 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:36:22.0749 0x02e4 tunnel - ok
19:36:22.0753 0x02e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:36:22.0761 0x02e4 uagp35 - ok
19:36:22.0770 0x02e4 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:36:22.0832 0x02e4 udfs - ok
19:36:22.0838 0x02e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:36:22.0851 0x02e4 UI0Detect - ok
19:36:22.0856 0x02e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:36:22.0863 0x02e4 uliagpkx - ok
19:36:22.0867 0x02e4 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:36:22.0878 0x02e4 umbus - ok
19:36:22.0881 0x02e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:36:22.0891 0x02e4 UmPass - ok
19:36:22.0901 0x02e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:36:22.0939 0x02e4 upnphost - ok
19:36:22.0944 0x02e4 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:22.0955 0x02e4 usbccgp - ok
19:36:22.0961 0x02e4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:36:22.0974 0x02e4 usbcir - ok
19:36:22.0978 0x02e4 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:36:22.0988 0x02e4 usbehci - ok
19:36:22.0999 0x02e4 [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:36:23.0017 0x02e4 usbhub - ok
19:36:23.0020 0x02e4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:36:23.0030 0x02e4 usbohci - ok
19:36:23.0033 0x02e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:36:23.0045 0x02e4 usbprint - ok
19:36:23.0050 0x02e4 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:23.0061 0x02e4 USBSTOR - ok
19:36:23.0065 0x02e4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:36:23.0075 0x02e4 usbuhci - ok
19:36:23.0082 0x02e4 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:36:23.0096 0x02e4 usbvideo - ok
19:36:23.0101 0x02e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:36:23.0132 0x02e4 UxSms - ok
19:36:23.0135 0x02e4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
19:36:23.0147 0x02e4 VaultSvc - ok
19:36:23.0150 0x02e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:36:23.0157 0x02e4 vdrvroot - ok
19:36:23.0171 0x02e4 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
19:36:23.0195 0x02e4 vds - ok
19:36:23.0199 0x02e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:36:23.0211 0x02e4 vga - ok
19:36:23.0214 0x02e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:36:23.0242 0x02e4 VgaSave - ok
19:36:23.0249 0x02e4 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:36:23.0259 0x02e4 vhdmp - ok
19:36:23.0262 0x02e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:36:23.0269 0x02e4 viaide - ok
19:36:23.0273 0x02e4 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:36:23.0281 0x02e4 volmgr - ok
19:36:23.0291 0x02e4 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:36:23.0305 0x02e4 volmgrx - ok
19:36:23.0315 0x02e4 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:36:23.0328 0x02e4 volsnap - ok
19:36:23.0334 0x02e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:36:23.0344 0x02e4 vsmraid - ok
19:36:23.0382 0x02e4 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
19:36:23.0432 0x02e4 VSS - ok
19:36:23.0438 0x02e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:36:23.0450 0x02e4 vwifibus - ok
19:36:23.0457 0x02e4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:36:23.0472 0x02e4 vwififlt - ok
19:36:23.0475 0x02e4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:36:23.0488 0x02e4 vwifimp - ok
19:36:23.0499 0x02e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:36:23.0538 0x02e4 W32Time - ok
19:36:23.0543 0x02e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:36:23.0553 0x02e4 WacomPen - ok
19:36:23.0557 0x02e4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:36:23.0591 0x02e4 WANARP - ok
19:36:23.0595 0x02e4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:36:23.0624 0x02e4 Wanarpv6 - ok
19:36:23.0660 0x02e4 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
19:36:23.0707 0x02e4 wbengine - ok
19:36:23.0717 0x02e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:36:23.0736 0x02e4 WbioSrvc - ok
19:36:23.0748 0x02e4 [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:36:23.0768 0x02e4 wcncsvc - ok
19:36:23.0772 0x02e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:36:23.0784 0x02e4 WcsPlugInService - ok
19:36:23.0787 0x02e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:36:23.0794 0x02e4 Wd - ok
19:36:23.0810 0x02e4 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:36:23.0830 0x02e4 Wdf01000 - ok
19:36:23.0836 0x02e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:36:23.0853 0x02e4 WdiServiceHost - ok
19:36:23.0857 0x02e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:36:23.0875 0x02e4 WdiSystemHost - ok
19:36:23.0883 0x02e4 [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
19:36:23.0901 0x02e4 WebClient - ok
19:36:23.0909 0x02e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:36:23.0945 0x02e4 Wecsvc - ok
19:36:23.0949 0x02e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:36:23.0981 0x02e4 wercplsupport - ok
19:36:23.0985 0x02e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:36:24.0016 0x02e4 WerSvc - ok
19:36:24.0020 0x02e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:36:24.0049 0x02e4 WfpLwf - ok
19:36:24.0051 0x02e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:36:24.0058 0x02e4 WIMMount - ok
19:36:24.0060 0x02e4 WinDefend - ok
19:36:24.0065 0x02e4 WinHttpAutoProxySvc - ok
19:36:24.0076 0x02e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:36:24.0109 0x02e4 Winmgmt - ok
19:36:24.0155 0x02e4 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
19:36:24.0233 0x02e4 WinRM - ok
19:36:24.0245 0x02e4 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:36:24.0257 0x02e4 WinUsb - ok
19:36:24.0279 0x02e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:36:24.0315 0x02e4 Wlansvc - ok
19:36:24.0319 0x02e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:36:24.0328 0x02e4 WmiAcpi - ok
19:36:24.0337 0x02e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:36:24.0351 0x02e4 wmiApSrv - ok
19:36:24.0354 0x02e4 WMPNetworkSvc - ok
19:36:24.0357 0x02e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:36:24.0369 0x02e4 WPCSvc - ok
19:36:24.0374 0x02e4 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:36:24.0389 0x02e4 WPDBusEnum - ok
19:36:24.0392 0x02e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:36:24.0420 0x02e4 ws2ifsl - ok
19:36:24.0425 0x02e4 [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
19:36:24.0439 0x02e4 wscsvc - ok
19:36:24.0441 0x02e4 WSearch - ok
19:36:24.0498 0x02e4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:36:24.0556 0x02e4 wuauserv - ok
19:36:24.0565 0x02e4 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:36:24.0595 0x02e4 WudfPf - ok
19:36:24.0601 0x02e4 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:36:24.0633 0x02e4 WUDFRd - ok
19:36:24.0638 0x02e4 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:36:24.0669 0x02e4 wudfsvc - ok
19:36:24.0677 0x02e4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:36:24.0698 0x02e4 WwanSvc - ok
19:36:24.0784 0x02e4 [ 8BA550098E9A09FA934C05F0CF9D5857, EF105D2A1FEEF7F3253810F0CF4694E2668CE9964BD528F10BBCCE02CA7F3485 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:36:24.0867 0x02e4 ZeroConfigService - ok
19:36:24.0878 0x02e4 ================ Scan global ===============================
19:36:24.0881 0x02e4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:36:24.0889 0x02e4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:36:24.0902 0x02e4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:36:24.0911 0x02e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:36:24.0922 0x02e4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:36:24.0930 0x02e4 [ Global ] - ok
19:36:24.0930 0x02e4 ================ Scan MBR ==================================
19:36:24.0933 0x02e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:36:25.0559 0x02e4 \Device\Harddisk1\DR1 - ok
19:36:25.0564 0x02e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:36:25.0594 0x02e4 \Device\Harddisk0\DR0 - ok
19:36:25.0595 0x02e4 ================ Scan VBR ==================================
19:36:25.0598 0x02e4 [ 0473E10A9A10353D4E1091EA88849DF8 ] \Device\Harddisk1\DR1\Partition1
19:36:25.0600 0x02e4 \Device\Harddisk1\DR1\Partition1 - ok
19:36:25.0604 0x02e4 [ 32D21B8997B09ACD1238D7514D90DB7B ] \Device\Harddisk1\DR1\Partition2
19:36:25.0607 0x02e4 \Device\Harddisk1\DR1\Partition2 - ok
19:36:25.0611 0x02e4 [ 98BA4B2C807CC2D639458D1F7DEB9C30 ] \Device\Harddisk0\DR0\Partition1
19:36:25.0615 0x02e4 \Device\Harddisk0\DR0\Partition1 - ok
19:36:25.0617 0x02e4 ================ Scan generic autorun ======================
19:36:25.0626 0x02e4 [ 2C8518B622C6429480507F24C21B6223, BA2FF253A3F6C53F4C24903DF406FFB37121792A49E29A5A58E753E62321C312 ] C:\Windows\system32\igfxtray.exe
19:36:25.0635 0x02e4 IgfxTray - ok
19:36:25.0646 0x02e4 [ 2700358647B5F0253756BF41564586E1, 859ECC17AAADCDAB6ED96FEC372522B69C44C50B7781F29B2B0EAAF13FD0C803 ] C:\Windows\system32\hkcmd.exe
19:36:25.0660 0x02e4 HotKeysCmds - ok
19:36:25.0672 0x02e4 [ 8D42A43CE49736478BF6FCE9DD3383CB, 7D1A7D4CAF468815BD8BFD324E60956F8A7B12E9714A0064742F403474C03E44 ] C:\Windows\system32\igfxpers.exe
19:36:25.0686 0x02e4 Persistence - ok
19:36:25.0819 0x02e4 [ D6FE9E0F705794A86F87A01B222290EF, 92EE74775E39B6CC83C5B8D80239D7C475825057E31CC3A8D85D152FD77F7F8A ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:36:25.0947 0x02e4 AvastUI.exe - ok
19:36:25.0979 0x02e4 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:36:26.0019 0x02e4 Sidebar - ok
19:36:26.0025 0x02e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:36:26.0041 0x02e4 mctadmin - ok
19:36:26.0069 0x02e4 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:36:26.0106 0x02e4 Sidebar - ok
19:36:26.0113 0x02e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:36:26.0128 0x02e4 mctadmin - ok
19:36:26.0179 0x02e4 Skype - ok
19:36:26.0183 0x02e4 Waiting for KSN requests completion. In queue: 282
19:36:27.0183 0x02e4 Waiting for KSN requests completion. In queue: 282
19:36:28.0183 0x02e4 Waiting for KSN requests completion. In queue: 282
19:36:29.0217 0x02e4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
19:36:29.0224 0x02e4 Win FW state via NFP2: enabled ( trusted )
19:36:31.0964 0x02e4 ============================================================
19:36:31.0964 0x02e4 Scan finished
19:36:31.0964 0x02e4 ============================================================
19:36:31.0977 0x1134 Detected object count: 0
19:36:31.0977 0x1134 Actual detected object count: 0
|
|
19.08.2015, 08:40
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Key-Logger Problem hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2015, 10:28
| #5 |
| | Windows 7: Key-Logger Problem Guten Morgen, Hier das Log-File von Combo-Fix: Code:
ATTFilter Combofix Logfile: |
|
19.08.2015, 17:12
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Key-Logger Problem Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7: Key-Logger Problem |
|
19.08.2015, 18:04
| #7 |
| | Windows 7: Key-Logger Problem Hi, hier wieder die Logdateien. Nur so als Zwischenfrage. Wurde schon was gefunden? 1.MBAM-Log Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 19.08.2015 Suchlaufzeit: 18:43 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.19.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: Korbinian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 342575 Abgelaufene Zeit: 4 Min., 18 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.002 - Bericht erstellt 19/08/2015 um 18:51:54
# Aktualisiert 18/08/2015 von Xplode
# Datenbank : 2015-08-18.2 [Server]
# Betriebssystem : Windows 7 Home Premium (x64)
# Benutzername : Korbinian - LARÖ
# Gestarted von : C:\Users\Korbinian\Desktop\AdwCleaner_5.002.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [701 Bytes] ##########
[/CODE] 3. JRT-Log Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Korbinian on 19.08.2015 at 18:55:06,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.08.2015 at 18:57:18,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Korbinian (Administrator) auf LARÖ (19-08-2015 18:59:33)
Gestartet von C:\Users\Korbinian\Desktop
Geladene Profile: Korbinian (Verfügbare Profile: Korbinian)
Platform: Windows 7 Home Premium (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) G:\Programme\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-17] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-17] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1275952522-315387896-485487144-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17] (AVAST Software)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Tcpip\..\Interfaces\{000A1E5B-0F54-4D2E-8B21-2B9D3C7DEE50}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{2557505B-1860-46E9-93AC-2A7546768EB3}: [NameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-18] ()
FF Extension: WOT - C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-08-18]
FF Extension: Adblock Plus - C:\Users\Korbinian\AppData\Roaming\Mozilla\Firefox\Profiles\u93unjrk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-17]
StartMenuInternet: FIREFOX.EXE - G:\Programme\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-17] (AVAST Software)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S2 SkypeUpdate; G:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-17] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation )
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 18:57 - 2015-08-19 18:57 - 00000713 _____ C:\Users\Korbinian\Desktop\JRT.txt
2015-08-19 18:54 - 2015-08-19 18:40 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Korbinian\Desktop\JRT.exe
2015-08-19 18:53 - 2015-08-19 18:53 - 00000779 _____ C:\Users\Korbinian\Desktop\AdwCleaner[C1].txt
2015-08-19 18:51 - 2015-08-19 18:51 - 00000000 ____D C:\AdwCleaner
2015-08-19 18:49 - 2015-08-19 18:39 - 01585664 _____ C:\Users\Korbinian\Desktop\AdwCleaner_5.002.exe
2015-08-19 18:41 - 2015-08-19 18:41 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-19 18:41 - 2015-08-19 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-19 18:41 - 2015-08-19 18:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-19 18:41 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-19 18:41 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-19 18:40 - 2015-08-19 18:40 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Korbinian\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-19 18:39 - 2015-08-19 18:40 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Korbinian\Downloads\JRT.exe
2015-08-19 18:39 - 2015-08-19 18:39 - 01585664 _____ C:\Users\Korbinian\Downloads\AdwCleaner_5.002.exe
2015-08-19 18:38 - 2015-08-19 18:40 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Korbinian\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-19 11:26 - 2015-08-19 11:26 - 00013248 _____ C:\ComboFix.txt
2015-08-19 11:20 - 2015-08-19 11:26 - 00000000 ____D C:\Qoobox
2015-08-19 11:20 - 2015-08-19 11:25 - 00000000 ____D C:\Windows\erdnt
2015-08-19 11:20 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-19 11:20 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-19 11:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-19 11:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-19 11:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-19 11:20 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-19 11:20 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-19 11:20 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-19 11:19 - 2015-08-19 11:19 - 00000000 ____D C:\Windows\system32\SPReview
2015-08-19 11:19 - 2015-08-19 11:19 - 00000000 ____D C:\Windows\system32\EventProviders
2015-08-19 11:19 - 2015-08-19 11:18 - 05635271 ____R (Swearware) C:\Users\Korbinian\Desktop\ComboFix.exe
2015-08-19 11:18 - 2015-08-19 11:18 - 05635271 _____ (Swearware) C:\Users\Korbinian\Downloads\ComboFix.exe
2015-08-18 19:34 - 2015-08-18 19:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Korbinian\Downloads\tdsskiller.exe
2015-08-18 19:34 - 2015-08-18 19:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Korbinian\Desktop\tdsskiller.exe
2015-08-18 19:16 - 2015-08-19 18:42 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 19:16 - 2015-08-19 18:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-18 19:16 - 2015-08-18 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-18 19:14 - 2015-08-18 19:32 - 00000000 ____D C:\Users\Korbinian\Desktop\mbar
2015-08-18 19:14 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-18 19:11 - 2015-08-18 19:12 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Korbinian\Desktop\mbar-1.09.2.1008.exe
2015-08-18 18:19 - 2015-08-18 18:19 - 00021001 _____ C:\Users\Korbinian\Desktop\Addition.txt
2015-08-18 18:18 - 2015-08-19 18:59 - 00007158 _____ C:\Users\Korbinian\Desktop\FRST.txt
2015-08-18 18:18 - 2015-08-18 18:18 - 00000480 _____ C:\Users\Korbinian\Desktop\defogger_disable.log
2015-08-18 18:15 - 2015-08-18 18:15 - 1173614773 _____ C:\Windows\MEMORY.DMP
2015-08-18 18:15 - 2015-08-18 18:15 - 00462320 _____ C:\Windows\Minidump\081815-7909-01.dmp
2015-08-18 18:15 - 2015-08-18 18:15 - 00000000 ____D C:\Windows\Minidump
2015-08-18 17:30 - 2015-08-18 17:30 - 00380416 _____ C:\Users\Korbinian\Desktop\Gmer-19357.exe
2015-08-18 17:28 - 2015-08-19 18:59 - 00000000 ____D C:\FRST
2015-08-18 17:27 - 2015-08-18 17:28 - 02173440 _____ (Farbar) C:\Users\Korbinian\Desktop\FRST64.exe
2015-08-18 17:27 - 2015-08-18 17:27 - 00000000 ____D C:\$WINDOWS.~BT
2015-08-18 17:27 - 2015-08-18 17:27 - 00000000 _____ C:\Users\Korbinian\defogger_reenable
2015-08-18 17:26 - 2015-08-18 17:26 - 00050477 _____ C:\Users\Korbinian\Desktop\Defogger.exe
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Macromedia
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Adobe
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Macromedia
2015-08-18 15:31 - 2015-08-19 18:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-18 15:31 - 2015-08-18 15:31 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-18 15:31 - 2015-08-18 15:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-18 15:31 - 2015-08-18 15:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-18 15:31 - 2015-08-18 15:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-08-18 15:31 - 2015-08-18 15:31 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-18 15:30 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Adobe
2015-08-18 14:30 - 2015-08-18 14:30 - 19648448 _____ (Microsoft Corporation) C:\Users\Korbinian\Downloads\MediaCreationToolx64(1).exe
2015-08-18 14:30 - 2015-08-18 14:30 - 00000000 ____D C:\$Windows.~WS
2015-08-18 02:17 - 2015-08-18 02:29 - 00001908 _____ C:\Windows\diagwrn.xml
2015-08-18 02:17 - 2015-08-18 02:29 - 00001908 _____ C:\Windows\diagerr.xml
2015-08-18 01:50 - 2015-08-18 23:46 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Skype
2015-08-18 01:50 - 2015-08-18 01:50 - 00000000 ____D C:\Users\Korbinian\Tracing
2015-08-18 01:50 - 2015-08-18 01:50 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\ProgramData\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-18 01:49 - 2015-08-18 01:49 - 00000000 ____D C:\Program Files (x86)\Skype
2015-08-18 01:47 - 2015-08-18 01:47 - 01385504 _____ (Skype Technologies S.A.) C:\Users\Korbinian\Downloads\SkypeSetup.exe
2015-08-18 01:07 - 2015-08-18 01:07 - 19648448 _____ (Microsoft Corporation) C:\Users\Korbinian\Downloads\MediaCreationToolx64.exe
2015-08-18 00:53 - 2015-08-19 18:52 - 00001258 _____ C:\Windows\PFRO.log
2015-08-18 00:53 - 2015-08-18 00:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-18 00:53 - 2015-08-18 00:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-18 00:52 - 2015-08-18 00:52 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-18 00:52 - 2015-08-18 00:52 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-18 00:52 - 2015-08-18 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-08-18 00:52 - 2015-08-18 00:52 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-08-18 00:50 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-08-18 00:50 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-08-18 00:50 - 2009-11-25 21:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-08-18 00:50 - 2009-11-25 21:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-08-18 00:50 - 2009-11-25 21:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-08-18 00:49 - 2015-08-18 00:49 - 00000000 ____D C:\Program Files\AuthenTec
2015-08-18 00:47 - 2009-10-10 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2015-08-18 00:45 - 2015-08-18 00:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-18 00:45 - 2015-08-18 00:45 - 00000000 ____D C:\Intel
2015-08-18 00:45 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-18 00:45 - 2013-02-19 20:35 - 00056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-08-18 00:45 - 2013-02-19 20:35 - 00056320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-08-18 00:44 - 2015-07-29 22:19 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-18 00:44 - 2015-07-29 22:16 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-18 00:44 - 2015-07-29 22:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-18 00:44 - 2015-07-29 22:11 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-18 00:44 - 2015-05-21 15:12 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-18 00:44 - 2015-01-28 01:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-08-18 00:44 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-18 00:44 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-18 00:44 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-08-18 00:44 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 01498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2015-08-18 00:44 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-08-18 00:44 - 2010-12-21 08:13 - 02003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-18 00:44 - 2010-12-21 08:13 - 01880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-18 00:44 - 2010-12-21 08:11 - 12369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-18 00:44 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-08-18 00:44 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2015-08-18 00:44 - 2010-12-21 07:36 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-18 00:44 - 2010-12-21 07:36 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-18 00:44 - 2010-12-21 07:35 - 10989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-18 00:44 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-18 00:44 - 2010-11-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-18 00:44 - 2010-11-04 08:31 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-18 00:44 - 2010-11-04 07:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-18 00:44 - 2010-11-04 07:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-18 00:44 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-18 00:44 - 2010-11-02 07:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-18 00:44 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-18 00:44 - 2010-11-02 06:35 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-18 00:44 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-08-18 00:44 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-08-18 00:44 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-08-18 00:44 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-08-18 00:44 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-08-18 00:44 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-08-18 00:44 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-08-18 00:44 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-08-18 00:44 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-08-18 00:44 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-08-18 00:44 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-08-18 00:44 - 2009-12-11 12:29 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-18 00:44 - 2009-12-11 11:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-18 00:44 - 2009-12-11 09:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-18 00:44 - 2009-12-11 09:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-18 00:43 - 2015-03-19 05:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-18 00:43 - 2015-03-19 04:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-18 00:43 - 2015-03-19 04:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-18 00:43 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-18 00:43 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-18 00:43 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-18 00:43 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-18 00:43 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-08-18 00:43 - 2011-08-30 07:21 - 14164480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-18 00:43 - 2011-08-30 06:28 - 12868096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-18 00:43 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-18 00:43 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-08-18 00:43 - 2010-03-24 08:59 - 01736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-18 00:43 - 2010-03-24 08:37 - 01289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-08-18 00:43 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-08-18 00:43 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-08-18 00:43 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-08-18 00:43 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-08-18 00:43 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-08-18 00:43 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-08-18 00:43 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-08-18 00:43 - 2009-10-31 08:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-18 00:43 - 2009-10-31 07:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-08-18 00:43 - 2009-10-28 08:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-17 20:55 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Panther
2015-08-17 20:53 - 2015-08-17 20:53 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\AVAST Software
2015-08-17 20:51 - 2015-08-17 20:51 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-17 20:51 - 2015-08-17 20:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-17 20:51 - 2015-08-17 20:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-17 20:51 - 2015-08-17 20:51 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-17 20:51 - 2015-08-17 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-17 20:51 - 2015-08-17 20:51 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-17 20:50 - 2015-08-18 00:56 - 00057952 _____ C:\Users\Korbinian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-17 20:50 - 2015-08-17 20:50 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-17 20:48 - 2015-08-17 20:55 - 00000000 ____D C:\Users\Korbinian\AppData\Local\Mozilla
2015-08-17 20:48 - 2015-08-17 20:49 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Mozilla
2015-08-17 20:48 - 2015-08-17 20:48 - 00000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-17 20:48 - 2015-08-17 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-17 20:47 - 2015-06-23 13:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-08-17 20:42 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-17 20:42 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-17 20:42 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-17 20:42 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-17 20:42 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-17 20:42 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-17 20:42 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-17 20:40 - 2015-08-18 00:45 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-08-17 20:40 - 2015-08-18 00:45 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-17 20:40 - 2015-08-17 20:40 - 00000000 ____D C:\Users\Korbinian\AppData\Roaming\Intel
2015-08-17 20:40 - 2015-08-17 20:40 - 00000000 ____D C:\ProgramData\Intel
2015-08-17 20:39 - 2015-08-17 20:40 - 00008912 _____ C:\Windows\DPINST.LOG
2015-08-17 20:39 - 2015-08-17 20:40 - 00000000 ____D C:\Program Files\Intel
2015-08-17 20:39 - 2015-08-17 20:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-17 20:22 - 2015-08-17 20:40 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-08-17 20:20 - 2015-08-17 20:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-17 20:20 - 2015-08-17 20:20 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-17 20:20 - 2014-02-18 19:48 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-08-17 20:20 - 2014-02-18 19:48 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-08-17 20:20 - 2014-02-18 19:48 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-08-17 20:12 - 2015-08-17 20:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-08-17 20:12 - 2014-03-18 22:53 - 00027792 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\RtlvVga.dll
2015-08-17 20:12 - 2014-03-18 22:53 - 00011920 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RtlvVga.sys
2015-08-17 20:12 - 2014-03-17 16:46 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2015-08-17 19:59 - 2015-08-19 18:52 - 00716410 _____ C:\Windows\WindowsUpdate.log
2015-08-17 19:59 - 2015-08-18 17:27 - 00000000 ____D C:\Users\Korbinian
2015-08-17 19:59 - 2015-08-17 19:59 - 00001439 _____ C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 19:59 - 2015-08-17 19:59 - 00001405 _____ C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-17 19:59 - 2015-08-17 19:59 - 00000020 ___SH C:\Users\Korbinian\ntuser.ini
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Netzwerkumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Lokale Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Eigene Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Druckumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Korbinian\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 ____D C:\Users\Korbinian\AppData\Local\VirtualStore
2015-08-17 19:59 - 2015-08-17 19:59 - 00000000 ____D C:\Recovery
2015-08-17 19:59 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 19:59 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Korbinian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-17 19:57 - 2015-08-17 19:57 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-08-17 19:57 - 2015-08-17 19:57 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-08-17 19:57 - 2015-08-17 19:57 - 00001313 _____ C:\Windows\TSSysprep.log
2015-08-14 05:01 - 2015-08-14 05:01 - 00156920 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2015-08-14 05:01 - 2015-08-14 05:01 - 00081144 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2015-08-14 05:01 - 2015-08-14 05:01 - 00072912 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2015-08-14 05:01 - 2015-08-14 05:01 - 00050936 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 18:57 - 2009-07-14 19:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2015-08-19 18:57 - 2009-07-14 19:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2015-08-19 18:57 - 2009-07-14 07:13 - 01499914 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 18:55 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 18:55 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 18:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 18:52 - 2009-07-14 06:51 - 00000824 _____ C:\Windows\setupact.log
2015-08-19 15:31 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-19 11:25 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-18 15:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-18 14:05 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-08-18 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-18 02:17 - 2009-07-14 06:51 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 00:53 - 2009-07-14 06:45 - 00266400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-18 00:49 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-08-17 20:55 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-08-17 20:55 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-08-17 20:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-17 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-17 20:12 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-08-17 19:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2015-08-17 19:57 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-17 19:57 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2015-08-17 19:57 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 19:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
Einige Dateien in TEMP:
====================
C:\Users\Korbinian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-17 21:47
==================== Ende von Ergebnis ============================
|
|
20.08.2015, 12:37
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: Key-Logger Problem Nur ein wenig Adware, mehr kann da auch nicht sein da die Platte ja formatiert wurde. Ist dieser besagte EmailAccount noch auf irgend einem anderen Gerät eingerichtet?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Key-Logger Problem |
| antivirus, avast, cpu, defender, dnsapi.dll, e-mail, failed, festplatte, flash player, home, installation, mozilla, problem, prozesse, realtek, registry, rundll, scan, security, services.exe, software, spam, svchost.exe, system, usb, windows |
WARNUNG an die MITLESER: 
