Windows 8 / GData findet verschlüsselte Einträge, zehn Tage ohne Virenschutz gesurft

asgrub · 22.08.2015, 10:44

Hallo und guten Tag,

ich bin seit etwa zehn Tage ohne Virenschutz im Internet unterwegs. Ich habe es nicht bemerkt, dass GData abgelaufen war ( Version von Computerbil muss man stets neu aktivieren).
Nun habe ich es erneut aktiviert und Gdata fand viele Einträge, auf die es nicht zugreifen konnte. Nun bin ich sehr verunsichert, ob ich eventuell einen Virus oder etwas ähnliches bekommen habe. Ich habe mich an Ihre Anleitung gehalten und Gdata blockierte eine Datei, als ich FRST starten wollte, die er in die Quarantäne schob.
Frage 1: Sind die Dateien, auf die GData nicht zugreifen konnte ungefährlich?
Frage 2: Wie kann ich dies in Zukunft erkennen, wenn Gdata erneut auf Dateien nicht zugreifen kann?
Frage 3: Ist die Datei, die in die Quarantäne geschoben wurde, ungefährlich? Diese kam ja scheinbar von einem Ihrer Programme, FRST?
Vielen Dank im voraus für Ihre Hilfe, Astrid

schrauber · 22.08.2015, 10:59

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

asgrub · 22.08.2015, 18:27

Code:

ATTFilter

ADDITIONFRST Additions Logfile:

	Code: 

 ATTFilter

  
	Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
durchgeführt von Deco (2015-08-22 10:20:46)
Gestartet von C:\Users\Macom\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3219382323-3593878825-1118489811-500 - Administrator - Disabled)
Dacom (S-1-5-21-3219382323-3593878825-1118489811-1003 - Limited - Enabled) => C:\Users\Dacom
Deco (S-1-5-21-3219382323-3593878825-1118489811-1001 - Administrator - Enabled) => C:\Users\Deco
Gast (S-1-5-21-3219382323-3593878825-1118489811-501 - Limited - Disabled)
Macom (S-1-5-21-3219382323-3593878825-1118489811-1002 - Limited - Enabled) => C:\Users\Macom

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon 1Button App (HKLM-x32\...\{4D875057-4353-4B8F-93E5-8C3DC7F34EA9}) (Version: 1.0.8 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{42EC3153-24B0-FCAD-0F16-0904BCBAB179}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.38.57 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1321 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4328.05 - CyberLink Corp.)
Druckerdeinstallation für EPSON XP-422 423 425 Series (HKLM\...\EPSON XP-422 423 425 Series) (Version:  - SEIKO EPSON Corporation)
DTS Sound (HKLM-x32\...\{BC95D4AF-4DAC-4350-8BCE-C8BF16A13AE0}) (Version: 1.01.8800 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{86B4A6B9-07FD-48EC-8730-1EC82E80C3D7}) (Version: 3.10.0030 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{922CA1B2-9D74-49DF-A23F-90F710F51DD7}) (Version: 17.0.1428.01 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 de)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{8C7185EB-4165-040E-D581-EA62D922E8A2}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E07D7C7B-F424-4EEF-BA17-B2C32BD1C107}) (Version: 4.3.0 - SEIKO EPSON CORPORATION)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StarBurn Version 15.2 (Build 0x20131129) (HKLM-x32\...\StarBurn_is1) (Version: 15.2 - StarBurn Software)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.06.6403 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.3.6401 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.0.9.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.9 - WildTangent) Hidden
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
WISO Steuer 2014 (HKLM-x32\...\{FE9F4E79-7BEF-4DE2-8C34-6DD894203342}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{BF4FCDA0-95E4-4F7C-9859-F365E78C2404}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

26-07-2015 11:07:20 Windows Update
06-08-2015 11:10:12 Windows Update
15-08-2015 10:42:11 Windows Update
19-08-2015 13:18:11 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {287B9FDF-596F-4D7B-9404-653E6CEABA38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {36459D93-2ED1-45D7-9545-B60FB4C48F56} - System32\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {3DE1FD1C-CF7A-43AD-B395-6BE76F522A0E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-19] (Microsoft Corporation)
Task: {7D57EF96-3F7E-4B10-8F4C-4EEA51EB5369} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2014-06-04] ()
Task: {8B0694B6-A3D5-4C89-8266-2376FDB51E7F} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {A0CB9DDA-95D9-406E-9E9E-2DBD1C0AAC63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {C5B42C7F-D3D5-4C0A-AC43-3A7159E24F12} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {C7764451-5131-4952-A5AA-5C9F18760A8D} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation)
Task: {CD05E97F-2B45-4A03-A834-84A156FEAAA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {D38D83EE-9CD8-42DC-9E35-353AF0E76890} - System32\Tasks\Abelssoft\Updater scan_0 => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {DB3321A8-0970-4AF8-88CD-0037A0FBD264} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2014-08-06] (Toshiba Europe GmbH)
Task: {DD92A4F5-BFF5-4691-858F-283B9E3CC5D8} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE:/EXE:{4E6E2051-BCA8-4696-BA06-D94D291FC3A2} /F:Update#WORKGROUP\CODAM$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 11:05 - 2011-09-13 10:16 - 00342984 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-05-15 11:05 - 2011-09-13 10:16 - 00510920 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2014-06-30 21:11 - 2014-06-30 21:11 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-11-22 06:58 - 2014-03-06 13:15 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Toshiba\standard.jpg
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{91879D0F-C843-465C-896E-659E169A569A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{44135E15-6081-4CCD-A4CC-6C636A1B6AD3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{180D1417-FC05-4671-AAB6-A62AB024BA94}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{ED53A2F4-6B4E-424A-9CE5-028A93B06935}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{47E82540-76E3-4C0C-9EBB-E367661398C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5A3E00DB-E7F5-4E82-B72B-32052701EB2A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{C9652E1F-49E7-4563-A4B8-7F8E395AB1B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9770D003-9EDF-4E3B-99EB-A491238BB032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "ProtectionManagement" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={EC211C49-F718-4E3C-A8CC-738336AB8677}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={95F26A08-195A-4A27-A815-C0D6793F1151}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450367b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02dafb86
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe, Version: 0.0.0.0, Zeitstempel: 0x4e6f10be
Name des fehlerhaften Moduls: WTGXMLUtil.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e6f1130
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00031b08
ID des fehlerhaften Prozesses: 0x1a4c
Startzeit der fehlerhaften Anwendung: 0xALDITALKVerbindungsassistent.exe0
Pfad der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe1
Pfad des fehlerhaften Moduls: ALDITALKVerbindungsassistent.exe2
Berichtskennung: ALDITALKVerbindungsassistent.exe3
Vollständiger Name des fehlerhaften Pakets: ALDITALKVerbindungsassistent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ALDITALKVerbindungsassistent.exe5

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x2d8
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (06/15/2015 08:07:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (06/09/2015 08:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e01d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0f20
ID des fehlerhaften Prozesses: 0x1828
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5


Systemfehler:
=============
Error: (08/21/2015 09:29:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (08/21/2015 11:55:13 AM) (Source: DCOM) (EventID: 10016) (User: Codam)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CodamDacomS-1-5-21-3219382323-3593878825-1118489811-1003LocalHost (unter Verwendung von LRPC)Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbweS-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257

Error: (08/17/2015 11:01:14 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (08/17/2015 08:54:27 AM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (08/17/2015 08:54:27 AM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (08/16/2015 01:21:44 PM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/16/2015 01:21:14 PM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/11/2015 08:53:02 PM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/11/2015 08:52:32 PM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/06/2015 04:05:13 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.


Microsoft Office:
=========================
Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {EC211C49-F718-4E3C-A8CC-738336AB8677}Codam\MacomALDI TALK Verbindungsassistent633

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {95F26A08-195A-4A27-A815-C0D6793F1151}Codam\MacomALDI TALK Verbindungsassistent633

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.174155450367bunknown0.0.0.000000000c000000502dafb861fb001d0bc848cbf44deC:\Windows\SysWOW64\explorer.exeunknownd0ddbd07-2877-11e5-8277-001e101f92e1

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ALDITALKVerbindungsassistent.exe0.0.0.04e6f10beWTGXMLUtil.dll_unloaded0.0.0.04e6f1130c000000500031b081a4c01d0b75231ec6fccC:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exeWTGXMLUtil.dlle9c78b11-2345-11e5-8275-001e101f95c1

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe17.0.5.05387ee07MurocApi.dll17.0.5.05387ed02c0000005000000000002bd482d801d0b1d7e876361dC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll59e16a2d-1dcb-11e5-8275-2c600c0c57a2

Error: (06/15/2015 08:07:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe17.0.5.05387ee07MurocApi.dll17.0.5.05387ed02c0000005000000000002bd4881c01d0a7315bf2bb9cC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllcc7e31ad-1324-11e5-8274-001e101f8b46

Error: (06/09/2015 08:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e01dntdll.dll6.3.9600.17736550f4336c000037400000000000f0f20182801d0a1b2bea140bbC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\SYSTEM32\ntdll.dll8931ce96-0e70-11e5-8272-001e101f7318


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 12208.14 MB
Verfügbarer physikalischer RAM: 9865.99 MB
Summe virtueller Speicher: 14064.14 MB
Verfügbarer virtueller Speicher: 11404.48 MB

==================== Laufwerke ================================

Drive c: (TI31379200A) (Fixed) (Total:918.57 GB) (Free:839.31 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Ergebnis ============================
         
 --- --- ---

22082015
GMER Logfile:
 Code: 

 ATTFilter
 
 GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-22 09:59:22
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000030 HGST_HTS541010A9E680 rev.JA0OA700 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Deco\AppData\Local\Temp\axldqpoc.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [608:632]     fffff960009782d0
Thread  C:\Windows\system32\svchost.exe [600:6836]  00007ffd58ba1050
Thread  C:\Windows\system32\svchost.exe [600:3824]  00007ffd588b39b0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                       unknown MBR code

---- EOF - GMER 2.1 ----
         
 --- --- ---

DEFOGGER

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:29 on 22/08/2015 (Deco)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-


FRST
FRST Logfile:
 Code: 

 ATTFilter
 
 Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 03
durchgeführt von Deco (Administrator) auf CODAM (22-08-2015 10:20:23)
Gestartet von C:\Users\Macom\Downloads
Geladene Profile: Deco & Macom (Verfügbare Profile: Deco & Macom & Dacom)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1064512 2013-11-08] (SEIKO EPSON CORPORATION)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-05-24] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-05-24] (Amazon Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-05-15]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2015-05-16]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1001 -> DefaultScope {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1001 -> {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1002 -> DefaultScope {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1002 -> {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Tcpip\..\Interfaces\{423A38BF-F471-4E98-B720-1B3FB91040F7}: [DhcpNameServer] 40.42.1.201
Tcpip\..\Interfaces\{DACEB1E6-5BCF-420D-8231-5FBA225B74C8}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Deco\AppData\Roaming\Mozilla\Firefox\Profiles\48qv0aiv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-06] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2015-05-15] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2015-04-22] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2015-04-22] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [71168 2015-04-22] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2015-04-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-22] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2015-04-22] (G Data Software AG)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [210888 2014-07-09] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-03-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-05-15] (Duplex Secure Ltd.)
R1 StarPortLite; C:\Windows\System32\drivers\StarPortLite.sys [120704 2013-02-04] (StarWind Software)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
U3 axldqpoc; \??\C:\Users\Deco\AppData\Local\Temp\axldqpoc.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 10:20 - 2015-08-22 10:20 - 00016753 _____ C:\Users\Macom\Downloads\FRST.txt
2015-08-22 10:07 - 2015-08-22 10:07 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Epson
2015-08-22 09:59 - 2015-08-22 09:59 - 00000643 _____ C:\Users\Macom\Desktop\220815.log
2015-08-22 09:45 - 2015-08-22 09:45 - 00380416 _____ C:\Users\Macom\Downloads\Gmer-19357.exe
2015-08-22 09:39 - 2015-08-22 09:39 - 00026449 _____ C:\Users\Macom\Desktop\Addition.txt
2015-08-22 09:38 - 2015-08-22 10:20 - 00000000 ____D C:\FRST
2015-08-22 09:38 - 2015-08-22 09:39 - 00034848 _____ C:\Users\Macom\Desktop\FRST.txt
2015-08-22 09:37 - 2015-08-22 09:37 - 02173952 _____ (Farbar) C:\Users\Macom\Downloads\FRST64.exe
2015-08-22 09:29 - 2015-08-22 09:29 - 00000580 _____ C:\Users\Macom\Desktop\defogger_disable.log
2015-08-22 09:29 - 2015-08-22 09:29 - 00000020 _____ C:\Users\Macom\Desktop\defogger_reenable
2015-08-22 09:27 - 2015-08-22 09:27 - 00050477 _____ C:\Users\Macom\Downloads\Defogger.exe
2015-08-19 13:20 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:20 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 12:41 - 2015-08-19 13:06 - 00012316 _____ C:\Users\Dacom\Documents\Einnahmen-Überschussrechnung Elterngeld.odt
2015-08-19 09:05 - 2015-08-19 09:05 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\OpenOffice
2015-08-17 11:03 - 2015-08-17 11:03 - 00000000 ____D C:\Users\Dacom\AppData\Local\Macromedia
2015-08-17 10:59 - 2015-08-17 10:59 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\Epson
2015-08-16 14:05 - 2015-08-22 09:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 14:05 - 2015-08-16 14:05 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-16 06:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 06:49 - 2015-08-16 06:49 - 00000000 ____D C:\Users\Macom\AppData\Roaming\Epson
2015-08-15 17:41 - 2015-08-15 17:41 - 00002198 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\UDL
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:40 - 00000000 ____D C:\Program Files (x86)\epson
2015-08-15 17:37 - 2015-08-15 17:37 - 00001168 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000961 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-08-15 17:37 - 2015-08-15 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-08-15 17:37 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-08-15 17:37 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-08-15 17:35 - 2015-08-22 09:35 - 00000931 _____ C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job
2015-08-15 17:35 - 2015-08-15 17:35 - 00003962 _____ C:\Windows\System32\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}
2015-08-15 17:35 - 2015-08-15 17:35 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-08-15 17:34 - 2013-12-05 21:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNDE.DLL
2015-08-15 17:34 - 2007-04-09 18:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-08-15 17:33 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNDE.DLL
2015-08-15 17:32 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Epson
2015-08-15 10:46 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 10:46 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 18:50 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 18:50 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 18:50 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 18:50 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 18:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 18:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 18:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 18:49 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 18:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 18:49 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-14 18:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 18:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 18:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 18:49 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 18:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-14 18:49 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 18:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 18:49 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 18:49 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 18:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 18:48 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 18:48 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 18:48 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 18:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 18:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 18:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 18:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 18:46 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 18:46 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 18:46 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 18:46 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 18:46 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 18:46 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 18:46 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 18:46 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 18:46 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 18:46 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 18:46 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 18:46 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 18:46 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 18:46 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 18:46 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 18:46 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 18:46 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-07 10:55 - 2015-08-09 09:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 11:11 - 2015-08-19 13:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-06 11:11 - 2015-08-19 13:21 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-26 14:26 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-07-26 14:26 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-07-26 11:02 - 2015-08-09 09:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-26 11:02 - 2015-07-26 11:02 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-26 11:02 - 2015-07-26 11:02 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-26 10:58 - 2015-07-26 10:59 - 00242928 _____ C:\Users\Macom\Downloads\Firefox Setup Stub 39.0.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 10:18 - 2014-11-22 06:56 - 01678657 _____ C:\Windows\WindowsUpdate.log
2015-08-22 10:16 - 2014-09-06 00:26 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 10:10 - 2014-11-22 07:22 - 01691692 _____ C:\Users\Public\CAFADEBUG.log
2015-08-22 10:09 - 2015-03-22 18:26 - 00000000 ____D C:\Users\Deco
2015-08-22 10:07 - 2014-09-06 00:26 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-22 09:56 - 2015-05-01 18:57 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3219382323-3593878825-1118489811-1002
2015-08-22 09:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-22 09:37 - 2014-05-06 06:41 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-08-22 09:37 - 2014-05-06 06:41 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-08-22 09:37 - 2014-03-18 11:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-22 09:30 - 2013-08-22 16:46 - 00033505 _____ C:\Windows\setupact.log
2015-08-22 09:30 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-22 09:30 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-08-21 21:27 - 2015-07-12 12:07 - 00009232 _____ C:\Users\Macom\Desktop\code.odt
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-21 12:07 - 2015-03-22 18:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3219382323-3593878825-1118489811-1003
2015-08-19 13:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 12:57 - 2015-05-19 14:48 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\ALDITALKVerbindungsassistent
2015-08-15 17:41 - 2014-09-06 00:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 16:39 - 2013-08-22 16:44 - 00365040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 08:19 - 2014-09-06 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-11 13:22 - 2015-06-02 22:12 - 00000000 ____D C:\Users\Macom\AppData\Roaming\ALDITALKVerbindungsassistent
2015-08-09 09:33 - 2014-03-18 11:39 - 00013628 _____ C:\Windows\PFRO.log
2015-08-08 15:55 - 2015-05-15 11:49 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-05-15 11:49 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 15:04 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-06 11:13 - 2015-05-02 03:52 - 00000000 ____D C:\Users\Macom\AppData\Local\Packages
2015-08-02 08:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-02 08:03 - 2015-07-12 11:22 - 00000000 ____D C:\Users\Macom\AppData\Local\Adobe
2015-08-02 08:01 - 2015-07-05 21:09 - 00000000 ____D C:\Users\Deco\AppData\Local\Adobe
2015-07-27 17:48 - 2015-05-19 14:50 - 00000000 __SHD C:\Users\Dacom\AppData\Local\EmieBrowserModeList
2015-07-27 17:48 - 2015-05-13 18:09 - 00000000 __SHD C:\Users\Dacom\AppData\Local\EmieUserList
2015-07-27 17:48 - 2015-05-13 18:09 - 00000000 __SHD C:\Users\Dacom\AppData\Local\EmieSiteList
2015-07-26 11:11 - 2014-09-06 00:26 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-26 11:11 - 2014-09-06 00:26 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-26 11:02 - 2015-05-13 18:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-22 06:47 - 2015-04-22 06:47 - 0000000 _____ () C:\Users\Deco\AppData\Roaming\gdfw.log
2015-04-22 06:47 - 2015-04-22 06:47 - 0000779 _____ () C:\Users\Deco\AppData\Roaming\gdscan.log

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-26 13:20

==================== Ende von Ergebnis ============================
         
 --- --- ---

GDATA VIRENPRÜFUNG 22082015

 Virenprüfung mit G Data InternetSecurity CBE
Version 25.0.1.2 (20.03.2014)
Virensignaturen vom 22.08.2015
Startzeit: 22.08.2015 08:34:36
Engine(s): Engine A (AVA 25.3131), Engine B (GD 25.5485)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 22.08.2015 09:02:48
    280659 Dateien überprüft
    0 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden


– Der Zugriff auf die folgenden Dateien wurde verweigert:
C:\Windows\Resources\Themes\aero\VSCache\Aero.msstyles_1031_96.mss
C:\Windows\Resources\Themes\aero\VSCache\Aero.msstyles_1033_96.mss
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTAdmin_PS_Provider.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Microsoft-Windows-WorkFolders-WHC.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Windows Networking Vpn Plugin Platform-Operational.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Windows Networking Vpn Plugin Platform-OperationalVerbose.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{9d666a50-f06c-11e4-826c-2c600c0c57a2}.TMContainer00000000000000000001.regtrans-ms
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{9d666a50-f06c-11e4-826c-2c600c0c57a2}.TM.blf
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{9d666a50-f06c-11e4-826c-2c600c0c57a2}.TMContainer00000000000000000002.regtrans-ms
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-18\ReadOnly\LockScreen_Z\LockScreen___1366_0768.jpg
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708083730_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708083730_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1002\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1002\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\c2f2d9df4a78a195_562984313160681_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\c2f2d9df4a78a195_844429225100280_100.png
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpScanCache-0.bin
C:\System Volume Information\IndexerVolumeGuid
C:\System Volume Information\MountPointManagerRemoteDatabase
C:\Users\Dacom\AppData\Local\Temp\~DF580C2934FF55547F.TMP
C:\Users\Dacom\AppData\Local\Temp\~DFF669B751D5D42365.TMP

– Die folgenden Dateien sind Passwortgeschützt:
C:\Program Files (x86)\InstallShield Installation Information\{55762F9A-FCE3-45d5-817B-051218658423}\SupportFiles.7z
C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\SupportFiles.7z
C:\Users\Dacom\AppData\Local\Abelssoft\.data
C:\Users\Macom\AppData\Local\Abelssoft\.data


GDATA VERHALTENSBEOBACHTUNG UND VERSCHIEBUNG EINER DATEI IN DIE QUARANTÄNE


*** Prozess ***

Prozess: 1308
Dateiname: erunt.exe
Pfad: c:\windows\erunt.exe

Herausgeber: Unbekannter Herausgeber
Erstelldatum: 02/22/13 15:05:21
Änderungsdatum: 02/22/13 02:04:50

Gestartet von: cmd.exe
Herausgeber: Microsoft Windows


*** Aktionen ***

Ein Packer wurde auf die Programmdatei angewandt. Möglicherweise um schädliche Inhalte zu verbergen.
Das Programm hat in Dateien oder Ordnern geschrieben die genutzt werden können um das System zu gefährden.
Das Programm hat Werte in der System-Registrierung verändert die genutzt werden können um das System zu gefährden.


*** Quarantäne ***

Folgende Dateien wurden in Quarantäne verschoben:
C:\FRST\Hives\Users\00000001\NTUSER.DAT
C:\Windows\ERUNT.exe
c:\frst\hives\users\00000001\ntuser.dat

Folgende Registry Einträge wurden gelöscht:
\REGISTRY\MACHINE\SECURITY


YGLRtuLAcnJycmJi0HJycnJiYuBycicnd2JicCp0ckInJyYGt3JycnJiYnAsJycnJyYGaHJycnJiYoArJycnJyYGmXJykCsWbSsJyXJycKdycnB4cnJycmJicJlycnJyYmJwunKxXmO2cnKxXmO2cmJicI5ycgAA
Version der Regeln: 4.7.9
OS: Windows 6.2 Service Pack 0.0 Build: 9200 - Workstation 64bit OS
Version der dll: 40166

ERUNT.exe C:\FRST\HIVES silent sysreg curuser /noconfirmdelete /noprogresswindow
MD5: 2E0323A94915FAAB10A25F3BABF82584
C:\Windows\system32\cmd.exe /c ERUNT.exe C:\FRST\HIVES silent sysreg curuser /noconfirmdelete /noprogresswindow
MD5:

schrauber · 23.08.2015, 07:33

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

asgrub · 23.08.2015, 10:33

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.08.23.01
  rootkit: v2015.08.16.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Deco :: CODAM [administrator]

23.08.2015 10:18:04
mbar-log-2015-08-23 (10-18-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 441377
Time elapsed: 26 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.08.23.01
  rootkit: v2015.08.16.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Deco :: CODAM [administrator]

23.08.2015 09:46:27
mbar-log-2015-08-23 (09-46-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 441634
Time elapsed: 31 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

10:58:52.0934 0x0ec4 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:58:52.0934 0x0ec4 UEFI system
10:58:59.0801 0x0ec4 ============================================================
10:58:59.0801 0x0ec4 Current date / time: 2015/08/23 10:58:59.0801
10:58:59.0801 0x0ec4 SystemInfo:
10:58:59.0801 0x0ec4
10:58:59.0802 0x0ec4 OS Version: 6.3.9600 ServicePack: 0.0
10:58:59.0802 0x0ec4 Product type: Workstation
10:58:59.0802 0x0ec4 ComputerName: CODAM
10:58:59.0802 0x0ec4 UserName: Deco
10:58:59.0802 0x0ec4 Windows directory: C:\Windows
10:58:59.0802 0x0ec4 System windows directory: C:\Windows
10:58:59.0802 0x0ec4 Running under WOW64
10:58:59.0802 0x0ec4 Processor architecture: Intel x64
10:58:59.0802 0x0ec4 Number of processors: 4
10:58:59.0802 0x0ec4 Page size: 0x1000
10:58:59.0802 0x0ec4 Boot type: Normal boot
10:58:59.0802 0x0ec4 ============================================================
10:59:00.0378 0x0ec4 KLMD registered as C:\Windows\system32\drivers\18179300.sys
10:59:19.0786 0x0ec4 System UUID: {5AC41CA8-B9AD-4245-7AE7-17222E2A4BE3}
10:59:26.0433 0x0ec4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:59:26.0450 0x0ec4 ============================================================
10:59:26.0450 0x0ec4 \Device\Harddisk0\DR0:
10:59:26.0450 0x0ec4 GPT partitions:
10:59:26.0451 0x0ec4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {71B3C72E-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
10:59:26.0451 0x0ec4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71B3C736-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
10:59:26.0451 0x0ec4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {71B3C738-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
10:59:26.0451 0x0ec4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {71B3C740-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72D21800
10:59:26.0451 0x0ec4 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D2FFBBE-720E-11E4-92D7-2C600C0C57A2}, Name: Basic data partition, StartLBA 0x72F94000, BlocksNum 0x1772732
10:59:26.0451 0x0ec4 MBR partitions:
10:59:26.0451 0x0ec4 ============================================================
10:59:26.0470 0x0ec4 C: <-> \Device\Harddisk0\DR0\Partition4
10:59:26.0470 0x0ec4 ============================================================
10:59:26.0470 0x0ec4 Initialize success
10:59:26.0470 0x0ec4 ============================================================
11:01:14.0241 0x1050 ============================================================
11:01:14.0241 0x1050 Scan started
11:01:14.0241 0x1050 Mode: Manual; SigCheck; TDLFS;
11:01:14.0241 0x1050 ============================================================
11:01:14.0241 0x1050 KSN ping started
11:01:26.0306 0x1050 KSN ping finished: true
11:01:28.0486 0x1050 ================ Scan system memory ========================
11:01:28.0487 0x1050 System memory - ok
11:01:28.0488 0x1050 ================ Scan services =============================
11:01:28.0667 0x1050 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
11:01:28.0776 0x1050 1394ohci - ok
11:01:28.0794 0x1050 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
11:01:28.0804 0x1050 3ware - ok
11:01:28.0837 0x1050 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:01:28.0873 0x1050 ACPI - ok
11:01:28.0904 0x1050 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
11:01:28.0914 0x1050 acpiex - ok
11:01:28.0929 0x1050 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
11:01:28.0969 0x1050 acpipagr - ok
11:01:28.0984 0x1050 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
11:01:29.0016 0x1050 AcpiPmi - ok
11:01:29.0019 0x1050 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
11:01:29.0030 0x1050 acpitime - ok
11:01:29.0118 0x1050 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:01:29.0141 0x1050 AdobeFlashPlayerUpdateSvc - ok
11:01:29.0211 0x1050 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
11:01:29.0245 0x1050 ADP80XX - ok
11:01:29.0284 0x1050 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:01:29.0312 0x1050 AeLookupSvc - ok
11:01:29.0347 0x1050 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
11:01:29.0385 0x1050 AFD - ok
11:01:29.0395 0x1050 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:01:29.0403 0x1050 agp440 - ok
11:01:29.0427 0x1050 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
11:01:29.0459 0x1050 ahcache - ok
11:01:29.0553 0x1050 [ 7067AC22EB74C2E3D4C950050CBB1AC0, 2CC18B36FE0059CD0C4745BA698DB322006BED182623D85655A389077DB52A03 ] ALDITALKVerbindungsassistent_Service C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
11:01:29.0579 0x1050 ALDITALKVerbindungsassistent_Service - ok
11:01:29.0608 0x1050 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
11:01:29.0769 0x1050 ALG - ok
11:01:29.0817 0x1050 [ 235E6F34CEE519E919E218EA53804AD9, D0833D943C8385DF0F86F404E961D5A6BC464F018117BC1BE4C8F95BF499142D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:01:29.0883 0x1050 AMD External Events Utility - ok
11:01:29.0912 0x1050 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
11:01:29.0950 0x1050 AmdK8 - ok
11:01:30.0313 0x1050 [ 46D3E75D2A7DB2A51892FC0B1AA6EFAE, ACA42C20D0E1AC1B045A024455717714E7789FD425D762861FB0BF27D8941421 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:01:30.0606 0x1050 amdkmdag - ok
11:01:30.0658 0x1050 [ 10B8D94CD21AEDB2F35784AC05766309, 818B020EF753CB64090C358F07D7D1A3F51FF579BF7D9E585E165129A6489463 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:01:30.0691 0x1050 amdkmdap - ok
11:01:30.0703 0x1050 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
11:01:30.0738 0x1050 AmdPPM - ok
11:01:30.0742 0x1050 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:01:30.0751 0x1050 amdsata - ok
11:01:30.0788 0x1050 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:01:30.0800 0x1050 amdsbs - ok
11:01:30.0825 0x1050 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:01:30.0833 0x1050 amdxata - ok
11:01:30.0858 0x1050 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
11:01:30.0886 0x1050 AppID - ok
11:01:30.0915 0x1050 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:01:30.0939 0x1050 AppIDSvc - ok
11:01:30.0973 0x1050 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
11:01:31.0013 0x1050 Appinfo - ok
11:01:31.0055 0x1050 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
11:01:31.0272 0x1050 AppReadiness - ok
11:01:31.0360 0x1050 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
11:01:31.0403 0x1050 AppXSvc - ok
11:01:31.0431 0x1050 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:01:31.0440 0x1050 arcsas - ok
11:01:31.0447 0x1050 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:01:31.0483 0x1050 AsyncMac - ok
11:01:31.0487 0x1050 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
11:01:31.0494 0x1050 atapi - ok
11:01:31.0525 0x1050 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:01:31.0552 0x1050 AudioEndpointBuilder - ok
11:01:31.0590 0x1050 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:01:31.0624 0x1050 Audiosrv - ok
11:01:31.0763 0x1050 [ B90962C56D37665500E3B2510844F57E, D3A97436CACA7FD2E6EF6B07536F26665C06F6251472FAB96E923039412E6E85 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
11:01:31.0807 0x1050 AVKProxy - ok
11:01:31.0863 0x1050 [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
11:01:31.0907 0x1050 AVKService - ok
11:01:32.0024 0x1050 [ B91B3F76E965F73DEA48CA13F6E96C4C, 5406A307939F77BD7092C8B1726370C154A14C15AEB4E96B6FF6D26A4F239FB5 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
11:01:32.0085 0x1050 AVKWCtl - ok
11:01:32.0118 0x1050 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:01:32.0154 0x1050 AxInstSV - ok
11:01:32.0194 0x1050 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:01:32.0212 0x1050 b06bdrv - ok
11:01:32.0225 0x1050 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
11:01:32.0263 0x1050 BasicDisplay - ok
11:01:32.0279 0x1050 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
11:01:32.0312 0x1050 BasicRender - ok
11:01:32.0347 0x1050 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
11:01:32.0366 0x1050 bcmfn2 - ok
11:01:32.0406 0x1050 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
11:01:32.0563 0x1050 BDESVC - ok
11:01:32.0578 0x1050 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
11:01:32.0634 0x1050 Beep - ok
11:01:32.0697 0x1050 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\Windows\System32\bfe.dll
11:01:32.0743 0x1050 BFE - ok
11:01:32.0789 0x1050 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
11:01:32.0824 0x1050 BITS - ok
11:01:32.0844 0x1050 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:01:32.0894 0x1050 bowser - ok
11:01:32.0945 0x1050 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:01:32.0987 0x1050 BrokerInfrastructure - ok
11:01:33.0012 0x1050 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
11:01:33.0048 0x1050 Browser - ok
11:01:33.0060 0x1050 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
11:01:33.0095 0x1050 BthAvrcpTg - ok
11:01:33.0126 0x1050 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
11:01:33.0155 0x1050 BthEnum - ok
11:01:33.0169 0x1050 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
11:01:33.0263 0x1050 BthHFEnum - ok
11:01:33.0297 0x1050 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
11:01:33.0324 0x1050 bthhfhid - ok
11:01:33.0355 0x1050 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
11:01:33.0408 0x1050 BthHFSrv - ok
11:01:33.0437 0x1050 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
11:01:33.0651 0x1050 BthLEEnum - ok
11:01:33.0677 0x1050 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
11:01:33.0696 0x1050 BTHMODEM - ok
11:01:33.0719 0x1050 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
11:01:33.0748 0x1050 BthPan - ok
11:01:33.0802 0x1050 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:01:33.0837 0x1050 BTHPORT - ok
11:01:33.0858 0x1050 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
11:01:33.0878 0x1050 bthserv - ok
11:01:33.0895 0x1050 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:01:33.0924 0x1050 BTHUSB - ok
11:01:33.0939 0x1050 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:01:34.0086 0x1050 cdfs - ok
11:01:34.0108 0x1050 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
11:01:34.0138 0x1050 cdrom - ok
11:01:34.0172 0x1050 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
11:01:34.0196 0x1050 CertPropSvc - ok
11:01:34.0220 0x1050 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
11:01:34.0239 0x1050 circlass - ok
11:01:34.0284 0x1050 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
11:01:34.0313 0x1050 CLFS - ok
11:01:34.0352 0x1050 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
11:01:34.0400 0x1050 CmBatt - ok
11:01:34.0449 0x1050 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
11:01:34.0480 0x1050 CNG - ok
11:01:34.0530 0x1050 [ 5477A191338FA6203538EC074D7A5652, B342D30D3CF901B4BBB79A5E4DCA46D5216B907DD2F3175B099CF02032BEDEF4 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:01:34.0563 0x1050 CnxtHdAudService - ok
11:01:34.0583 0x1050 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
11:01:34.0607 0x1050 CompositeBus - ok
11:01:34.0609 0x1050 COMSysApp - ok
11:01:34.0640 0x1050 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
11:01:34.0677 0x1050 condrv - ok
11:01:34.0757 0x1050 [ C220ADD94A1E5D93C2C0C3CA0D2C583F, 84E42D047D6BD5BEBBE719E8617BC664B026EABDF61AFC5527C48EF03518A18C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:01:34.0774 0x1050 cphs - ok
11:01:34.0807 0x1050 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:01:34.0831 0x1050 CryptSvc - ok
11:01:34.0857 0x1050 [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
11:01:34.0867 0x1050 CxAudMsg - ok
11:01:34.0877 0x1050 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
11:01:34.0885 0x1050 dam - ok
11:01:34.0940 0x1050 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:01:34.0988 0x1050 DcomLaunch - ok
11:01:35.0030 0x1050 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
11:01:35.0059 0x1050 defragsvc - ok
11:01:35.0100 0x1050 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
11:01:35.0126 0x1050 DeviceAssociationService - ok
11:01:35.0163 0x1050 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
11:01:35.0191 0x1050 DeviceInstall - ok
11:01:35.0213 0x1050 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
11:01:35.0238 0x1050 Dfsc - ok
11:01:35.0273 0x1050 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
11:01:35.0288 0x1050 Dhcp - ok
11:01:35.0303 0x1050 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
11:01:35.0312 0x1050 disk - ok
11:01:35.0323 0x1050 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
11:01:35.0342 0x1050 dmvsc - ok
11:01:35.0369 0x1050 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:01:35.0397 0x1050 Dnscache - ok
11:01:35.0428 0x1050 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
11:01:35.0449 0x1050 dot3svc - ok
11:01:35.0478 0x1050 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
11:01:35.0495 0x1050 DPS - ok
11:01:35.0510 0x1050 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:01:35.0518 0x1050 drmkaud - ok
11:01:35.0546 0x1050 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
11:01:35.0557 0x1050 DsmSvc - ok
11:01:35.0620 0x1050 [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
11:01:35.0628 0x1050 dts_apo_service - ok
11:01:35.0707 0x1050 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:01:35.0834 0x1050 DXGKrnl - ok
11:01:35.0870 0x1050 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
11:01:35.0899 0x1050 Eaphost - ok
11:01:36.0044 0x1050 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:01:36.0120 0x1050 ebdrv - ok
11:01:36.0142 0x1050 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
11:01:36.0151 0x1050 EFS - ok
11:01:36.0188 0x1050 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
11:01:36.0196 0x1050 EhStorClass - ok
11:01:36.0209 0x1050 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:01:36.0219 0x1050 EhStorTcgDrv - ok
11:01:36.0241 0x1050 [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
11:01:36.0249 0x1050 EpsonScanSvc - ok
11:01:36.0251 0x1050 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
11:01:36.0283 0x1050 ErrDev - ok
11:01:36.0331 0x1050 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
11:01:36.0398 0x1050 EventSystem - ok
11:01:36.0516 0x1050 [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:01:36.0544 0x1050 EvtEng - ok
11:01:36.0575 0x1050 [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
11:01:36.0613 0x1050 ewusbnet - ok
11:01:36.0623 0x1050 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
11:01:36.0665 0x1050 ew_hwusbdev - ok
11:01:36.0697 0x1050 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
11:01:36.0731 0x1050 exfat - ok
11:01:36.0751 0x1050 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:01:36.0761 0x1050 fastfat - ok
11:01:36.0850 0x1050 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
11:01:36.0891 0x1050 Fax - ok
11:01:36.0919 0x1050 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
11:01:36.0935 0x1050 fdc - ok
11:01:36.0960 0x1050 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
11:01:37.0041 0x1050 fdPHost - ok
11:01:37.0057 0x1050 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
11:01:37.0092 0x1050 FDResPub - ok
11:01:37.0127 0x1050 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
11:01:37.0352 0x1050 fhsvc - ok
11:01:37.0370 0x1050 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:01:37.0384 0x1050 FileInfo - ok
11:01:37.0395 0x1050 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:01:37.0418 0x1050 Filetrace - ok
11:01:37.0443 0x1050 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
11:01:37.0459 0x1050 flpydisk - ok
11:01:37.0487 0x1050 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:01:37.0502 0x1050 FltMgr - ok
11:01:37.0563 0x1050 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll
11:01:37.0611 0x1050 FontCache - ok
11:01:37.0685 0x1050 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:01:37.0709 0x1050 FontCache3.0.0.0 - ok
11:01:37.0731 0x1050 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:01:37.0744 0x1050 FsDepends - ok
11:01:37.0755 0x1050 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:01:37.0763 0x1050 Fs_Rec - ok
11:01:37.0802 0x1050 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:01:37.0821 0x1050 fvevol - ok
11:01:37.0849 0x1050 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
11:01:37.0864 0x1050 FxPPM - ok
11:01:37.0867 0x1050 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:01:37.0876 0x1050 gagp30kx - ok
11:01:37.0921 0x1050 [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
11:01:37.0950 0x1050 GamesAppIntegrationService - ok
11:01:37.0975 0x1050 [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:01:37.0987 0x1050 GamesAppService - ok
11:01:38.0011 0x1050 [ A4F725169F1290BCFCD6A06C103A2836, CF4E44DC50ABE16631E387A6588C59E038A019006ED09FE9E2701F4647258394 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
11:01:38.0018 0x1050 GDBehave - ok
11:01:38.0176 0x1050 [ 45D331E508E736E0043B2F2F0BB2B7E3, 633A8F1696F8F95A261995C6C659018B5BCC9EFB9F82F206DD11B3838048E6F7 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
11:01:38.0235 0x1050 GDFwSvc - ok
11:01:38.0254 0x1050 [ 24418551477C9C2315448A4B13F76F54, EC9446FD880DCDE8BF5E6BB65B94950F1E55B906E851A705FB12AEFCF6C5BD33 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
11:01:38.0262 0x1050 GDMnIcpt - ok
11:01:38.0285 0x1050 [ 8FD648A30F9791032E3F4F2220C4231F, 1B31B44A2533D6BF13735A8A23D8F7F791A3DA43332116EEA6E98A73F53D27A9 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
11:01:38.0291 0x1050 GDPkIcpt - ok
11:01:38.0377 0x1050 [ 846972E3EBB10D2F39A69B5E6CF08313, 7E2EC3BBF066C3C40F75F2533D1AB2307C3331FA460243A4F4B31A61714C159E ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
11:01:38.0405 0x1050 GDScan - ok
11:01:38.0440 0x1050 [ 6CFCBFA04DFFFAA47BE48ADD6795E0CB, 05365BAE920525924B6AE0D2536A1E6BDB07A9F28C391C766725C5CA5EA75F2E ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
11:01:38.0447 0x1050 gdwfpcd - ok
11:01:38.0472 0x1050 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
11:01:38.0493 0x1050 gencounter - ok
11:01:38.0512 0x1050 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
11:01:38.0523 0x1050 GPIOClx0101 - ok
11:01:38.0591 0x1050 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
11:01:38.0640 0x1050 gpsvc - ok
11:01:38.0675 0x1050 [ 57875BA7B65C5FE5A87630DC1544C420, 5BB2F6CD21E3855F163B2B15E2E51A3D58637A890D0D3C6AEFB0F60214D6FBD2 ] GRD C:\Windows\system32\drivers\GRD.sys
11:01:38.0700 0x1050 GRD - ok
11:01:38.0754 0x1050 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:01:38.0777 0x1050 gupdate - ok
11:01:38.0791 0x1050 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:01:38.0803 0x1050 gupdatem - ok
11:01:38.0837 0x1050 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:01:38.0859 0x1050 HdAudAddService - ok
11:01:38.0891 0x1050 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
11:01:38.0933 0x1050 HDAudBus - ok
11:01:38.0947 0x1050 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
11:01:38.0969 0x1050 HidBatt - ok
11:01:38.0976 0x1050 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
11:01:38.0997 0x1050 HidBth - ok
11:01:39.0002 0x1050 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
11:01:39.0024 0x1050 hidi2c - ok
11:01:39.0054 0x1050 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
11:01:39.0074 0x1050 HidIr - ok
11:01:39.0101 0x1050 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
11:01:39.0119 0x1050 hidserv - ok
11:01:39.0122 0x1050 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
11:01:39.0170 0x1050 HidUsb - ok
11:01:39.0209 0x1050 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
11:01:39.0397 0x1050 hkmsvc - ok
11:01:39.0434 0x1050 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:39.0546 0x1050 HomeGroupListener - ok
11:01:39.0596 0x1050 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:39.0631 0x1050 HomeGroupProvider - ok
11:01:39.0649 0x1050 [ E554BCAA1A15A1337B7856CABE1334F4, 64C77722AC3AC00E8FBE109C247B4DC0577C6E22E0D69A9025854BAA5DFE2400 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
11:01:39.0655 0x1050 HookCentre - ok
11:01:39.0668 0x1050 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:01:39.0676 0x1050 HpSAMD - ok
11:01:39.0721 0x1050 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:01:39.0748 0x1050 HTTP - ok
11:01:39.0773 0x1050 [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
11:01:39.0791 0x1050 hwdatacard - ok
11:01:39.0808 0x1050 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:01:39.0816 0x1050 hwpolicy - ok
11:01:39.0868 0x1050 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
11:01:39.0890 0x1050 hyperkbd - ok
11:01:39.0894 0x1050 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
11:01:39.0913 0x1050 HyperVideo - ok
11:01:39.0940 0x1050 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
11:01:39.0952 0x1050 i8042prt - ok
11:01:39.0956 0x1050 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
11:01:39.0962 0x1050 iaLPSSi_GPIO - ok
11:01:39.0967 0x1050 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
11:01:39.0975 0x1050 iaLPSSi_I2C - ok
11:01:40.0010 0x1050 [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
11:01:40.0054 0x1050 iaStorA - ok
11:01:40.0107 0x1050 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
11:01:40.0129 0x1050 iaStorAV - ok
11:01:40.0146 0x1050 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:01:40.0163 0x1050 iaStorV - ok
11:01:40.0198 0x1050 [ 3E808BD6BB99A0806E9CA5BAB4830CF1, FF9B09FEB8F6399555DF9D5413080F3A693B5FE46B4122EE0264C72B6A71C621 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
11:01:40.0206 0x1050 ibtusb - ok
11:01:40.0209 0x1050 IEEtwCollectorService - ok
11:01:40.0331 0x1050 [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:01:40.0430 0x1050 igfx - ok
11:01:40.0458 0x1050 [ C8D1E95D5FE51CABB4041ADD7FF2DE38, 84541189FA24195002536D34C4390FDCCFAF199440190F5D4D33BE2F291889CF ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:01:40.0469 0x1050 igfxCUIService1.0.0.0 - ok
11:01:40.0515 0x1050 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\Windows\System32\ikeext.dll
11:01:40.0559 0x1050 IKEEXT - ok
11:01:40.0597 0x1050 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:01:40.0603 0x1050 intaud_WaveExtensible - ok
11:01:40.0640 0x1050 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:01:40.0654 0x1050 IntcDAud - ok
11:01:40.0743 0x1050 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:01:40.0776 0x1050 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:01:51.0047 0x1050 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
11:01:53.0706 0x1050 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:01:53.0727 0x1050 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:01:53.0813 0x1050 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:01:53.0822 0x1050 Intel(R) ME Service - ok
11:01:53.0855 0x1050 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
11:01:53.0880 0x1050 intelide - ok
11:01:53.0910 0x1050 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
11:01:53.0932 0x1050 intelpep - ok
11:01:53.0948 0x1050 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
11:01:53.0970 0x1050 intelppm - ok
11:01:53.0980 0x1050 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:54.0005 0x1050 IpFilterDriver - ok
11:01:54.0058 0x1050 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:01:54.0099 0x1050 iphlpsvc - ok
11:01:54.0120 0x1050 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
11:01:54.0145 0x1050 IPMIDRV - ok
11:01:54.0169 0x1050 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:01:54.0196 0x1050 IPNAT - ok
11:01:54.0206 0x1050 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:01:54.0231 0x1050 IRENUM - ok
11:01:54.0234 0x1050 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:01:54.0242 0x1050 isapnp - ok
11:01:54.0262 0x1050 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
11:01:54.0275 0x1050 iScsiPrt - ok
11:01:54.0301 0x1050 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
11:01:54.0308 0x1050 iwdbus - ok
11:01:54.0350 0x1050 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:01:54.0359 0x1050 jhi_service - ok
11:01:54.0382 0x1050 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
11:01:54.0390 0x1050 kbdclass - ok
11:01:54.0414 0x1050 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
11:01:54.0432 0x1050 kbdhid - ok
11:01:54.0456 0x1050 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
11:01:54.0603 0x1050 kdnic - ok
11:01:54.0621 0x1050 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
11:01:54.0636 0x1050 KeyIso - ok
11:01:54.0655 0x1050 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:01:54.0669 0x1050 KSecDD - ok
11:01:54.0699 0x1050 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:01:54.0717 0x1050 KSecPkg - ok
11:01:54.0733 0x1050 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:01:54.0745 0x1050 ksthunk - ok
11:01:54.0771 0x1050 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:01:54.0799 0x1050 KtmRm - ok
11:01:54.0836 0x1050 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
11:01:54.0851 0x1050 LanmanServer - ok
11:01:54.0873 0x1050 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:54.0892 0x1050 LanmanWorkstation - ok
11:01:54.0927 0x1050 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
11:01:54.0959 0x1050 lfsvc - ok
11:01:55.0029 0x1050 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:01:55.0090 0x1050 lltdio - ok
11:01:55.0119 0x1050 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:01:55.0171 0x1050 lltdsvc - ok
11:01:55.0194 0x1050 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:01:55.0320 0x1050 lmhosts - ok
11:01:55.0374 0x1050 [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:01:55.0392 0x1050 LMS - ok
11:01:55.0409 0x1050 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:01:55.0418 0x1050 LSI_SAS - ok
11:01:55.0423 0x1050 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:01:55.0432 0x1050 LSI_SAS2 - ok
11:01:55.0437 0x1050 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
11:01:55.0446 0x1050 LSI_SAS3 - ok
11:01:55.0450 0x1050 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
11:01:55.0459 0x1050 LSI_SSS - ok
11:01:55.0499 0x1050 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
11:01:55.0534 0x1050 LSM - ok
11:01:55.0562 0x1050 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
11:01:55.0592 0x1050 luafv - ok
11:01:55.0605 0x1050 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
11:01:55.0613 0x1050 megasas - ok
11:01:55.0638 0x1050 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
11:01:55.0657 0x1050 megasr - ok
11:01:55.0688 0x1050 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:01:55.0695 0x1050 MEIx64 - ok
11:01:55.0723 0x1050 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
11:01:55.0741 0x1050 MMCSS - ok
11:01:55.0748 0x1050 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
11:01:55.0759 0x1050 Modem - ok
11:01:55.0778 0x1050 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
11:01:55.0803 0x1050 monitor - ok
11:01:55.0825 0x1050 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\Windows\System32\drivers\mouclass.sys
11:01:55.0833 0x1050 mouclass - ok
11:01:55.0858 0x1050 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\Windows\System32\drivers\mouhid.sys
11:01:55.0971 0x1050 mouhid - ok
11:01:55.0997 0x1050 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:01:56.0015 0x1050 mountmgr - ok
11:01:56.0049 0x1050 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:01:56.0066 0x1050 MozillaMaintenance - ok
11:01:56.0091 0x1050 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:01:56.0116 0x1050 mpsdrv - ok
11:01:56.0152 0x1050 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:01:56.0186 0x1050 MpsSvc - ok
11:01:56.0218 0x1050 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:01:56.0253 0x1050 MRxDAV - ok
11:01:56.0298 0x1050 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:56.0342 0x1050 mrxsmb - ok
11:01:56.0371 0x1050 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:56.0427 0x1050 mrxsmb10 - ok
11:01:56.0459 0x1050 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:56.0490 0x1050 mrxsmb20 - ok
11:01:56.0521 0x1050 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
11:01:56.0542 0x1050 MsBridge - ok
11:01:56.0569 0x1050 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
11:01:56.0580 0x1050 MSDTC - ok
11:01:56.0600 0x1050 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:01:56.0617 0x1050 Msfs - ok
11:01:56.0632 0x1050 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
11:01:56.0641 0x1050 msgpiowin32 - ok
11:01:56.0656 0x1050 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:01:56.0671 0x1050 mshidkmdf - ok
11:01:56.0688 0x1050 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
11:01:56.0710 0x1050 mshidumdf - ok
11:01:56.0726 0x1050 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:01:56.0734 0x1050 msisadrv - ok
11:01:56.0763 0x1050 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:01:56.0786 0x1050 MSiSCSI - ok
11:01:56.0789 0x1050 msiserver - ok
11:01:56.0812 0x1050 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:01:56.0835 0x1050 MSKSSRV - ok
11:01:56.0873 0x1050 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
11:01:56.0910 0x1050 MsLldp - ok
11:01:56.0915 0x1050 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:56.0942 0x1050 MSPCLOCK - ok
11:01:56.0946 0x1050 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:01:56.0964 0x1050 MSPQM - ok
11:01:56.0995 0x1050 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:01:57.0036 0x1050 MsRPC - ok
11:01:57.0050 0x1050 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
11:01:57.0066 0x1050 mssmbios - ok
11:01:57.0081 0x1050 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:01:57.0112 0x1050 MSTEE - ok
11:01:57.0117 0x1050 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
11:01:57.0143 0x1050 MTConfig - ok
11:01:57.0155 0x1050 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
11:01:57.0176 0x1050 Mup - ok
11:01:57.0184 0x1050 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
11:01:57.0192 0x1050 mvumis - ok
11:01:57.0218 0x1050 [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:01:57.0227 0x1050 MyWiFiDHCPDNS - ok
11:01:57.0265 0x1050 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
11:01:57.0290 0x1050 napagent - ok
11:01:57.0323 0x1050 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:01:57.0374 0x1050 NativeWifiP - ok
11:01:57.0412 0x1050 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
11:01:57.0451 0x1050 NcaSvc - ok
11:01:57.0493 0x1050 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
11:01:57.0524 0x1050 NcbService - ok
11:01:57.0547 0x1050 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
11:01:57.0588 0x1050 NcdAutoSetup - ok
11:01:57.0654 0x1050 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:01:57.0688 0x1050 NDIS - ok
11:01:57.0714 0x1050 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:57.0732 0x1050 NdisCap - ok
11:01:57.0760 0x1050 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:01:57.0777 0x1050 NdisImPlatform - ok
11:01:57.0802 0x1050 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:57.0834 0x1050 NdisTapi - ok
11:01:57.0869 0x1050 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:57.0897 0x1050 Ndisuio - ok
11:01:57.0913 0x1050 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
11:01:57.0922 0x1050 NdisVirtualBus - ok
11:01:57.0945 0x1050 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:57.0959 0x1050 NdisWan - ok
11:01:57.0964 0x1050 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:57.0977 0x1050 NdisWanLegacy - ok
11:01:58.0010 0x1050 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:01:58.0028 0x1050 NDProxy - ok
11:01:58.0056 0x1050 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
11:01:58.0073 0x1050 Ndu - ok
11:01:58.0096 0x1050 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:01:58.0118 0x1050 NetBIOS - ok
11:01:58.0142 0x1050 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:01:58.0167 0x1050 NetBT - ok
11:01:58.0176 0x1050 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
11:01:58.0185 0x1050 Netlogon - ok
11:01:58.0220 0x1050 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
11:01:58.0234 0x1050 Netman - ok
11:01:58.0275 0x1050 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
11:01:58.0302 0x1050 netprofm - ok
11:01:58.0353 0x1050 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:01:58.0385 0x1050 NetTcpPortSharing - ok
11:01:58.0420 0x1050 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
11:01:58.0460 0x1050 netvsc - ok
11:01:58.0597 0x1050 [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64 C:\Windows\system32\DRIVERS\Netwbw02.sys
11:01:58.0662 0x1050 NETwNb64 - ok
11:01:58.0701 0x1050 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
11:01:58.0724 0x1050 NlaSvc - ok
11:01:58.0749 0x1050 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:01:58.0769 0x1050 Npfs - ok
11:01:58.0780 0x1050 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
11:01:58.0799 0x1050 npsvctrig - ok
11:01:58.0824 0x1050 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
11:01:58.0858 0x1050 nsi - ok
11:01:58.0885 0x1050 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:01:58.0917 0x1050 nsiproxy - ok
11:01:59.0030 0x1050 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:01:59.0079 0x1050 Ntfs - ok
11:01:59.0116 0x1050 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
11:01:59.0138 0x1050 Null - ok
11:01:59.0152 0x1050 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:01:59.0162 0x1050 nvraid - ok
11:01:59.0168 0x1050 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:01:59.0179 0x1050 nvstor - ok
11:01:59.0185 0x1050 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:01:59.0194 0x1050 nv_agp - ok
11:01:59.0316 0x1050 [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
11:01:59.0358 0x1050 Origin Client Service - ok
11:01:59.0391 0x1050 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:01:59.0423 0x1050 p2pimsvc - ok
11:01:59.0454 0x1050 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
11:01:59.0479 0x1050 p2psvc - ok
11:01:59.0490 0x1050 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
11:01:59.0508 0x1050 Parport - ok
11:01:59.0537 0x1050 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:01:59.0546 0x1050 partmgr - ok
11:01:59.0582 0x1050 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:01:59.0622 0x1050 PcaSvc - ok
11:01:59.0654 0x1050 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
11:01:59.0679 0x1050 pci - ok
11:01:59.0707 0x1050 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
11:01:59.0716 0x1050 pciide - ok
11:01:59.0721 0x1050 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:01:59.0731 0x1050 pcmcia - ok
11:01:59.0745 0x1050 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
11:01:59.0753 0x1050 pcw - ok
11:01:59.0784 0x1050 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
11:01:59.0793 0x1050 pdc - ok
11:01:59.0831 0x1050 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:01:59.0863 0x1050 PEAUTH - ok
11:01:59.0931 0x1050 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:01:59.0973 0x1050 PerfHost - ok
11:02:00.0063 0x1050 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
11:02:00.0113 0x1050 pla - ok
11:02:00.0142 0x1050 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:02:00.0153 0x1050 PlugPlay - ok
11:02:00.0212 0x1050 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:02:00.0243 0x1050 PNRPAutoReg - ok
11:02:00.0330 0x1050 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:02:00.0367 0x1050 PNRPsvc - ok
11:02:00.0434 0x1050 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:02:00.0505 0x1050 PolicyAgent - ok
11:02:00.0549 0x1050 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
11:02:00.0600 0x1050 Power - ok
11:02:00.0631 0x1050 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:02:00.0656 0x1050 PptpMiniport - ok
11:02:00.0824 0x1050 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:02:00.0901 0x1050 PrintNotify - ok
11:02:00.0921 0x1050 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
11:02:00.0939 0x1050 Processor - ok
11:02:00.0970 0x1050 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll
11:02:00.0993 0x1050 ProfSvc - ok
11:02:01.0016 0x1050 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:02:01.0027 0x1050 Psched - ok
11:02:01.0048 0x1050 [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem C:\Windows\System32\drivers\QIOMem.sys
11:02:01.0068 0x1050 QIOMem - ok
11:02:01.0099 0x1050 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
11:02:01.0114 0x1050 QWAVE - ok
11:02:01.0142 0x1050 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:02:01.0151 0x1050 QWAVEdrv - ok
11:02:01.0163 0x1050 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:02:01.0184 0x1050 RasAcd - ok
11:02:01.0205 0x1050 [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:02:01.0229 0x1050 RasAgileVpn - ok
11:02:01.0249 0x1050 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
11:02:01.0259 0x1050 RasAuto - ok
11:02:01.0275 0x1050 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:02:01.0299 0x1050 Rasl2tp - ok
11:02:01.0351 0x1050 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
11:02:01.0393 0x1050 RasMan - ok
11:02:01.0413 0x1050 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:02:01.0443 0x1050 RasPppoe - ok
11:02:01.0469 0x1050 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:02:01.0485 0x1050 RasSstp - ok
11:02:01.0521 0x1050 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:02:01.0563 0x1050 rdbss - ok
11:02:01.0579 0x1050 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
11:02:01.0592 0x1050 rdpbus - ok
11:02:01.0606 0x1050 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:02:01.0626 0x1050 RDPDR - ok
11:02:01.0662 0x1050 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:02:01.0680 0x1050 RdpVideoMiniport - ok
11:02:01.0722 0x1050 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:02:01.0734 0x1050 rdyboost - ok
11:02:01.0807 0x1050 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
11:02:01.0833 0x1050 ReFS - ok
11:02:01.0901 0x1050 [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:02:01.0927 0x1050 RegSrvc - ok
11:02:01.0977 0x1050 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:02:02.0008 0x1050 RemoteAccess - ok
11:02:02.0037 0x1050 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:02:02.0132 0x1050 RemoteRegistry - ok
11:02:02.0169 0x1050 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
11:02:02.0192 0x1050 RFCOMM - ok
11:02:02.0217 0x1050 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:02:02.0239 0x1050 RpcEptMapper - ok
11:02:02.0258 0x1050 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
11:02:02.0282 0x1050 RpcLocator - ok
11:02:02.0339 0x1050 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
11:02:02.0376 0x1050 RpcSs - ok
11:02:02.0416 0x1050 [ 8CDA04D9F6C15F8E98FDE926A51DCCD6, F9B6771D7B157FEB9C2AB26B647B9AEC6CE4B9455F06FE4E097A723C1D5B2301 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
11:02:02.0437 0x1050 RSP2STOR - ok
11:02:02.0468 0x1050 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:02:02.0496 0x1050 rspndr - ok
11:02:02.0545 0x1050 [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
11:02:02.0565 0x1050 RTL8168 - ok
11:02:02.0585 0x1050 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
11:02:02.0605 0x1050 s3cap - ok
11:02:02.0621 0x1050 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
11:02:02.0630 0x1050 SamSs - ok
11:02:02.0653 0x1050 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:02:02.0662 0x1050 sbp2port - ok
11:02:02.0692 0x1050 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:02:02.0717 0x1050 SCardSvr - ok
11:02:02.0750 0x1050 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
11:02:02.0797 0x1050 ScDeviceEnum - ok
11:02:02.0829 0x1050 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:02:02.0875 0x1050 scfilter - ok
11:02:02.0974 0x1050 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
11:02:03.0014 0x1050 Schedule - ok
11:02:03.0049 0x1050 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:02:03.0060 0x1050 SCPolicySvc - ok
11:02:03.0104 0x1050 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys
11:02:03.0133 0x1050 sdbus - ok
11:02:03.0163 0x1050 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
11:02:03.0179 0x1050 sdstor - ok
11:02:03.0191 0x1050 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:02:03.0215 0x1050 secdrv - ok
11:02:03.0235 0x1050 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
11:02:03.0260 0x1050 seclogon - ok
11:02:03.0287 0x1050 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
11:02:03.0329 0x1050 SENS - ok
11:02:03.0359 0x1050 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:02:03.0424 0x1050 SensrSvc - ok
11:02:03.0442 0x1050 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
11:02:03.0459 0x1050 SerCx - ok
11:02:03.0493 0x1050 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
11:02:03.0513 0x1050 SerCx2 - ok
11:02:03.0516 0x1050 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
11:02:03.0538 0x1050 Serenum - ok
11:02:03.0543 0x1050 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
11:02:03.0552 0x1050 Serial - ok
11:02:03.0575 0x1050 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\Windows\System32\drivers\sermouse.sys
11:02:03.0594 0x1050 sermouse - ok
11:02:03.0635 0x1050 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
11:02:03.0672 0x1050 SessionEnv - ok
11:02:03.0688 0x1050 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
11:02:03.0702 0x1050 sfloppy - ok
11:02:03.0740 0x1050 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:02:03.0770 0x1050 SharedAccess - ok
11:02:03.0822 0x1050 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:02:03.0844 0x1050 ShellHWDetection - ok
11:02:03.0879 0x1050 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:02:03.0888 0x1050 SiSRaid2 - ok
11:02:03.0892 0x1050 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:02:03.0901 0x1050 SiSRaid4 - ok
11:02:03.0970 0x1050 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:02:04.0005 0x1050 SkypeUpdate - ok
11:02:04.0032 0x1050 [ D885207A4A218EC4773E6F7D214FDEA3, EA64958C2058DCDB8858E0EDA0626BD89B90A973130FE2B8886CF28072BF19D9 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:02:04.0043 0x1050 SmbDrvI - ok
11:02:04.0070 0x1050 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
11:02:04.0085 0x1050 smphost - ok
11:02:04.0120 0x1050 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:02:04.0142 0x1050 SNMPTRAP - ok
11:02:04.0177 0x1050 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
11:02:04.0193 0x1050 spaceport - ok
11:02:04.0206 0x1050 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
11:02:04.0215 0x1050 SpbCx - ok
11:02:04.0260 0x1050 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
11:02:04.0297 0x1050 Spooler - ok
11:02:04.0501 0x1050 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
11:02:04.0643 0x1050 sppsvc - ok
11:02:04.0650 0x1050 sptd - ok
11:02:04.0727 0x1050 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:02:04.0766 0x1050 srv - ok
11:02:04.0807 0x1050 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:02:04.0839 0x1050 srv2 - ok
11:02:04.0873 0x1050 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:02:04.0894 0x1050 srvnet - ok
11:02:04.0930 0x1050 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:02:04.0962 0x1050 SSDPSRV - ok
11:02:05.0005 0x1050 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:02:05.0034 0x1050 SstpSvc - ok
11:02:05.0066 0x1050 [ B1800F5DA5114148E405F21292EDF77A, F0CCE39AA15A7E8EBB8EBA72C053F6489E10601294ACD6E12DCDC6E2BE76403B ] StarPortLite C:\Windows\System32\drivers\StarPortLite.sys
11:02:05.0082 0x1050 StarPortLite - ok
11:02:05.0112 0x1050 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:02:05.0128 0x1050 stexstor - ok
11:02:05.0169 0x1050 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
11:02:05.0199 0x1050 stisvc - ok
11:02:05.0213 0x1050 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
11:02:05.0222 0x1050 storahci - ok
11:02:05.0257 0x1050 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:02:05.0266 0x1050 storflt - ok
11:02:05.0282 0x1050 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
11:02:05.0290 0x1050 stornvme - ok
11:02:05.0324 0x1050 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
11:02:05.0345 0x1050 StorSvc - ok
11:02:05.0358 0x1050 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:02:05.0367 0x1050 storvsc - ok
11:02:05.0395 0x1050 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
11:02:05.0414 0x1050 svsvc - ok
11:02:05.0437 0x1050 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
11:02:05.0444 0x1050 swenum - ok
11:02:05.0491 0x1050 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
11:02:05.0513 0x1050 swprv - ok
11:02:05.0550 0x1050 [ AC2AFB0CADC5AB87E6ACC4E1A7F774DD, 706A8CD9CA9225E486F5138DF3B67630067EE257C9E5FFEBA9DE35A11B8C8913 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:02:05.0567 0x1050 SynTP - ok
11:02:05.0631 0x1050 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
11:02:05.0662 0x1050 SysMain - ok
11:02:05.0696 0x1050 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:02:05.0926 0x1050 SystemEventsBroker - ok
11:02:05.0970 0x1050 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:02:06.0004 0x1050 TabletInputService - ok
11:02:06.0048 0x1050 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
11:02:06.0074 0x1050 TapiSrv - ok
11:02:06.0188 0x1050 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:02:06.0247 0x1050 Tcpip - ok
11:02:06.0296 0x1050 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:02:06.0355 0x1050 TCPIP6 - ok
11:02:06.0391 0x1050 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:02:06.0424 0x1050 tcpipreg - ok
11:02:06.0442 0x1050 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:02:06.0472 0x1050 tdx - ok
11:02:06.0515 0x1050 [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:02:06.0540 0x1050 TemproMonitoringService - ok
11:02:06.0555 0x1050 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
11:02:06.0568 0x1050 terminpt - ok
11:02:06.0632 0x1050 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
11:02:06.0674 0x1050 TermService - ok
11:02:06.0695 0x1050 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
11:02:06.0712 0x1050 Themes - ok
11:02:06.0735 0x1050 [ 98F91C69689FB0493E8CC34A45B8FA0B, 17385AB817F74F70848E1C71503DA726A4D417D16A5DCE7593BAD112150F6922 ] Thotkey C:\Windows\System32\drivers\Thotkey.sys
11:02:06.0740 0x1050 Thotkey - ok
11:02:06.0770 0x1050 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
11:02:06.0802 0x1050 THREADORDER - ok
11:02:06.0840 0x1050 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
11:02:06.0868 0x1050 TimeBroker - ok
11:02:06.0930 0x1050 [ 18688C5B1ED56FAF6310D07709F81EC0, 4631774A2274E9D4340D67AED026622BD3B74696F4F62E6A1EFBD6DA2267E36E ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:02:06.0950 0x1050 TMachInfo - ok
11:02:07.0027 0x1050 [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
11:02:07.0060 0x1050 TOSHIBA eco Utility Service - ok
11:02:07.0087 0x1050 [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec C:\Windows\System32\drivers\tosrfec.sys
11:02:07.0098 0x1050 tosrfec - ok
11:02:07.0138 0x1050 [ ADC56716CAF55E3ABDF549E9425004F8, FDA93F583AAB6FA6E8447B169BDA6E6E8547959133BD95933228C137B69129B7 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:02:07.0153 0x1050 TPCHSrv - ok
11:02:07.0184 0x1050 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
11:02:07.0194 0x1050 TPM - ok
11:02:07.0227 0x1050 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
11:02:07.0237 0x1050 TrkWks - ok
11:02:07.0285 0x1050 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:02:07.0389 0x1050 TrustedInstaller - ok
11:02:07.0403 0x1050 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:02:07.0425 0x1050 TsUsbFlt - ok
11:02:07.0456 0x1050 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
11:02:07.0473 0x1050 TsUsbGD - ok
11:02:07.0495 0x1050 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:02:07.0515 0x1050 tunnel - ok
11:02:07.0548 0x1050 [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ C:\Windows\system32\drivers\TVALZ_O.SYS
11:02:07.0554 0x1050 TVALZ - ok
11:02:07.0574 0x1050 [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL C:\Windows\system32\Drivers\TVALZFL.sys
11:02:07.0582 0x1050 TVALZFL - ok
11:02:07.0594 0x1050 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:02:07.0605 0x1050 uagp35 - ok
11:02:07.0609 0x1050 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
11:02:07.0620 0x1050 UASPStor - ok
11:02:07.0643 0x1050 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
11:02:07.0655 0x1050 UCX01000 - ok
11:02:07.0678 0x1050 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:02:07.0704 0x1050 udfs - ok
11:02:07.0721 0x1050 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
11:02:07.0731 0x1050 UEFI - ok
11:02:07.0764 0x1050 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:02:07.0774 0x1050 UI0Detect - ok
11:02:07.0783 0x1050 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:02:07.0791 0x1050 uliagpkx - ok
11:02:07.0807 0x1050 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
11:02:07.0824 0x1050 umbus - ok
11:02:07.0836 0x1050 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
11:02:07.0852 0x1050 UmPass - ok
11:02:07.0897 0x1050 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
11:02:08.0000 0x1050 UmRdpService - ok
11:02:08.0046 0x1050 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
11:02:08.0081 0x1050 upnphost - ok
11:02:08.0110 0x1050 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
11:02:08.0121 0x1050 usbccgp - ok
11:02:08.0147 0x1050 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
11:02:08.0157 0x1050 usbcir - ok
11:02:08.0183 0x1050 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
11:02:08.0192 0x1050 usbehci - ok
11:02:08.0235 0x1050 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
11:02:08.0252 0x1050 usbhub - ok
11:02:08.0292 0x1050 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
11:02:08.0311 0x1050 USBHUB3 - ok
11:02:08.0342 0x1050 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
11:02:08.0358 0x1050 usbohci - ok
11:02:08.0386 0x1050 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
11:02:08.0408 0x1050 usbprint - ok
11:02:08.0427 0x1050 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:02:08.0439 0x1050 usbscan - ok
11:02:08.0474 0x1050 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
11:02:08.0485 0x1050 USBSTOR - ok
11:02:08.0496 0x1050 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
11:02:08.0511 0x1050 usbuhci - ok
11:02:08.0543 0x1050 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:02:08.0569 0x1050 usbvideo - ok
11:02:08.0610 0x1050 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
11:02:08.0624 0x1050 USBXHCI - ok
11:02:08.0632 0x1050 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
11:02:08.0641 0x1050 VaultSvc - ok
11:02:08.0655 0x1050 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:02:08.0664 0x1050 vdrvroot - ok
11:02:08.0771 0x1050 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
11:02:08.0819 0x1050 vds - ok
11:02:08.0840 0x1050 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
11:02:08.0852 0x1050 VerifierExt - ok
11:02:08.0882 0x1050 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
11:02:08.0901 0x1050 vhdmp - ok
11:02:08.0915 0x1050 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
11:02:08.0923 0x1050 viaide - ok
11:02:08.0955 0x1050 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:02:08.0966 0x1050 vmbus - ok
11:02:08.0976 0x1050 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
11:02:09.0002 0x1050 VMBusHID - ok
11:02:09.0037 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
11:02:09.0066 0x1050 vmicguestinterface - ok
11:02:09.0078 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
11:02:09.0099 0x1050 vmicheartbeat - ok
11:02:09.0110 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:02:09.0128 0x1050 vmickvpexchange - ok
11:02:09.0141 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
11:02:09.0158 0x1050 vmicrdv - ok
11:02:09.0170 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
11:02:09.0187 0x1050 vmicshutdown - ok
11:02:09.0200 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
11:02:09.0218 0x1050 vmictimesync - ok
11:02:09.0230 0x1050 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
11:02:09.0248 0x1050 vmicvss - ok
11:02:09.0278 0x1050 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:02:09.0287 0x1050 volmgr - ok
11:02:09.0307 0x1050 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:02:09.0322 0x1050 volmgrx - ok
11:02:09.0348 0x1050 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:02:09.0361 0x1050 volsnap - ok
11:02:09.0386 0x1050 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
11:02:09.0394 0x1050 vpci - ok
11:02:09.0420 0x1050 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:02:09.0431 0x1050 vsmraid - ok
11:02:09.0515 0x1050 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
11:02:09.0564 0x1050 VSS - ok
11:02:09.0583 0x1050 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
11:02:09.0596 0x1050 VSTXRAID - ok
11:02:09.0618 0x1050 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:02:09.0627 0x1050 vwifibus - ok
11:02:09.0652 0x1050 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:02:09.0702 0x1050 vwififlt - ok
11:02:09.0717 0x1050 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:02:09.0732 0x1050 vwifimp - ok
11:02:09.0766 0x1050 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
11:02:09.0801 0x1050 W32Time - ok
11:02:09.0815 0x1050 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
11:02:09.0840 0x1050 WacomPen - ok
11:02:09.0860 0x1050 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:02:09.0884 0x1050 Wanarp - ok
11:02:09.0887 0x1050 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:02:09.0896 0x1050 Wanarpv6 - ok
11:02:09.0958 0x1050 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
11:02:10.0005 0x1050 wbengine - ok
11:02:10.0034 0x1050 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:02:10.0059 0x1050 WbioSrvc - ok
11:02:10.0087 0x1050 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
11:02:10.0103 0x1050 Wcmsvc - ok
11:02:10.0143 0x1050 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:02:10.0161 0x1050 wcncsvc - ok
11:02:10.0190 0x1050 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:02:10.0215 0x1050 WcsPlugInService - ok
11:02:10.0241 0x1050 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
11:02:10.0251 0x1050 WdBoot - ok
11:02:10.0301 0x1050 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:02:10.0325 0x1050 Wdf01000 - ok
11:02:10.0348 0x1050 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
11:02:10.0360 0x1050 WdFilter - ok
11:02:10.0391 0x1050 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:02:10.0417 0x1050 WdiServiceHost - ok
11:02:10.0421 0x1050 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:02:10.0433 0x1050 WdiSystemHost - ok
11:02:10.0460 0x1050 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
11:02:10.0470 0x1050 WdNisDrv - ok
11:02:10.0481 0x1050 WdNisSvc - ok
11:02:10.0505 0x1050 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
11:02:10.0518 0x1050 WebClient - ok
11:02:10.0544 0x1050 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:02:10.0571 0x1050 Wecsvc - ok
11:02:10.0598 0x1050 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
11:02:10.0618 0x1050 WEPHOSTSVC - ok
11:02:10.0647 0x1050 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:02:10.0659 0x1050 wercplsupport - ok
11:02:10.0690 0x1050 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
11:02:10.0719 0x1050 WerSvc - ok
11:02:10.0744 0x1050 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
11:02:10.0754 0x1050 WFPLWFS - ok
11:02:10.0768 0x1050 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
11:02:10.0791 0x1050 WiaRpc - ok
11:02:10.0811 0x1050 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:02:10.0833 0x1050 WIMMount - ok
11:02:10.0837 0x1050 WinDefend - ok
11:02:10.0908 0x1050 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:02:10.0956 0x1050 WinHttpAutoProxySvc - ok
11:02:11.0020 0x1050 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:02:11.0049 0x1050 Winmgmt - ok
11:02:11.0143 0x1050 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
11:02:11.0212 0x1050 WinRM - ok
11:02:11.0236 0x1050 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:02:11.0267 0x1050 WinUsb - ok
11:02:11.0348 0x1050 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
11:02:11.0394 0x1050 WlanSvc - ok
11:02:11.0504 0x1050 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
11:02:11.0553 0x1050 wlidsvc - ok
11:02:11.0578 0x1050 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
11:02:11.0609 0x1050 WmiAcpi - ok
11:02:11.0656 0x1050 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:02:11.0679 0x1050 wmiApSrv - ok
11:02:11.0704 0x1050 WMPNetworkSvc - ok
11:02:11.0732 0x1050 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
11:02:11.0742 0x1050 Wof - ok
11:02:11.0830 0x1050 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
11:02:11.0869 0x1050 workfolderssvc - ok
11:02:11.0899 0x1050 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
11:02:11.0907 0x1050 wpcfltr - ok
11:02:11.0932 0x1050 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:02:11.0942 0x1050 WPCSvc - ok
11:02:11.0978 0x1050 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:02:12.0012 0x1050 WPDBusEnum - ok
11:02:12.0029 0x1050 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
11:02:12.0042 0x1050 WpdUpFltr - ok
11:02:12.0068 0x1050 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:02:12.0099 0x1050 ws2ifsl - ok
11:02:12.0132 0x1050 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
11:02:12.0150 0x1050 wscsvc - ok
11:02:12.0153 0x1050 WSearch - ok
11:02:12.0271 0x1050 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
11:02:12.0354 0x1050 WSService - ok
11:02:12.0505 0x1050 [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv C:\Windows\system32\wuaueng.dll
11:02:12.0585 0x1050 wuauserv - ok
11:02:12.0614 0x1050 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:02:12.0770 0x1050 WudfPf - ok
11:02:12.0816 0x1050 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
11:02:12.0848 0x1050 WUDFRd - ok
11:02:12.0877 0x1050 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:02:12.0887 0x1050 wudfsvc - ok
11:02:12.0894 0x1050 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
11:02:12.0905 0x1050 WUDFWpdFs - ok
11:02:12.0913 0x1050 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
11:02:12.0924 0x1050 WUDFWpdMtp - ok
11:02:12.0960 0x1050 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:02:12.0992 0x1050 WwanSvc - ok
11:02:13.0178 0x1050 [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:02:13.0248 0x1050 ZeroConfigService - ok
11:02:13.0260 0x1050 ================ Scan global ===============================
11:02:13.0292 0x1050 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
11:02:13.0318 0x1050 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
11:02:13.0347 0x1050 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
11:02:13.0390 0x1050 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
11:02:13.0396 0x1050 [ Global ] - ok
11:02:13.0397 0x1050 ================ Scan MBR ==================================
11:02:13.0407 0x1050 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:02:13.0471 0x1050 \Device\Harddisk0\DR0 - ok
11:02:13.0471 0x1050 ================ Scan VBR ==================================
11:02:13.0473 0x1050 [ 3396487114C7AF39AEA9C46D3B9F3D58 ] \Device\Harddisk0\DR0\Partition1
11:02:13.0519 0x1050 \Device\Harddisk0\DR0\Partition1 - ok
11:02:13.0530 0x1050 [ CED4D242DFC5D30F2EC60F29248C8208 ] \Device\Harddisk0\DR0\Partition2
11:02:13.0584 0x1050 \Device\Harddisk0\DR0\Partition2 - ok
11:02:13.0602 0x1050 [ AE9C8B0D14078D52A0371082B9A03CAA ] \Device\Harddisk0\DR0\Partition3
11:02:13.0665 0x1050 \Device\Harddisk0\DR0\Partition3 - ok
11:02:13.0686 0x1050 [ EDD289A082B3D01EBE7C1497AEE7032C ] \Device\Harddisk0\DR0\Partition4
11:02:13.0750 0x1050 \Device\Harddisk0\DR0\Partition4 - ok
11:02:13.0802 0x1050 [ 60410DD38D6FED85C2A62D9C7514C303 ] \Device\Harddisk0\DR0\Partition5
11:02:13.0806 0x1050 \Device\Harddisk0\DR0\Partition5 - ok
11:02:13.0806 0x1050 ================ Scan generic autorun ======================
11:02:13.0979 0x1050 [ 645B9EA3099387008653173BBE828E62, FE1BF2360181F05454F6B5A9B42ECB1203E5936D72502281A46D913094BAB4CD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
11:02:14.0001 0x1050 StartCCC - ok
11:02:14.0044 0x1050 [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
11:02:14.0058 0x1050 TSVU - ok
11:02:14.0176 0x1050 [ 2A06A880B6AECB9B1F384B60F35D5831, A5FF754AFBC6F818F470F50253A9E88BA24C5AA3E056D28AAF32ABBF1202C81B ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
11:02:14.0210 0x1050 GDFirewallTray - ok
11:02:14.0283 0x1050 [ 73871920634B1FCB62812F29C89A71F5, 66CCEF92058656D6CC2752A6BA55F25BFCEAA5ED93FD65E7AC17EC266A3FA4FB ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
11:02:14.0306 0x1050 EEventManager - ok
11:02:14.0373 0x1050 [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE
11:02:14.0386 0x1050 EPLTarget\P0000000000000000 - ok
11:02:14.0472 0x1050 [ AE6F7122808C84ECA37CFF7B16C3A9C9, 10D6751917715EB3852ADE7D09D53B1BE5B39B84A73629E5D1FCBD2E4BA34C5F ] C:\Program Files\Internet Explorer\iexplore.exe
11:02:14.0503 0x1050 Application Restart #0 - ok
11:02:14.0504 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:15.0504 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:16.0505 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:17.0505 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:18.0505 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:19.0505 0x1050 Waiting for KSN requests completion. In queue: 325
11:02:20.0505 0x1050 Waiting for KSN requests completion. In queue: 15
11:02:21.0505 0x1050 Waiting for KSN requests completion. In queue: 15
11:02:22.0536 0x1050 AV detected via SS2: G Data InternetSecurity CBE, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
11:02:22.0536 0x1050 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
11:02:22.0537 0x1050 FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
11:02:25.0426 0x1050 ============================================================
11:02:25.0426 0x1050 Scan finished

asgrub · 23.08.2015, 10:35

Code:

ATTFilter

11:02:25.0426 0x1050  ============================================================
11:02:25.0444 0x0db4  Detected object count: 1
11:02:25.0444 0x0db4  Actual detected object count: 1
11:03:21.0266 0x0db4  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
11:03:21.0266 0x0db4  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:04:55.0681 0x12e8  ============================================================
11:04:55.0681 0x12e8  Scan started
11:04:55.0681 0x12e8  Mode: Manual; SigCheck; TDLFS; 
11:04:55.0681 0x12e8  ============================================================
11:04:55.0681 0x12e8  KSN ping started
11:05:07.0919 0x12e8  KSN ping finished: true
11:05:09.0196 0x12e8  ================ Scan system memory ========================
11:05:09.0197 0x12e8  System memory - ok
11:05:09.0198 0x12e8  ================ Scan services =============================
11:05:09.0376 0x12e8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:05:09.0398 0x12e8  1394ohci - ok
11:05:09.0403 0x12e8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:05:09.0411 0x12e8  3ware - ok
11:05:09.0443 0x12e8  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:05:09.0462 0x12e8  ACPI - ok
11:05:09.0490 0x12e8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:05:09.0499 0x12e8  acpiex - ok
11:05:09.0516 0x12e8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:05:09.0526 0x12e8  acpipagr - ok
11:05:09.0538 0x12e8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:05:09.0547 0x12e8  AcpiPmi - ok
11:05:09.0550 0x12e8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:05:09.0559 0x12e8  acpitime - ok
11:05:09.0650 0x12e8  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:05:09.0671 0x12e8  AdobeFlashPlayerUpdateSvc - ok
11:05:09.0730 0x12e8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
11:05:09.0761 0x12e8  ADP80XX - ok
11:05:09.0794 0x12e8  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:05:09.0807 0x12e8  AeLookupSvc - ok
11:05:09.0855 0x12e8  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
11:05:09.0881 0x12e8  AFD - ok
11:05:09.0894 0x12e8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:05:09.0903 0x12e8  agp440 - ok
11:05:09.0925 0x12e8  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
11:05:09.0934 0x12e8  ahcache - ok
11:05:10.0017 0x12e8  [ 7067AC22EB74C2E3D4C950050CBB1AC0, 2CC18B36FE0059CD0C4745BA698DB322006BED182623D85655A389077DB52A03 ] ALDITALKVerbindungsassistent_Service C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
11:05:10.0029 0x12e8  ALDITALKVerbindungsassistent_Service - ok
11:05:10.0051 0x12e8  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
11:05:10.0061 0x12e8  ALG - ok
11:05:10.0096 0x12e8  [ 235E6F34CEE519E919E218EA53804AD9, D0833D943C8385DF0F86F404E961D5A6BC464F018117BC1BE4C8F95BF499142D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:05:10.0111 0x12e8  AMD External Events Utility - ok
11:05:10.0132 0x12e8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:05:10.0142 0x12e8  AmdK8 - ok
11:05:10.0522 0x12e8  [ 46D3E75D2A7DB2A51892FC0B1AA6EFAE, ACA42C20D0E1AC1B045A024455717714E7789FD425D762861FB0BF27D8941421 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:05:10.0785 0x12e8  amdkmdag - ok
11:05:10.0845 0x12e8  [ 10B8D94CD21AEDB2F35784AC05766309, 818B020EF753CB64090C358F07D7D1A3F51FF579BF7D9E585E165129A6489463 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:05:10.0867 0x12e8  amdkmdap - ok
11:05:10.0879 0x12e8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:05:10.0889 0x12e8  AmdPPM - ok
11:05:10.0893 0x12e8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:05:10.0902 0x12e8  amdsata - ok
11:05:10.0930 0x12e8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:05:10.0943 0x12e8  amdsbs - ok
11:05:10.0947 0x12e8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:05:10.0954 0x12e8  amdxata - ok
11:05:10.0979 0x12e8  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:05:10.0988 0x12e8  AppID - ok
11:05:11.0014 0x12e8  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:05:11.0023 0x12e8  AppIDSvc - ok
11:05:11.0060 0x12e8  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
11:05:11.0071 0x12e8  Appinfo - ok
11:05:11.0123 0x12e8  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
11:05:11.0165 0x12e8  AppReadiness - ok
11:05:11.0219 0x12e8  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
11:05:11.0252 0x12e8  AppXSvc - ok
11:05:11.0286 0x12e8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:05:11.0309 0x12e8  arcsas - ok
11:05:11.0323 0x12e8  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:05:11.0334 0x12e8  AsyncMac - ok
11:05:11.0338 0x12e8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:05:11.0346 0x12e8  atapi - ok
11:05:11.0379 0x12e8  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:05:11.0392 0x12e8  AudioEndpointBuilder - ok
11:05:11.0422 0x12e8  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:05:11.0455 0x12e8  Audiosrv - ok
11:05:11.0562 0x12e8  [ B90962C56D37665500E3B2510844F57E, D3A97436CACA7FD2E6EF6B07536F26665C06F6251472FAB96E923039412E6E85 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
11:05:11.0608 0x12e8  AVKProxy - ok
11:05:11.0714 0x12e8  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
11:05:11.0743 0x12e8  AVKService - ok
11:05:11.0857 0x12e8  [ B91B3F76E965F73DEA48CA13F6E96C4C, 5406A307939F77BD7092C8B1726370C154A14C15AEB4E96B6FF6D26A4F239FB5 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
11:05:11.0914 0x12e8  AVKWCtl - ok
11:05:11.0950 0x12e8  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:05:11.0959 0x12e8  AxInstSV - ok
11:05:12.0003 0x12e8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:05:12.0022 0x12e8  b06bdrv - ok
11:05:12.0033 0x12e8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:05:12.0043 0x12e8  BasicDisplay - ok
11:05:12.0055 0x12e8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:05:12.0064 0x12e8  BasicRender - ok
11:05:12.0088 0x12e8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
11:05:12.0094 0x12e8  bcmfn2 - ok
11:05:12.0122 0x12e8  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
11:05:12.0138 0x12e8  BDESVC - ok
11:05:12.0153 0x12e8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
11:05:12.0162 0x12e8  Beep - ok
11:05:12.0202 0x12e8  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
11:05:12.0226 0x12e8  BFE - ok
11:05:12.0277 0x12e8  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
11:05:12.0302 0x12e8  BITS - ok
11:05:12.0320 0x12e8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:05:12.0330 0x12e8  bowser - ok
11:05:12.0374 0x12e8  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:05:12.0395 0x12e8  BrokerInfrastructure - ok
11:05:12.0417 0x12e8  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
11:05:12.0441 0x12e8  Browser - ok
11:05:12.0458 0x12e8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:05:12.0467 0x12e8  BthAvrcpTg - ok
11:05:12.0502 0x12e8  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
11:05:12.0518 0x12e8  BthEnum - ok
11:05:12.0535 0x12e8  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:05:12.0551 0x12e8  BthHFEnum - ok
11:05:12.0584 0x12e8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:05:12.0599 0x12e8  bthhfhid - ok
11:05:12.0631 0x12e8  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
11:05:12.0645 0x12e8  BthHFSrv - ok
11:05:12.0677 0x12e8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
11:05:12.0689 0x12e8  BthLEEnum - ok
11:05:12.0693 0x12e8  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:05:12.0703 0x12e8  BTHMODEM - ok
11:05:12.0717 0x12e8  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
11:05:12.0727 0x12e8  BthPan - ok
11:05:12.0778 0x12e8  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:05:12.0807 0x12e8  BTHPORT - ok
11:05:12.0834 0x12e8  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
11:05:12.0845 0x12e8  bthserv - ok
11:05:12.0874 0x12e8  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:05:12.0904 0x12e8  BTHUSB - ok
11:05:12.0926 0x12e8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:05:12.0960 0x12e8  cdfs - ok
11:05:12.0984 0x12e8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:05:13.0005 0x12e8  cdrom - ok
11:05:13.0046 0x12e8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:05:13.0068 0x12e8  CertPropSvc - ok
11:05:13.0096 0x12e8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
11:05:13.0114 0x12e8  circlass - ok
11:05:13.0170 0x12e8  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:05:13.0212 0x12e8  CLFS - ok
11:05:13.0250 0x12e8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:05:13.0262 0x12e8  CmBatt - ok
11:05:13.0384 0x12e8  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:05:13.0416 0x12e8  CNG - ok
11:05:13.0480 0x12e8  [ 5477A191338FA6203538EC074D7A5652, B342D30D3CF901B4BBB79A5E4DCA46D5216B907DD2F3175B099CF02032BEDEF4 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:05:13.0512 0x12e8  CnxtHdAudService - ok
11:05:13.0525 0x12e8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:05:13.0535 0x12e8  CompositeBus - ok
11:05:13.0538 0x12e8  COMSysApp - ok
11:05:13.0561 0x12e8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
11:05:13.0571 0x12e8  condrv - ok
11:05:13.0639 0x12e8  [ C220ADD94A1E5D93C2C0C3CA0D2C583F, 84E42D047D6BD5BEBBE719E8617BC664B026EABDF61AFC5527C48EF03518A18C ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:05:13.0656 0x12e8  cphs - ok
11:05:13.0694 0x12e8  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:05:13.0705 0x12e8  CryptSvc - ok
11:05:13.0733 0x12e8  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
11:05:13.0743 0x12e8  CxAudMsg - ok
11:05:13.0764 0x12e8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
11:05:13.0773 0x12e8  dam - ok
11:05:13.0814 0x12e8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:05:13.0838 0x12e8  DcomLaunch - ok
11:05:13.0872 0x12e8  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
11:05:13.0889 0x12e8  defragsvc - ok
11:05:13.0924 0x12e8  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
11:05:13.0941 0x12e8  DeviceAssociationService - ok
11:05:13.0972 0x12e8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:05:13.0982 0x12e8  DeviceInstall - ok
11:05:14.0012 0x12e8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:05:14.0022 0x12e8  Dfsc - ok
11:05:14.0061 0x12e8  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:05:14.0076 0x12e8  Dhcp - ok
11:05:14.0090 0x12e8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
11:05:14.0100 0x12e8  disk - ok
11:05:14.0110 0x12e8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:05:14.0118 0x12e8  dmvsc - ok
11:05:14.0145 0x12e8  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:05:14.0158 0x12e8  Dnscache - ok
11:05:14.0193 0x12e8  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:05:14.0207 0x12e8  dot3svc - ok
11:05:14.0232 0x12e8  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
11:05:14.0245 0x12e8  DPS - ok
11:05:14.0264 0x12e8  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:05:14.0272 0x12e8  drmkaud - ok
11:05:14.0299 0x12e8  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:05:14.0320 0x12e8  DsmSvc - ok
11:05:14.0386 0x12e8  [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
11:05:14.0405 0x12e8  dts_apo_service - ok
11:05:14.0513 0x12e8  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:05:14.0557 0x12e8  DXGKrnl - ok
11:05:14.0591 0x12e8  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
11:05:14.0602 0x12e8  Eaphost - ok
11:05:14.0760 0x12e8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:05:14.0837 0x12e8  ebdrv - ok
11:05:14.0862 0x12e8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
11:05:14.0872 0x12e8  EFS - ok
11:05:14.0912 0x12e8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:05:14.0939 0x12e8  EhStorClass - ok
11:05:14.0953 0x12e8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:05:14.0962 0x12e8  EhStorTcgDrv - ok
11:05:14.0983 0x12e8  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
11:05:14.0991 0x12e8  EpsonScanSvc - ok
11:05:14.0995 0x12e8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:05:15.0003 0x12e8  ErrDev - ok
11:05:15.0068 0x12e8  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
11:05:15.0107 0x12e8  EventSystem - ok
11:05:15.0239 0x12e8  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:05:15.0266 0x12e8  EvtEng - ok
11:05:15.0295 0x12e8  [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
11:05:15.0305 0x12e8  ewusbnet - ok
11:05:15.0320 0x12e8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
11:05:15.0330 0x12e8  ew_hwusbdev - ok
11:05:15.0361 0x12e8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:05:15.0376 0x12e8  exfat - ok
11:05:15.0393 0x12e8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:05:15.0405 0x12e8  fastfat - ok
11:05:15.0442 0x12e8  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
11:05:15.0462 0x12e8  Fax - ok
11:05:15.0495 0x12e8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:05:15.0504 0x12e8  fdc - ok
11:05:15.0536 0x12e8  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:05:15.0561 0x12e8  fdPHost - ok
11:05:15.0577 0x12e8  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:05:15.0593 0x12e8  FDResPub - ok
11:05:15.0627 0x12e8  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:05:15.0646 0x12e8  fhsvc - ok
11:05:15.0668 0x12e8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:05:15.0684 0x12e8  FileInfo - ok
11:05:15.0694 0x12e8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:05:15.0716 0x12e8  Filetrace - ok
11:05:15.0753 0x12e8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:05:15.0780 0x12e8  flpydisk - ok
11:05:15.0811 0x12e8  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:05:15.0839 0x12e8  FltMgr - ok
11:05:15.0906 0x12e8  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
11:05:15.0940 0x12e8  FontCache - ok
11:05:16.0015 0x12e8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:05:16.0039 0x12e8  FontCache3.0.0.0 - ok
11:05:16.0063 0x12e8  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:05:16.0079 0x12e8  FsDepends - ok
11:05:16.0098 0x12e8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:05:16.0113 0x12e8  Fs_Rec - ok
11:05:16.0151 0x12e8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:05:16.0180 0x12e8  fvevol - ok
11:05:16.0192 0x12e8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:05:16.0201 0x12e8  FxPPM - ok
11:05:16.0205 0x12e8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:05:16.0213 0x12e8  gagp30kx - ok
11:05:16.0272 0x12e8  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
11:05:16.0293 0x12e8  GamesAppIntegrationService - ok
11:05:16.0305 0x12e8  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:05:16.0314 0x12e8  GamesAppService - ok
11:05:16.0332 0x12e8  [ A4F725169F1290BCFCD6A06C103A2836, CF4E44DC50ABE16631E387A6588C59E038A019006ED09FE9E2701F4647258394 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
11:05:16.0338 0x12e8  GDBehave - ok
11:05:16.0533 0x12e8  [ 45D331E508E736E0043B2F2F0BB2B7E3, 633A8F1696F8F95A261995C6C659018B5BCC9EFB9F82F206DD11B3838048E6F7 ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
11:05:16.0594 0x12e8  GDFwSvc - ok
11:05:16.0607 0x12e8  [ 24418551477C9C2315448A4B13F76F54, EC9446FD880DCDE8BF5E6BB65B94950F1E55B906E851A705FB12AEFCF6C5BD33 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
11:05:16.0614 0x12e8  GDMnIcpt - ok
11:05:16.0639 0x12e8  [ 8FD648A30F9791032E3F4F2220C4231F, 1B31B44A2533D6BF13735A8A23D8F7F791A3DA43332116EEA6E98A73F53D27A9 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
11:05:16.0646 0x12e8  GDPkIcpt - ok
11:05:16.0737 0x12e8  [ 846972E3EBB10D2F39A69B5E6CF08313, 7E2EC3BBF066C3C40F75F2533D1AB2307C3331FA460243A4F4B31A61714C159E ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
11:05:16.0766 0x12e8  GDScan - ok
11:05:16.0794 0x12e8  [ 6CFCBFA04DFFFAA47BE48ADD6795E0CB, 05365BAE920525924B6AE0D2536A1E6BDB07A9F28C391C766725C5CA5EA75F2E ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
11:05:16.0800 0x12e8  gdwfpcd - ok
11:05:16.0826 0x12e8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:05:16.0838 0x12e8  gencounter - ok
11:05:16.0868 0x12e8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:05:16.0884 0x12e8  GPIOClx0101 - ok
11:05:16.0930 0x12e8  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:05:16.0964 0x12e8  gpsvc - ok
11:05:16.0993 0x12e8  [ 57875BA7B65C5FE5A87630DC1544C420, 5BB2F6CD21E3855F163B2B15E2E51A3D58637A890D0D3C6AEFB0F60214D6FBD2 ] GRD             C:\Windows\system32\drivers\GRD.sys
11:05:16.0999 0x12e8  GRD - ok
11:05:17.0052 0x12e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:05:17.0072 0x12e8  gupdate - ok
11:05:17.0080 0x12e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:05:17.0092 0x12e8  gupdatem - ok
11:05:17.0120 0x12e8  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:05:17.0136 0x12e8  HdAudAddService - ok
11:05:17.0167 0x12e8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:05:17.0176 0x12e8  HDAudBus - ok
11:05:17.0193 0x12e8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:05:17.0203 0x12e8  HidBatt - ok
11:05:17.0207 0x12e8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:05:17.0217 0x12e8  HidBth - ok
11:05:17.0221 0x12e8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:05:17.0229 0x12e8  hidi2c - ok
11:05:17.0233 0x12e8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:05:17.0243 0x12e8  HidIr - ok
11:05:17.0277 0x12e8  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
11:05:17.0306 0x12e8  hidserv - ok
11:05:17.0332 0x12e8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:05:17.0357 0x12e8  HidUsb - ok
11:05:17.0409 0x12e8  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:05:17.0437 0x12e8  hkmsvc - ok
11:05:17.0471 0x12e8  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:05:17.0493 0x12e8  HomeGroupListener - ok
11:05:17.0531 0x12e8  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:05:17.0549 0x12e8  HomeGroupProvider - ok
11:05:17.0558 0x12e8  [ E554BCAA1A15A1337B7856CABE1334F4, 64C77722AC3AC00E8FBE109C247B4DC0577C6E22E0D69A9025854BAA5DFE2400 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
11:05:17.0565 0x12e8  HookCentre - ok
11:05:17.0577 0x12e8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:05:17.0587 0x12e8  HpSAMD - ok
11:05:17.0630 0x12e8  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:05:17.0659 0x12e8  HTTP - ok
11:05:17.0683 0x12e8  [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
11:05:17.0692 0x12e8  hwdatacard - ok
11:05:17.0706 0x12e8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:05:17.0714 0x12e8  hwpolicy - ok
11:05:17.0733 0x12e8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:05:17.0742 0x12e8  hyperkbd - ok
11:05:17.0745 0x12e8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:05:17.0753 0x12e8  HyperVideo - ok
11:05:17.0772 0x12e8  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:05:17.0781 0x12e8  i8042prt - ok
11:05:17.0786 0x12e8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
11:05:17.0793 0x12e8  iaLPSSi_GPIO - ok
11:05:17.0798 0x12e8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
11:05:17.0806 0x12e8  iaLPSSi_I2C - ok
11:05:17.0841 0x12e8  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:05:17.0859 0x12e8  iaStorA - ok
11:05:17.0883 0x12e8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
11:05:17.0901 0x12e8  iaStorAV - ok
11:05:17.0921 0x12e8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:05:17.0938 0x12e8  iaStorV - ok
11:05:17.0974 0x12e8  [ 3E808BD6BB99A0806E9CA5BAB4830CF1, FF9B09FEB8F6399555DF9D5413080F3A693B5FE46B4122EE0264C72B6A71C621 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
11:05:17.0983 0x12e8  ibtusb - ok
11:05:17.0987 0x12e8  IEEtwCollectorService - ok
11:05:18.0097 0x12e8  [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:05:18.0175 0x12e8  igfx - ok
11:05:18.0212 0x12e8  [ C8D1E95D5FE51CABB4041ADD7FF2DE38, 84541189FA24195002536D34C4390FDCCFAF199440190F5D4D33BE2F291889CF ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:05:18.0223 0x12e8  igfxCUIService1.0.0.0 - ok
11:05:18.0269 0x12e8  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:05:18.0298 0x12e8  IKEEXT - ok
11:05:18.0317 0x12e8  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:05:18.0325 0x12e8  intaud_WaveExtensible - ok
11:05:18.0367 0x12e8  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:05:18.0394 0x12e8  IntcDAud - ok
11:05:18.0481 0x12e8  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:05:18.0500 0x12e8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:05:18.0500 0x12e8  Detect skipped due to KSN trusted
11:05:18.0500 0x12e8  Intel(R) Capability Licensing Service Interface - ok
11:05:18.0536 0x12e8  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:05:18.0557 0x12e8  Intel(R) Capability Licensing Service TCP IP Interface - ok
11:05:18.0627 0x12e8  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:05:18.0653 0x12e8  Intel(R) ME Service - ok
11:05:18.0685 0x12e8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:05:18.0703 0x12e8  intelide - ok
11:05:18.0730 0x12e8  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
11:05:18.0748 0x12e8  intelpep - ok
11:05:18.0769 0x12e8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:05:18.0791 0x12e8  intelppm - ok
11:05:18.0812 0x12e8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:05:18.0837 0x12e8  IpFilterDriver - ok
11:05:18.0877 0x12e8  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:05:18.0905 0x12e8  iphlpsvc - ok
11:05:18.0929 0x12e8  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:05:18.0953 0x12e8  IPMIDRV - ok
11:05:18.0980 0x12e8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:05:18.0996 0x12e8  IPNAT - ok
11:05:19.0015 0x12e8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:05:19.0030 0x12e8  IRENUM - ok
11:05:19.0034 0x12e8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:05:19.0047 0x12e8  isapnp - ok
11:05:19.0073 0x12e8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:05:19.0094 0x12e8  iScsiPrt - ok
11:05:19.0121 0x12e8  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
11:05:19.0127 0x12e8  iwdbus - ok
11:05:19.0176 0x12e8  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:05:19.0200 0x12e8  jhi_service - ok
11:05:19.0224 0x12e8  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:05:19.0237 0x12e8  kbdclass - ok
11:05:19.0267 0x12e8  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:05:19.0280 0x12e8  kbdhid - ok
11:05:19.0297 0x12e8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:05:19.0309 0x12e8  kdnic - ok
11:05:19.0319 0x12e8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
11:05:19.0349 0x12e8  KeyIso - ok
11:05:19.0375 0x12e8  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:05:19.0389 0x12e8  KSecDD - ok
11:05:19.0419 0x12e8  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:05:19.0436 0x12e8  KSecPkg - ok
11:05:19.0453 0x12e8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:05:19.0462 0x12e8  ksthunk - ok
11:05:19.0491 0x12e8  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:05:19.0518 0x12e8  KtmRm - ok
11:05:19.0556 0x12e8  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:05:19.0570 0x12e8  LanmanServer - ok
11:05:19.0605 0x12e8  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:05:19.0620 0x12e8  LanmanWorkstation - ok
11:05:19.0659 0x12e8  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
11:05:19.0677 0x12e8  lfsvc - ok
11:05:19.0691 0x12e8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:05:19.0702 0x12e8  lltdio - ok
11:05:19.0737 0x12e8  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:05:19.0751 0x12e8  lltdsvc - ok
11:05:19.0768 0x12e8  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:05:19.0778 0x12e8  lmhosts - ok
11:05:19.0823 0x12e8  [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:05:19.0836 0x12e8  LMS - ok
11:05:19.0851 0x12e8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:05:19.0861 0x12e8  LSI_SAS - ok
11:05:19.0865 0x12e8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:05:19.0875 0x12e8  LSI_SAS2 - ok
11:05:19.0879 0x12e8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
11:05:19.0888 0x12e8  LSI_SAS3 - ok
11:05:19.0892 0x12e8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:05:19.0901 0x12e8  LSI_SSS - ok
11:05:19.0941 0x12e8  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
11:05:19.0964 0x12e8  LSM - ok
11:05:19.0993 0x12e8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:05:20.0004 0x12e8  luafv - ok
11:05:20.0047 0x12e8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
11:05:20.0067 0x12e8  megasas - ok
11:05:20.0103 0x12e8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
11:05:20.0123 0x12e8  megasr - ok
11:05:20.0153 0x12e8  [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:05:20.0161 0x12e8  MEIx64 - ok
11:05:20.0187 0x12e8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
11:05:20.0197 0x12e8  MMCSS - ok
11:05:20.0213 0x12e8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
11:05:20.0224 0x12e8  Modem - ok
11:05:20.0242 0x12e8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
11:05:20.0250 0x12e8  monitor - ok
11:05:20.0267 0x12e8  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:05:20.0275 0x12e8  mouclass - ok
11:05:20.0300 0x12e8  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:05:20.0310 0x12e8  mouhid - ok
11:05:20.0339 0x12e8  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:05:20.0349 0x12e8  mountmgr - ok
11:05:20.0389 0x12e8  [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:05:20.0399 0x12e8  MozillaMaintenance - ok
11:05:20.0422 0x12e8  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:05:20.0432 0x12e8  mpsdrv - ok
11:05:20.0471 0x12e8  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:05:20.0496 0x12e8  MpsSvc - ok
11:05:20.0516 0x12e8  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:05:20.0526 0x12e8  MRxDAV - ok
11:05:20.0561 0x12e8  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:05:20.0577 0x12e8  mrxsmb - ok
11:05:20.0599 0x12e8  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:05:20.0613 0x12e8  mrxsmb10 - ok
11:05:20.0632 0x12e8  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:05:20.0644 0x12e8  mrxsmb20 - ok
11:05:20.0674 0x12e8  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:05:20.0685 0x12e8  MsBridge - ok
11:05:20.0711 0x12e8  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
11:05:20.0723 0x12e8  MSDTC - ok
11:05:20.0742 0x12e8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:05:20.0752 0x12e8  Msfs - ok
11:05:20.0763 0x12e8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:05:20.0773 0x12e8  msgpiowin32 - ok
11:05:20.0787 0x12e8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:05:20.0797 0x12e8  mshidkmdf - ok
11:05:20.0807 0x12e8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:05:20.0818 0x12e8  mshidumdf - ok
11:05:20.0835 0x12e8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:05:20.0842 0x12e8  msisadrv - ok
11:05:20.0871 0x12e8  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:05:20.0883 0x12e8  MSiSCSI - ok
11:05:20.0885 0x12e8  msiserver - ok
11:05:20.0909 0x12e8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:05:20.0919 0x12e8  MSKSSRV - ok
11:05:20.0949 0x12e8  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:05:20.0958 0x12e8  MsLldp - ok
11:05:20.0960 0x12e8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:05:20.0969 0x12e8  MSPCLOCK - ok
11:05:20.0973 0x12e8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:05:20.0981 0x12e8  MSPQM - ok
11:05:21.0001 0x12e8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:05:21.0016 0x12e8  MsRPC - ok
11:05:21.0036 0x12e8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:05:21.0044 0x12e8  mssmbios - ok
11:05:21.0047 0x12e8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:05:21.0056 0x12e8  MSTEE - ok
11:05:21.0058 0x12e8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:05:21.0068 0x12e8  MTConfig - ok
11:05:21.0085 0x12e8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
11:05:21.0095 0x12e8  Mup - ok
11:05:21.0104 0x12e8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:05:21.0113 0x12e8  mvumis - ok
11:05:21.0137 0x12e8  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:05:21.0148 0x12e8  MyWiFiDHCPDNS - ok
11:05:21.0195 0x12e8  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
11:05:21.0220 0x12e8  napagent - ok
11:05:21.0254 0x12e8  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:05:21.0270 0x12e8  NativeWifiP - ok
11:05:21.0308 0x12e8  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:05:21.0331 0x12e8  NcaSvc - ok
11:05:21.0366 0x12e8  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
11:05:21.0378 0x12e8  NcbService - ok
11:05:21.0399 0x12e8  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:05:21.0409 0x12e8  NcdAutoSetup - ok
11:05:21.0483 0x12e8  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:05:21.0516 0x12e8  NDIS - ok
11:05:21.0557 0x12e8  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:05:21.0579 0x12e8  NdisCap - ok
11:05:21.0615 0x12e8  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:05:21.0640 0x12e8  NdisImPlatform - ok
11:05:21.0656 0x12e8  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:05:21.0676 0x12e8  NdisTapi - ok
11:05:21.0711 0x12e8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:05:21.0724 0x12e8  Ndisuio - ok
11:05:21.0732 0x12e8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
11:05:21.0748 0x12e8  NdisVirtualBus - ok
11:05:21.0766 0x12e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:05:21.0786 0x12e8  NdisWan - ok
11:05:21.0795 0x12e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
11:05:21.0813 0x12e8  NdisWanLegacy - ok
11:05:21.0842 0x12e8  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:05:21.0851 0x12e8  NDProxy - ok
11:05:21.0876 0x12e8  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:05:21.0886 0x12e8  Ndu - ok
11:05:21.0915 0x12e8  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:05:21.0925 0x12e8  NetBIOS - ok
11:05:21.0940 0x12e8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:05:21.0953 0x12e8  NetBT - ok
11:05:21.0974 0x12e8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
11:05:21.0983 0x12e8  Netlogon - ok
11:05:22.0006 0x12e8  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
11:05:22.0021 0x12e8  Netman - ok
11:05:22.0072 0x12e8  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:05:22.0095 0x12e8  netprofm - ok
11:05:22.0152 0x12e8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:05:22.0176 0x12e8  NetTcpPortSharing - ok
11:05:22.0203 0x12e8  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
11:05:22.0218 0x12e8  netvsc - ok
11:05:22.0340 0x12e8  [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
11:05:22.0407 0x12e8  NETwNb64 - ok
11:05:22.0443 0x12e8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:05:22.0458 0x12e8  NlaSvc - ok
11:05:22.0480 0x12e8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:05:22.0489 0x12e8  Npfs - ok
11:05:22.0500 0x12e8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:05:22.0508 0x12e8  npsvctrig - ok
11:05:22.0533 0x12e8  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
11:05:22.0543 0x12e8  nsi - ok
11:05:22.0571 0x12e8  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:05:22.0581 0x12e8  nsiproxy - ok
11:05:22.0644 0x12e8  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:05:22.0694 0x12e8  Ntfs - ok
11:05:22.0725 0x12e8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
11:05:22.0734 0x12e8  Null - ok
11:05:22.0750 0x12e8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:05:22.0788 0x12e8  nvraid - ok
11:05:22.0794 0x12e8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:05:22.0805 0x12e8  nvstor - ok
11:05:22.0811 0x12e8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:05:22.0821 0x12e8  nv_agp - ok
11:05:22.0933 0x12e8  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
11:05:22.0974 0x12e8  Origin Client Service - ok
11:05:23.0011 0x12e8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:05:23.0026 0x12e8  p2pimsvc - ok
11:05:23.0064 0x12e8  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
11:05:23.0079 0x12e8  p2psvc - ok
11:05:23.0099 0x12e8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
11:05:23.0109 0x12e8  Parport - ok
11:05:23.0134 0x12e8  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:05:23.0143 0x12e8  partmgr - ok
11:05:23.0180 0x12e8  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:05:23.0214 0x12e8  PcaSvc - ok
11:05:23.0248 0x12e8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
11:05:23.0262 0x12e8  pci - ok
11:05:23.0282 0x12e8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:05:23.0291 0x12e8  pciide - ok
11:05:23.0295 0x12e8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:05:23.0306 0x12e8  pcmcia - ok
11:05:23.0320 0x12e8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:05:23.0328 0x12e8  pcw - ok
11:05:23.0360 0x12e8  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
11:05:23.0372 0x12e8  pdc - ok
11:05:23.0431 0x12e8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:05:23.0460 0x12e8  PEAUTH - ok
11:05:23.0530 0x12e8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:05:23.0554 0x12e8  PerfHost - ok
11:05:23.0640 0x12e8  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
11:05:23.0675 0x12e8  pla - ok
11:05:23.0706 0x12e8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:05:23.0716 0x12e8  PlugPlay - ok
11:05:23.0788 0x12e8  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:05:23.0818 0x12e8  PNRPAutoReg - ok
11:05:23.0851 0x12e8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:05:23.0885 0x12e8  PNRPsvc - ok
11:05:23.0936 0x12e8  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:05:23.0962 0x12e8  PolicyAgent - ok
11:05:23.0990 0x12e8  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
11:05:24.0000 0x12e8  Power - ok
11:05:24.0030 0x12e8  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:05:24.0063 0x12e8  PptpMiniport - ok
11:05:24.0194 0x12e8  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:05:24.0253 0x12e8  PrintNotify - ok
11:05:24.0285 0x12e8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
11:05:24.0295 0x12e8  Processor - ok
11:05:24.0326 0x12e8  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:05:24.0354 0x12e8  ProfSvc - ok
11:05:24.0382 0x12e8  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:05:24.0416 0x12e8  Psched - ok
11:05:24.0434 0x12e8  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
11:05:24.0443 0x12e8  QIOMem - ok
11:05:24.0475 0x12e8  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
11:05:24.0489 0x12e8  QWAVE - ok
11:05:24.0517 0x12e8  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:05:24.0527 0x12e8  QWAVEdrv - ok
11:05:24.0538 0x12e8  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:05:24.0547 0x12e8  RasAcd - ok
11:05:24.0569 0x12e8  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:05:24.0579 0x12e8  RasAgileVpn - ok
11:05:24.0603 0x12e8  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
11:05:24.0613 0x12e8  RasAuto - ok
11:05:24.0629 0x12e8  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:05:24.0641 0x12e8  Rasl2tp - ok
11:05:24.0686 0x12e8  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
11:05:24.0704 0x12e8  RasMan - ok
11:05:24.0721 0x12e8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:05:24.0731 0x12e8  RasPppoe - ok
11:05:24.0756 0x12e8  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:05:24.0765 0x12e8  RasSstp - ok
11:05:24.0808 0x12e8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:05:24.0822 0x12e8  rdbss - ok
11:05:24.0843 0x12e8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:05:24.0851 0x12e8  rdpbus - ok
11:05:24.0874 0x12e8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:05:24.0899 0x12e8  RDPDR - ok
11:05:24.0938 0x12e8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:05:24.0946 0x12e8  RdpVideoMiniport - ok
11:05:24.0954 0x12e8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:05:24.0967 0x12e8  rdyboost - ok
11:05:25.0015 0x12e8  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
11:05:25.0041 0x12e8  ReFS - ok
11:05:25.0110 0x12e8  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:05:25.0137 0x12e8  RegSrvc - ok
11:05:25.0169 0x12e8  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:05:25.0188 0x12e8  RemoteAccess - ok
11:05:25.0211 0x12e8  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:05:25.0223 0x12e8  RemoteRegistry - ok
11:05:25.0255 0x12e8  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
11:05:25.0275 0x12e8  RFCOMM - ok
11:05:25.0304 0x12e8  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:05:25.0320 0x12e8  RpcEptMapper - ok
11:05:25.0345 0x12e8  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
11:05:25.0373 0x12e8  RpcLocator - ok
11:05:25.0438 0x12e8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
11:05:25.0471 0x12e8  RpcSs - ok
11:05:25.0510 0x12e8  [ 8CDA04D9F6C15F8E98FDE926A51DCCD6, F9B6771D7B157FEB9C2AB26B647B9AEC6CE4B9455F06FE4E097A723C1D5B2301 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
11:05:25.0527 0x12e8  RSP2STOR - ok
11:05:25.0567 0x12e8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:05:25.0596 0x12e8  rspndr - ok
11:05:25.0673 0x12e8  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:05:25.0709 0x12e8  RTL8168 - ok
11:05:25.0727 0x12e8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:05:25.0736 0x12e8  s3cap - ok
11:05:25.0763 0x12e8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
11:05:25.0773 0x12e8  SamSs - ok
11:05:25.0794 0x12e8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:05:25.0805 0x12e8  sbp2port - ok
11:05:25.0833 0x12e8  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:05:25.0846 0x12e8  SCardSvr - ok
11:05:25.0877 0x12e8  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
11:05:25.0888 0x12e8  ScDeviceEnum - ok
11:05:25.0925 0x12e8  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:05:25.0948 0x12e8  scfilter - ok
11:05:26.0036 0x12e8  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
11:05:26.0089 0x12e8  Schedule - ok
11:05:26.0124 0x12e8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:05:26.0136 0x12e8  SCPolicySvc - ok
11:05:26.0173 0x12e8  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:05:26.0186 0x12e8  sdbus - ok
11:05:26.0206 0x12e8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:05:26.0215 0x12e8  sdstor - ok
11:05:26.0223 0x12e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:05:26.0231 0x12e8  secdrv - ok
11:05:26.0255 0x12e8  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
11:05:26.0266 0x12e8  seclogon - ok
11:05:26.0293 0x12e8  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
11:05:26.0304 0x12e8  SENS - ok
11:05:26.0334 0x12e8  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:05:26.0352 0x12e8  SensrSvc - ok
11:05:26.0373 0x12e8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:05:26.0386 0x12e8  SerCx - ok
11:05:26.0423 0x12e8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
11:05:26.0439 0x12e8  SerCx2 - ok
11:05:26.0444 0x12e8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:05:26.0457 0x12e8  Serenum - ok
11:05:26.0461 0x12e8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
11:05:26.0471 0x12e8  Serial - ok
11:05:26.0495 0x12e8  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:05:26.0504 0x12e8  sermouse - ok
11:05:26.0532 0x12e8  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
11:05:26.0547 0x12e8  SessionEnv - ok
11:05:26.0551 0x12e8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:05:26.0560 0x12e8  sfloppy - ok
11:05:26.0593 0x12e8  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:05:26.0610 0x12e8  SharedAccess - ok
11:05:26.0642 0x12e8  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:05:26.0663 0x12e8  ShellHWDetection - ok
11:05:26.0688 0x12e8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:05:26.0697 0x12e8  SiSRaid2 - ok
11:05:26.0701 0x12e8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:05:26.0711 0x12e8  SiSRaid4 - ok
11:05:26.0776 0x12e8  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:05:26.0804 0x12e8  SkypeUpdate - ok
11:05:26.0840 0x12e8  [ D885207A4A218EC4773E6F7D214FDEA3, EA64958C2058DCDB8858E0EDA0626BD89B90A973130FE2B8886CF28072BF19D9 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:05:26.0851 0x12e8  SmbDrvI - ok
11:05:26.0879 0x12e8  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
11:05:26.0893 0x12e8  smphost - ok
11:05:26.0929 0x12e8  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:05:26.0943 0x12e8  SNMPTRAP - ok
11:05:26.0989 0x12e8  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:05:27.0015 0x12e8  spaceport - ok
11:05:27.0026 0x12e8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:05:27.0036 0x12e8  SpbCx - ok
11:05:27.0080 0x12e8  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
11:05:27.0103 0x12e8  Spooler - ok
11:05:27.0314 0x12e8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
11:05:27.0462 0x12e8  sppsvc - ok
11:05:27.0471 0x12e8  sptd - ok
11:05:27.0500 0x12e8  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:05:27.0515 0x12e8  srv - ok
11:05:27.0549 0x12e8  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:05:27.0568 0x12e8  srv2 - ok
11:05:27.0609 0x12e8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:05:27.0642 0x12e8  srvnet - ok
11:05:27.0675 0x12e8  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:05:27.0711 0x12e8  SSDPSRV - ok
11:05:27.0744 0x12e8  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:05:27.0762 0x12e8  SstpSvc - ok
11:05:27.0785 0x12e8  [ B1800F5DA5114148E405F21292EDF77A, F0CCE39AA15A7E8EBB8EBA72C053F6489E10601294ACD6E12DCDC6E2BE76403B ] StarPortLite    C:\Windows\System32\drivers\StarPortLite.sys
11:05:27.0797 0x12e8  StarPortLite - ok
11:05:27.0832 0x12e8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:05:27.0845 0x12e8  stexstor - ok
11:05:27.0883 0x12e8  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
11:05:27.0910 0x12e8  stisvc - ok
11:05:27.0933 0x12e8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:05:27.0943 0x12e8  storahci - ok
11:05:27.0977 0x12e8  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:05:27.0985 0x12e8  storflt - ok
11:05:28.0002 0x12e8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
11:05:28.0011 0x12e8  stornvme - ok
11:05:28.0033 0x12e8  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
11:05:28.0042 0x12e8  StorSvc - ok
11:05:28.0056 0x12e8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:05:28.0064 0x12e8  storvsc - ok
11:05:28.0092 0x12e8  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
11:05:28.0101 0x12e8  svsvc - ok
11:05:28.0123 0x12e8  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
11:05:28.0131 0x12e8  swenum - ok
11:05:28.0310 0x12e8  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
11:05:28.0332 0x12e8  swprv - ok
11:05:28.0414 0x12e8  [ AC2AFB0CADC5AB87E6ACC4E1A7F774DD, 706A8CD9CA9225E486F5138DF3B67630067EE257C9E5FFEBA9DE35A11B8C8913 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:05:28.0429 0x12e8  SynTP - ok
11:05:28.0490 0x12e8  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
11:05:28.0526 0x12e8  SysMain - ok
11:05:28.0560 0x12e8  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:05:28.0574 0x12e8  SystemEventsBroker - ok
11:05:28.0608 0x12e8  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:05:28.0620 0x12e8  TabletInputService - ok
11:05:28.0673 0x12e8  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:05:28.0709 0x12e8  TapiSrv - ok
11:05:28.0819 0x12e8  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:05:28.0879 0x12e8  Tcpip - ok
11:05:28.0930 0x12e8  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:05:28.0988 0x12e8  TCPIP6 - ok
11:05:29.0021 0x12e8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:05:29.0029 0x12e8  tcpipreg - ok
11:05:29.0049 0x12e8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:05:29.0060 0x12e8  tdx - ok
11:05:29.0097 0x12e8  [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:05:29.0105 0x12e8  TemproMonitoringService - ok
11:05:29.0119 0x12e8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:05:29.0128 0x12e8  terminpt - ok
11:05:29.0175 0x12e8  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
11:05:29.0203 0x12e8  TermService - ok
11:05:29.0227 0x12e8  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
11:05:29.0237 0x12e8  Themes - ok
11:05:29.0265 0x12e8  [ 98F91C69689FB0493E8CC34A45B8FA0B, 17385AB817F74F70848E1C71503DA726A4D417D16A5DCE7593BAD112150F6922 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
11:05:29.0272 0x12e8  Thotkey - ok
11:05:29.0299 0x12e8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:05:29.0309 0x12e8  THREADORDER - ok
11:05:29.0352 0x12e8  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:05:29.0375 0x12e8  TimeBroker - ok
11:05:29.0439 0x12e8  [ 18688C5B1ED56FAF6310D07709F81EC0, 4631774A2274E9D4340D67AED026622BD3B74696F4F62E6A1EFBD6DA2267E36E ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:05:29.0459 0x12e8  TMachInfo - ok
11:05:29.0537 0x12e8  [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
11:05:29.0563 0x12e8  TOSHIBA eco Utility Service - ok
11:05:29.0595 0x12e8  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
11:05:29.0602 0x12e8  tosrfec - ok
11:05:29.0630 0x12e8  [ ADC56716CAF55E3ABDF549E9425004F8, FDA93F583AAB6FA6E8447B169BDA6E6E8547959133BD95933228C137B69129B7 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:05:29.0660 0x12e8  TPCHSrv - ok
11:05:29.0694 0x12e8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
11:05:29.0715 0x12e8  TPM - ok
11:05:29.0746 0x12e8  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
11:05:29.0757 0x12e8  TrkWks - ok
11:05:29.0804 0x12e8  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:05:29.0814 0x12e8  TrustedInstaller - ok
11:05:29.0822 0x12e8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:05:29.0843 0x12e8  TsUsbFlt - ok
11:05:29.0875 0x12e8  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:05:29.0883 0x12e8  TsUsbGD - ok
11:05:29.0903 0x12e8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:05:29.0915 0x12e8  tunnel - ok
11:05:29.0945 0x12e8  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
11:05:29.0952 0x12e8  TVALZ - ok
11:05:29.0971 0x12e8  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
11:05:29.0978 0x12e8  TVALZFL - ok
11:05:29.0992 0x12e8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:05:30.0000 0x12e8  uagp35 - ok
11:05:30.0005 0x12e8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:05:30.0015 0x12e8  UASPStor - ok
11:05:30.0040 0x12e8  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:05:30.0052 0x12e8  UCX01000 - ok
11:05:30.0075 0x12e8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:05:30.0093 0x12e8  udfs - ok
11:05:30.0108 0x12e8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
11:05:30.0116 0x12e8  UEFI - ok
11:05:30.0150 0x12e8  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:05:30.0161 0x12e8  UI0Detect - ok
11:05:30.0169 0x12e8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:05:30.0178 0x12e8  uliagpkx - ok
11:05:30.0195 0x12e8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:05:30.0203 0x12e8  umbus - ok
11:05:30.0222 0x12e8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:05:30.0230 0x12e8  UmPass - ok
11:05:30.0265 0x12e8  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:05:30.0281 0x12e8  UmRdpService - ok
11:05:30.0321 0x12e8  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
11:05:30.0338 0x12e8  upnphost - ok
11:05:30.0374 0x12e8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:05:30.0385 0x12e8  usbccgp - ok
11:05:30.0410 0x12e8  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:05:30.0420 0x12e8  usbcir - ok
11:05:30.0436 0x12e8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:05:30.0446 0x12e8  usbehci - ok
11:05:30.0501 0x12e8  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:05:30.0535 0x12e8  usbhub - ok
11:05:30.0567 0x12e8  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:05:30.0584 0x12e8  USBHUB3 - ok
11:05:30.0617 0x12e8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:05:30.0626 0x12e8  usbohci - ok
11:05:30.0650 0x12e8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:05:30.0660 0x12e8  usbprint - ok
11:05:30.0680 0x12e8  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:05:30.0691 0x12e8  usbscan - ok
11:05:30.0715 0x12e8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:05:30.0727 0x12e8  USBSTOR - ok
11:05:30.0738 0x12e8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:05:30.0746 0x12e8  usbuhci - ok
11:05:30.0792 0x12e8  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:05:30.0818 0x12e8  usbvideo - ok
11:05:30.0855 0x12e8  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:05:30.0874 0x12e8  USBXHCI - ok
11:05:30.0886 0x12e8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
11:05:30.0896 0x12e8  VaultSvc - ok
11:05:30.0908 0x12e8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:05:30.0917 0x12e8  vdrvroot - ok
11:05:30.0972 0x12e8  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
11:05:31.0006 0x12e8  vds - ok
11:05:31.0027 0x12e8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:05:31.0038 0x12e8  VerifierExt - ok
11:05:31.0068 0x12e8  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:05:31.0087 0x12e8  vhdmp - ok
11:05:31.0102 0x12e8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:05:31.0111 0x12e8  viaide - ok
11:05:31.0145 0x12e8  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:05:31.0176 0x12e8  vmbus - ok
11:05:31.0205 0x12e8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:05:31.0230 0x12e8  VMBusHID - ok
11:05:31.0274 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
11:05:31.0299 0x12e8  vmicguestinterface - ok
11:05:31.0310 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:05:31.0328 0x12e8  vmicheartbeat - ok
11:05:31.0340 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:05:31.0357 0x12e8  vmickvpexchange - ok
11:05:31.0370 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:05:31.0387 0x12e8  vmicrdv - ok
11:05:31.0400 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:05:31.0417 0x12e8  vmicshutdown - ok
11:05:31.0429 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:05:31.0447 0x12e8  vmictimesync - ok
11:05:31.0459 0x12e8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:05:31.0476 0x12e8  vmicvss - ok
11:05:31.0498 0x12e8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:05:31.0507 0x12e8  volmgr - ok
11:05:31.0527 0x12e8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:05:31.0542 0x12e8  volmgrx - ok
11:05:31.0567 0x12e8  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:05:31.0581 0x12e8  volsnap - ok
11:05:31.0605 0x12e8  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
11:05:31.0615 0x12e8  vpci - ok
11:05:31.0643 0x12e8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:05:31.0673 0x12e8  vsmraid - ok
11:05:31.0761 0x12e8  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
11:05:31.0800 0x12e8  VSS - ok
11:05:31.0825 0x12e8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:05:31.0839 0x12e8  VSTXRAID - ok
11:05:31.0861 0x12e8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:05:31.0869 0x12e8  vwifibus - ok
11:05:31.0894 0x12e8  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:05:31.0903 0x12e8  vwififlt - ok
11:05:31.0914 0x12e8  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:05:31.0923 0x12e8  vwifimp - ok
11:05:31.0961 0x12e8  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
11:05:31.0977 0x12e8  W32Time - ok
11:05:31.0991 0x12e8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:05:32.0000 0x12e8  WacomPen - ok
11:05:32.0024 0x12e8  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:05:32.0033 0x12e8  Wanarp - ok
11:05:32.0037 0x12e8  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:05:32.0045 0x12e8  Wanarpv6 - ok
11:05:32.0101 0x12e8  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
11:05:32.0137 0x12e8  wbengine - ok
11:05:32.0166 0x12e8  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:05:32.0182 0x12e8  WbioSrvc - ok
11:05:32.0207 0x12e8  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:05:32.0222 0x12e8  Wcmsvc - ok
11:05:32.0263 0x12e8  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:05:32.0279 0x12e8  wcncsvc - ok
11:05:32.0311 0x12e8  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:05:32.0332 0x12e8  WcsPlugInService - ok
11:05:32.0350 0x12e8  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:05:32.0359 0x12e8  WdBoot - ok
11:05:32.0431 0x12e8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:05:32.0453 0x12e8  Wdf01000 - ok
11:05:32.0478 0x12e8  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:05:32.0491 0x12e8  WdFilter - ok
11:05:32.0523 0x12e8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:05:32.0534 0x12e8  WdiServiceHost - ok
11:05:32.0538 0x12e8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:05:32.0549 0x12e8  WdiSystemHost - ok
11:05:32.0580 0x12e8  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
11:05:32.0603 0x12e8  WdNisDrv - ok
11:05:32.0623 0x12e8  WdNisSvc - ok
11:05:32.0647 0x12e8  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
11:05:32.0660 0x12e8  WebClient - ok
11:05:32.0697 0x12e8  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:05:32.0710 0x12e8  Wecsvc - ok
11:05:32.0728 0x12e8  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
11:05:32.0738 0x12e8  WEPHOSTSVC - ok
11:05:32.0766 0x12e8  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:05:32.0778 0x12e8  wercplsupport - ok
11:05:32.0810 0x12e8  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
11:05:32.0822 0x12e8  WerSvc - ok
11:05:32.0853 0x12e8  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:05:32.0864 0x12e8  WFPLWFS - ok
11:05:32.0877 0x12e8  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:05:32.0887 0x12e8  WiaRpc - ok
11:05:32.0897 0x12e8  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:05:32.0907 0x12e8  WIMMount - ok
11:05:32.0910 0x12e8  WinDefend - ok
11:05:32.0957 0x12e8  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:05:32.0980 0x12e8  WinHttpAutoProxySvc - ok
11:05:33.0036 0x12e8  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:05:33.0048 0x12e8  Winmgmt - ok
11:05:33.0127 0x12e8  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:05:33.0183 0x12e8  WinRM - ok
11:05:33.0210 0x12e8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:05:33.0220 0x12e8  WinUsb - ok
11:05:33.0279 0x12e8  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:05:33.0317 0x12e8  WlanSvc - ok
11:05:33.0387 0x12e8  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:05:33.0425 0x12e8  wlidsvc - ok
11:05:33.0454 0x12e8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:05:33.0463 0x12e8  WmiAcpi - ok
11:05:33.0503 0x12e8  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:05:33.0515 0x12e8  wmiApSrv - ok
11:05:33.0546 0x12e8  WMPNetworkSvc - ok
11:05:33.0574 0x12e8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
11:05:33.0585 0x12e8  Wof - ok
11:05:33.0712 0x12e8  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
11:05:33.0753 0x12e8  workfolderssvc - ok
11:05:33.0786 0x12e8  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:05:33.0811 0x12e8  wpcfltr - ok
11:05:33.0852 0x12e8  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:05:33.0865 0x12e8  WPCSvc - ok
11:05:33.0894 0x12e8  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:05:33.0928 0x12e8  WPDBusEnum - ok
11:05:33.0937 0x12e8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:05:33.0951 0x12e8  WpdUpFltr - ok
11:05:33.0975 0x12e8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:05:33.0986 0x12e8  ws2ifsl - ok
11:05:34.0022 0x12e8  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:05:34.0055 0x12e8  wscsvc - ok
11:05:34.0059 0x12e8  WSearch - ok
11:05:34.0168 0x12e8  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
11:05:34.0253 0x12e8  WSService - ok
11:05:34.0385 0x12e8  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\Windows\system32\wuaueng.dll
11:05:34.0458 0x12e8  wuauserv - ok
11:05:34.0486 0x12e8  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:05:34.0497 0x12e8  WudfPf - ok
11:05:34.0541 0x12e8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:05:34.0568 0x12e8  WUDFRd - ok
11:05:34.0598 0x12e8  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:05:34.0613 0x12e8  wudfsvc - ok
11:05:34.0621 0x12e8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
11:05:34.0633 0x12e8  WUDFWpdFs - ok
11:05:34.0639 0x12e8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:34.0652 0x12e8  WUDFWpdMtp - ok
11:05:34.0691 0x12e8  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:05:34.0710 0x12e8  WwanSvc - ok
11:05:34.0894 0x12e8  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:05:34.0966 0x12e8  ZeroConfigService - ok
11:05:34.0980 0x12e8  ================ Scan global ===============================
11:05:35.0001 0x12e8  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
11:05:35.0037 0x12e8  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
11:05:35.0067 0x12e8  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
11:05:35.0110 0x12e8  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
11:05:35.0116 0x12e8  [ Global ] - ok
11:05:35.0117 0x12e8  ================ Scan MBR ==================================
11:05:35.0127 0x12e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:05:35.0190 0x12e8  \Device\Harddisk0\DR0 - ok
11:05:35.0190 0x12e8  ================ Scan VBR ==================================
11:05:35.0213 0x12e8  [ 3396487114C7AF39AEA9C46D3B9F3D58 ] \Device\Harddisk0\DR0\Partition1
11:05:35.0272 0x12e8  \Device\Harddisk0\DR0\Partition1 - ok
11:05:35.0283 0x12e8  [ CED4D242DFC5D30F2EC60F29248C8208 ] \Device\Harddisk0\DR0\Partition2
11:05:35.0337 0x12e8  \Device\Harddisk0\DR0\Partition2 - ok
11:05:35.0354 0x12e8  [ AE9C8B0D14078D52A0371082B9A03CAA ] \Device\Harddisk0\DR0\Partition3
11:05:35.0419 0x12e8  \Device\Harddisk0\DR0\Partition3 - ok
11:05:35.0440 0x12e8  [ EDD289A082B3D01EBE7C1497AEE7032C ] \Device\Harddisk0\DR0\Partition4
11:05:35.0512 0x12e8  \Device\Harddisk0\DR0\Partition4 - ok
11:05:35.0544 0x12e8  [ 60410DD38D6FED85C2A62D9C7514C303 ] \Device\Harddisk0\DR0\Partition5
11:05:35.0547 0x12e8  \Device\Harddisk0\DR0\Partition5 - ok
11:05:35.0548 0x12e8  ================ Scan generic autorun ======================
11:05:35.0679 0x12e8  [ 645B9EA3099387008653173BBE828E62, FE1BF2360181F05454F6B5A9B42ECB1203E5936D72502281A46D913094BAB4CD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
11:05:35.0709 0x12e8  StartCCC - ok
11:05:35.0782 0x12e8  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
11:05:35.0801 0x12e8  TSVU - ok
11:05:35.0920 0x12e8  [ 2A06A880B6AECB9B1F384B60F35D5831, A5FF754AFBC6F818F470F50253A9E88BA24C5AA3E056D28AAF32ABBF1202C81B ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
11:05:35.0955 0x12e8  GDFirewallTray - ok
11:05:36.0061 0x12e8  [ 73871920634B1FCB62812F29C89A71F5, 66CCEF92058656D6CC2752A6BA55F25BFCEAA5ED93FD65E7AC17EC266A3FA4FB ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
11:05:36.0085 0x12e8  EEventManager - ok
11:05:36.0169 0x12e8  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE
11:05:36.0186 0x12e8  EPLTarget\P0000000000000000 - ok
11:05:36.0274 0x12e8  [ AE6F7122808C84ECA37CFF7B16C3A9C9, 10D6751917715EB3852ADE7D09D53B1BE5B39B84A73629E5D1FCBD2E4BA34C5F ] C:\Program Files\Internet Explorer\iexplore.exe
11:05:36.0308 0x12e8  Application Restart #0 - ok
11:05:36.0313 0x12e8  AV detected via SS2: G Data InternetSecurity CBE, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
11:05:36.0313 0x12e8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
11:05:36.0314 0x12e8  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
11:05:39.0445 0x12e8  ============================================================
11:05:39.0445 0x12e8  Scan finished
11:05:39.0445 0x12e8  ============================================================
11:05:39.0462 0x0e80  Detected object count: 0
11:05:39.0462 0x0e80  Actual detected object count: 0
11:05:50.0466 0x1b24  Deinitialize success

schrauber · 23.08.2015, 19:41

GDATA hat da Probleme auf Systemdateien zuzugreifen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

asgrub · 24.08.2015, 09:22

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 8.1 x64
Ran by Deco on 24.08.2015 at  9:54:19,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2015 at  9:56:53,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 24.08.2015
Suchlaufzeit: 08:59
Protokolldatei: mam24082015log.txt
Administrator: Nein

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.24.01
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Macom

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 255840
Abgelaufene Zeit: 8 Min., 58 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
durchgeführt von Macom (2015-08-24 10:11:24)
Gestartet von C:\Users\Macom\Downloads
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-3219382323-3593878825-1118489811-500 - Administrator - Disabled)
Dacom (S-1-5-21-3219382323-3593878825-1118489811-1003 - Limited - Enabled) => C:\Users\Dacom
Deco (S-1-5-21-3219382323-3593878825-1118489811-1001 - Administrator - Enabled) => C:\Users\Deco
Gast (S-1-5-21-3219382323-3593878825-1118489811-501 - Limited - Disabled)
Macom (S-1-5-21-3219382323-3593878825-1118489811-1002 - Limited - Enabled) => C:\Users\Macom

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon 1Button App (HKLM-x32\...\{4D875057-4353-4B8F-93E5-8C3DC7F34EA9}) (Version: 1.0.8 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{42EC3153-24B0-FCAD-0F16-0904BCBAB179}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.38.57 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1321 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4328.05 - CyberLink Corp.)
Druckerdeinstallation für EPSON XP-422 423 425 Series (HKLM\...\EPSON XP-422 423 425 Series) (Version: - SEIKO EPSON Corporation)
DTS Sound (HKLM-x32\...\{BC95D4AF-4DAC-4350-8BCE-C8BF16A13AE0}) (Version: 1.01.8800 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{86B4A6B9-07FD-48EC-8730-1EC82E80C3D7}) (Version: 3.10.0030 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{922CA1B2-9D74-49DF-A23F-90F710F51DD7}) (Version: 17.0.1428.01 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{8C7185EB-4165-040E-D581-EA62D922E8A2}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E07D7C7B-F424-4EEF-BA17-B2C32BD1C107}) (Version: 4.3.0 - SEIKO EPSON CORPORATION)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StarBurn Version 15.2 (Build 0x20131129) (HKLM-x32\...\StarBurn_is1) (Version: 15.2 - StarBurn Software)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.06.6403 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.3.6401 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.0.9.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.9 - WildTangent) Hidden
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
WISO Steuer 2014 (HKLM-x32\...\{FE9F4E79-7BEF-4DE2-8C34-6DD894203342}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{BF4FCDA0-95E4-4F7C-9859-F365E78C2404}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2015-05-15 11:05 - 2011-09-13 10:16 - 00510920 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2015-05-15 11:05 - 2011-09-13 10:15 - 01633224 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 212.23.103.8 - 212.23.103.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{91879D0F-C843-465C-896E-659E169A569A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{44135E15-6081-4CCD-A4CC-6C636A1B6AD3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{180D1417-FC05-4671-AAB6-A62AB024BA94}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{ED53A2F4-6B4E-424A-9CE5-028A93B06935}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{47E82540-76E3-4C0C-9EBB-E367661398C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5A3E00DB-E7F5-4E82-B72B-32052701EB2A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{C9652E1F-49E7-4563-A4B8-7F8E395AB1B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9770D003-9EDF-4E3B-99EB-A491238BB032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "ProtectionManagement" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={EC211C49-F718-4E3C-A8CC-738336AB8677}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={95F26A08-195A-4A27-A815-C0D6793F1151}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450367b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02dafb86
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe, Version: 0.0.0.0, Zeitstempel: 0x4e6f10be
Name des fehlerhaften Moduls: WTGXMLUtil.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e6f1130
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00031b08
ID des fehlerhaften Prozesses: 0x1a4c
Startzeit der fehlerhaften Anwendung: 0xALDITALKVerbindungsassistent.exe0
Pfad der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe1
Pfad des fehlerhaften Moduls: ALDITALKVerbindungsassistent.exe2
Berichtskennung: ALDITALKVerbindungsassistent.exe3
Vollständiger Name des fehlerhaften Pakets: ALDITALKVerbindungsassistent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ALDITALKVerbindungsassistent.exe5

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x2d8
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (06/15/2015 08:07:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (06/09/2015 08:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e01d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0f20
ID des fehlerhaften Prozesses: 0x1828
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5

Systemfehler:
=============
Error: (08/24/2015 10:00:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 10:00:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 10:00:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 10:00:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 10:00:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 09:58:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 09:58:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 09:58:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/24/2015 09:55:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/24/2015 09:55:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Microsoft Office:
=========================
Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {EC211C49-F718-4E3C-A8CC-738336AB8677}Codam\MacomALDI TALK Verbindungsassistent633

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {95F26A08-195A-4A27-A815-C0D6793F1151}Codam\MacomALDI TALK Verbindungsassistent633

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.174155450367bunknown0.0.0.000000000c000000502dafb861fb001d0bc848cbf44deC:\Windows\SysWOW64\explorer.exeunknownd0ddbd07-2877-11e5-8277-001e101f92e1

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ALDITALKVerbindungsassistent.exe0.0.0.04e6f10beWTGXMLUtil.dll_unloaded0.0.0.04e6f1130c000000500031b081a4c01d0b75231ec6fccC:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exeWTGXMLUtil.dlle9c78b11-2345-11e5-8275-001e101f95c1

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe17.0.5.05387ee07MurocApi.dll17.0.5.05387ed02c0000005000000000002bd482d801d0b1d7e876361dC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll59e16a2d-1dcb-11e5-8275-2c600c0c57a2

Error: (06/15/2015 08:07:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe17.0.5.05387ee07MurocApi.dll17.0.5.05387ed02c0000005000000000002bd4881c01d0a7315bf2bb9cC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllcc7e31ad-1324-11e5-8274-001e101f8b46

Error: (06/09/2015 08:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e01dntdll.dll6.3.9600.17736550f4336c000037400000000000f0f20182801d0a1b2bea140bbC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\SYSTEM32\ntdll.dll8931ce96-0e70-11e5-8272-001e101f7318

==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 12208.14 MB
Verfügbarer physikalischer RAM: 10093.74 MB
Summe virtueller Speicher: 14064.14 MB
Verfügbarer virtueller Speicher: 11848.13 MB

==================== Laufwerke ================================

Drive c: (TI31379200A) (Fixed) (Total:918.57 GB) (Free:841.65 GB) NTFS
Drive e: (Disk) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Ergebnis ============================

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 03
durchgeführt von Macom (ACHTUNG: der angemeldete Benutzer ist kein Administrator) auf CODAM (24-08-2015 10:10:43)
Gestartet von C:\Users\Macom\Downloads
Geladene Profile: Deco & Macom (Verfügbare Profile: Deco & Macom & Dacom)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> GDScan.exe
konnte nicht auf den Prozess zugreifen -> AVKWCtlx64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> AVKProxy.exe
konnte nicht auf den Prozess zugreifen -> AVKService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GDFwSvcx64.exe
konnte nicht auf den Prozess zugreifen -> unsecapp.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
konnte nicht auf den Prozess zugreifen -> AVKBap64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
konnte nicht auf den Prozess zugreifen -> HeciServer.exe
konnte nicht auf den Prozess zugreifen -> PresentationFontCache.exe
konnte nicht auf den Prozess zugreifen -> TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> dts_apo_service.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
konnte nicht auf den Prozess zugreifen -> ALDITALKVerbindungsassistent_Service.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1064512 2013-11-08] (SEIKO EPSON CORPORATION)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-05-24] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-05-24] (Amazon Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-05-15]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2015-05-16]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-3219382323-3593878825-1118489811-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
URLSearchHook: [S-1-5-21-3219382323-3593878825-1118489811-1001] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1002 -> DefaultScope {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1002 -> {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Tcpip\..\Interfaces\{037031AE-EC7F-47D8-A27D-7084922DEA2F}: [NameServer] 212.23.103.8 212.23.103.9
Tcpip\..\Interfaces\{423A38BF-F471-4E98-B720-1B3FB91040F7}: [DhcpNameServer] 40.42.1.201
Tcpip\..\Interfaces\{DACEB1E6-5BCF-420D-8231-5FBA225B74C8}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Macom\AppData\Roaming\Mozilla\Firefox\Profiles\ao3ghvzy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] ()
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-06] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-06] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-06] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2015-05-15] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2015-04-22] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2015-04-22] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [71168 2015-04-22] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2015-04-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-22] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2015-04-22] (G Data Software AG)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [210888 2014-07-09] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-03-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-05-15] (Duplex Secure Ltd.)
R1 StarPortLite; C:\Windows\System32\drivers\StarPortLite.sys [120704 2013-02-04] (StarWind Software)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-24 10:10 - 2015-08-24 10:11 - 00015793 _____ C:\Users\Macom\Downloads\FRST.txt
2015-08-24 09:56 - 2015-08-24 09:56 - 00000593 _____ C:\Users\Macom\Desktop\JRT.txt
2015-08-24 09:22 - 2015-08-24 09:50 - 00000000 ____D C:\AdwCleaner
2015-08-24 08:57 - 2015-08-24 08:57 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Macom\Desktop\JRT.exe
2015-08-24 08:56 - 2015-08-24 08:57 - 01605632 _____ C:\Users\Macom\Desktop\AdwCleaner_5.003.exe
2015-08-23 22:21 - 2015-08-23 22:21 - 00001129 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 22:21 - 2015-08-23 22:21 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-23 22:21 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-23 22:21 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-23 22:15 - 2015-08-23 22:15 - 01199392 _____ C:\Users\Macom\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-08-23 19:30 - 2015-08-23 19:30 - 00000000 ____D C:\Users\Macom\Desktop\de
2015-08-23 19:16 - 2015-08-23 19:16 - 00000000 _____ C:\Users\Macom\Sti_Trace.log
2015-08-23 17:57 - 2015-08-23 18:03 - 00022468 _____ C:\Users\Macom\Desktop\RA23082015II.odt
2015-08-23 17:23 - 2015-08-23 17:27 - 00011854 _____ C:\Users\Macom\Desktop\RA23082015.odt
2015-08-23 11:06 - 2015-08-23 11:11 - 00000000 ____D C:\Users\Macom\Desktop\pc 23082015 check
2015-08-23 10:58 - 2015-08-23 10:58 - 00000000 ____D C:\Users\Macom\AppData\Local\WinZip
2015-08-23 10:57 - 2015-08-23 10:57 - 04383777 _____ C:\Users\Macom\Desktop\tdsskiller31.zip
2015-08-23 10:51 - 2015-08-23 10:51 - 01260832 _____ C:\Users\Macom\Desktop\TDSSKiller - CHIP-Installer.exe
2015-08-23 09:57 - 2015-08-23 10:14 - 00000000 ____D C:\Users\Macom\Desktop\pc check
2015-08-23 09:46 - 2015-08-23 22:21 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 09:46 - 2015-08-23 22:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 09:46 - 2015-08-23 10:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-23 09:45 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-23 09:44 - 2015-08-23 09:44 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Macom\Desktop\mbar-1.09.2.1008.exe
2015-08-23 08:28 - 2015-08-24 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-22 11:40 - 2015-08-22 11:40 - 00001386 _____ C:\Users\Macom\Desktop\GData22082015b.txt
2015-08-22 11:39 - 2015-08-22 11:39 - 00004822 _____ C:\Users\Macom\Desktop\GData22082015a.txt
2015-08-22 11:33 - 2015-08-22 11:33 - 00000000 _____ C:\Users\Macom\Desktop\Neues Textdokument.txt
2015-08-22 10:58 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Macom\AppData\Local\G DATA
2015-08-22 09:45 - 2015-08-22 09:45 - 00380416 _____ C:\Users\Macom\Downloads\Gmer-19357.exe
2015-08-22 09:38 - 2015-08-24 10:10 - 00000000 ____D C:\FRST
2015-08-22 09:37 - 2015-08-22 09:37 - 02173952 _____ (Farbar) C:\Users\Macom\Downloads\FRST64.exe
2015-08-22 09:27 - 2015-08-22 09:27 - 00050477 _____ C:\Users\Macom\Downloads\Defogger.exe
2015-08-19 13:20 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:20 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-16 14:05 - 2015-08-24 09:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 06:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 06:49 - 2015-08-16 06:49 - 00000000 ____D C:\Users\Macom\AppData\Roaming\Epson
2015-08-15 17:41 - 2015-08-15 17:41 - 00002198 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\UDL
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:40 - 00000000 ____D C:\Program Files (x86)\epson
2015-08-15 17:37 - 2015-08-15 17:37 - 00001168 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000961 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-08-15 17:37 - 2015-08-15 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-08-15 17:37 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-08-15 17:37 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-08-15 17:35 - 2015-08-24 09:35 - 00000931 _____ C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job
2015-08-15 17:35 - 2015-08-15 17:35 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-08-15 17:34 - 2013-12-05 21:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNDE.DLL
2015-08-15 17:34 - 2007-04-09 18:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-08-15 17:33 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNDE.DLL
2015-08-15 17:32 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Epson
2015-08-15 10:46 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 10:46 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 18:50 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 18:50 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 18:50 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 18:50 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 18:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 18:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 18:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 18:49 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 18:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 18:49 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-14 18:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 18:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 18:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 18:49 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 18:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-14 18:49 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 18:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 18:49 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 18:49 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 18:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 18:48 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 18:48 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 18:48 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 18:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 18:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 18:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 18:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 18:46 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 18:46 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 18:46 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 18:46 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 18:46 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 18:46 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 18:46 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 18:46 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 18:46 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 18:46 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 18:46 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 18:46 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 18:46 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 18:46 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 18:46 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 18:46 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 18:46 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-06 11:11 - 2015-08-19 13:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-06 11:11 - 2015-08-19 13:21 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-26 14:26 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-07-26 14:26 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-07-26 11:02 - 2015-08-24 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-26 11:02 - 2015-07-26 11:02 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-26 11:02 - 2015-07-26 11:02 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-26 10:58 - 2015-07-26 10:59 - 00242928 _____ C:\Users\Macom\Downloads\Firefox Setup Stub 39.0.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-24 10:08 - 2014-11-22 06:56 - 02027615 _____ C:\Windows\WindowsUpdate.log
2015-08-24 10:03 - 2014-05-06 06:41 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-08-24 10:03 - 2014-05-06 06:41 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-08-24 10:03 - 2014-03-18 11:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 10:00 - 2014-11-22 07:22 - 01860634 _____ C:\Users\Public\CAFADEBUG.log
2015-08-24 10:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-24 09:58 - 2014-09-06 00:26 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 09:51 - 2013-08-22 16:46 - 00033737 _____ C:\Windows\setupact.log
2015-08-24 09:51 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 09:37 - 2014-03-18 11:39 - 00014264 _____ C:\Windows\PFRO.log
2015-08-24 09:16 - 2014-09-06 00:26 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 09:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-23 20:06 - 2015-03-22 18:46 - 00000000 ____D C:\Users\Dacom
2015-08-23 19:16 - 2015-05-02 03:52 - 00000000 ____D C:\Users\Macom
2015-08-23 10:58 - 2014-09-06 00:27 - 00000000 ____D C:\ProgramData\WinZip
2015-08-23 09:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-22 10:09 - 2015-03-22 18:26 - 00000000 ____D C:\Users\Deco
2015-08-21 21:27 - 2015-07-12 12:07 - 00009232 _____ C:\Users\Macom\Desktop\code.odt
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-19 13:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-15 17:41 - 2014-09-06 00:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 16:39 - 2013-08-22 16:44 - 00365040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 08:19 - 2014-09-06 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-11 13:22 - 2015-06-02 22:12 - 00000000 ____D C:\Users\Macom\AppData\Roaming\ALDITALKVerbindungsassistent
2015-08-08 15:55 - 2015-05-15 11:49 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-05-15 11:49 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 15:04 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-06 11:13 - 2015-05-02 03:52 - 00000000 ____D C:\Users\Macom\AppData\Local\Packages
2015-08-02 08:03 - 2015-07-12 11:22 - 00000000 ____D C:\Users\Macom\AppData\Local\Adobe
2015-07-26 11:02 - 2015-05-13 18:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. Der Benutzer ist kein Administrator.

==================== Ende von Ergebnis ============================

--- --- ---

Code:

ATTFilter

ADWCLEANER fand ebay.inc, löschte es, öffnete aber kein Protokoll. Somit fehlt das ADWCLEANER PROTOKOLL!!!

schrauber · 24.08.2015, 15:31

Alles nochmal bitte, unsere Tools brauchen Adminrechte

asgrub · 25.08.2015, 09:10

alle programme wurden bereits als administrator durchgeführt

schrauber · 26.08.2015, 06:36

Zitat:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.08.2015
Suchlaufzeit: 08:59
Protokolldatei: mam24082015log.txt
Administrator: Nein

Zitat:

durchgeführt von Macom (ACHTUNG: der angemeldete Benutzer ist kein Administrator)

ich schreibe nix einfach so aus Spass

asgrub · 29.08.2015, 09:00

Guten Morgen,

während ich nun alle Programme aus dem Admin Konto her laufen lasse, habe ich eine Frage:
Was ist der Unterschied, wenn ich das Programm aus dem Admin Benutzerkonto laufen lasse oder aus einem anderen Benutzerkonto es als Admin starte und lafen lasse?

schrauber · 29.08.2015, 12:49

Ehm, die Frage erübrigt sich doch irgendwie durch die von mir zitierten Log-Schnipsel oder?

Es war definitiv nicht als Admin. Du kannst zwar ein Tool mit Rechtsklick als Admin starten (normales Programm), das wird dann auch funktionieren. Aber nicht bei solch speziellen Tools, die dann nach dem Start tiefer in das System eingreifen.

asgrub · 29.08.2015, 15:22

Code:

ATTFilter

Ok, danke. Ich habe jetzt alle Programme vom Admin Konto aus laufen lassen. Ergebnis wie folgt: 

Virenprüfung mit G Data InternetSecurity CBE
Version 25.0.1.2 (20.03.2014)
Virensignaturen vom 29.08.2015
Startzeit: 29.08.2015 08:10:22
Engine(s): Engine A (AVA 25.3229), Engine B (GD 25.5518)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 29.08.2015 09:09:22
****289832 Dateien überprüft
****0 infizierte Dateien gefunden
****0 verdächtige Dateien gefunden

Der Zugriff auf die folgenden Dateien wurde verweigert:

C:\Windows\Resources\Themes\aero\VSCache\Aero.msstyles_1031_96.mss
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Microsoft-Windows-WorkFolders-WHC.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Windows Networking Vpn Plugin Platform-Operational.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Windows Networking Vpn Plugin Platform-OperationalVerbose.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{9d666a50-f06c-11e4-826c-2c600c0c57a2}.TM.blf
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{9d666a50-f06c-11e4-826c-2c600c0c57a2}.TMContainer00000000000000000002.regtrans-ms
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708083730_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\c2f2d9df4a78a195_562984313160681_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1001\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708083730_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1002\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1002\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1002\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\cf558dc5acda18b6_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3219382323-3593878825-1118489811-1003\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpScanCache-0.bin
C:\System Volume Information\IndexerVolumeGuid
C:\System Volume Information\MountPointManagerRemoteDatabase
C:\Users\Dacom\AppData\Local\Temp\~DF580C2934FF55547F.TMP
C:\Users\Dacom\AppData\Local\Temp\~DFF669B751D5D42365.TMP


Die folgenden Dateien sind Passwortgeschützt:

C:\Program Files (x86)\InstallShield Installation Information\{55762F9A-FCE3-45d5-817B-051218658423}\SupportFiles.7z
C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\SupportFiles.7z
C:\Users\Dacom\AppData\Local\Abelssoft\.data
C:\Users\Macom\AppData\Local\Abelssoft\.data



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-08-2015
durchgeführt von Deco (2015-08-29 09:51:01)
Gestartet von C:\Users\Deco\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3219382323-3593878825-1118489811-500 - Administrator - Disabled)
Dacom (S-1-5-21-3219382323-3593878825-1118489811-1003 - Limited - Enabled) => C:\Users\Dacom
Deco (S-1-5-21-3219382323-3593878825-1118489811-1001 - Administrator - Enabled) => C:\Users\Deco
Gast (S-1-5-21-3219382323-3593878825-1118489811-501 - Limited - Disabled)
Macom (S-1-5-21-3219382323-3593878825-1118489811-1002 - Limited - Enabled) => C:\Users\Macom

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon 1Button App (HKLM-x32\...\{4D875057-4353-4B8F-93E5-8C3DC7F34EA9}) (Version: 1.0.8 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{42EC3153-24B0-FCAD-0F16-0904BCBAB179}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.38.57 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1321 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4328.05 - CyberLink Corp.)
Druckerdeinstallation für EPSON XP-422 423 425 Series (HKLM\...\EPSON XP-422 423 425 Series) (Version:  - SEIKO EPSON Corporation)
DTS Sound (HKLM-x32\...\{BC95D4AF-4DAC-4350-8BCE-C8BF16A13AE0}) (Version: 1.01.8800 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{86B4A6B9-07FD-48EC-8730-1EC82E80C3D7}) (Version: 3.10.0030 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{922CA1B2-9D74-49DF-A23F-90F710F51DD7}) (Version: 17.0.1428.01 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{8C7185EB-4165-040E-D581-EA62D922E8A2}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E07D7C7B-F424-4EEF-BA17-B2C32BD1C107}) (Version: 4.3.0 - SEIKO EPSON CORPORATION)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StarBurn Version 15.2 (Build 0x20131129) (HKLM-x32\...\StarBurn_is1) (Version: 15.2 - StarBurn Software)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.06.6403 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.3.6401 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.0.9.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.9 - WildTangent) Hidden
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
WISO Steuer 2014 (HKLM-x32\...\{FE9F4E79-7BEF-4DE2-8C34-6DD894203342}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{BF4FCDA0-95E4-4F7C-9859-F365E78C2404}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

15-08-2015 10:42:11 Windows Update
19-08-2015 13:18:11 Windows Update
24-08-2015 09:54:23 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {287B9FDF-596F-4D7B-9404-653E6CEABA38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {36459D93-2ED1-45D7-9545-B60FB4C48F56} - System32\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {39AAC0BC-7843-4A7F-9E93-F3618CA58CA2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-19] (Microsoft Corporation)
Task: {7D57EF96-3F7E-4B10-8F4C-4EEA51EB5369} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2014-06-04] ()
Task: {8B0694B6-A3D5-4C89-8266-2376FDB51E7F} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {A0CB9DDA-95D9-406E-9E9E-2DBD1C0AAC63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {C5B42C7F-D3D5-4C0A-AC43-3A7159E24F12} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {C7764451-5131-4952-A5AA-5C9F18760A8D} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation)
Task: {CD05E97F-2B45-4A03-A834-84A156FEAAA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06] (Google Inc.)
Task: {D38D83EE-9CD8-42DC-9E35-353AF0E76890} - System32\Tasks\Abelssoft\Updater scan_0 => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {DB3321A8-0970-4AF8-88CD-0037A0FBD264} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2014-08-06] (Toshiba Europe GmbH)
Task: {DD92A4F5-BFF5-4691-858F-283B9E3CC5D8} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE:/EXE:{4E6E2051-BCA8-4696-BA06-D94D291FC3A2} /F:UpdateWORKGROUP\CODAM$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-06-30 21:11 - 2014-06-30 21:11 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-05-15 11:05 - 2011-09-13 10:16 - 00342984 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2015-05-15 11:05 - 2011-09-13 10:15 - 01633224 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
2015-05-15 11:05 - 2011-09-13 10:16 - 00510920 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-11-22 06:58 - 2014-03-06 13:15 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-15 11:05 - 2011-09-13 10:09 - 00102400 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDatabase.dll
2015-05-15 11:05 - 2011-09-13 10:10 - 00196608 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDetection.dll
2015-05-15 11:05 - 2011-09-13 10:09 - 00086016 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDialup.dll
2015-05-15 11:05 - 2011-09-13 10:09 - 00090112 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgPorts.dll
2015-05-15 11:05 - 2011-09-13 10:09 - 00106496 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgUtil.dll
2015-05-15 11:05 - 2011-09-13 10:10 - 00073728 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDriverInstall.dll
2015-05-15 11:05 - 2011-09-13 10:12 - 00565248 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgCore.dll
2015-05-15 11:05 - 2011-09-13 10:11 - 00204800 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LiveBoxCM.dll
2015-05-15 11:05 - 2011-09-13 10:10 - 00139264 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgBluetooth.dll
2015-05-15 11:05 - 2007-02-27 19:44 - 00823296 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LIBEAY32.dll
2015-05-15 11:05 - 2011-09-13 10:09 - 00126976 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFi.dll
2015-05-15 11:05 - 2010-12-02 08:33 - 01097728 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\NDISAPI.dll
2015-05-15 11:05 - 2011-09-13 10:15 - 00606208 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGXMLUtil.dll
2015-05-15 11:05 - 2011-09-13 10:10 - 00294912 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGSMSPCClient.Dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Toshiba\standard.jpg
DNS Servers: 212.23.103.9 - 212.23.103.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{91879D0F-C843-465C-896E-659E169A569A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{44135E15-6081-4CCD-A4CC-6C636A1B6AD3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{180D1417-FC05-4671-AAB6-A62AB024BA94}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{ED53A2F4-6B4E-424A-9CE5-028A93B06935}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{47E82540-76E3-4C0C-9EBB-E367661398C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5A3E00DB-E7F5-4E82-B72B-32052701EB2A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{C9652E1F-49E7-4563-A4B8-7F8E395AB1B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9770D003-9EDF-4E3B-99EB-A491238BB032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/29/2015 07:52:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Vollständiger Name des fehlerhaften Pakets: AVKProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKProxy.exe5

Error: (08/28/2015 08:48:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e01d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f1280
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "ProtectionManagement" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={EC211C49-F718-4E3C-A8CC-738336AB8677}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={95F26A08-195A-4A27-A815-C0D6793F1151}: Der Benutzer "Codam\Macom" hat eine Verbindung mit dem Namen "ALDI TALK Verbindungsassistent" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450367b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02dafb86
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe, Version: 0.0.0.0, Zeitstempel: 0x4e6f10be
Name des fehlerhaften Moduls: WTGXMLUtil.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e6f1130
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00031b08
ID des fehlerhaften Prozesses: 0x1a4c
Startzeit der fehlerhaften Anwendung: 0xALDITALKVerbindungsassistent.exe0
Pfad der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe1
Pfad des fehlerhaften Moduls: ALDITALKVerbindungsassistent.exe2
Berichtskennung: ALDITALKVerbindungsassistent.exe3
Vollständiger Name des fehlerhaften Pakets: ALDITALKVerbindungsassistent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ALDITALKVerbindungsassistent.exe5

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x2d8
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5


Systemfehler:
=============
Error: (08/29/2015 09:11:12 AM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/29/2015 09:10:42 AM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/29/2015 07:59:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: AMZNMobileLLC.KindleforWindows8

Error: (08/29/2015 07:58:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: McAfeeInc.04.McAfeeSecurityAdvisorforToshiba

Error: (08/29/2015 07:53:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "G Data AntiVirus Proxy" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/29/2015 07:49:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/29/2015 07:49:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/29/2015 07:49:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/29/2015 07:49:15 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (08/29/2015 07:49:04 AM) (Source: DCOM) (EventID: 10010) (User: Codam)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office:
=========================
Error: (08/29/2015 07:52:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKProxy.exe1.5.14043.57452fb3224avkhttp.dll25.0.14079.176532a4adcc00004170008cf926b801d0de41bd2e7d28C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exeC:\Program Files (x86)\Common Files\G Data\AVKProxy\avkhttp.dll334f69ea-4e12-11e5-827f-001e101f65d7

Error: (08/28/2015 08:48:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e01dntdll.dll6.3.9600.1793655a68e0cc000037400000000000f1280e8001d0e10224792741C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\SYSTEM32\ntdll.dllcce59592-4d50-11e5-827f-001e101f65d7

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/09/2015 09:33:48 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (08/06/2015 02:56:06 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {EC211C49-F718-4E3C-A8CC-738336AB8677}Codam\MacomALDI TALK Verbindungsassistent633

Error: (08/06/2015 02:55:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {95F26A08-195A-4A27-A815-C0D6793F1151}Codam\MacomALDI TALK Verbindungsassistent633

Error: (07/26/2015 11:00:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Codam)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (07/12/2015 11:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.174155450367bunknown0.0.0.000000000c000000502dafb861fb001d0bc848cbf44deC:\Windows\SysWOW64\explorer.exeunknownd0ddbd07-2877-11e5-8277-001e101f92e1

Error: (07/05/2015 08:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ALDITALKVerbindungsassistent.exe0.0.0.04e6f10beWTGXMLUtil.dll_unloaded0.0.0.04e6f1130c000000500031b081a4c01d0b75231ec6fccC:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exeWTGXMLUtil.dlle9c78b11-2345-11e5-8275-001e101f95c1

Error: (06/28/2015 09:24:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe17.0.5.05387ee07MurocApi.dll17.0.5.05387ed02c0000005000000000002bd482d801d0b1d7e876361dC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll59e16a2d-1dcb-11e5-8275-2c600c0c57a2


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 12208.14 MB
Verfügbarer physikalischer RAM: 10159.88 MB
Summe virtueller Speicher: 14064.14 MB
Verfügbarer virtueller Speicher: 10819.45 MB

==================== Laufwerke ================================

Drive c: (TI31379200A) (Fixed) (Total:918.57 GB) (Free:840.49 GB) NTFS
Drive e: (Disk) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-08-2015
durchgeführt von Deco (Administrator) auf CODAM (29-08-2015 09:49:15)
Gestartet von C:\Users\Deco\Downloads
Geladene Profile: Deco (Verfügbare Profile: Deco & Macom & Dacom)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1064512 2013-11-08] (SEIKO EPSON CORPORATION)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-05-24] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-05-24] (Amazon Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-05-15]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2015-05-16]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-3219382323-3593878825-1118489811-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1001 -> DefaultScope {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
SearchScopes: HKU\S-1-5-21-3219382323-3593878825-1118489811-1001 -> {44C198CF-7748-4D8C-9DCC-DD4641FC5580} URL = 
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Tcpip\..\Interfaces\{037031AE-EC7F-47D8-A27D-7084922DEA2F}: [NameServer] 212.23.103.9 212.23.103.8
Tcpip\..\Interfaces\{423A38BF-F471-4E98-B720-1B3FB91040F7}: [DhcpNameServer] 40.42.1.201
Tcpip\..\Interfaces\{DACEB1E6-5BCF-420D-8231-5FBA225B74C8}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Deco\AppData\Roaming\Mozilla\Firefox\Profiles\48qv0aiv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] ()
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-06] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-06] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-06] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2015-05-15] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2015-04-22] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2015-04-22] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [71168 2015-04-22] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2015-04-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-22] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2015-04-22] (G Data Software AG)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [210888 2014-07-09] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-03-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-05-15] (Duplex Secure Ltd.)
R1 StarPortLite; C:\Windows\System32\drivers\StarPortLite.sys [120704 2013-02-04] (StarWind Software)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-29 09:49 - 2015-08-29 09:50 - 00015155 _____ C:\Users\Deco\Downloads\FRST.txt
2015-08-29 09:46 - 2015-08-29 09:46 - 02186752 _____ (Farbar) C:\Users\Deco\Downloads\FRST64.exe
2015-08-29 09:36 - 2015-08-29 09:36 - 00007842 _____ C:\Users\Deco\Desktop\G Data Protokoll ID 276 29082015.html
2015-08-29 09:31 - 2015-08-29 09:31 - 00000000 ____D C:\Users\Deco\AppData\Local\G DATA
2015-08-29 07:53 - 2015-08-29 07:53 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Macromedia
2015-08-29 07:53 - 2015-08-29 07:53 - 00000000 ____D C:\Users\Deco\AppData\Local\Macromedia
2015-08-28 09:18 - 2015-08-28 21:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-26 10:42 - 2015-08-26 10:42 - 00000000 ____D C:\Users\Dacom\AppData\Local\WinZip
2015-08-26 10:41 - 2015-08-26 10:41 - 04798152 _____ (WinZip International LLC ) C:\Users\Dacom\Downloads\wzmp_10.exe
2015-08-26 10:41 - 2015-08-26 10:41 - 04798152 _____ (WinZip International LLC ) C:\Users\Dacom\Downloads\wzmp_10(1).exe
2015-08-24 10:12 - 2015-08-24 10:12 - 00000000 ____D C:\Users\Macom\Desktop\24082015
2015-08-24 09:22 - 2015-08-24 09:50 - 00000000 ____D C:\AdwCleaner
2015-08-24 08:57 - 2015-08-24 08:57 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Macom\Desktop\JRT.exe
2015-08-24 08:56 - 2015-08-24 08:57 - 01605632 _____ C:\Users\Macom\Desktop\AdwCleaner_5.003.exe
2015-08-23 22:21 - 2015-08-23 22:21 - 00001129 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 22:21 - 2015-08-23 22:21 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-23 22:21 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-23 22:21 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-23 22:15 - 2015-08-23 22:15 - 01199392 _____ C:\Users\Macom\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-08-23 20:06 - 2015-08-23 20:06 - 00000000 _____ C:\Users\Dacom\Sti_Trace.log
2015-08-23 19:30 - 2015-08-23 19:30 - 00000000 ____D C:\Users\Macom\Desktop\de
2015-08-23 19:16 - 2015-08-23 19:16 - 00000000 _____ C:\Users\Macom\Sti_Trace.log
2015-08-23 17:57 - 2015-08-23 18:03 - 00022468 _____ C:\Users\Macom\Desktop\RA23082015II.odt
2015-08-23 17:23 - 2015-08-23 17:27 - 00011854 _____ C:\Users\Macom\Desktop\RA23082015.odt
2015-08-23 11:06 - 2015-08-23 11:11 - 00000000 ____D C:\Users\Macom\Desktop\pc 23082015 check
2015-08-23 10:58 - 2015-08-23 10:58 - 00000000 ____D C:\Users\Macom\AppData\Local\WinZip
2015-08-23 10:57 - 2015-08-23 10:57 - 04383777 _____ C:\Users\Macom\Desktop\tdsskiller31.zip
2015-08-23 10:51 - 2015-08-23 10:51 - 01260832 _____ C:\Users\Macom\Desktop\TDSSKiller - CHIP-Installer.exe
2015-08-23 09:57 - 2015-08-23 10:14 - 00000000 ____D C:\Users\Macom\Desktop\pc check
2015-08-23 09:46 - 2015-08-23 22:21 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 09:46 - 2015-08-23 22:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 09:46 - 2015-08-23 10:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-23 09:45 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-23 09:44 - 2015-08-23 09:44 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Macom\Desktop\mbar-1.09.2.1008.exe
2015-08-23 09:41 - 2015-08-23 09:41 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Deco\Downloads\mbar-1.09.2.1008.exe
2015-08-23 09:39 - 2015-08-23 11:09 - 00000000 ____D C:\Users\Deco\Desktop\mbar
2015-08-22 11:40 - 2015-08-22 11:40 - 00001386 _____ C:\Users\Macom\Desktop\GData22082015b.txt
2015-08-22 11:39 - 2015-08-22 11:39 - 00004822 _____ C:\Users\Macom\Desktop\GData22082015a.txt
2015-08-22 11:33 - 2015-08-22 11:33 - 00000000 _____ C:\Users\Macom\Desktop\Neues Textdokument.txt
2015-08-22 10:58 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Macom\AppData\Local\G DATA
2015-08-22 10:07 - 2015-08-22 10:07 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Epson
2015-08-22 09:45 - 2015-08-22 09:45 - 00380416 _____ C:\Users\Macom\Downloads\Gmer-19357.exe
2015-08-22 09:38 - 2015-08-29 09:49 - 00000000 ____D C:\FRST
2015-08-22 09:37 - 2015-08-22 09:37 - 02173952 _____ (Farbar) C:\Users\Macom\Downloads\FRST64.exe
2015-08-22 09:27 - 2015-08-22 09:27 - 00050477 _____ C:\Users\Macom\Downloads\Defogger.exe
2015-08-19 13:20 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:20 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 12:41 - 2015-08-19 13:06 - 00012316 _____ C:\Users\Dacom\Documents\Einnahmen-Überschussrechnung Elterngeld.odt
2015-08-19 09:05 - 2015-08-19 09:05 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\OpenOffice
2015-08-17 11:03 - 2015-08-17 11:03 - 00000000 ____D C:\Users\Dacom\AppData\Local\Macromedia
2015-08-17 10:59 - 2015-08-17 10:59 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\Epson
2015-08-16 14:05 - 2015-08-29 09:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 14:05 - 2015-08-16 14:05 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-16 06:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-16 06:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 06:49 - 2015-08-16 06:49 - 00000000 ____D C:\Users\Macom\AppData\Roaming\Epson
2015-08-15 17:41 - 2015-08-15 17:41 - 00002198 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\UDL
2015-08-15 17:41 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:41 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-08-15 17:37 - 2015-08-15 17:40 - 00000000 ____D C:\Program Files (x86)\epson
2015-08-15 17:37 - 2015-08-15 17:37 - 00001168 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000961 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-08-15 17:37 - 2015-08-15 17:37 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-08-15 17:37 - 2015-08-15 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-08-15 17:37 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-08-15 17:37 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-08-15 17:35 - 2015-08-29 09:35 - 00000931 _____ C:\Windows\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}.job
2015-08-15 17:35 - 2015-08-15 17:35 - 00003962 _____ C:\Windows\System32\Tasks\EPSON XP-422 423 425 Series Update {4E6E2051-BCA8-4696-BA06-D94D291FC3A2}
2015-08-15 17:35 - 2015-08-15 17:35 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-08-15 17:34 - 2013-12-05 21:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNDE.DLL
2015-08-15 17:34 - 2007-04-09 18:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-08-15 17:33 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNDE.DLL
2015-08-15 17:32 - 2015-08-15 17:41 - 00000000 ____D C:\ProgramData\Epson
2015-08-15 10:46 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 10:46 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 18:50 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 18:50 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 18:50 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 18:50 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 18:50 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 18:50 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 18:50 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 18:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 18:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 18:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 18:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 18:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 18:49 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 18:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 18:49 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-14 18:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 18:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 18:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 18:49 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 18:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 18:49 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-14 18:49 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 18:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 18:49 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 18:49 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 18:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 18:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-14 18:49 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 18:49 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 18:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 18:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 18:48 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 18:48 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 18:48 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 18:48 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 18:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 18:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 18:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 18:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 18:46 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 18:46 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 18:46 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 18:46 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 18:46 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 18:46 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 18:46 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 18:46 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 18:46 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 18:46 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 18:46 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 18:46 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 18:46 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 18:46 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-14 18:46 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 18:46 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 18:46 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 18:46 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 18:46 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-06 11:11 - 2015-08-19 13:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-06 11:11 - 2015-08-19 13:21 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-29 09:43 - 2015-03-22 18:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3219382323-3593878825-1118489811-1001
2015-08-29 09:37 - 2014-11-22 06:56 - 01824080 _____ C:\Windows\WindowsUpdate.log
2015-08-29 09:16 - 2014-09-06 00:26 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-29 09:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-29 08:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-29 07:49 - 2014-11-22 07:22 - 02201852 _____ C:\Users\Public\CAFADEBUG.log
2015-08-29 07:49 - 2014-09-06 00:26 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 21:04 - 2015-07-26 11:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 17:34 - 2014-05-06 06:41 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-08-26 17:34 - 2014-05-06 06:41 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-08-26 17:34 - 2014-03-18 11:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 13:52 - 2015-06-02 22:12 - 00000000 ____D C:\Users\Macom\AppData\Roaming\ALDITALKVerbindungsassistent
2015-08-24 09:51 - 2013-08-22 16:46 - 00033737 _____ C:\Windows\setupact.log
2015-08-24 09:51 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 09:37 - 2014-03-18 11:39 - 00014264 _____ C:\Windows\PFRO.log
2015-08-24 09:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-23 20:06 - 2015-03-22 18:46 - 00000000 ____D C:\Users\Dacom
2015-08-23 19:16 - 2015-05-02 03:52 - 00000000 ____D C:\Users\Macom
2015-08-23 10:58 - 2014-09-06 00:27 - 00000000 ____D C:\ProgramData\WinZip
2015-08-22 10:09 - 2015-03-22 18:26 - 00000000 ____D C:\Users\Deco
2015-08-22 09:56 - 2015-05-01 18:57 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3219382323-3593878825-1118489811-1002
2015-08-22 09:30 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-08-21 21:27 - 2015-07-12 12:07 - 00009232 _____ C:\Users\Macom\Desktop\code.odt
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 20:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-21 12:07 - 2015-03-22 18:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3219382323-3593878825-1118489811-1003
2015-08-19 13:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 12:57 - 2015-05-19 14:48 - 00000000 ____D C:\Users\Dacom\AppData\Roaming\ALDITALKVerbindungsassistent
2015-08-15 17:41 - 2014-09-06 00:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 16:39 - 2013-08-22 16:44 - 00365040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 10:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 08:19 - 2014-09-06 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-08 15:55 - 2015-05-15 11:49 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-05-15 11:49 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 15:04 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-06 11:13 - 2015-05-02 03:52 - 00000000 ____D C:\Users\Macom\AppData\Local\Packages
2015-08-02 08:03 - 2015-07-12 11:22 - 00000000 ____D C:\Users\Macom\AppData\Local\Adobe
2015-08-02 08:01 - 2015-07-05 21:09 - 00000000 ____D C:\Users\Deco\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-22 06:47 - 2015-04-22 06:47 - 0000000 _____ () C:\Users\Deco\AppData\Roaming\gdfw.log
2015-04-22 06:47 - 2015-04-22 06:47 - 0000779 _____ () C:\Users\Deco\AppData\Roaming\gdscan.log

Einige Dateien in TEMP:
====================
C:\Users\Deco\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-25 15:40

==================== Ende von FRST.txt ============================



defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:53 on 29/08/2015 (Deco)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-

asgrub · 29.08.2015, 15:23

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.08.29.01
  rootkit: v2015.08.16.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Deco :: CODAM [administrator]

29.08.2015 09:56:28
mbar-log-2015-08-29 (09-56-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 442598
Time elapsed: 31 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



10:31:10.0623 0x1a9c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:31:10.0623 0x1a9c  UEFI system
10:31:16.0437 0x1a9c  ============================================================
10:31:16.0437 0x1a9c  Current date / time: 2015/08/29 10:31:16.0437
10:31:16.0437 0x1a9c  SystemInfo:
10:31:16.0437 0x1a9c  
10:31:16.0437 0x1a9c  OS Version: 6.3.9600 ServicePack: 0.0
10:31:16.0437 0x1a9c  Product type: Workstation
10:31:16.0437 0x1a9c  ComputerName: CODAM
10:31:16.0437 0x1a9c  UserName: Deco
10:31:16.0437 0x1a9c  Windows directory: C:\Windows
10:31:16.0437 0x1a9c  System windows directory: C:\Windows
10:31:16.0437 0x1a9c  Running under WOW64
10:31:16.0437 0x1a9c  Processor architecture: Intel x64
10:31:16.0437 0x1a9c  Number of processors: 4
10:31:16.0437 0x1a9c  Page size: 0x1000
10:31:16.0437 0x1a9c  Boot type: Normal boot
10:31:16.0437 0x1a9c  ============================================================
10:31:17.0326 0x1a9c  KLMD registered as C:\Windows\system32\drivers\77597144.sys
10:31:20.0530 0x1a9c  System UUID: {5AC41CA8-B9AD-4245-7AE7-17222E2A4BE3}
10:31:23.0229 0x1a9c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:31:23.0259 0x1a9c  ============================================================
10:31:23.0259 0x1a9c  \Device\Harddisk0\DR0:
10:31:23.0260 0x1a9c  GPT partitions:
10:31:23.0260 0x1a9c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {71B3C72E-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
10:31:23.0260 0x1a9c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71B3C736-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
10:31:23.0260 0x1a9c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {71B3C738-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
10:31:23.0260 0x1a9c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {71B3C740-3CFE-11E4-BD61-81F0E5B0AF35}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72D21800
10:31:23.0261 0x1a9c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D2FFBBE-720E-11E4-92D7-2C600C0C57A2}, Name: Basic data partition, StartLBA 0x72F94000, BlocksNum 0x1772732
10:31:23.0261 0x1a9c  MBR partitions:
10:31:23.0261 0x1a9c  ============================================================
10:31:23.0303 0x1a9c  C: <-> \Device\Harddisk0\DR0\Partition4
10:31:23.0303 0x1a9c  ============================================================
10:31:23.0303 0x1a9c  Initialize success
10:31:23.0303 0x1a9c  ============================================================
10:31:35.0276 0x1520  ============================================================
10:31:35.0276 0x1520  Scan started
10:31:35.0276 0x1520  Mode: Manual; SigCheck; TDLFS; 
10:31:35.0276 0x1520  ============================================================
10:31:35.0276 0x1520  KSN ping started
10:31:48.0117 0x1520  KSN ping finished: true
10:31:50.0468 0x1520  ================ Scan system memory ========================
10:31:50.0468 0x1520  System memory - ok
10:31:50.0469 0x1520  ================ Scan services =============================
10:31:50.0720 0x1520  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
10:31:50.0873 0x1520  1394ohci - ok
10:31:50.0890 0x1520  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
10:31:50.0909 0x1520  3ware - ok
10:31:50.0971 0x1520  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:31:51.0007 0x1520  ACPI - ok
10:31:51.0028 0x1520  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
10:31:51.0037 0x1520  acpiex - ok
10:31:51.0053 0x1520  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
10:31:51.0063 0x1520  acpipagr - ok
10:31:51.0076 0x1520  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
10:31:51.0086 0x1520  AcpiPmi - ok
10:31:51.0088 0x1520  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
10:31:51.0097 0x1520  acpitime - ok
10:31:51.0216 0x1520  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:31:51.0249 0x1520  AdobeFlashPlayerUpdateSvc - ok
10:31:51.0321 0x1520  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
10:31:51.0369 0x1520  ADP80XX - ok
10:31:51.0397 0x1520  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:31:51.0410 0x1520  AeLookupSvc - ok
10:31:51.0450 0x1520  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
10:31:51.0469 0x1520  AFD - ok
10:31:51.0488 0x1520  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:31:51.0497 0x1520  agp440 - ok
10:31:51.0528 0x1520  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
10:31:51.0537 0x1520  ahcache - ok
10:31:51.0641 0x1520  [ 7067AC22EB74C2E3D4C950050CBB1AC0, 2CC18B36FE0059CD0C4745BA698DB322006BED182623D85655A389077DB52A03 ] ALDITALKVerbindungsassistent_Service C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
10:31:51.0676 0x1520  ALDITALKVerbindungsassistent_Service - ok
10:31:51.0712 0x1520  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
10:31:51.0731 0x1520  ALG - ok
10:31:51.0764 0x1520  [ 235E6F34CEE519E919E218EA53804AD9, D0833D943C8385DF0F86F404E961D5A6BC464F018117BC1BE4C8F95BF499142D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:31:51.0789 0x1520  AMD External Events Utility - ok
10:31:51.0815 0x1520  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
10:31:51.0824 0x1520  AmdK8 - ok
10:31:52.0224 0x1520  [ 46D3E75D2A7DB2A51892FC0B1AA6EFAE, ACA42C20D0E1AC1B045A024455717714E7789FD425D762861FB0BF27D8941421 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:31:52.0477 0x1520  amdkmdag - ok
10:31:52.0561 0x1520  [ 10B8D94CD21AEDB2F35784AC05766309, 818B020EF753CB64090C358F07D7D1A3F51FF579BF7D9E585E165129A6489463 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:31:52.0599 0x1520  amdkmdap - ok
10:31:52.0628 0x1520  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
10:31:52.0639 0x1520  AmdPPM - ok
10:31:52.0643 0x1520  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:31:52.0652 0x1520  amdsata - ok
10:31:52.0711 0x1520  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:31:52.0753 0x1520  amdsbs - ok
10:31:52.0788 0x1520  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:31:52.0804 0x1520  amdxata - ok
10:31:52.0829 0x1520  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
10:31:52.0847 0x1520  AppID - ok
10:31:52.0875 0x1520  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:31:52.0893 0x1520  AppIDSvc - ok
10:31:52.0922 0x1520  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
10:31:52.0955 0x1520  Appinfo - ok
10:31:53.0010 0x1520  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
10:31:53.0046 0x1520  AppReadiness - ok
10:31:53.0150 0x1520  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
10:31:53.0189 0x1520  AppXSvc - ok
10:31:53.0222 0x1520  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:31:53.0232 0x1520  arcsas - ok
10:31:53.0244 0x1520  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:31:53.0254 0x1520  AsyncMac - ok
10:31:53.0257 0x1520  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:31:53.0265 0x1520  atapi - ok
10:31:53.0295 0x1520  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
10:31:53.0307 0x1520  AudioEndpointBuilder - ok
10:31:53.0332 0x1520  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:31:53.0356 0x1520  Audiosrv - ok
10:31:53.0528 0x1520  [ B90962C56D37665500E3B2510844F57E, D3A97436CACA7FD2E6EF6B07536F26665C06F6251472FAB96E923039412E6E85 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
10:31:53.0573 0x1520  AVKProxy - ok
10:31:53.0662 0x1520  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
10:31:53.0707 0x1520  AVKService - ok
10:31:53.0834 0x1520  [ B91B3F76E965F73DEA48CA13F6E96C4C, 5406A307939F77BD7092C8B1726370C154A14C15AEB4E96B6FF6D26A4F239FB5 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
10:31:53.0895 0x1520  AVKWCtl - ok
10:31:53.0918 0x1520  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:31:53.0927 0x1520  AxInstSV - ok
10:31:53.0964 0x1520  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:31:53.0982 0x1520  b06bdrv - ok
10:31:54.0000 0x1520  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
10:31:54.0008 0x1520  BasicDisplay - ok
10:31:54.0012 0x1520  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
10:31:54.0019 0x1520  BasicRender - ok
10:31:54.0044 0x1520  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
10:31:54.0051 0x1520  bcmfn2 - ok
10:31:54.0085 0x1520  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
10:31:54.0099 0x1520  BDESVC - ok
10:31:54.0111 0x1520  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
10:31:54.0119 0x1520  Beep - ok
10:31:54.0184 0x1520  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
10:31:54.0222 0x1520  BFE - ok
10:31:54.0272 0x1520  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
10:31:54.0298 0x1520  BITS - ok
10:31:54.0327 0x1520  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:31:54.0337 0x1520  bowser - ok
10:31:54.0358 0x1520  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
10:31:54.0372 0x1520  BrokerInfrastructure - ok
10:31:54.0406 0x1520  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
10:31:54.0415 0x1520  Browser - ok
10:31:54.0429 0x1520  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
10:31:54.0438 0x1520  BthAvrcpTg - ok
10:31:54.0462 0x1520  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
10:31:54.0471 0x1520  BthEnum - ok
10:31:54.0483 0x1520  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
10:31:54.0491 0x1520  BthHFEnum - ok
10:31:54.0522 0x1520  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
10:31:54.0531 0x1520  bthhfhid - ok
10:31:54.0569 0x1520  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
10:31:54.0583 0x1520  BthHFSrv - ok
10:31:54.0615 0x1520  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
10:31:54.0627 0x1520  BthLEEnum - ok
10:31:54.0630 0x1520  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
10:31:54.0639 0x1520  BTHMODEM - ok
10:31:54.0670 0x1520  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
10:31:54.0703 0x1520  BthPan - ok
10:31:54.0796 0x1520  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:31:54.0837 0x1520  BTHPORT - ok
10:31:54.0861 0x1520  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
10:31:54.0871 0x1520  bthserv - ok
10:31:54.0906 0x1520  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:31:54.0935 0x1520  BTHUSB - ok
10:31:54.0952 0x1520  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:31:54.0970 0x1520  cdfs - ok
10:31:54.0981 0x1520  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
10:31:55.0000 0x1520  cdrom - ok
10:31:55.0036 0x1520  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:31:55.0068 0x1520  CertPropSvc - ok
10:31:55.0079 0x1520  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
10:31:55.0099 0x1520  circlass - ok
10:31:55.0140 0x1520  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
10:31:55.0175 0x1520  CLFS - ok
10:31:55.0208 0x1520  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
10:31:55.0227 0x1520  CmBatt - ok
10:31:55.0286 0x1520  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:31:55.0327 0x1520  CNG - ok
10:31:55.0397 0x1520  [ 5477A191338FA6203538EC074D7A5652, B342D30D3CF901B4BBB79A5E4DCA46D5216B907DD2F3175B099CF02032BEDEF4 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
10:31:55.0437 0x1520  CnxtHdAudService - ok
10:31:55.0451 0x1520  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
10:31:55.0460 0x1520  CompositeBus - ok
10:31:55.0464 0x1520  COMSysApp - ok
10:31:55.0485 0x1520  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
10:31:55.0495 0x1520  condrv - ok
10:31:55.0591 0x1520  [ C220ADD94A1E5D93C2C0C3CA0D2C583F, 84E42D047D6BD5BEBBE719E8617BC664B026EABDF61AFC5527C48EF03518A18C ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:31:55.0626 0x1520  cphs - ok
10:31:55.0662 0x1520  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:31:55.0692 0x1520  CryptSvc - ok
10:31:55.0729 0x1520  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
10:31:55.0749 0x1520  CxAudMsg - ok
10:31:55.0766 0x1520  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
10:31:55.0782 0x1520  dam - ok
10:31:55.0833 0x1520  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:31:55.0856 0x1520  DcomLaunch - ok
10:31:55.0895 0x1520  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
10:31:55.0912 0x1520  defragsvc - ok
10:31:55.0943 0x1520  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
10:31:55.0958 0x1520  DeviceAssociationService - ok
10:31:55.0994 0x1520  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
10:31:56.0004 0x1520  DeviceInstall - ok
10:31:56.0027 0x1520  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
10:31:56.0037 0x1520  Dfsc - ok
10:31:56.0070 0x1520  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:31:56.0112 0x1520  Dhcp - ok
10:31:56.0119 0x1520  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
10:31:56.0138 0x1520  disk - ok
10:31:56.0163 0x1520  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
10:31:56.0177 0x1520  dmvsc - ok
10:31:56.0225 0x1520  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:31:56.0270 0x1520  Dnscache - ok
10:31:56.0318 0x1520  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:31:56.0354 0x1520  dot3svc - ok
10:31:56.0409 0x1520  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
10:31:56.0442 0x1520  DPS - ok
10:31:56.0456 0x1520  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:31:56.0470 0x1520  drmkaud - ok
10:31:56.0504 0x1520  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
10:31:56.0525 0x1520  DsmSvc - ok
10:31:56.0587 0x1520  [ 0166B1E908A6EC670CFDE42521BF7CA3, 5D6A9EF83C9B657C3DFC965100F1404AABF44B6B8B9A06F97F2C47A2E935825E ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
10:31:56.0607 0x1520  dts_apo_service - ok
10:31:56.0714 0x1520  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:31:56.0763 0x1520  DXGKrnl - ok
10:31:56.0781 0x1520  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
10:31:56.0791 0x1520  Eaphost - ok
10:31:56.0948 0x1520  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:31:57.0024 0x1520  ebdrv - ok
10:31:57.0054 0x1520  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
10:31:57.0066 0x1520  EFS - ok
10:31:57.0099 0x1520  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
10:31:57.0127 0x1520  EhStorClass - ok
10:31:57.0147 0x1520  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
10:31:57.0176 0x1520  EhStorTcgDrv - ok
10:31:57.0216 0x1520  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
10:31:57.0243 0x1520  EpsonScanSvc - ok
10:31:57.0248 0x1520  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
10:31:57.0263 0x1520  ErrDev - ok
10:31:57.0339 0x1520  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
10:31:57.0384 0x1520  EventSystem - ok
10:31:57.0513 0x1520  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:31:57.0545 0x1520  EvtEng - ok
10:31:57.0574 0x1520  [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
10:31:57.0583 0x1520  ewusbnet - ok
10:31:57.0602 0x1520  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
10:31:57.0611 0x1520  ew_hwusbdev - ok
10:31:57.0644 0x1520  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:31:57.0668 0x1520  exfat - ok
10:31:57.0689 0x1520  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:31:57.0701 0x1520  fastfat - ok
10:31:57.0738 0x1520  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
10:31:57.0761 0x1520  Fax - ok
10:31:57.0789 0x1520  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
10:31:57.0798 0x1520  fdc - ok
10:31:57.0820 0x1520  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:31:57.0829 0x1520  fdPHost - ok
10:31:57.0837 0x1520  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:31:57.0847 0x1520  FDResPub - ok
10:31:57.0881 0x1520  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
10:31:57.0903 0x1520  fhsvc - ok
10:31:57.0922 0x1520  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:31:57.0931 0x1520  FileInfo - ok
10:31:57.0943 0x1520  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:31:57.0956 0x1520  Filetrace - ok
10:31:58.0013 0x1520  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
10:31:58.0041 0x1520  flpydisk - ok
10:31:58.0107 0x1520  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:31:58.0151 0x1520  FltMgr - ok
10:31:58.0263 0x1520  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
10:31:58.0313 0x1520  FontCache - ok
10:31:58.0373 0x1520  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:58.0398 0x1520  FontCache3.0.0.0 - ok
10:31:58.0424 0x1520  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:31:58.0453 0x1520  FsDepends - ok
10:31:58.0477 0x1520  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:31:58.0504 0x1520  Fs_Rec - ok
10:31:58.0540 0x1520  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:31:58.0575 0x1520  fvevol - ok
10:31:58.0590 0x1520  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
10:31:58.0600 0x1520  FxPPM - ok
10:31:58.0610 0x1520  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:31:58.0619 0x1520  gagp30kx - ok
10:31:58.0679 0x1520  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
10:31:58.0711 0x1520  GamesAppIntegrationService - ok
10:31:58.0735 0x1520  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:31:58.0752 0x1520  GamesAppService - ok
10:31:58.0785 0x1520  [ A4F725169F1290BCFCD6A06C103A2836, CF4E44DC50ABE16631E387A6588C59E038A019006ED09FE9E2701F4647258394 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
10:31:58.0798 0x1520  GDBehave - ok
10:31:58.0957 0x1520  [ 45D331E508E736E0043B2F2F0BB2B7E3, 633A8F1696F8F95A261995C6C659018B5BCC9EFB9F82F206DD11B3838048E6F7 ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
10:31:59.0020 0x1520  GDFwSvc - ok
10:31:59.0036 0x1520  [ 24418551477C9C2315448A4B13F76F54, EC9446FD880DCDE8BF5E6BB65B94950F1E55B906E851A705FB12AEFCF6C5BD33 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
10:31:59.0036 0x1520  GDMnIcpt - ok
10:31:59.0067 0x1520  [ 8FD648A30F9791032E3F4F2220C4231F, 1B31B44A2533D6BF13735A8A23D8F7F791A3DA43332116EEA6E98A73F53D27A9 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
10:31:59.0082 0x1520  GDPkIcpt - ok
10:31:59.0192 0x1520  [ 846972E3EBB10D2F39A69B5E6CF08313, 7E2EC3BBF066C3C40F75F2533D1AB2307C3331FA460243A4F4B31A61714C159E ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
10:31:59.0223 0x1520  GDScan - ok
10:31:59.0254 0x1520  [ 6CFCBFA04DFFFAA47BE48ADD6795E0CB, 05365BAE920525924B6AE0D2536A1E6BDB07A9F28C391C766725C5CA5EA75F2E ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
10:31:59.0254 0x1520  gdwfpcd - ok
10:31:59.0286 0x1520  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
10:31:59.0286 0x1520  gencounter - ok
10:31:59.0317 0x1520  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
10:31:59.0332 0x1520  GPIOClx0101 - ok
10:31:59.0379 0x1520  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:31:59.0411 0x1520  gpsvc - ok
10:31:59.0442 0x1520  [ 57875BA7B65C5FE5A87630DC1544C420, 5BB2F6CD21E3855F163B2B15E2E51A3D58637A890D0D3C6AEFB0F60214D6FBD2 ] GRD             C:\Windows\system32\drivers\GRD.sys
10:31:59.0442 0x1520  GRD - ok
10:31:59.0489 0x1520  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:59.0489 0x1520  gupdate - ok
10:31:59.0489 0x1520  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:59.0504 0x1520  gupdatem - ok
10:31:59.0536 0x1520  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:31:59.0551 0x1520  HdAudAddService - ok
10:31:59.0567 0x1520  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
10:31:59.0582 0x1520  HDAudBus - ok
10:31:59.0598 0x1520  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
10:31:59.0598 0x1520  HidBatt - ok
10:31:59.0614 0x1520  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
10:31:59.0629 0x1520  HidBth - ok
10:31:59.0629 0x1520  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
10:31:59.0645 0x1520  hidi2c - ok
10:31:59.0661 0x1520  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
10:31:59.0661 0x1520  HidIr - ok
10:31:59.0692 0x1520  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
10:31:59.0707 0x1520  hidserv - ok
10:31:59.0707 0x1520  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
10:31:59.0707 0x1520  HidUsb - ok
10:31:59.0739 0x1520  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:31:59.0755 0x1520  hkmsvc - ok
10:31:59.0786 0x1520  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:31:59.0802 0x1520  HomeGroupListener - ok
10:31:59.0849 0x1520  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:31:59.0864 0x1520  HomeGroupProvider - ok
10:31:59.0895 0x1520  [ E554BCAA1A15A1337B7856CABE1334F4, 64C77722AC3AC00E8FBE109C247B4DC0577C6E22E0D69A9025854BAA5DFE2400 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
10:31:59.0895 0x1520  HookCentre - ok
10:31:59.0911 0x1520  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:31:59.0927 0x1520  HpSAMD - ok
10:31:59.0974 0x1520  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:32:00.0005 0x1520  HTTP - ok
10:32:00.0020 0x1520  [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:32:00.0036 0x1520  hwdatacard - ok
10:32:00.0052 0x1520  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:32:00.0052 0x1520  hwpolicy - ok
10:32:00.0067 0x1520  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
10:32:00.0083 0x1520  hyperkbd - ok
10:32:00.0083 0x1520  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
10:32:00.0099 0x1520  HyperVideo - ok
10:32:00.0127 0x1520  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
10:32:00.0152 0x1520  i8042prt - ok
10:32:00.0167 0x1520  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
10:32:00.0183 0x1520  iaLPSSi_GPIO - ok
10:32:00.0214 0x1520  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
10:32:00.0245 0x1520  iaLPSSi_I2C - ok
10:32:00.0308 0x1520  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
10:32:00.0355 0x1520  iaStorA - ok
10:32:00.0402 0x1520  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
10:32:00.0449 0x1520  iaStorAV - ok
10:32:00.0464 0x1520  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:32:00.0495 0x1520  iaStorV - ok
10:32:00.0527 0x1520  [ 3E808BD6BB99A0806E9CA5BAB4830CF1, FF9B09FEB8F6399555DF9D5413080F3A693B5FE46B4122EE0264C72B6A71C621 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
10:32:00.0527 0x1520  ibtusb - ok
10:32:00.0542 0x1520  IEEtwCollectorService - ok
10:32:00.0683 0x1520  [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:32:00.0761 0x1520  igfx - ok
10:32:00.0808 0x1520  [ C8D1E95D5FE51CABB4041ADD7FF2DE38, 84541189FA24195002536D34C4390FDCCFAF199440190F5D4D33BE2F291889CF ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
10:32:00.0808 0x1520  igfxCUIService1.0.0.0 - ok
10:32:00.0886 0x1520  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:32:00.0933 0x1520  IKEEXT - ok
10:32:00.0949 0x1520  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:32:00.0949 0x1520  intaud_WaveExtensible - ok
10:32:01.0011 0x1520  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:32:01.0042 0x1520  IntcDAud - ok
10:32:01.0120 0x1520  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:32:01.0167 0x1520  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
10:32:11.0516 0x1520  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
10:32:14.0188 0x1520  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
10:32:14.0235 0x1520  Intel(R) Capability Licensing Service TCP IP Interface - ok
10:32:14.0282 0x1520  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
10:32:14.0297 0x1520  Intel(R) ME Service - ok
10:32:14.0313 0x1520  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:32:14.0329 0x1520  intelide - ok
10:32:14.0360 0x1520  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
10:32:14.0376 0x1520  intelpep - ok
10:32:14.0391 0x1520  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
10:32:14.0422 0x1520  intelppm - ok
10:32:14.0438 0x1520  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:32:14.0454 0x1520  IpFilterDriver - ok
10:32:14.0516 0x1520  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:32:14.0563 0x1520  iphlpsvc - ok
10:32:14.0579 0x1520  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
10:32:14.0594 0x1520  IPMIDRV - ok
10:32:14.0610 0x1520  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:32:14.0626 0x1520  IPNAT - ok
10:32:14.0641 0x1520  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:32:14.0641 0x1520  IRENUM - ok
10:32:14.0661 0x1520  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:32:14.0661 0x1520  isapnp - ok
10:32:14.0677 0x1520  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
10:32:14.0692 0x1520  iScsiPrt - ok
10:32:14.0723 0x1520  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
10:32:14.0723 0x1520  iwdbus - ok
10:32:14.0786 0x1520  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:32:14.0802 0x1520  jhi_service - ok
10:32:14.0848 0x1520  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
10:32:14.0864 0x1520  kbdclass - ok
10:32:14.0911 0x1520  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
10:32:14.0942 0x1520  kbdhid - ok
10:32:14.0973 0x1520  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
10:32:14.0989 0x1520  kdnic - ok
10:32:15.0020 0x1520  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
10:32:15.0052 0x1520  KeyIso - ok
10:32:15.0098 0x1520  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:32:15.0130 0x1520  KSecDD - ok
10:32:15.0161 0x1520  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:32:15.0192 0x1520  KSecPkg - ok
10:32:15.0223 0x1520  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:32:15.0239 0x1520  ksthunk - ok
10:32:15.0286 0x1520  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:32:15.0317 0x1520  KtmRm - ok
10:32:15.0348 0x1520  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:32:15.0364 0x1520  LanmanServer - ok
10:32:15.0411 0x1520  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:32:15.0427 0x1520  LanmanWorkstation - ok
10:32:15.0474 0x1520  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
10:32:15.0505 0x1520  lfsvc - ok
10:32:15.0521 0x1520  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:32:15.0536 0x1520  lltdio - ok
10:32:15.0552 0x1520  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:32:15.0583 0x1520  lltdsvc - ok
10:32:15.0599 0x1520  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:32:15.0630 0x1520  lmhosts - ok
10:32:15.0692 0x1520  [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:32:15.0724 0x1520  LMS - ok
10:32:15.0755 0x1520  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:32:15.0771 0x1520  LSI_SAS - ok
10:32:15.0771 0x1520  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:32:15.0802 0x1520  LSI_SAS2 - ok
10:32:15.0802 0x1520  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
10:32:15.0826 0x1520  LSI_SAS3 - ok
10:32:15.0826 0x1520  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
10:32:15.0842 0x1520  LSI_SSS - ok
10:32:15.0920 0x1520  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
10:32:15.0967 0x1520  LSM - ok
10:32:15.0998 0x1520  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:32:15.0998 0x1520  luafv - ok
10:32:16.0029 0x1520  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:32:16.0029 0x1520  MBAMProtector - ok
10:32:16.0139 0x1520  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:32:16.0185 0x1520  MBAMService - ok
10:32:16.0217 0x1520  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:32:16.0248 0x1520  MBAMWebAccessControl - ok
10:32:16.0264 0x1520  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
10:32:16.0295 0x1520  megasas - ok
10:32:16.0326 0x1520  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
10:32:16.0357 0x1520  megasr - ok
10:32:16.0389 0x1520  [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
10:32:16.0404 0x1520  MEIx64 - ok
10:32:16.0436 0x1520  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
10:32:16.0451 0x1520  MMCSS - ok
10:32:16.0467 0x1520  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
10:32:16.0467 0x1520  Modem - ok
10:32:16.0482 0x1520  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
10:32:16.0482 0x1520  monitor - ok
10:32:16.0514 0x1520  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
10:32:16.0514 0x1520  mouclass - ok
10:32:16.0545 0x1520  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
10:32:16.0545 0x1520  mouhid - ok
10:32:16.0576 0x1520  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:32:16.0576 0x1520  mountmgr - ok
10:32:16.0623 0x1520  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:32:16.0654 0x1520  MozillaMaintenance - ok
10:32:16.0670 0x1520  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:32:16.0686 0x1520  mpsdrv - ok
10:32:16.0779 0x1520  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:32:16.0811 0x1520  MpsSvc - ok
10:32:16.0842 0x1520  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:32:16.0857 0x1520  MRxDAV - ok
10:32:16.0889 0x1520  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:32:16.0904 0x1520  mrxsmb - ok
10:32:16.0920 0x1520  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:32:16.0935 0x1520  mrxsmb10 - ok
10:32:16.0935 0x1520  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:32:16.0951 0x1520  mrxsmb20 - ok
10:32:16.0967 0x1520  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
10:32:16.0982 0x1520  MsBridge - ok
10:32:17.0014 0x1520  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
10:32:17.0029 0x1520  MSDTC - ok
10:32:17.0092 0x1520  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:32:17.0123 0x1520  Msfs - ok
10:32:17.0139 0x1520  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
10:32:17.0170 0x1520  msgpiowin32 - ok
10:32:17.0186 0x1520  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:32:17.0217 0x1520  mshidkmdf - ok
10:32:17.0232 0x1520  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
10:32:17.0248 0x1520  mshidumdf - ok
10:32:17.0279 0x1520  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:32:17.0295 0x1520  msisadrv - ok
10:32:17.0342 0x1520  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:32:17.0373 0x1520  MSiSCSI - ok
10:32:17.0373 0x1520  msiserver - ok
10:32:17.0404 0x1520  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:32:17.0420 0x1520  MSKSSRV - ok
10:32:17.0451 0x1520  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
10:32:17.0467 0x1520  MsLldp - ok
10:32:17.0467 0x1520  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:32:17.0482 0x1520  MSPCLOCK - ok
10:32:17.0482 0x1520  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:32:17.0498 0x1520  MSPQM - ok
10:32:17.0514 0x1520  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:32:17.0529 0x1520  MsRPC - ok
10:32:17.0545 0x1520  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
10:32:17.0561 0x1520  mssmbios - ok
10:32:17.0561 0x1520  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:32:17.0576 0x1520  MSTEE - ok
10:32:17.0592 0x1520  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
10:32:17.0607 0x1520  MTConfig - ok
10:32:17.0607 0x1520  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
10:32:17.0623 0x1520  Mup - ok
10:32:17.0639 0x1520  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
10:32:17.0654 0x1520  mvumis - ok
10:32:17.0686 0x1520  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:32:17.0701 0x1520  MyWiFiDHCPDNS - ok
10:32:17.0748 0x1520  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
10:32:17.0779 0x1520  napagent - ok
10:32:17.0811 0x1520  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:32:17.0826 0x1520  NativeWifiP - ok
10:32:17.0857 0x1520  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
10:32:17.0873 0x1520  NcaSvc - ok
10:32:17.0904 0x1520  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
10:32:17.0920 0x1520  NcbService - ok
10:32:17.0952 0x1520  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
10:32:17.0983 0x1520  NcdAutoSetup - ok
10:32:18.0077 0x1520  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:32:18.0108 0x1520  NDIS - ok
10:32:18.0140 0x1520  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:32:18.0140 0x1520  NdisCap - ok
10:32:18.0171 0x1520  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
10:32:18.0186 0x1520  NdisImPlatform - ok
10:32:18.0202 0x1520  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:32:18.0202 0x1520  NdisTapi - ok
10:32:18.0218 0x1520  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:32:18.0233 0x1520  Ndisuio - ok
10:32:18.0233 0x1520  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
10:32:18.0249 0x1520  NdisVirtualBus - ok
10:32:18.0249 0x1520  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:18.0265 0x1520  NdisWan - ok
10:32:18.0265 0x1520  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:18.0280 0x1520  NdisWanLegacy - ok
10:32:18.0311 0x1520  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:32:18.0327 0x1520  NDProxy - ok
10:32:18.0358 0x1520  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
10:32:18.0390 0x1520  Ndu - ok
10:32:18.0421 0x1520  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:32:18.0436 0x1520  NetBIOS - ok
10:32:18.0468 0x1520  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:32:18.0499 0x1520  NetBT - ok
10:32:18.0499 0x1520  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
10:32:18.0515 0x1520  Netlogon - ok
10:32:18.0546 0x1520  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
10:32:18.0577 0x1520  Netman - ok
10:32:18.0624 0x1520  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
10:32:18.0671 0x1520  netprofm - ok
10:32:18.0718 0x1520  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:18.0749 0x1520  NetTcpPortSharing - ok
10:32:18.0780 0x1520  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
10:32:18.0811 0x1520  netvsc - ok
10:32:18.0983 0x1520  [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
10:32:19.0046 0x1520  NETwNb64 - ok
10:32:19.0077 0x1520  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:32:19.0093 0x1520  NlaSvc - ok
10:32:19.0124 0x1520  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:32:19.0155 0x1520  Npfs - ok
10:32:19.0155 0x1520  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
10:32:19.0155 0x1520  npsvctrig - ok
10:32:19.0186 0x1520  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
10:32:19.0202 0x1520  nsi - ok
10:32:19.0218 0x1520  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:32:19.0233 0x1520  nsiproxy - ok
10:32:19.0343 0x1520  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:32:19.0390 0x1520  Ntfs - ok
10:32:19.0421 0x1520  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
10:32:19.0436 0x1520  Null - ok
10:32:19.0452 0x1520  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:32:19.0452 0x1520  nvraid - ok
10:32:19.0468 0x1520  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:32:19.0468 0x1520  nvstor - ok
10:32:19.0483 0x1520  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:32:19.0483 0x1520  nv_agp - ok
10:32:19.0624 0x1520  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
10:32:19.0655 0x1520  Origin Client Service - ok
10:32:19.0702 0x1520  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:32:19.0718 0x1520  p2pimsvc - ok
10:32:19.0749 0x1520  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
10:32:19.0765 0x1520  p2psvc - ok
10:32:19.0796 0x1520  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
10:32:19.0811 0x1520  Parport - ok
10:32:19.0843 0x1520  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:32:19.0858 0x1520  partmgr - ok
10:32:19.0890 0x1520  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:32:19.0936 0x1520  PcaSvc - ok
10:32:19.0968 0x1520  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
10:32:19.0983 0x1520  pci - ok
10:32:20.0015 0x1520  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:32:20.0015 0x1520  pciide - ok
10:32:20.0030 0x1520  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:32:20.0046 0x1520  pcmcia - ok
10:32:20.0077 0x1520  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:32:20.0093 0x1520  pcw - ok
10:32:20.0124 0x1520  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
10:32:20.0155 0x1520  pdc - ok
10:32:20.0202 0x1520  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:32:20.0249 0x1520  PEAUTH - ok
10:32:20.0343 0x1520  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:32:20.0374 0x1520  PerfHost - ok
10:32:20.0499 0x1520  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
10:32:20.0546 0x1520  pla - ok
10:32:20.0593 0x1520  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:32:20.0624 0x1520  PlugPlay - ok
10:32:20.0640 0x1520  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:32:20.0655 0x1520  PNRPAutoReg - ok
10:32:20.0686 0x1520  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:32:20.0718 0x1520  PNRPsvc - ok
10:32:20.0749 0x1520  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:32:20.0796 0x1520  PolicyAgent - ok
10:32:20.0827 0x1520  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
10:32:20.0858 0x1520  Power - ok
10:32:20.0905 0x1520  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:32:20.0936 0x1520  PptpMiniport - ok
10:32:21.0108 0x1520  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:32:21.0171 0x1520  PrintNotify - ok
10:32:21.0186 0x1520  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
10:32:21.0186 0x1520  Processor - ok
10:32:21.0218 0x1520  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:32:21.0233 0x1520  ProfSvc - ok
10:32:21.0265 0x1520  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:32:21.0265 0x1520  Psched - ok
10:32:21.0296 0x1520  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
10:32:21.0311 0x1520  QIOMem - ok
10:32:21.0327 0x1520  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
10:32:21.0343 0x1520  QWAVE - ok
10:32:21.0374 0x1520  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:32:21.0390 0x1520  QWAVEdrv - ok
10:32:21.0405 0x1520  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:32:21.0421 0x1520  RasAcd - ok
10:32:21.0452 0x1520  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:32:21.0468 0x1520  RasAgileVpn - ok
10:32:21.0499 0x1520  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
10:32:21.0530 0x1520  RasAuto - ok
10:32:21.0546 0x1520  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:32:21.0577 0x1520  Rasl2tp - ok
10:32:21.0640 0x1520  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
10:32:21.0671 0x1520  RasMan - ok
10:32:21.0671 0x1520  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:32:21.0686 0x1520  RasPppoe - ok
10:32:21.0702 0x1520  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:32:21.0718 0x1520  RasSstp - ok
10:32:21.0765 0x1520  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:32:21.0796 0x1520  rdbss - ok
10:32:21.0811 0x1520  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
10:32:21.0827 0x1520  rdpbus - ok
10:32:21.0858 0x1520  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:32:21.0890 0x1520  RDPDR - ok
10:32:21.0921 0x1520  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:32:21.0952 0x1520  RdpVideoMiniport - ok
10:32:21.0968 0x1520  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:32:21.0999 0x1520  rdyboost - ok
10:32:22.0077 0x1520  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
10:32:22.0124 0x1520  ReFS - ok
10:32:22.0202 0x1520  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:32:22.0218 0x1520  RegSrvc - ok
10:32:22.0265 0x1520  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:32:22.0296 0x1520  RemoteAccess - ok
10:32:22.0327 0x1520  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:32:22.0358 0x1520  RemoteRegistry - ok
10:32:22.0405 0x1520  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
10:32:22.0436 0x1520  RFCOMM - ok
10:32:22.0468 0x1520  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:32:22.0499 0x1520  RpcEptMapper - ok
10:32:22.0515 0x1520  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
10:32:22.0546 0x1520  RpcLocator - ok
10:32:22.0624 0x1520  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
10:32:22.0655 0x1520  RpcSs - ok
10:32:22.0686 0x1520  [ 8CDA04D9F6C15F8E98FDE926A51DCCD6, F9B6771D7B157FEB9C2AB26B647B9AEC6CE4B9455F06FE4E097A723C1D5B2301 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
10:32:22.0702 0x1520  RSP2STOR - ok
10:32:22.0718 0x1520  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:32:22.0733 0x1520  rspndr - ok
10:32:22.0812 0x1520  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
10:32:22.0843 0x1520  RTL8168 - ok
10:32:22.0875 0x1520  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
10:32:22.0906 0x1520  s3cap - ok
10:32:22.0922 0x1520  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
10:32:22.0953 0x1520  SamSs - ok
10:32:22.0984 0x1520  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:32:23.0015 0x1520  sbp2port - ok
10:32:23.0047 0x1520  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:32:23.0078 0x1520  SCardSvr - ok
10:32:23.0125 0x1520  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
10:32:23.0156 0x1520  ScDeviceEnum - ok
10:32:23.0203 0x1520  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:32:23.0234 0x1520  scfilter - ok
10:32:23.0312 0x1520  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
10:32:23.0344 0x1520  Schedule - ok
10:32:23.0390 0x1520  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:32:23.0406 0x1520  SCPolicySvc - ok
10:32:23.0453 0x1520  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
10:32:23.0484 0x1520  sdbus - ok
10:32:23.0500 0x1520  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
10:32:23.0531 0x1520  sdstor - ok
10:32:23.0531 0x1520  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:32:23.0562 0x1520  secdrv - ok
10:32:23.0594 0x1520  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
10:32:23.0625 0x1520  seclogon - ok
10:32:23.0656 0x1520  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
10:32:23.0687 0x1520  SENS - ok
10:32:23.0719 0x1520  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:32:23.0750 0x1520  SensrSvc - ok
10:32:23.0765 0x1520  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
10:32:23.0781 0x1520  SerCx - ok
10:32:23.0812 0x1520  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
10:32:23.0828 0x1520  SerCx2 - ok
10:32:23.0844 0x1520  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
10:32:23.0859 0x1520  Serenum - ok
10:32:23.0875 0x1520  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
10:32:23.0890 0x1520  Serial - ok
10:32:23.0922 0x1520  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
10:32:23.0937 0x1520  sermouse - ok
10:32:23.0972 0x1520  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
10:32:24.0003 0x1520  SessionEnv - ok
10:32:24.0003 0x1520  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
10:32:24.0003 0x1520  sfloppy - ok
10:32:24.0050 0x1520  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:32:24.0065 0x1520  SharedAccess - ok
10:32:24.0097 0x1520  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:32:24.0128 0x1520  ShellHWDetection - ok
10:32:24.0159 0x1520  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:32:24.0159 0x1520  SiSRaid2 - ok
10:32:24.0159 0x1520  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:32:24.0175 0x1520  SiSRaid4 - ok
10:32:24.0237 0x1520  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:32:24.0284 0x1520  SkypeUpdate - ok
10:32:24.0315 0x1520  [ D885207A4A218EC4773E6F7D214FDEA3, EA64958C2058DCDB8858E0EDA0626BD89B90A973130FE2B8886CF28072BF19D9 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
10:32:24.0347 0x1520  SmbDrvI - ok
10:32:24.0378 0x1520  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
10:32:24.0409 0x1520  smphost - ok
10:32:24.0440 0x1520  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:32:24.0472 0x1520  SNMPTRAP - ok
10:32:24.0534 0x1520  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
10:32:24.0581 0x1520  spaceport - ok
10:32:24.0597 0x1520  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
10:32:24.0612 0x1520  SpbCx - ok
10:32:24.0690 0x1520  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
10:32:24.0737 0x1520  Spooler - ok
10:32:24.0956 0x1520  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
10:32:25.0097 0x1520  sppsvc - ok
10:32:25.0097 0x1520  sptd - ok
10:32:25.0159 0x1520  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:32:25.0190 0x1520  srv - ok
10:32:25.0237 0x1520  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:32:25.0284 0x1520  srv2 - ok
10:32:25.0315 0x1520  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:32:25.0347 0x1520  srvnet - ok
10:32:25.0378 0x1520  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:32:25.0425 0x1520  SSDPSRV - ok
10:32:25.0440 0x1520  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:32:25.0472 0x1520  SstpSvc - ok
10:32:25.0503 0x1520  [ B1800F5DA5114148E405F21292EDF77A, F0CCE39AA15A7E8EBB8EBA72C053F6489E10601294ACD6E12DCDC6E2BE76403B ] StarPortLite    C:\Windows\System32\drivers\StarPortLite.sys
10:32:25.0534 0x1520  StarPortLite - ok
10:32:25.0566 0x1520  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:32:25.0597 0x1520  stexstor - ok
10:32:25.0659 0x1520  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
10:32:25.0706 0x1520  stisvc - ok
10:32:25.0737 0x1520  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
10:32:25.0769 0x1520  storahci - ok
10:32:25.0800 0x1520  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:32:25.0815 0x1520  storflt - ok
10:32:25.0815 0x1520  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
10:32:25.0847 0x1520  stornvme - ok
10:32:25.0862 0x1520  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
10:32:25.0878 0x1520  StorSvc - ok
10:32:25.0878 0x1520  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:32:25.0894 0x1520  storvsc - ok
10:32:25.0909 0x1520  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
10:32:25.0925 0x1520  svsvc - ok
10:32:25.0956 0x1520  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
10:32:25.0972 0x1520  swenum - ok
10:32:26.0019 0x1520  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
10:32:26.0050 0x1520  swprv - ok
10:32:26.0081 0x1520  [ AC2AFB0CADC5AB87E6ACC4E1A7F774DD, 706A8CD9CA9225E486F5138DF3B67630067EE257C9E5FFEBA9DE35A11B8C8913 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:32:26.0097 0x1520  SynTP - ok
10:32:26.0175 0x1520  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
10:32:26.0222 0x1520  SysMain - ok
10:32:26.0237 0x1520  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
10:32:26.0253 0x1520  SystemEventsBroker - ok
10:32:26.0284 0x1520  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:32:26.0300 0x1520  TabletInputService - ok
10:32:26.0316 0x1520  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:32:26.0331 0x1520  TapiSrv - ok
10:32:26.0472 0x1520  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:32:26.0534 0x1520  Tcpip - ok
10:32:26.0581 0x1520  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:32:26.0644 0x1520  TCPIP6 - ok
10:32:26.0663 0x1520  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:32:26.0678 0x1520  tcpipreg - ok
10:32:26.0694 0x1520  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:32:26.0725 0x1520  tdx - ok
10:32:26.0756 0x1520  [ 436183C39AB66B1A7AD0FA6B76DA00A9, 8A012B30110959D3CF6A9204B069517B959596FEEA5F8C5A028DFEBD1F7087B4 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
10:32:26.0772 0x1520  TemproMonitoringService - ok
10:32:26.0787 0x1520  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
10:32:26.0803 0x1520  terminpt - ok
10:32:26.0897 0x1520  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
10:32:26.0928 0x1520  TermService - ok
10:32:26.0959 0x1520  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
10:32:26.0959 0x1520  Themes - ok
10:32:26.0991 0x1520  [ 98F91C69689FB0493E8CC34A45B8FA0B, 17385AB817F74F70848E1C71503DA726A4D417D16A5DCE7593BAD112150F6922 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
10:32:26.0991 0x1520  Thotkey - ok
10:32:27.0022 0x1520  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:32:27.0037 0x1520  THREADORDER - ok
10:32:27.0053 0x1520  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
10:32:27.0069 0x1520  TimeBroker - ok
10:32:27.0131 0x1520  [ 18688C5B1ED56FAF6310D07709F81EC0, 4631774A2274E9D4340D67AED026622BD3B74696F4F62E6A1EFBD6DA2267E36E ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
10:32:27.0162 0x1520  TMachInfo - ok
10:32:27.0225 0x1520  [ 36A6C54509CF9D7DA91A06B3E3C969D7, 327C0AB1A75FFF3666BAD4A002DE70A1C4CA21FC868BC5EB9C16AEF9D378B8E3 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
10:32:27.0256 0x1520  TOSHIBA eco Utility Service - ok
10:32:27.0303 0x1520  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
10:32:27.0319 0x1520  tosrfec - ok
10:32:27.0366 0x1520  [ ADC56716CAF55E3ABDF549E9425004F8, FDA93F583AAB6FA6E8447B169BDA6E6E8547959133BD95933228C137B69129B7 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
10:32:27.0412 0x1520  TPCHSrv - ok
10:32:27.0444 0x1520  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
10:32:27.0475 0x1520  TPM - ok
10:32:27.0506 0x1520  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
10:32:27.0506 0x1520  TrkWks - ok
10:32:27.0569 0x1520  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:32:27.0600 0x1520  TrustedInstaller - ok
10:32:27.0616 0x1520  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:32:27.0647 0x1520  TsUsbFlt - ok
10:32:27.0678 0x1520  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
10:32:27.0709 0x1520  TsUsbGD - ok
10:32:27.0741 0x1520  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:32:27.0787 0x1520  tunnel - ok
10:32:27.0803 0x1520  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
10:32:27.0819 0x1520  TVALZ - ok
10:32:27.0834 0x1520  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
10:32:27.0834 0x1520  TVALZFL - ok
10:32:27.0850 0x1520  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:32:27.0866 0x1520  uagp35 - ok
10:32:27.0881 0x1520  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
10:32:27.0897 0x1520  UASPStor - ok
10:32:27.0928 0x1520  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
10:32:27.0944 0x1520  UCX01000 - ok
10:32:28.0006 0x1520  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:32:28.0037 0x1520  udfs - ok
10:32:28.0053 0x1520  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
10:32:28.0069 0x1520  UEFI - ok
10:32:28.0116 0x1520  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:32:28.0147 0x1520  UI0Detect - ok
10:32:28.0162 0x1520  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:32:28.0178 0x1520  uliagpkx - ok
10:32:28.0178 0x1520  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
10:32:28.0194 0x1520  umbus - ok
10:32:28.0209 0x1520  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
10:32:28.0225 0x1520  UmPass - ok
10:32:28.0256 0x1520  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:32:28.0287 0x1520  UmRdpService - ok
10:32:28.0334 0x1520  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
10:32:28.0366 0x1520  upnphost - ok
10:32:28.0397 0x1520  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
10:32:28.0412 0x1520  usbccgp - ok
10:32:28.0428 0x1520  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
10:32:28.0428 0x1520  usbcir - ok
10:32:28.0459 0x1520  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
10:32:28.0475 0x1520  usbehci - ok
10:32:28.0522 0x1520  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
10:32:28.0537 0x1520  usbhub - ok
10:32:28.0584 0x1520  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
10:32:28.0631 0x1520  USBHUB3 - ok
10:32:28.0662 0x1520  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
10:32:28.0678 0x1520  usbohci - ok
10:32:28.0694 0x1520  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
10:32:28.0725 0x1520  usbprint - ok
10:32:28.0741 0x1520  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:32:28.0772 0x1520  usbscan - ok
10:32:28.0819 0x1520  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
10:32:28.0834 0x1520  USBSTOR - ok
10:32:28.0866 0x1520  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
10:32:28.0881 0x1520  usbuhci - ok
10:32:28.0912 0x1520  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:32:28.0928 0x1520  usbvideo - ok
10:32:28.0975 0x1520  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
10:32:29.0006 0x1520  USBXHCI - ok
10:32:29.0022 0x1520  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
10:32:29.0037 0x1520  VaultSvc - ok
10:32:29.0053 0x1520  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:32:29.0069 0x1520  vdrvroot - ok
10:32:29.0162 0x1520  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
10:32:29.0194 0x1520  vds - ok
10:32:29.0209 0x1520  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
10:32:29.0225 0x1520  VerifierExt - ok
10:32:29.0272 0x1520  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
10:32:29.0287 0x1520  vhdmp - ok
10:32:29.0303 0x1520  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:32:29.0303 0x1520  viaide - ok
10:32:29.0334 0x1520  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:32:29.0350 0x1520  vmbus - ok
10:32:29.0366 0x1520  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
10:32:29.0381 0x1520  VMBusHID - ok
10:32:29.0412 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
10:32:29.0428 0x1520  vmicguestinterface - ok
10:32:29.0444 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
10:32:29.0459 0x1520  vmicheartbeat - ok
10:32:29.0475 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
10:32:29.0491 0x1520  vmickvpexchange - ok
10:32:29.0506 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
10:32:29.0522 0x1520  vmicrdv - ok
10:32:29.0522 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
10:32:29.0537 0x1520  vmicshutdown - ok
10:32:29.0553 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
10:32:29.0569 0x1520  vmictimesync - ok
10:32:29.0600 0x1520  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
10:32:29.0631 0x1520  vmicvss - ok
10:32:29.0647 0x1520  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:32:29.0662 0x1520  volmgr - ok
10:32:29.0678 0x1520  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:32:29.0694 0x1520  volmgrx - ok
10:32:29.0725 0x1520  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:32:29.0741 0x1520  volsnap - ok
10:32:29.0787 0x1520  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
10:32:29.0787 0x1520  vpci - ok
10:32:29.0819 0x1520  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:32:29.0834 0x1520  vsmraid - ok
10:32:29.0897 0x1520  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
10:32:29.0944 0x1520  VSS - ok
10:32:29.0959 0x1520  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
10:32:29.0977 0x1520  VSTXRAID - ok
10:32:29.0993 0x1520  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:32:30.0008 0x1520  vwifibus - ok
10:32:30.0024 0x1520  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:30.0055 0x1520  vwififlt - ok
10:32:30.0055 0x1520  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:30.0086 0x1520  vwifimp - ok
10:32:30.0133 0x1520  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
10:32:30.0165 0x1520  W32Time - ok
10:32:30.0180 0x1520  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
10:32:30.0196 0x1520  WacomPen - ok
10:32:30.0227 0x1520  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:32:30.0243 0x1520  Wanarp - ok
10:32:30.0243 0x1520  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:32:30.0258 0x1520  Wanarpv6 - ok
10:32:30.0352 0x1520  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
10:32:30.0399 0x1520  wbengine - ok
10:32:30.0430 0x1520  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:32:30.0446 0x1520  WbioSrvc - ok
10:32:30.0462 0x1520  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
10:32:30.0477 0x1520  Wcmsvc - ok
10:32:30.0508 0x1520  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:32:30.0540 0x1520  wcncsvc - ok
10:32:30.0555 0x1520  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:32:30.0555 0x1520  WcsPlugInService - ok
10:32:30.0587 0x1520  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
10:32:30.0602 0x1520  WdBoot - ok
10:32:30.0680 0x1520  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:32:30.0727 0x1520  Wdf01000 - ok
10:32:30.0743 0x1520  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
10:32:30.0758 0x1520  WdFilter - ok
10:32:30.0805 0x1520  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:32:30.0852 0x1520  WdiServiceHost - ok
10:32:30.0852 0x1520  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:32:30.0899 0x1520  WdiSystemHost - ok
10:32:30.0930 0x1520  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
10:32:30.0961 0x1520  WdNisDrv - ok
10:32:30.0993 0x1520  WdNisSvc - ok
10:32:31.0024 0x1520  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
10:32:31.0055 0x1520  WebClient - ok
10:32:31.0087 0x1520  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:32:31.0118 0x1520  Wecsvc - ok
10:32:31.0133 0x1520  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
10:32:31.0149 0x1520  WEPHOSTSVC - ok
10:32:31.0196 0x1520  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:32:31.0227 0x1520  wercplsupport - ok
10:32:31.0274 0x1520  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
10:32:31.0305 0x1520  WerSvc - ok
10:32:31.0337 0x1520  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
10:32:31.0368 0x1520  WFPLWFS - ok
10:32:31.0383 0x1520  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
10:32:31.0399 0x1520  WiaRpc - ok
10:32:31.0415 0x1520  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:32:31.0430 0x1520  WIMMount - ok
10:32:31.0430 0x1520  WinDefend - ok
10:32:31.0477 0x1520  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
10:32:31.0493 0x1520  WinHttpAutoProxySvc - ok
10:32:31.0571 0x1520  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:32:31.0602 0x1520  Winmgmt - ok
10:32:31.0696 0x1520  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:32:31.0758 0x1520  WinRM - ok
10:32:31.0790 0x1520  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:32:31.0790 0x1520  WinUsb - ok
10:32:31.0883 0x1520  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
10:32:31.0930 0x1520  WlanSvc - ok
10:32:32.0008 0x1520  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
10:32:32.0040 0x1520  wlidsvc - ok
10:32:32.0071 0x1520  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
10:32:32.0087 0x1520  WmiAcpi - ok
10:32:32.0118 0x1520  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:32:32.0149 0x1520  wmiApSrv - ok
10:32:32.0165 0x1520  WMPNetworkSvc - ok
10:32:32.0212 0x1520  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
10:32:32.0243 0x1520  Wof - ok
10:32:32.0368 0x1520  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
10:32:32.0415 0x1520  workfolderssvc - ok
10:32:32.0446 0x1520  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
10:32:32.0446 0x1520  wpcfltr - ok
10:32:32.0477 0x1520  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:32:32.0508 0x1520  WPCSvc - ok
10:32:32.0540 0x1520  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:32:32.0571 0x1520  WPDBusEnum - ok
10:32:32.0587 0x1520  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
10:32:32.0618 0x1520  WpdUpFltr - ok
10:32:32.0649 0x1520  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:32:32.0680 0x1520  ws2ifsl - ok
10:32:32.0727 0x1520  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:32:32.0758 0x1520  wscsvc - ok
10:32:32.0774 0x1520  WSearch - ok
10:32:32.0930 0x1520  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
10:32:33.0008 0x1520  WSService - ok
10:32:33.0149 0x1520  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\Windows\system32\wuaueng.dll
10:32:33.0227 0x1520  wuauserv - ok
10:32:33.0243 0x1520  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:32:33.0258 0x1520  WudfPf - ok
10:32:33.0290 0x1520  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
10:32:33.0321 0x1520  WUDFRd - ok
10:32:33.0337 0x1520  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:32:33.0352 0x1520  wudfsvc - ok
10:32:33.0368 0x1520  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
10:32:33.0383 0x1520  WUDFWpdFs - ok
10:32:33.0399 0x1520  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:33.0430 0x1520  WUDFWpdMtp - ok
10:32:33.0477 0x1520  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:32:33.0493 0x1520  WwanSvc - ok
10:32:33.0712 0x1520  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:32:33.0790 0x1520  ZeroConfigService - ok
10:32:33.0790 0x1520  ================ Scan global ===============================
10:32:33.0821 0x1520  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
10:32:33.0837 0x1520  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
10:32:33.0883 0x1520  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
10:32:33.0930 0x1520  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
10:32:33.0946 0x1520  [ Global ] - ok
10:32:33.0946 0x1520  ================ Scan MBR ==================================
10:32:33.0962 0x1520  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:32:34.0055 0x1520  \Device\Harddisk0\DR0 - ok
10:32:34.0055 0x1520  ================ Scan VBR ==================================
10:32:34.0055 0x1520  [ 3396487114C7AF39AEA9C46D3B9F3D58 ] \Device\Harddisk0\DR0\Partition1
10:32:34.0118 0x1520  \Device\Harddisk0\DR0\Partition1 - ok
10:32:34.0118 0x1520  [ CED4D242DFC5D30F2EC60F29248C8208 ] \Device\Harddisk0\DR0\Partition2
10:32:34.0180 0x1520  \Device\Harddisk0\DR0\Partition2 - ok
10:32:34.0196 0x1520  [ AE9C8B0D14078D52A0371082B9A03CAA ] \Device\Harddisk0\DR0\Partition3
10:32:34.0258 0x1520  \Device\Harddisk0\DR0\Partition3 - ok
10:32:34.0290 0x1520  [ EDD289A082B3D01EBE7C1497AEE7032C ] \Device\Harddisk0\DR0\Partition4
10:32:34.0352 0x1520  \Device\Harddisk0\DR0\Partition4 - ok
10:32:34.0383 0x1520  [ 60410DD38D6FED85C2A62D9C7514C303 ] \Device\Harddisk0\DR0\Partition5
10:32:34.0383 0x1520  \Device\Harddisk0\DR0\Partition5 - ok
10:32:34.0383 0x1520  ================ Scan generic autorun ======================
10:32:34.0540 0x1520  [ 645B9EA3099387008653173BBE828E62, FE1BF2360181F05454F6B5A9B42ECB1203E5936D72502281A46D913094BAB4CD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
10:32:34.0571 0x1520  StartCCC - ok
10:32:34.0618 0x1520  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
10:32:34.0633 0x1520  TSVU - ok
10:32:34.0758 0x1520  [ 2A06A880B6AECB9B1F384B60F35D5831, A5FF754AFBC6F818F470F50253A9E88BA24C5AA3E056D28AAF32ABBF1202C81B ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
10:32:34.0805 0x1520  GDFirewallTray - ok
10:32:34.0930 0x1520  [ 73871920634B1FCB62812F29C89A71F5, 66CCEF92058656D6CC2752A6BA55F25BFCEAA5ED93FD65E7AC17EC266A3FA4FB ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
10:32:34.0962 0x1520  EEventManager - ok
10:32:35.0040 0x1520  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE
10:32:35.0040 0x1520  EPLTarget\P0000000000000000 - ok
10:32:35.0040 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:36.0055 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:37.0063 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:38.0078 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:39.0094 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:40.0095 0x1520  Waiting for KSN requests completion. In queue: 327
10:32:41.0103 0x1520  Waiting for KSN requests completion. In queue: 17
10:32:42.0119 0x1520  Waiting for KSN requests completion. In queue: 17
10:32:43.0212 0x1520  AV detected via SS2: G Data InternetSecurity CBE, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
10:32:43.0212 0x1520  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
10:32:43.0212 0x1520  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
10:32:45.0786 0x1520  ============================================================
10:32:45.0786 0x1520  Scan finished
10:32:45.0786 0x1520  ============================================================
10:32:45.0786 0x1580  Detected object count: 1
10:32:45.0786 0x1580  Actual detected object count: 1
10:33:23.0846 0x1580  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
10:33:23.0846 0x1580  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:35:20.0481 0x0750  Deinitialize success

24.08.2015, 15:31	#9
schrauber /// the machine /// TB-Ausbilder	Windows 8 / GData findet verschlüsselte Einträge, zehn Tage ohne Virenschutz gesurft Alles nochmal bitte, unsere Tools brauchen Adminrechte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8 / GData findet verschlüsselte Einträge, zehn Tage ohne Virenschutz gesurft

Log-Analyse und Auswertung: Windows 8 / GData findet verschlüsselte Einträge, zehn Tage ohne Virenschutz gesurft