Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Email-Adresse versendet Spammails

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.09.2015, 18:45   #1
CrshdBounty
 
Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



Hallo zusammen,
ich habe seit einigen Tagen das Problem, dass von meinem Mailaccount Spammails verschickt werden. Es ist mir unbekannt wo ich mir diesen Virus eingefangen habe oder ob es sich tatsächlich um einen Virus handelt, jedoch wurde mir von einem Bekannten empfohlen mein Problem hier an zusprechen.
Ich habe mein Passwort geändert, aber das veränderte nichts an der Lage und es wurden weiterhin Spammails versendet. Auch habe ich auf allen Geräten (Laptop(Windwos 8.1) und Smartphone(Android)) die mit der Emailadresse in Verbindung stehen einen Virenscan durch geführt bei beiden wurde jedoch nichts gefunden(Hier zu habe ich keine Logs mehr.). Wie in den goldenen Regeln beschrieben habe ich nun die drei Programme benutzt und habe Logs erstellt. Ich hoffe das ihr mir helfen könnt.

Defogger:

defogger_disable.log
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:00 on 29/09/2015 (*****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST:

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von ***** (Administrator) auf X75V (29-09-2015 17:02:22)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** & UpdatusUser (Verfügbare Profile: ***** & UpdatusUser)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-10] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-05] ()
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\spotify.exe [7535672 2015-09-10] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer\DisallowRun: [1] firefox.exe
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {3448ea64-ee3a-11e3-befc-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {49c230f1-ad5d-11e3-beee-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {4f2c859f-72f7-11e4-bf22-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {824887c6-2e6f-11e3-bea7-08606e4c35fc} - "G:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1008\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{6E7F3371-D941-4CC4-9896-A6088121ED37}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{ED68718E-4F13-41D3-8285-B7D0E3D13572}: [NameServer] 192.168.0.1,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=648BEE85DE7B06C6
URLSearchHook: [S-1-5-21-226644849-438525468-1118309550-1008] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=648BEE85DE7B06C6
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  Keine Datei
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395162201&from=smt&uid=HitachiXHTS545050A7E380_TEJ51139DJNS7SDJNS7SX

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml [2014-03-18]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-06-09]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (YouTube Unblocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-08-12]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-04] (EasyAntiCheat Ltd)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-22] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
U4 secdrv; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-29 17:02 - 2015-09-29 17:03 - 00017189 _____ C:\Users\*****\Downloads\FRST.txt
2015-09-29 17:02 - 2015-09-29 17:02 - 00000000 ____D C:\FRST
2015-09-29 17:01 - 2015-09-29 17:01 - 02192384 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-09-29 17:00 - 2015-09-29 17:00 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2015-09-29 17:00 - 2015-09-29 17:00 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-09-29 16:59 - 2015-09-29 16:59 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2015-09-25 17:40 - 2015-09-26 19:54 - 00091836 _____ C:\Users\*****\Desktop\Die Hexer.odt
2015-09-25 16:05 - 2015-09-25 16:05 - 00000222 _____ C:\Users\*****\Desktop\Europa Universalis IV.url
2015-09-25 13:03 - 2015-09-25 13:08 - 00000619 _____ C:\Users\*****\Desktop\Über Katzen.txt
2015-09-23 20:16 - 2015-09-23 20:16 - 00000221 _____ C:\Users\*****\Desktop\Victoria Revolutions.url
2015-09-22 17:29 - 2015-09-24 21:19 - 00058932 _____ C:\Users\*****\Desktop\*****Charakterisierung.odt
2015-09-16 16:17 - 2015-09-23 18:41 - 00000000 ____D C:\Users\*****\Desktop\Writing Excuses 5
2015-09-12 16:06 - 2015-09-18 18:04 - 00000000 ____D C:\Users\*****\Downloads\FTG_1_3_29Dec
2015-09-12 16:05 - 2015-09-12 16:06 - 18820710 _____ C:\Users\*****\Downloads\FTG_1_3_29Dec.7z
2015-09-12 13:16 - 2015-09-18 17:25 - 00000221 _____ C:\Users\*****\Desktop\For The Glory.url
2015-09-11 16:57 - 2015-09-11 16:57 - 00000222 _____ C:\Users\*****\Desktop\Crusader Kings Complete.url
2015-09-11 16:46 - 2015-09-29 13:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-11 16:46 - 2015-09-11 16:46 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-11 16:46 - 2015-09-11 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-10 21:50 - 2015-09-10 22:55 - 00000000 ____D C:\Program Files (x86)\C-evo
2015-09-10 13:00 - 2015-09-10 22:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\C-evo
2015-09-08 22:48 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:48 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:48 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:48 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 22:48 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:48 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:48 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:48 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:48 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:48 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:48 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:48 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:48 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:48 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:48 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:48 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:48 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:48 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:48 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:48 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:48 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:48 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 22:48 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 22:48 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 22:48 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 22:48 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 22:47 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:47 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:47 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:47 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:47 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:47 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:47 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:47 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:47 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 22:47 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 22:47 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 22:47 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 22:47 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-06 21:24 - 2015-09-06 21:24 - 00000847 _____ C:\Users\*****\AppData\Local\recently-used.xbel
2015-09-06 17:51 - 2015-09-06 17:53 - 04762478 _____ C:\Users\*****\Desktop\Weltkarte-blank.svg
2015-09-06 14:33 - 2015-09-06 14:33 - 00000087 ____H C:\Users\*****\Desktop\.~lock.Homo faber.MP4#

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-29 17:00 - 2014-01-12 21:30 - 00000000 ____D C:\Users\*****
2015-09-29 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-29 16:51 - 2013-02-08 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-29 16:40 - 2014-09-11 02:34 - 01052502 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-29 16:30 - 2013-09-02 14:21 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-29 14:00 - 2014-05-19 14:00 - 00002096 _____ C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4.job
2015-09-29 13:59 - 2014-05-19 13:59 - 00003450 _____ C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3.job
2015-09-29 13:17 - 2013-02-05 12:58 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-226644849-438525468-1118309550-1001
2015-09-29 13:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-29 13:06 - 2014-03-18 20:40 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A674EFEF-598F-41CF-A610-7C4F5B9A8590}
2015-09-29 13:02 - 2014-01-12 22:24 - 00000000 __RDO C:\Users\*****\SkyDrive
2015-09-29 13:02 - 2013-10-08 19:40 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job
2015-09-28 16:57 - 2013-05-04 13:52 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2015-09-28 16:52 - 2015-01-10 23:51 - 00000000 ____D C:\Users\*****\Desktop\Schulische Dolument K1
2015-09-28 15:16 - 2013-05-04 13:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2015-09-24 17:40 - 2015-04-22 21:12 - 00000000 ____D C:\Users\*****\Videos\Documents\My Games
2015-09-24 16:08 - 2014-06-18 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-24 16:08 - 2014-03-11 23:11 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2015-09-24 07:42 - 2015-01-02 18:42 - 00038778 _____ C:\WINDOWS\setupact.log
2015-09-24 07:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 21:44 - 2013-04-10 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-22 21:41 - 2013-05-07 22:07 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 21:41 - 2013-04-10 19:25 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 19:56 - 2015-07-04 16:13 - 00000000 ____D C:\Program Files (x86)\TripleA
2015-09-22 17:53 - 2013-02-08 19:47 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-22 16:58 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 17:35 - 2013-12-16 19:49 - 00025418 _____ C:\Users\*****\Videos\Documents\Unbenannt 1.odt
2015-09-18 17:25 - 2013-12-10 14:27 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e
2015-09-18 17:25 - 2013-09-02 14:21 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:42 - 2013-06-05 14:19 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-09-16 13:55 - 2013-09-02 14:21 - 00000000 ____D C:\Users\*****\AppData\Local\Google
2015-09-15 03:18 - 2015-03-13 14:04 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-13 14:04 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 13:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-13 20:23 - 2015-03-29 18:42 - 00000000 ____D C:\Users\*****\Desktop\Projekte
2015-09-12 01:17 - 2013-11-14 09:27 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-12 01:17 - 2013-11-14 09:11 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-12 01:17 - 2013-11-14 09:11 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-11 17:31 - 2015-01-27 20:29 - 00072952 _____ C:\WINDOWS\DirectX.log
2015-09-11 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-11 14:00 - 2013-08-22 16:44 - 00497528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 13:57 - 2015-01-02 16:53 - 00215154 _____ C:\WINDOWS\PFRO.log
2015-09-10 23:43 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-10 23:39 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 22:55 - 2015-04-10 01:12 - 00000651 _____ C:\Users\*****\Videos\Documents\Uninstall STAR WARS The Old Republic.log
2015-09-09 13:34 - 2013-08-31 21:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:50 - 2014-05-26 17:51 - 00000000 ____D C:\Users\*****\.gimp-2.8
2015-09-06 21:24 - 2014-05-27 13:17 - 00000000 ____D C:\Users\*****\AppData\Local\gtk-2.0
2015-09-03 15:07 - 2013-04-10 19:25 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-06 21:24 - 2015-09-06 21:24 - 0000847 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2013-12-20 14:30 - 2013-12-20 14:30 - 0007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\bitool.dll
C:\Users\*****\AppData\Local\Temp\BRSVC_18420437_hlp.exe
C:\Users\*****\AppData\Local\Temp\comver.dll
C:\Users\*****\AppData\Local\Temp\EBU252A.exe
C:\Users\*****\AppData\Local\Temp\EBU3CAA.DLL
C:\Users\*****\AppData\Local\Temp\iiuninst.exe
C:\Users\*****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\Temp\project1.exe
C:\Users\*****\AppData\Local\Temp\utt4E33.tmp.exe
C:\Users\*****\AppData\Local\Temp\utt8D59.tmp.exe
C:\Users\*****\AppData\Local\Temp\uttE996.tmp.exe
C:\Users\*****\AppData\Local\Temp\uttEDC.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-24 08:03

==================== Ende von FRST.txt ============================
         
Adittion.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
durchgeführt von ***** (2015-09-29 17:05:59)
Gestartet von C:\Users\*****\Downloads
Windows 8.1 (X64) (2014-01-12 20:20:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-226644849-438525468-1118309550-500 - Administrator - Disabled)
***** (S-1-5-21-226644849-438525468-1118309550-1001 - Administrator - Enabled) => C:\Users\*****
Gast (S-1-5-21-226644849-438525468-1118309550-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-226644849-438525468-1118309550-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Crusader Kings Complete (HKLM-x32\...\Steam App 204940) (Version:  - Paradox Development Studio)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
For The Glory (HKLM-x32\...\Steam App 42810) (Version:  - Crystal Empire Games)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Lazarus 1.2.6 (HKLM\...\lazarus_is1) (Version: 1.2.6 - Lazarus Team)
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C3F92D0-3EC5-4CD4-9D5E-1E7834B65BB8}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MTX (HKLM-x32\...\{6583D00E-0924-4950-8BE9-5D09FE70B333}) (Version: 1.0.0 - mektek.net)
NVIDIA Grafiktreiber 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Panthers World At War v8.20 (HKLM-x32\...\spwawv820Public) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
TripleA Version 1_8_0_7 (HKLM-x32\...\TripleAVersion1_8_0_7) (Version:  - )
Victoria: Revolutions (HKLM-x32\...\Steam App 42980) (Version:  - Paradox Development Studio)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version:  - Spacejock Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

25-09-2015 16:53:51 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CD7022C-207F-4D7C-AB42-2B53769E5F97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1451BA1D-0A93-4659-AD48-398ACEABA375} - System32\Tasks\{529E2F68-F18F-435E-955A-9AA63562B1C6} => pcalua.exe -a C:\Users\*****\Downloads\superpower_demo\superpower_demo.exe -d C:\Users\*****\Downloads\superpower_demo
Task: {1CCAD141-400E-4B2A-87F8-445CD93041BE} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe <==== ACHTUNG
Task: {1D3D9376-14F5-436F-950D-DAE38EA9BDDF} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ACHTUNG
Task: {23DFE59E-7289-447C-8A77-6512DBB27EE0} - System32\Tasks\{8AEE9BD8-936F-496C-AF90-B163DED2C9C0} => pcalua.exe -a C:\Users\*****\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {245C34AE-FC9F-4A78-B0D1-CD68DA362C10} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2C0FF274-6E11-4A73-BDD0-2B53D72DFDBC} - System32\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4 => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-4.exe <==== ACHTUNG
Task: {379ABEBC-5E4E-471D-9550-5C7A0AB8B1C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {39EB7719-0AC4-44B9-8E2A-2117CC372B53} - System32\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3 => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-3.exe <==== ACHTUNG
Task: {3A52FB0B-29E2-43AC-BE6B-FAA205EA274A} - System32\Tasks\{06E41BAD-B555-49F9-A008-C1FEB747BE48} => pcalua.exe -a F:\DIRECTX\DX80eng.exe -d F:\DIRECTX
Task: {3AB7FE60-F149-4550-A16F-A1C2D5F07225} - System32\Tasks\{61774690-BF5F-43C2-A5DD-34CDBF967CF3} => pcalua.exe -a C:\Users\*****\Downloads\SWTOR_setup.exe -d C:\Users\*****\Downloads
Task: {3B8297F8-A24F-451D-8EAD-75CCFD34D9EF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {69A68A91-8512-40A1-B02C-3AAA8767855B} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe <==== ACHTUNG
Task: {83FE478F-FA99-4086-846E-D9EE215540AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9C5F4FB6-6AD0-4B89-88CA-B64FA2B93DF4} - System32\Tasks\{121C2716-463A-4A3F-8796-EE57D9B93E10} => pcalua.exe -a "C:\Program Files (x86)\Cossacks - Back To War\clancher.exe" -d "C:\Program Files (x86)\Cossacks - Back To War"
Task: {A6D8807C-52FD-40AA-9E46-339E27B61528} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B9AD16E0-6C62-4BD7-9B35-ABFE53E1D757} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CE71724D-A73D-46A2-A16D-39DCD82D767A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {D5C21810-AD50-42D9-B898-F57A95CBDF2A} - System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DDF73BA4-2CDB-4927-8053-BFAA8A55C1EC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {F6FCD16F-E6AE-4595-ADF2-A26E9FB58855} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {FB240927-8785-4962-9405-5E65A2CC8F5F} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3.job => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4.job => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-4.exeͣ/xIQAcpD /WEWpnDndJ='Fpro_1.2' /LDHwgMPS C:\Program Files (x86)\Fpro_1.2\54253.xpi' /DCIbr=54253 /zsnuLl='001361' /SCeZS='verticals-' /YKnFuZWCG='0' /dSbBW=CDA21D3DBDD3431CBB976DC553BCB432IE /SEwGt=de39ee7379786d4030d2492779ff503f /Lhoyz=1_34_05_12 /OqFigLps=1.34.5.12 /HCVtWm=1400500761 /IRKwsXs=http:/stats.clientstaticserv.com /CoqeIeAEI=http:/errors.clientstaticserv.com /ycCENAi=300 /wJrxwWMb=2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com /DxSKtSLu=0.94 /FcMTBQVI=a2ab9302c551a480499719932d6d5b0f92bfa4cf8298a479280d575352ee81de1com54253 /wWjedjQb=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54253.rdf /bxwMo='Fpro_1.2' /nVqQT='Feven Shopping Companion' /liPYuTd='Freeven' /JndaGCGI=ch /WojsYJSUB /bNiuEuS /huqWq /hqqjc='http:/update.clientstaticserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-12 21:25 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-25 19:32 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 19:32 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\*****\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-226644849-438525468-1118309550-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\Pictures\Wallpaper\fantasy-wallpapers-and-backgrounds---w8themes-lfz7euzv.jpg
HKU\S-1-5-21-226644849-438525468-1118309550-1008\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{67D594D2-F82F-4389-BB9B-4BB46FB07CC5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{2FB36D09-DE1B-45B3-9231-28ADB7F04866}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{37D992DB-D0EB-4983-B3AC-77E85A5F04DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F9A7C91-901C-41B7-B8AD-F279202DC8B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{428A4F20-58E5-46ED-A593-CF461ACBEEEF}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{494B296B-CDCB-4107-B75A-CE68BAC74765}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{67906FA9-6A96-48AA-94AB-8EB99A25E9DA}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{42294A46-F8A9-48F7-A8AD-AF9D7E15E8F1}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9AD39FCE-FFE8-4BC9-9169-1572DCD3E50D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F4741AB-6AE3-4BFB-9041-3BDC96242A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A43FC8A9-E66F-4306-B6CC-63529D9D4628}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2165F1D0-E5E4-452C-9558-7471B7B8117D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C4271F25-7D9C-4120-8BC7-66E2ABF02A85}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F4DCD1ED-672A-41EF-A1CB-30723E5000A6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{DB944307-F563-40D2-8200-4DC3DB4D626D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0EEAF1EE-E58C-4410-A813-93A1D5802E96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{CB572686-B503-4944-973C-0427C4720481}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{FEC7F19A-AB6F-4073-AD79-AD632AE79AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{67E675B3-482C-4E01-B9A6-72A1C8AF7545}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{70CB9FAD-40D6-4DDE-9A3C-EF5AFBFCA769}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8C7327CA-ED43-488F-B7B4-1F577A6343BB}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A7617BE4-A167-41B2-A16F-339A569ADB96}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{95812A6C-0D3C-4C72-B447-BAAA673EAF65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{68EADB22-4F2D-4B79-B173-CC79C9C3208F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{8A7E644B-3681-488C-85C6-5CF19CBFB454}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3B9D192C-4D37-4388-A710-63D8BBFD4C71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{1057B2E7-7325-468C-9394-AB08D6DBBC5D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A07944D3-B217-4E31-A190-ECF041F4DDF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{75281AAF-6639-49F5-AAEE-5386A0857752}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [UDP Query User{BEFE5CC8-DA46-4446-B4C4-ABA8602A5177}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [{80B031A7-6284-4122-86AE-DA7B9AE4C407}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{69025271-9DEF-4B8C-9BFF-9CCECD1DAB8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{831F3016-70DB-4176-A243-4AB9C12F0233}C:\program files (x86)\lan\warcraft iii(mal)\war3.exe] => (Allow) C:\program files (x86)\lan\warcraft iii(mal)\war3.exe
FirewallRules: [UDP Query User{FC6CD3D4-923E-49F9-A1CE-58628E4F3E75}C:\program files (x86)\lan\warcraft iii(mal)\war3.exe] => (Allow) C:\program files (x86)\lan\warcraft iii(mal)\war3.exe
FirewallRules: [TCP Query User{E0679817-AA04-4B40-948F-F1F5945A5B04}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1A449BA5-86E4-4AFD-91A9-486BE5FDADE8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{841C5AEA-6698-4C10-8AB6-6388BB157EA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C2181E2E-8358-487A-A0BC-0D192892C1BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1C477534-6B51-4610-AC84-049D73158AAE}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{C05F3E98-11CC-4837-9298-F85FE48769C2}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{371E56DC-E413-4327-B2E3-B032CD753678}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{208AA150-A7CF-42EF-AF83-7F9A18B671C4}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{564D2FDB-DAE8-4B79-B9FF-DB7D9C9C322A}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C5A7FC4C-B81C-4061-8720-0F021BC49B32}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [TCP Query User{46C979C8-7A00-4D32-A0A1-73F5D3A52C8A}C:\users\*****\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\*****\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [UDP Query User{507777D5-32DF-42A1-9ADF-BABD9F0F2EC8}C:\users\*****\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\*****\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [{405A91A0-DF6E-4C39-BFD7-23559884E1D9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{487EA5A9-3EB9-4D18-A396-F9205ED74AE3}C:\users\*****\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\*****\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A0275951-520D-4E1D-B89A-2BF969282D6A}C:\users\*****\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\*****\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{81E813FB-2BDE-4058-9FCC-25E2DCBAD30D}D:\programme\warcraft iii(mal)\war3.exe] => (Allow) D:\programme\warcraft iii(mal)\war3.exe
FirewallRules: [UDP Query User{3D9C7E41-A50A-4CBA-AFC7-52939FF4ACD8}D:\programme\warcraft iii(mal)\war3.exe] => (Allow) D:\programme\warcraft iii(mal)\war3.exe
FirewallRules: [TCP Query User{456A3D2C-7116-4463-913A-B2B4FF4EC1CC}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Block) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [UDP Query User{8D9835D9-4B16-45AC-9B9E-525DAD1062CE}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Block) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [TCP Query User{A67424CC-6F9C-443E-8CA1-7C9EF79C58B8}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Allow) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [UDP Query User{DFA3486C-B899-4286-8FB4-2EC32D712ECC}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Allow) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [TCP Query User{38E8B46C-9226-4761-8C4C-6B7B45C1D84F}C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe] => (Allow) C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe
FirewallRules: [UDP Query User{E4A84709-F9EB-49D2-B4C3-968F633B3698}C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe] => (Allow) C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe
FirewallRules: [TCP Query User{13E5C847-C4C0-4025-8299-BE1DB13C6F4C}C:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2C828627-80B3-4E81-A377-4FD146E5F4D2}C:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [TCP Query User{50A751AB-BEAE-4716-B8FE-D44297C9E7ED}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{BAC5E4B4-2AC4-41BB-B73D-8E3D8716E30F}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [{CE8D7331-68E7-4D4C-8900-C162E3519D2A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{A67675CF-458B-4479-A18B-1DA61C28AEBA}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{D4B6425E-B778-4646-9B1B-B4E088E976CB}C:\games\brutal nature\brutal nature.exe] => (Allow) C:\games\brutal nature\brutal nature.exe
FirewallRules: [UDP Query User{D794E8AA-F163-4114-BB1D-8DB54EE3BDB2}C:\games\brutal nature\brutal nature.exe] => (Allow) C:\games\brutal nature\brutal nature.exe
FirewallRules: [TCP Query User{9F6FED97-5280-4202-80C3-BC9EBDDB3720}C:\games\brutal nature\server.exe] => (Allow) C:\games\brutal nature\server.exe
FirewallRules: [UDP Query User{5CB568E2-9871-4423-9BCA-3F2E92F11D7C}C:\games\brutal nature\server.exe] => (Allow) C:\games\brutal nature\server.exe
FirewallRules: [{91982B92-AB7A-4543-A3F5-144F0095FD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{B8B5718E-ECB2-4AC5-A9AA-AEACEBE5D906}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{2A1932D0-A437-4DEC-BA82-3678E42C8F3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C01BBD9B-47E4-4841-82D8-94B1DC899E08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{EF4B69DB-E942-46A9-A199-9AF5991A53F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [{E5F78EF7-DBC7-4C81-981A-99E7623EFE08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [TCP Query User{6EBE1A51-99E3-4561-9677-6069132A27EE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2AC88B9C-F357-4B98-A197-6D7E0749D654}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{43D7C61B-E635-4C1F-88CF-8BDCACD8EDF2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F12CC767-7189-4351-BF43-35A494F3FF53}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CD639FDC-36BD-437C-869A-BA5C83B66F35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings\Crusaders.exe
FirewallRules: [{42FBEA24-3C1B-4F27-B52E-1A8617D8027E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings\Crusaders.exe
FirewallRules: [{43EA244B-ED05-4112-9BFA-27F9EE8906A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C3664441-8E25-40DB-844A-680FA9A8CAC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C23B6E91-7E10-4126-962C-3B5BB52905AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{5C72F6D1-08AF-4CC0-B32C-E305736B98B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{1739A3CF-C640-4429-8F08-92080C1E1118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For The Glory\FTG.exe
FirewallRules: [{81FAA714-85E6-4EA9-A6E5-9A01BA2060C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For The Glory\FTG.exe
FirewallRules: [{C4F2885F-1F9F-4D4F-A953-29E862620F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{DB80D8CA-5ED5-456C-88EF-C2D87A20F3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{ACA6223D-256C-43E6-8CF5-4620E9F7418C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52365657

Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52365657

Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19735

Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19735

Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18391

Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18391

Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/28/2015 10:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17079


Systemfehler:
=============
Error: (09/29/2015 05:03:33 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (09/24/2015 08:28:23 AM) (Source: DCOM) (EventID: 10010) (User: X75V)
Description: {5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (09/24/2015 07:43:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/23/2015 10:33:44 PM) (Source: volsnap) (EventID: 29) (User: )
Description: Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error: (09/24/2015 07:42:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎09.‎2015 um 21:09:06 unerwartet heruntergefahren.

Error: (09/22/2015 07:33:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/22/2015 07:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (09/22/2015 07:29:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/22/2015 07:29:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/22/2015 07:28:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎09.‎2015 um 18:52:44 unerwartet heruntergefahren.


CodeIntegrity:
===================================
  Date: 2014-08-23 23:06:17.807
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-23 23:06:17.461
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-19 17:24:27.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-19 17:24:27.415
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-08 09:31:35.200
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{A205656D-699F-4A4A-89AE-AE9DCA026565}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-08 09:31:32.427
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D251598-9F2B-415C-9A5F-FED204F376AF}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-29 15:11:07.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-29 15:10:56.182
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-29 15:03:50.276
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-29 15:03:13.624
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3979.71 MB
Verfügbarer physikalischer RAM: 2126.46 MB
Summe virtueller Speicher: 5946.79 MB
Verfügbarer virtueller Speicher: 3536.48 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:146.48 GB) (Free:34.79 GB) NTFS
Drive d: () (Fixed) (Total:97.65 GB) (Free:80.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 944CB54D)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Gmer:

Gmer.log
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-29 18:07:42
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545050A7E380 rev.GG2OA6C0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\*****\AppData\Local\Temp\pxldipob.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                     fffff9600024b300 15 bytes [00, 0B, F2, 01, 00, 06, 6C, ...]
.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                fffff9600024b310 8 bytes [00, D7, FB, FF, 00, D3, CD, ...]

---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation          00007ff9dd393e10 7 bytes JMP 00007ffadaa602d0
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW                 00007ff9dd393e20 7 bytes JMP 00007ffadaa60308
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW                   00007ff9dd4439b0 7 bytes JMP 00007ffadaa603b0
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW                  00007ff9dd443ef0 7 bytes JMP 00007ffadaa60340
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA                   00007ff9dd443fe0 7 bytes JMP 00007ffadaa60378
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx          00007ff9dd4706c0 7 bytes JMP 00007ffadaa60228
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW            00007ff9dd470730 7 bytes JMP 00007ffadaa60298
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW          00007ff9dd470760 7 bytes JMP 00007ffadaa60260
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary                    00007ff9daa721d0 5 bytes JMP 00007ffadaa60180
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW               00007ff9daa729d0 7 bytes JMP 00007ffadaa600d8
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW             00007ff9daa74310 5 bytes JMP 00007ffadaa60110
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW                 00007ff9daa78d80 5 bytes JMP 00007ffadaa60148
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!CreateWindowExW                    00007ff9db116d90 10 bytes JMP 00007ffadaa60490
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW                00007ff9db1274a0 5 bytes JMP 00007ffadaa60458
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo         00007ff9db127560 1 byte JMP 00007ffadaa603e8
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2     00007ff9db127562 7 bytes {JMP 0xffffffffff938e88}
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA                00007ff9db136b10 5 bytes JMP 00007ffadaa60420
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList            00007ff9dd4d1500 8 bytes JMP 00007ffadaa601b8
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo              00007ff9dd4d1750 8 bytes JMP 00007ffadaa601f0
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory                    00007ff9d8547750 5 bytes JMP 00007ffad85300d8
.text   C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1                   00007ff9d8548ee0 5 bytes JMP 00007ffad8530110

---- Threads - GMER 2.1 ----

Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2012]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2016]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2020]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2024]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2028]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2032]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2036]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2040]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2044]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:852]   0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1164]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1172]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1096]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2360]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2364]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2368]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2376]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2380]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2388]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2392]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2476]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2512]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2516]  0000000076f94a00
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5132]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:6084]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2548]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2640]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:6076]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2784]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1180]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5520]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3448]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3696]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3404]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3472]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1276]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2920]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:824]   0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:4520]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2528]  0000000073b029e1
Thread  c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5172]  0000000073b029e1
Thread  C:\WINDOWS\system32\csrss.exe [4256:3664]                                                           fffff9600097e2d0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                   -1568708270
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                  0x64 0x62 0x03 0x00 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                              0x64 0x62 0x03 0x00 ...

---- EOF - GMER 2.1 ----
         
Ich danke schon mal im Vorraus für alle Antworten,
MFG CrshdBounty

Alt 29.09.2015, 18:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 30.09.2015, 20:47   #3
CrshdBounty
 
Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



Erst einmal vielen Dank für die schnelle Antwort. Im weiteren sind die Logs gesammelt. Ich habe sie nicht in eine Antwort packen können also kommen sie in zwei.

Mbar: (Hat etwas gefunden und sich darum gekümmert.)

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.30.05
  rootkit: v2015.09.22.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
***** :: X75V [administrator]

30.09.2015 15:49:24
mbar-log-2015-09-30 (15-49-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 438205
Time elapsed: 1 hour(s), 24 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWRUN|1 (Security.Hijack) -> Data: firefox.exe -> Delete on reboot. [43cacf67c7c4ed49607a7450fe059c64]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller: (Hat bei beiden Durchläufen nichts gefunden.)

1.Log:
Code:
ATTFilter
19:52:20.0282 0x1720  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:54:29.0535 0x1720  ============================================================
19:54:29.0535 0x1720  Current date / time: 2015/09/30 19:54:29.0535
19:54:29.0535 0x1720  SystemInfo:
19:54:29.0535 0x1720  
19:54:29.0535 0x1720  OS Version: 6.3.9600 ServicePack: 0.0
19:54:29.0535 0x1720  Product type: Workstation
19:54:29.0535 0x1720  ComputerName: X75V
19:54:29.0535 0x1720  UserName: *****
19:54:29.0535 0x1720  Windows directory: C:\WINDOWS
19:54:29.0535 0x1720  System windows directory: C:\WINDOWS
19:54:29.0535 0x1720  Running under WOW64
19:54:29.0535 0x1720  Processor architecture: Intel x64
19:54:29.0535 0x1720  Number of processors: 4
19:54:29.0535 0x1720  Page size: 0x1000
19:54:29.0535 0x1720  Boot type: Normal boot
19:54:29.0535 0x1720  ============================================================
19:54:30.0754 0x1720  KLMD registered as C:\WINDOWS\system32\drivers\05801360.sys
19:54:31.0973 0x1720  System UUID: {D12FAD76-92E2-D2A8-BF8A-B6A7A275F8A9}
19:54:34.0926 0x1720  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:34.0958 0x1720  ============================================================
19:54:34.0958 0x1720  \Device\Harddisk0\DR0:
19:54:34.0958 0x1720  MBR partitions:
19:54:34.0958 0x1720  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
19:54:34.0958 0x1720  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F800, BlocksNum 0x124F8000
19:54:34.0958 0x1720  ============================================================
19:54:35.0036 0x1720  C: <-> \Device\Harddisk0\DR0\Partition2
19:54:35.0067 0x1720  D: <-> \Device\Harddisk0\DR0\Partition1
19:54:35.0067 0x1720  ============================================================
19:54:35.0067 0x1720  Initialize success
19:54:35.0067 0x1720  ============================================================
19:55:21.0825 0x0e54  ============================================================
19:55:21.0825 0x0e54  Scan started
19:55:21.0825 0x0e54  Mode: Manual; SigCheck; TDLFS; 
19:55:21.0825 0x0e54  ============================================================
19:55:21.0825 0x0e54  KSN ping started
19:55:24.0509 0x0e54  KSN ping finished: true
19:55:27.0254 0x0e54  ================ Scan system memory ========================
19:55:27.0254 0x0e54  System memory - ok
19:55:27.0254 0x0e54  ================ Scan services =============================
19:55:27.0457 0x0e54  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:55:27.0723 0x0e54  1394ohci - ok
19:55:27.0769 0x0e54  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:55:27.0816 0x0e54  3ware - ok
19:55:27.0910 0x0e54  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:55:27.0988 0x0e54  ACPI - ok
19:55:28.0019 0x0e54  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:55:28.0066 0x0e54  acpiex - ok
19:55:28.0082 0x0e54  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:55:28.0129 0x0e54  acpipagr - ok
19:55:28.0160 0x0e54  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:55:28.0285 0x0e54  AcpiPmi - ok
19:55:28.0332 0x0e54  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:55:28.0379 0x0e54  acpitime - ok
19:55:28.0504 0x0e54  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:55:28.0519 0x0e54  AdobeARMservice - ok
19:55:28.0645 0x0e54  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:55:28.0676 0x0e54  AdobeFlashPlayerUpdateSvc - ok
19:55:28.0785 0x0e54  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:55:28.0895 0x0e54  ADP80XX - ok
19:55:28.0942 0x0e54  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
19:55:29.0113 0x0e54  AeLookupSvc - ok
19:55:29.0191 0x0e54  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:55:29.0473 0x0e54  AFD - ok
19:55:29.0504 0x0e54  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:55:29.0535 0x0e54  agp440 - ok
19:55:29.0582 0x0e54  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:55:29.0676 0x0e54  ahcache - ok
19:55:29.0723 0x0e54  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
19:55:29.0848 0x0e54  ALG - ok
19:55:29.0863 0x0e54  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:55:29.0973 0x0e54  AmdK8 - ok
19:55:30.0020 0x0e54  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:55:30.0082 0x0e54  AmdPPM - ok
19:55:30.0114 0x0e54  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:55:30.0145 0x0e54  amdsata - ok
19:55:30.0207 0x0e54  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:55:30.0317 0x0e54  amdsbs - ok
19:55:30.0332 0x0e54  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:55:30.0364 0x0e54  amdxata - ok
19:55:30.0504 0x0e54  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
19:55:30.0660 0x0e54  AntiVirMailService - ok
19:55:30.0739 0x0e54  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:55:30.0817 0x0e54  AntiVirSchedulerService - ok
19:55:30.0879 0x0e54  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:55:30.0942 0x0e54  AntiVirService - ok
19:55:31.0067 0x0e54  [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
19:55:31.0176 0x0e54  AntiVirWebService - ok
19:55:31.0239 0x0e54  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:55:31.0395 0x0e54  AppID - ok
19:55:31.0410 0x0e54  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:55:31.0473 0x0e54  AppIDSvc - ok
19:55:31.0504 0x0e54  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:55:31.0629 0x0e54  Appinfo - ok
19:55:31.0754 0x0e54  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:55:31.0770 0x0e54  Apple Mobile Device Service - ok
19:55:31.0864 0x0e54  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:55:32.0004 0x0e54  AppReadiness - ok
19:55:32.0161 0x0e54  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:55:32.0379 0x0e54  AppXSvc - ok
19:55:32.0442 0x0e54  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:55:32.0489 0x0e54  arcsas - ok
19:55:32.0520 0x0e54  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:55:32.0536 0x0e54  atapi - ok
19:55:32.0848 0x0e54  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
19:55:33.0281 0x0e54  athr - ok
19:55:33.0343 0x0e54  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:55:33.0468 0x0e54  AudioEndpointBuilder - ok
19:55:33.0562 0x0e54  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:55:33.0671 0x0e54  Audiosrv - ok
19:55:33.0734 0x0e54  [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:55:33.0782 0x0e54  avgntflt - ok
19:55:33.0826 0x0e54  [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:55:33.0861 0x0e54  avipbb - ok
19:55:33.0913 0x0e54  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
19:55:33.0959 0x0e54  Avira.OE.ServiceHost - ok
19:55:33.0991 0x0e54  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:55:34.0022 0x0e54  avkmgr - ok
19:55:34.0069 0x0e54  [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
19:55:34.0106 0x0e54  avnetflt - ok
19:55:34.0153 0x0e54  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:55:34.0271 0x0e54  AxInstSV - ok
19:55:34.0353 0x0e54  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:55:34.0424 0x0e54  b06bdrv - ok
19:55:34.0456 0x0e54  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:55:34.0556 0x0e54  BasicDisplay - ok
19:55:34.0618 0x0e54  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:55:34.0774 0x0e54  BasicRender - ok
19:55:34.0817 0x0e54  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:55:34.0837 0x0e54  bcmfn2 - ok
19:55:34.0902 0x0e54  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:55:35.0045 0x0e54  BDESVC - ok
19:55:35.0090 0x0e54  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:55:35.0183 0x0e54  Beep - ok
19:55:35.0308 0x0e54  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
19:55:35.0465 0x0e54  BFE - ok
19:55:35.0574 0x0e54  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
19:55:35.0730 0x0e54  BITS - ok
19:55:35.0808 0x0e54  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:55:35.0871 0x0e54  Bonjour Service - ok
19:55:35.0886 0x0e54  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:55:35.0980 0x0e54  bowser - ok
19:55:36.0027 0x0e54  BRDriver64_1_3_3_E02B25FC - ok
19:55:36.0090 0x0e54  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:55:36.0261 0x0e54  BrokerInfrastructure - ok
19:55:36.0308 0x0e54  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
19:55:36.0418 0x0e54  Browser - ok
19:55:36.0433 0x0e54  BTCFilterService - ok
19:55:36.0480 0x0e54  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:55:36.0527 0x0e54  BthAvrcpTg - ok
19:55:36.0574 0x0e54  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:55:36.0652 0x0e54  BthHFEnum - ok
19:55:36.0715 0x0e54  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:55:36.0762 0x0e54  bthhfhid - ok
19:55:36.0809 0x0e54  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:55:36.0934 0x0e54  BthHFSrv - ok
19:55:36.0980 0x0e54  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:55:37.0027 0x0e54  BTHMODEM - ok
19:55:37.0090 0x0e54  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:55:37.0199 0x0e54  bthserv - ok
19:55:37.0246 0x0e54  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:55:37.0355 0x0e54  cdfs - ok
19:55:37.0387 0x0e54  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:55:37.0418 0x0e54  cdrom - ok
19:55:37.0480 0x0e54  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:55:37.0574 0x0e54  CertPropSvc - ok
19:55:37.0621 0x0e54  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:55:37.0668 0x0e54  circlass - ok
19:55:37.0730 0x0e54  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:55:37.0858 0x0e54  CLFS - ok
19:55:38.0015 0x0e54  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:55:38.0128 0x0e54  CmBatt - ok
19:55:38.0206 0x0e54  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:55:38.0284 0x0e54  CNG - ok
19:55:38.0346 0x0e54  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
19:55:38.0405 0x0e54  CompositeBus - ok
19:55:38.0414 0x0e54  COMSysApp - ok
19:55:38.0450 0x0e54  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:55:38.0533 0x0e54  condrv - ok
19:55:38.0643 0x0e54  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:55:38.0689 0x0e54  cphs - ok
19:55:38.0732 0x0e54  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:55:38.0872 0x0e54  CryptSvc - ok
19:55:38.0904 0x0e54  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:55:38.0935 0x0e54  dam - ok
19:55:39.0055 0x0e54  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:55:39.0229 0x0e54  DcomLaunch - ok
19:55:39.0310 0x0e54  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:55:39.0438 0x0e54  defragsvc - ok
19:55:39.0501 0x0e54  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:55:39.0596 0x0e54  DeviceAssociationService - ok
19:55:39.0643 0x0e54  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:55:39.0721 0x0e54  DeviceInstall - ok
19:55:39.0768 0x0e54  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:55:39.0893 0x0e54  Dfsc - ok
19:55:39.0924 0x0e54  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:55:39.0955 0x0e54  dg_ssudbus - ok
19:55:40.0034 0x0e54  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:55:40.0182 0x0e54  Dhcp - ok
19:55:40.0354 0x0e54  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:55:40.0675 0x0e54  DiagTrack - ok
19:55:40.0736 0x0e54  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:55:40.0774 0x0e54  disk - ok
19:55:40.0800 0x0e54  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:55:40.0900 0x0e54  dmvsc - ok
19:55:40.0963 0x0e54  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:55:41.0036 0x0e54  Dnscache - ok
19:55:41.0083 0x0e54  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:55:41.0209 0x0e54  dot3svc - ok
19:55:41.0273 0x0e54  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
19:55:41.0355 0x0e54  DPS - ok
19:55:41.0407 0x0e54  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:55:41.0444 0x0e54  drmkaud - ok
19:55:41.0503 0x0e54  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:55:41.0577 0x0e54  DsmSvc - ok
19:55:41.0751 0x0e54  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:55:41.0920 0x0e54  DXGKrnl - ok
19:55:42.0024 0x0e54  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:55:42.0144 0x0e54  Eaphost - ok
19:55:42.0154 0x0e54  EasyAntiCheat - ok
19:55:42.0473 0x0e54  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:55:43.0048 0x0e54  ebdrv - ok
19:55:43.0101 0x0e54  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
19:55:43.0146 0x0e54  EFS - ok
19:55:43.0190 0x0e54  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:55:43.0233 0x0e54  EhStorClass - ok
19:55:43.0271 0x0e54  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:55:43.0323 0x0e54  EhStorTcgDrv - ok
19:55:43.0351 0x0e54  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:55:43.0406 0x0e54  ErrDev - ok
19:55:43.0480 0x0e54  esgiguard - ok
19:55:43.0579 0x0e54  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
19:55:43.0883 0x0e54  EventSystem - ok
19:55:43.0948 0x0e54  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:55:44.0106 0x0e54  exfat - ok
19:55:44.0166 0x0e54  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:55:44.0209 0x0e54  fastfat - ok
19:55:44.0295 0x0e54  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:55:44.0452 0x0e54  Fax - ok
19:55:44.0480 0x0e54  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:55:44.0534 0x0e54  fdc - ok
19:55:44.0567 0x0e54  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:55:44.0666 0x0e54  fdPHost - ok
19:55:44.0711 0x0e54  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:55:44.0768 0x0e54  FDResPub - ok
19:55:44.0816 0x0e54  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:55:45.0093 0x0e54  fhsvc - ok
19:55:45.0181 0x0e54  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:55:45.0249 0x0e54  FileInfo - ok
19:55:45.0326 0x0e54  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:55:45.0485 0x0e54  Filetrace - ok
19:55:45.0522 0x0e54  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:55:45.0585 0x0e54  flpydisk - ok
19:55:45.0679 0x0e54  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:55:45.0758 0x0e54  FltMgr - ok
19:55:45.0939 0x0e54  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:55:46.0270 0x0e54  FontCache - ok
19:55:46.0569 0x0e54  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:46.0609 0x0e54  FontCache3.0.0.0 - ok
19:55:46.0691 0x0e54  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:55:46.0730 0x0e54  FsDepends - ok
19:55:46.0827 0x0e54  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:55:46.0873 0x0e54  Fs_Rec - ok
19:55:47.0034 0x0e54  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:55:47.0115 0x0e54  fvevol - ok
19:55:47.0174 0x0e54  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
19:55:47.0242 0x0e54  FxPPM - ok
19:55:47.0274 0x0e54  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:55:47.0309 0x0e54  gagp30kx - ok
19:55:47.0360 0x0e54  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:55:47.0382 0x0e54  GEARAspiWDM - ok
19:55:47.0433 0x0e54  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:55:47.0489 0x0e54  gencounter - ok
19:55:47.0557 0x0e54  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:55:47.0599 0x0e54  GPIOClx0101 - ok
19:55:47.0807 0x0e54  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:55:48.0052 0x0e54  gpsvc - ok
19:55:48.0158 0x0e54  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:48.0189 0x0e54  gupdate - ok
19:55:48.0207 0x0e54  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:48.0242 0x0e54  gupdatem - ok
19:55:48.0324 0x0e54  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
19:55:48.0427 0x0e54  HdAudAddService - ok
19:55:48.0469 0x0e54  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:55:48.0594 0x0e54  HDAudBus - ok
19:55:48.0645 0x0e54  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:55:48.0699 0x0e54  HidBatt - ok
19:55:48.0747 0x0e54  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:55:48.0956 0x0e54  HidBth - ok
19:55:49.0011 0x0e54  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:55:49.0091 0x0e54  hidi2c - ok
19:55:49.0133 0x0e54  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:55:49.0175 0x0e54  HidIr - ok
19:55:49.0223 0x0e54  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:55:49.0320 0x0e54  hidserv - ok
19:55:49.0372 0x0e54  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
19:55:49.0400 0x0e54  HIDSwitch - ok
19:55:49.0441 0x0e54  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:55:49.0592 0x0e54  HidUsb - ok
19:55:49.0648 0x0e54  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
19:55:49.0779 0x0e54  hkmsvc - ok
19:55:49.0855 0x0e54  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:55:50.0010 0x0e54  HomeGroupListener - ok
19:55:50.0120 0x0e54  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:55:50.0225 0x0e54  HomeGroupProvider - ok
19:55:50.0304 0x0e54  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:55:50.0388 0x0e54  HpSAMD - ok
19:55:50.0628 0x0e54  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:55:50.0928 0x0e54  HTTP - ok
19:55:50.0979 0x0e54  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:55:51.0030 0x0e54  hwpolicy - ok
19:55:51.0062 0x0e54  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:55:51.0263 0x0e54  hyperkbd - ok
19:55:51.0369 0x0e54  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:55:51.0468 0x0e54  HyperVideo - ok
19:55:51.0563 0x0e54  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:55:51.0829 0x0e54  i8042prt - ok
19:55:51.0880 0x0e54  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:55:51.0903 0x0e54  iaLPSSi_GPIO - ok
19:55:51.0927 0x0e54  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:55:51.0958 0x0e54  iaLPSSi_I2C - ok
19:55:52.0061 0x0e54  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:55:52.0142 0x0e54  iaStorAV - ok
19:55:52.0215 0x0e54  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:55:52.0320 0x0e54  iaStorV - ok
19:55:52.0332 0x0e54  IEEtwCollectorService - ok
19:55:52.0829 0x0e54  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:55:53.0409 0x0e54  igfx - ok
19:55:53.0650 0x0e54  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:55:53.0869 0x0e54  IKEEXT - ok
19:55:53.0952 0x0e54  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:55:54.0035 0x0e54  intelide - ok
19:55:54.0118 0x0e54  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:55:54.0173 0x0e54  intelpep - ok
19:55:54.0256 0x0e54  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:55:54.0346 0x0e54  intelppm - ok
19:55:54.0399 0x0e54  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:55:54.0593 0x0e54  IpFilterDriver - ok
19:55:54.0785 0x0e54  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:55:54.0990 0x0e54  iphlpsvc - ok
19:55:55.0114 0x0e54  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:55:55.0500 0x0e54  IPMIDRV - ok
19:55:55.0556 0x0e54  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:55:55.0691 0x0e54  IPNAT - ok
19:55:55.0777 0x0e54  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:55:55.0868 0x0e54  iPod Service - ok
19:55:55.0909 0x0e54  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:55:55.0983 0x0e54  IRENUM - ok
19:55:56.0031 0x0e54  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:55:56.0054 0x0e54  isapnp - ok
19:55:56.0124 0x0e54  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:55:56.0175 0x0e54  iScsiPrt - ok
19:55:56.0207 0x0e54  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:55:56.0243 0x0e54  kbdclass - ok
19:55:56.0296 0x0e54  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:55:56.0327 0x0e54  kbdhid - ok
19:55:56.0372 0x0e54  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:55:56.0503 0x0e54  kdnic - ok
19:55:56.0523 0x0e54  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:55:56.0560 0x0e54  KeyIso - ok
19:55:56.0615 0x0e54  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:55:56.0650 0x0e54  KSecDD - ok
19:55:56.0703 0x0e54  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:55:56.0746 0x0e54  KSecPkg - ok
19:55:56.0843 0x0e54  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:55:56.0934 0x0e54  ksthunk - ok
19:55:57.0078 0x0e54  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:55:57.0143 0x0e54  KtmRm - ok
19:55:57.0195 0x0e54  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
19:55:57.0222 0x0e54  L1C - ok
19:55:57.0291 0x0e54  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:55:57.0391 0x0e54  LanmanServer - ok
19:55:57.0454 0x0e54  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:55:57.0508 0x0e54  LanmanWorkstation - ok
19:55:57.0589 0x0e54  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
19:55:57.0720 0x0e54  lfsvc - ok
19:55:57.0770 0x0e54  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:55:57.0812 0x0e54  lltdio - ok
19:55:57.0858 0x0e54  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:55:57.0925 0x0e54  lltdsvc - ok
19:55:57.0963 0x0e54  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:55:58.0065 0x0e54  lmhosts - ok
19:55:58.0114 0x0e54  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:55:58.0141 0x0e54  LSI_SAS - ok
19:55:58.0163 0x0e54  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:55:58.0188 0x0e54  LSI_SAS2 - ok
19:55:58.0205 0x0e54  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:55:58.0232 0x0e54  LSI_SAS3 - ok
19:55:58.0249 0x0e54  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:55:58.0270 0x0e54  LSI_SSS - ok
19:55:58.0345 0x0e54  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
19:55:58.0543 0x0e54  LSM - ok
19:55:58.0592 0x0e54  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:55:58.0743 0x0e54  luafv - ok
19:55:58.0789 0x0e54  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:55:58.0836 0x0e54  megasas - ok
19:55:58.0913 0x0e54  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:55:59.0000 0x0e54  megasr - ok
19:55:59.0045 0x0e54  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:55:59.0070 0x0e54  MEIx64 - ok
19:55:59.0118 0x0e54  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
19:55:59.0206 0x0e54  MMCSS - ok
19:55:59.0262 0x0e54  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:55:59.0317 0x0e54  Modem - ok
19:55:59.0358 0x0e54  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:55:59.0538 0x0e54  monitor - ok
19:55:59.0549 0x0e54  motccgp - ok
19:55:59.0563 0x0e54  motccgpfl - ok
19:55:59.0573 0x0e54  motmodem - ok
19:55:59.0586 0x0e54  MotoSwitchService - ok
19:55:59.0598 0x0e54  Motousbnet - ok
19:55:59.0609 0x0e54  motusbdevice - ok
19:55:59.0646 0x0e54  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:55:59.0682 0x0e54  mouclass - ok
19:55:59.0758 0x0e54  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:55:59.0834 0x0e54  mouhid - ok
19:55:59.0901 0x0e54  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:55:59.0940 0x0e54  mountmgr - ok
19:55:59.0995 0x0e54  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:00.0040 0x0e54  MozillaMaintenance - ok
19:56:00.0098 0x0e54  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:56:00.0218 0x0e54  mpsdrv - ok
19:56:00.0346 0x0e54  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:56:00.0468 0x0e54  MpsSvc - ok
19:56:00.0521 0x0e54  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:56:00.0593 0x0e54  MRxDAV - ok
19:56:00.0670 0x0e54  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:56:00.0844 0x0e54  mrxsmb - ok
19:56:00.0915 0x0e54  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:56:01.0026 0x0e54  mrxsmb10 - ok
19:56:01.0060 0x0e54  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:56:01.0124 0x0e54  mrxsmb20 - ok
19:56:01.0194 0x0e54  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
19:56:01.0246 0x0e54  MsBridge - ok
19:56:01.0305 0x0e54  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:56:01.0351 0x0e54  MSDTC - ok
19:56:01.0405 0x0e54  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:56:01.0453 0x0e54  Msfs - ok
19:56:01.0492 0x0e54  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:56:01.0526 0x0e54  msgpiowin32 - ok
19:56:01.0549 0x0e54  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:56:01.0595 0x0e54  mshidkmdf - ok
19:56:01.0625 0x0e54  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:56:01.0674 0x0e54  mshidumdf - ok
19:56:01.0714 0x0e54  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:56:01.0744 0x0e54  msisadrv - ok
19:56:01.0796 0x0e54  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:56:01.0863 0x0e54  MSiSCSI - ok
19:56:01.0872 0x0e54  msiserver - ok
19:56:01.0916 0x0e54  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:56:01.0971 0x0e54  MSKSSRV - ok
19:56:02.0020 0x0e54  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:56:02.0106 0x0e54  MsLldp - ok
19:56:02.0122 0x0e54  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:56:02.0175 0x0e54  MSPCLOCK - ok
19:56:02.0208 0x0e54  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:56:02.0258 0x0e54  MSPQM - ok
19:56:02.0307 0x0e54  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:56:02.0379 0x0e54  MsRPC - ok
19:56:02.0444 0x0e54  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:56:02.0475 0x0e54  mssmbios - ok
19:56:02.0544 0x0e54  MSSQL$SQLEXPRESS - ok
19:56:02.0625 0x0e54  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:56:02.0652 0x0e54  MSSQLServerADHelper100 - ok
19:56:02.0668 0x0e54  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:56:02.0718 0x0e54  MSTEE - ok
19:56:03.0129 0x0e54  [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:56:03.0577 0x0e54  msvsmon90 - ok
19:56:03.0616 0x0e54  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:56:03.0647 0x0e54  MTConfig - ok
19:56:03.0669 0x0e54  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:56:03.0703 0x0e54  Mup - ok
19:56:03.0745 0x0e54  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:56:03.0780 0x0e54  mvumis - ok
19:56:03.0887 0x0e54  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
19:56:03.0971 0x0e54  napagent - ok
19:56:04.0037 0x0e54  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:56:04.0157 0x0e54  NativeWifiP - ok
19:56:04.0217 0x0e54  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:56:04.0305 0x0e54  NcaSvc - ok
19:56:04.0360 0x0e54  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:56:04.0466 0x0e54  NcbService - ok
19:56:04.0521 0x0e54  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:56:04.0645 0x0e54  NcdAutoSetup - ok
19:56:04.0780 0x0e54  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:56:04.0920 0x0e54  NDIS - ok
19:56:04.0973 0x0e54  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:56:05.0022 0x0e54  NdisCap - ok
19:56:05.0064 0x0e54  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:56:05.0155 0x0e54  NdisImPlatform - ok
19:56:05.0201 0x0e54  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:56:05.0325 0x0e54  NdisTapi - ok
19:56:05.0392 0x0e54  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:56:05.0502 0x0e54  Ndisuio - ok
19:56:05.0534 0x0e54  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:56:05.0610 0x0e54  NdisVirtualBus - ok
19:56:05.0653 0x0e54  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:05.0710 0x0e54  NdisWan - ok
19:56:05.0737 0x0e54  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:05.0800 0x0e54  NdisWanLegacy - ok
19:56:05.0850 0x0e54  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:56:05.0903 0x0e54  NDProxy - ok
19:56:05.0955 0x0e54  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:56:06.0079 0x0e54  Ndu - ok
19:56:06.0123 0x0e54  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:56:06.0176 0x0e54  NetBIOS - ok
19:56:06.0230 0x0e54  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:56:06.0339 0x0e54  NetBT - ok
19:56:06.0357 0x0e54  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:56:06.0393 0x0e54  Netlogon - ok
19:56:06.0448 0x0e54  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
19:56:06.0505 0x0e54  Netman - ok
19:56:06.0620 0x0e54  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:56:06.0707 0x0e54  netprofm - ok
19:56:06.0790 0x0e54  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:06.0831 0x0e54  NetTcpPortSharing - ok
19:56:06.0884 0x0e54  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
19:56:07.0009 0x0e54  netvsc - ok
19:56:07.0062 0x0e54  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:56:07.0168 0x0e54  NlaSvc - ok
19:56:07.0217 0x0e54  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:56:07.0271 0x0e54  Npfs - ok
19:56:07.0313 0x0e54  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:56:07.0397 0x0e54  npsvctrig - ok
19:56:07.0436 0x0e54  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:56:07.0498 0x0e54  nsi - ok
19:56:07.0543 0x0e54  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:56:07.0595 0x0e54  nsiproxy - ok
19:56:07.0801 0x0e54  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:56:08.0034 0x0e54  Ntfs - ok
19:56:08.0154 0x0e54  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:56:08.0204 0x0e54  Null - ok
19:56:09.0292 0x0e54  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:56:10.0277 0x0e54  nvlddmkm - ok
19:56:10.0414 0x0e54  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
19:56:10.0438 0x0e54  nvpciflt - ok
19:56:10.0577 0x0e54  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:56:10.0618 0x0e54  nvraid - ok
19:56:10.0649 0x0e54  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:56:10.0696 0x0e54  nvstor - ok
19:56:10.0804 0x0e54  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
19:56:10.0899 0x0e54  nvsvc - ok
19:56:11.0063 0x0e54  [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:56:11.0181 0x0e54  nvUpdatusService - ok
19:56:11.0216 0x0e54  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:56:11.0255 0x0e54  nv_agp - ok
19:56:11.0326 0x0e54  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:56:11.0445 0x0e54  p2pimsvc - ok
19:56:11.0529 0x0e54  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:56:11.0625 0x0e54  p2psvc - ok
19:56:11.0658 0x0e54  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:56:11.0696 0x0e54  Parport - ok
19:56:11.0750 0x0e54  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:56:11.0788 0x0e54  partmgr - ok
19:56:11.0869 0x0e54  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:56:11.0958 0x0e54  PcaSvc - ok
19:56:12.0023 0x0e54  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:56:12.0078 0x0e54  pci - ok
19:56:12.0119 0x0e54  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:56:12.0147 0x0e54  pciide - ok
19:56:12.0180 0x0e54  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:56:12.0220 0x0e54  pcmcia - ok
19:56:12.0259 0x0e54  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:56:12.0292 0x0e54  pcw - ok
19:56:12.0336 0x0e54  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:56:12.0382 0x0e54  pdc - ok
19:56:12.0521 0x0e54  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:56:12.0687 0x0e54  PEAUTH - ok
19:56:12.0861 0x0e54  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:56:12.0974 0x0e54  PerfHost - ok
19:56:13.0222 0x0e54  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
19:56:13.0385 0x0e54  pla - ok
19:56:13.0441 0x0e54  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:56:13.0483 0x0e54  PlugPlay - ok
19:56:13.0529 0x0e54  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:56:13.0586 0x0e54  PNRPAutoReg - ok
19:56:13.0636 0x0e54  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:56:13.0702 0x0e54  PNRPsvc - ok
19:56:13.0772 0x0e54  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:56:13.0841 0x0e54  PolicyAgent - ok
19:56:13.0892 0x0e54  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
19:56:14.0010 0x0e54  Power - ok
19:56:14.0312 0x0e54  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:56:14.0702 0x0e54  PrintNotify - ok
19:56:14.0784 0x0e54  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:56:14.0855 0x0e54  Processor - ok
19:56:14.0930 0x0e54  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:56:15.0075 0x0e54  ProfSvc - ok
19:56:15.0127 0x0e54  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
19:56:15.0168 0x0e54  Psched - ok
19:56:15.0240 0x0e54  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:56:15.0312 0x0e54  QWAVE - ok
19:56:15.0368 0x0e54  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:56:15.0418 0x0e54  QWAVEdrv - ok
19:56:15.0450 0x0e54  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:56:15.0495 0x0e54  RasAcd - ok
19:56:15.0543 0x0e54  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:56:15.0605 0x0e54  RasAuto - ok
19:56:15.0706 0x0e54  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:56:15.0798 0x0e54  RasMan - ok
19:56:15.0841 0x0e54  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:56:15.0897 0x0e54  RasPppoe - ok
19:56:15.0966 0x0e54  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:56:16.0178 0x0e54  rdbss - ok
19:56:16.0236 0x0e54  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:56:16.0319 0x0e54  rdpbus - ok
19:56:16.0351 0x0e54  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:56:16.0432 0x0e54  RDPDR - ok
19:56:16.0492 0x0e54  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:56:16.0523 0x0e54  RdpVideoMiniport - ok
19:56:16.0586 0x0e54  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:56:16.0639 0x0e54  rdyboost - ok
19:56:16.0737 0x0e54  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:56:16.0857 0x0e54  ReFS - ok
19:56:16.0917 0x0e54  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:56:16.0967 0x0e54  RemoteAccess - ok
19:56:17.0021 0x0e54  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:56:17.0115 0x0e54  RemoteRegistry - ok
19:56:17.0166 0x0e54  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:56:17.0221 0x0e54  RpcEptMapper - ok
19:56:17.0265 0x0e54  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:56:17.0372 0x0e54  RpcLocator - ok
19:56:17.0479 0x0e54  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:56:17.0577 0x0e54  RpcSs - ok
19:56:17.0624 0x0e54  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:56:17.0685 0x0e54  rspndr - ok
19:56:17.0712 0x0e54  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:56:17.0761 0x0e54  s3cap - ok
19:56:17.0801 0x0e54  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
19:56:17.0838 0x0e54  SamSs - ok
19:56:17.0887 0x0e54  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:56:17.0928 0x0e54  sbp2port - ok
19:56:17.0995 0x0e54  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:56:18.0067 0x0e54  SCardSvr - ok
19:56:18.0113 0x0e54  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:56:18.0176 0x0e54  ScDeviceEnum - ok
19:56:18.0226 0x0e54  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:56:18.0260 0x0e54  scfilter - ok
19:56:18.0396 0x0e54  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:56:18.0577 0x0e54  Schedule - ok
19:56:18.0630 0x0e54  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:56:18.0747 0x0e54  SCPolicySvc - ok
19:56:18.0815 0x0e54  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:56:18.0865 0x0e54  sdbus - ok
19:56:18.0919 0x0e54  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:56:18.0954 0x0e54  sdstor - ok
19:56:19.0015 0x0e54  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:56:19.0073 0x0e54  seclogon - ok
19:56:19.0117 0x0e54  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
19:56:19.0165 0x0e54  SENS - ok
19:56:19.0236 0x0e54  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:56:19.0334 0x0e54  SensrSvc - ok
19:56:19.0379 0x0e54  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:56:19.0414 0x0e54  SerCx - ok
19:56:19.0462 0x0e54  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:56:19.0504 0x0e54  SerCx2 - ok
19:56:19.0523 0x0e54  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:56:19.0556 0x0e54  Serenum - ok
19:56:19.0590 0x0e54  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:56:19.0647 0x0e54  Serial - ok
19:56:19.0691 0x0e54  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:56:19.0739 0x0e54  sermouse - ok
19:56:19.0818 0x0e54  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:56:19.0979 0x0e54  SessionEnv - ok
19:56:20.0037 0x0e54  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:56:20.0097 0x0e54  sfloppy - ok
19:56:20.0185 0x0e54  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:56:20.0268 0x0e54  SharedAccess - ok
19:56:20.0380 0x0e54  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:56:20.0537 0x0e54  ShellHWDetection - ok
19:56:20.0571 0x0e54  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:56:20.0608 0x0e54  SiSRaid2 - ok
19:56:20.0661 0x0e54  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:56:20.0698 0x0e54  SiSRaid4 - ok
19:56:20.0793 0x0e54  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:20.0860 0x0e54  SkypeUpdate - ok
19:56:20.0901 0x0e54  [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:56:20.0927 0x0e54  SmbDrvI - ok
19:56:20.0971 0x0e54  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
19:56:21.0023 0x0e54  smphost - ok
19:56:21.0077 0x0e54  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:56:21.0129 0x0e54  SNMPTRAP - ok
19:56:21.0214 0x0e54  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:56:21.0294 0x0e54  spaceport - ok
19:56:21.0346 0x0e54  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:56:21.0385 0x0e54  SpbCx - ok
19:56:21.0500 0x0e54  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:56:21.0691 0x0e54  Spooler - ok
19:56:22.0328 0x0e54  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:56:23.0206 0x0e54  sppsvc - ok
19:56:23.0366 0x0e54  [ EB2FD937449B7ACEB39372F875EB8E78, ED99556AF0E342F534FE8A1B24C254FEE841CBD683CD3528B2D05C809765EAC3 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:56:23.0424 0x0e54  SQLAgent$SQLEXPRESS - ok
19:56:23.0509 0x0e54  [ 99DE6ACFA5CA83FAD6A765C81C6F129F, E152BEBFA302BDB1BEF53F1B4C710BE2EA6DC5AD9D04704575B73B1D464CD582 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:56:23.0577 0x0e54  SQLBrowser - ok
19:56:23.0705 0x0e54  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:56:23.0737 0x0e54  SQLWriter - ok
19:56:23.0813 0x0e54  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:56:24.0008 0x0e54  srv - ok
19:56:24.0114 0x0e54  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:56:24.0246 0x0e54  srv2 - ok
19:56:24.0432 0x0e54  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:56:24.0613 0x0e54  srvnet - ok
19:56:24.0732 0x0e54  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:56:24.0889 0x0e54  SSDPSRV - ok
19:56:24.0940 0x0e54  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:56:25.0115 0x0e54  SstpSvc - ok
19:56:25.0169 0x0e54  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:56:25.0211 0x0e54  ssudmdm - ok
19:56:25.0318 0x0e54  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:56:25.0414 0x0e54  Steam Client Service - ok
19:56:25.0466 0x0e54  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:56:25.0494 0x0e54  stexstor - ok
19:56:25.0592 0x0e54  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:56:25.0752 0x0e54  stisvc - ok
19:56:25.0781 0x0e54  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:56:25.0817 0x0e54  storahci - ok
19:56:25.0859 0x0e54  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
19:56:25.0888 0x0e54  storflt - ok
19:56:25.0939 0x0e54  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:56:25.0970 0x0e54  stornvme - ok
19:56:26.0010 0x0e54  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:56:26.0087 0x0e54  StorSvc - ok
19:56:26.0132 0x0e54  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:56:26.0160 0x0e54  storvsc - ok
19:56:26.0202 0x0e54  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:56:26.0249 0x0e54  svsvc - ok
19:56:26.0300 0x0e54  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:56:26.0327 0x0e54  swenum - ok
19:56:26.0424 0x0e54  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
19:56:26.0509 0x0e54  swprv - ok
19:56:26.0575 0x0e54  [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:56:26.0622 0x0e54  SynTP - ok
19:56:26.0744 0x0e54  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:56:26.0918 0x0e54  SysMain - ok
19:56:26.0974 0x0e54  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:56:27.0047 0x0e54  SystemEventsBroker - ok
19:56:27.0094 0x0e54  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:56:27.0175 0x0e54  TabletInputService - ok
19:56:27.0239 0x0e54  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:56:27.0341 0x0e54  TapiSrv - ok
19:56:27.0538 0x0e54  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:56:27.0744 0x0e54  Tcpip - ok
19:56:27.0881 0x0e54  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:56:28.0103 0x0e54  TCPIP6 - ok
19:56:28.0174 0x0e54  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:56:28.0246 0x0e54  tcpipreg - ok
19:56:28.0296 0x0e54  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:56:28.0326 0x0e54  tdx - ok
19:56:28.0372 0x0e54  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:56:28.0393 0x0e54  terminpt - ok
19:56:28.0575 0x0e54  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:56:28.0655 0x0e54  TermService - ok
19:56:28.0702 0x0e54  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
19:56:28.0735 0x0e54  Themes - ok
19:56:28.0784 0x0e54  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
19:56:28.0807 0x0e54  THREADORDER - ok
19:56:28.0861 0x0e54  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:56:28.0942 0x0e54  TimeBroker - ok
19:56:28.0969 0x0e54  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:56:28.0996 0x0e54  TPM - ok
19:56:29.0039 0x0e54  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:56:29.0069 0x0e54  TrkWks - ok
19:56:29.0134 0x0e54  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:56:29.0221 0x0e54  TrustedInstaller - ok
19:56:29.0265 0x0e54  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
19:56:29.0357 0x0e54  TsUsbFlt - ok
19:56:29.0399 0x0e54  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:56:29.0460 0x0e54  TsUsbGD - ok
19:56:29.0488 0x0e54  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:56:29.0540 0x0e54  tunnel - ok
19:56:29.0585 0x0e54  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:56:29.0604 0x0e54  uagp35 - ok
19:56:29.0687 0x0e54  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:56:29.0715 0x0e54  UASPStor - ok
19:56:29.0892 0x0e54  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
19:56:30.0175 0x0e54  UCX01000 - ok
19:56:30.0285 0x0e54  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:56:30.0379 0x0e54  udfs - ok
19:56:30.0430 0x0e54  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:56:30.0447 0x0e54  UEFI - ok
19:56:30.0511 0x0e54  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:56:30.0567 0x0e54  UI0Detect - ok
19:56:30.0606 0x0e54  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:56:30.0629 0x0e54  uliagpkx - ok
19:56:30.0673 0x0e54  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:56:30.0777 0x0e54  umbus - ok
19:56:30.0795 0x0e54  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:56:30.0826 0x0e54  UmPass - ok
19:56:30.0871 0x0e54  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:56:30.0976 0x0e54  UmRdpService - ok
19:56:31.0092 0x0e54  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:56:31.0156 0x0e54  upnphost - ok
19:56:31.0205 0x0e54  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:56:31.0292 0x0e54  USBAAPL64 - ok
19:56:31.0351 0x0e54  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:56:31.0502 0x0e54  usbaudio - ok
19:56:31.0563 0x0e54  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:56:31.0587 0x0e54  usbccgp - ok
19:56:31.0649 0x0e54  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:56:31.0687 0x0e54  usbcir - ok
19:56:31.0744 0x0e54  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:56:31.0776 0x0e54  usbehci - ok
19:56:31.0871 0x0e54  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:56:31.0911 0x0e54  usbhub - ok
19:56:32.0025 0x0e54  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:56:32.0074 0x0e54  USBHUB3 - ok
19:56:32.0223 0x0e54  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:56:32.0535 0x0e54  usbohci - ok
19:56:32.0565 0x0e54  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:56:32.0647 0x0e54  usbprint - ok
19:56:32.0689 0x0e54  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:56:32.0713 0x0e54  USBSTOR - ok
19:56:32.0746 0x0e54  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:56:32.0805 0x0e54  usbuhci - ok
19:56:32.0873 0x0e54  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
19:56:32.0921 0x0e54  usbvideo - ok
19:56:32.0984 0x0e54  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:56:33.0014 0x0e54  USBXHCI - ok
19:56:33.0034 0x0e54  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:56:33.0053 0x0e54  VaultSvc - ok
19:56:33.0098 0x0e54  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:56:33.0113 0x0e54  vdrvroot - ok
19:56:33.0246 0x0e54  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
19:56:33.0416 0x0e54  vds - ok
19:56:33.0502 0x0e54  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:56:33.0524 0x0e54  VerifierExt - ok
19:56:33.0588 0x0e54  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:56:33.0629 0x0e54  vhdmp - ok
19:56:33.0672 0x0e54  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
19:56:33.0687 0x0e54  viaide - ok
19:56:33.0727 0x0e54  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:56:33.0744 0x0e54  vmbus - ok
19:56:33.0759 0x0e54  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:56:33.0775 0x0e54  VMBusHID - ok
19:56:33.0833 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:56:33.0871 0x0e54  vmicguestinterface - ok
19:56:33.0894 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:56:33.0929 0x0e54  vmicheartbeat - ok
19:56:33.0951 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:56:33.0986 0x0e54  vmickvpexchange - ok
19:56:34.0008 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:56:34.0044 0x0e54  vmicrdv - ok
19:56:34.0069 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:56:34.0105 0x0e54  vmicshutdown - ok
19:56:34.0127 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:56:34.0165 0x0e54  vmictimesync - ok
19:56:34.0187 0x0e54  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:56:34.0224 0x0e54  vmicvss - ok
19:56:34.0300 0x0e54  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:56:34.0317 0x0e54  volmgr - ok
19:56:34.0335 0x0e54  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:56:34.0367 0x0e54  volmgrx - ok
19:56:34.0637 0x0e54  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:56:34.0661 0x0e54  volsnap - ok
19:56:34.0754 0x0e54  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:56:34.0770 0x0e54  vpci - ok
19:56:34.0800 0x0e54  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:56:34.0820 0x0e54  vsmraid - ok
19:56:34.0907 0x0e54  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:56:35.0002 0x0e54  VSS - ok
19:56:35.0047 0x0e54  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:56:35.0077 0x0e54  VSTXRAID - ok
19:56:35.0152 0x0e54  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:56:35.0247 0x0e54  vwifibus - ok
19:56:35.0290 0x0e54  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:56:35.0343 0x0e54  vwififlt - ok
19:56:35.0350 0x0e54  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:56:35.0385 0x0e54  vwifimp - ok
19:56:35.0435 0x0e54  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
19:56:35.0544 0x0e54  W32Time - ok
19:56:35.0573 0x0e54  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:56:35.0613 0x0e54  WacomPen - ok
19:56:35.0905 0x0e54  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:56:36.0156 0x0e54  wbengine - ok
19:56:36.0369 0x0e54  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:56:36.0592 0x0e54  WbioSrvc - ok
19:56:36.0767 0x0e54  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:56:36.0858 0x0e54  Wcmsvc - ok
19:56:36.0972 0x0e54  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:56:37.0054 0x0e54  wcncsvc - ok
19:56:37.0102 0x0e54  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:56:37.0241 0x0e54  WcsPlugInService - ok
19:56:37.0285 0x0e54  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:56:37.0320 0x0e54  WdBoot - ok
19:56:37.0441 0x0e54  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:56:37.0545 0x0e54  Wdf01000 - ok
19:56:37.0611 0x0e54  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:56:37.0666 0x0e54  WdFilter - ok
19:56:37.0715 0x0e54  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:56:37.0788 0x0e54  WdiServiceHost - ok
19:56:37.0803 0x0e54  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:56:37.0860 0x0e54  WdiSystemHost - ok
19:56:37.0901 0x0e54  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:56:37.0949 0x0e54  WdNisDrv - ok
19:56:37.0987 0x0e54  WdNisSvc - ok
19:56:38.0059 0x0e54  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:56:38.0159 0x0e54  WebClient - ok
19:56:38.0259 0x0e54  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:56:38.0332 0x0e54  Wecsvc - ok
19:56:38.0372 0x0e54  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:56:38.0445 0x0e54  WEPHOSTSVC - ok
19:56:38.0485 0x0e54  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:56:38.0625 0x0e54  wercplsupport - ok
19:56:38.0678 0x0e54  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:56:38.0744 0x0e54  WerSvc - ok
19:56:38.0798 0x0e54  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:56:38.0832 0x0e54  WFPLWFS - ok
19:56:38.0882 0x0e54  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:56:38.0914 0x0e54  WiaRpc - ok
19:56:38.0945 0x0e54  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:56:38.0968 0x0e54  WIMMount - ok
19:56:38.0975 0x0e54  WinDefend - ok
19:56:39.0080 0x0e54  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:56:39.0183 0x0e54  WinHttpAutoProxySvc - ok
19:56:39.0273 0x0e54  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:56:39.0377 0x0e54  Winmgmt - ok
19:56:39.0617 0x0e54  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:56:39.0900 0x0e54  WinRM - ok
19:56:39.0989 0x0e54  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
19:56:40.0055 0x0e54  WinUsb - ok
19:56:40.0257 0x0e54  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:56:40.0548 0x0e54  WlanSvc - ok
19:56:40.0734 0x0e54  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:56:40.0920 0x0e54  wlidsvc - ok
19:56:40.0975 0x0e54  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:56:40.0998 0x0e54  WmiAcpi - ok
19:56:41.0065 0x0e54  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:56:41.0167 0x0e54  wmiApSrv - ok
19:56:41.0199 0x0e54  WMPNetworkSvc - ok
19:56:41.0278 0x0e54  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:56:41.0331 0x0e54  Wof - ok
19:56:41.0505 0x0e54  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:56:41.0711 0x0e54  workfolderssvc - ok
19:56:41.0760 0x0e54  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:56:41.0785 0x0e54  wpcfltr - ok
19:56:41.0842 0x0e54  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
19:56:42.0014 0x0e54  WPCSvc - ok
19:56:42.0065 0x0e54  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:56:42.0149 0x0e54  WPDBusEnum - ok
19:56:42.0201 0x0e54  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:56:42.0231 0x0e54  WpdUpFltr - ok
19:56:42.0280 0x0e54  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:56:42.0335 0x0e54  ws2ifsl - ok
19:56:42.0386 0x0e54  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:56:42.0475 0x0e54  wscsvc - ok
19:56:42.0483 0x0e54  WSearch - ok
19:56:42.0737 0x0e54  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
19:56:43.0124 0x0e54  WSService - ok
19:56:43.0452 0x0e54  [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:56:43.0874 0x0e54  wuauserv - ok
19:56:43.0936 0x0e54  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:56:44.0030 0x0e54  WudfPf - ok
19:56:44.0108 0x0e54  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0171 0x0e54  WUDFRd - ok
19:56:44.0186 0x0e54  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0217 0x0e54  WUDFSensorLP - ok
19:56:44.0280 0x0e54  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:56:44.0327 0x0e54  wudfsvc - ok
19:56:44.0358 0x0e54  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdComp     C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0389 0x0e54  WUDFWpdComp - ok
19:56:44.0421 0x0e54  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0452 0x0e54  WUDFWpdFs - ok
19:56:44.0483 0x0e54  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0530 0x0e54  WUDFWpdMtp - ok
19:56:44.0603 0x0e54  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:56:44.0686 0x0e54  WwanSvc - ok
19:56:44.0702 0x0e54  ================ Scan global ===============================
19:56:44.0764 0x0e54  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
19:56:44.0827 0x0e54  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
19:56:44.0889 0x0e54  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
19:56:44.0952 0x0e54  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
19:56:44.0983 0x0e54  [ Global ] - ok
19:56:44.0983 0x0e54  ================ Scan MBR ==================================
19:56:44.0999 0x0e54  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:56:45.0752 0x0e54  \Device\Harddisk0\DR0 - ok
19:56:45.0767 0x0e54  ================ Scan VBR ==================================
19:56:45.0767 0x0e54  [ 3E11DBB9BBAB905839083B3D45D63D77 ] \Device\Harddisk0\DR0\Partition1
19:56:45.0783 0x0e54  \Device\Harddisk0\DR0\Partition1 - ok
19:56:45.0799 0x0e54  [ 2AB5562AE31A11B41FE145C67364D6D2 ] \Device\Harddisk0\DR0\Partition2
19:56:45.0861 0x0e54  \Device\Harddisk0\DR0\Partition2 - ok
19:56:45.0861 0x0e54  ================ Scan generic autorun ======================
19:56:45.0908 0x0e54  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
19:56:45.0955 0x0e54  IgfxTray - ok
19:56:45.0986 0x0e54  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\WINDOWS\system32\hkcmd.exe
19:56:46.0041 0x0e54  HotKeysCmds - ok
19:56:46.0081 0x0e54  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
19:56:46.0133 0x0e54  Persistence - ok
19:56:46.0133 0x0e54  SynTPEnh - ok
19:56:46.0195 0x0e54  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
19:56:46.0234 0x0e54  iTunesHelper - ok
19:56:46.0299 0x0e54  [ 9F60097061F79620C9C59FF37A61D852, 9B94C00CAA1F4DF95485F994576DA68B30635C628CFE3D6AE1811E6FEB1A56CA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:56:46.0321 0x0e54  APSDaemon - ok
19:56:46.0448 0x0e54  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
19:56:46.0526 0x0e54  avgnt - ok
19:56:46.0573 0x0e54  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
19:56:46.0604 0x0e54  Avira Systray - ok
19:56:46.0920 0x0e54  [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
19:56:47.0150 0x0e54  Spotify Web Helper - ok
19:56:47.0465 0x0e54  [ B0C5B0AC6D5AA99B78CEB418A6FF80D1, 9544B0DF4AAC6EC6399619784E3BBC1180977DA1ED25F4D89EE22DA7A195E79A ] C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
19:56:47.0777 0x0e54  Amazon Music - ok
19:56:47.0958 0x0e54  [ 71DCFA65CC4349CF08BFFF7A14D8BAE4, 61DAE2C9EED97F325F449A77FB2E1AAAB90AA2329A0B7AE182B8A808017C11F0 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
19:56:48.0036 0x0e54  GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56 - ok
19:56:48.0119 0x0e54  Skype - ok
19:56:48.0446 0x0e54  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
19:56:48.0680 0x0e54  Steam - ok
19:56:49.0289 0x0e54  [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
19:56:49.0971 0x0e54  Spotify - ok
19:56:50.0117 0x0e54  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:56:50.0237 0x0e54  WAB Migrate - ok
19:56:50.0240 0x0e54  Waiting for KSN requests completion. In queue: 130
19:56:51.0251 0x0e54  Waiting for KSN requests completion. In queue: 130
19:56:52.0251 0x0e54  Waiting for KSN requests completion. In queue: 130
19:56:53.0667 0x0e54  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
19:56:53.0668 0x0e54  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
19:56:53.0794 0x0e54  Win FW state via NFP2: enabled ( trusted )
19:56:57.0504 0x0e54  ============================================================
19:56:57.0504 0x0e54  Scan finished
19:56:57.0504 0x0e54  ============================================================
19:56:57.0536 0x1688  Detected object count: 0
19:56:57.0536 0x1688  Actual detected object count: 0
         
__________________

Alt 30.09.2015, 20:49   #4
CrshdBounty
 
Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



2.Log:
Code:
ATTFilter
20:23:09.0897 0x0e10  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:23:20.0497 0x0e10  ============================================================
20:23:20.0497 0x0e10  Current date / time: 2015/09/30 20:23:20.0497
20:23:20.0497 0x0e10  SystemInfo:
20:23:20.0497 0x0e10  
20:23:20.0498 0x0e10  OS Version: 6.3.9600 ServicePack: 0.0
20:23:20.0498 0x0e10  Product type: Workstation
20:23:20.0498 0x0e10  ComputerName: X75V
20:23:20.0498 0x0e10  UserName: *****
20:23:20.0498 0x0e10  Windows directory: C:\WINDOWS
20:23:20.0498 0x0e10  System windows directory: C:\WINDOWS
20:23:20.0498 0x0e10  Running under WOW64
20:23:20.0498 0x0e10  Processor architecture: Intel x64
20:23:20.0498 0x0e10  Number of processors: 4
20:23:20.0498 0x0e10  Page size: 0x1000
20:23:20.0498 0x0e10  Boot type: Normal boot
20:23:20.0498 0x0e10  ============================================================
20:23:29.0229 0x0e10  KLMD registered as C:\WINDOWS\system32\drivers\76808410.sys
20:23:29.0827 0x0e10  System UUID: {D12FAD76-92E2-D2A8-BF8A-B6A7A275F8A9}
20:23:31.0142 0x0e10  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:31.0173 0x0e10  ============================================================
20:23:31.0173 0x0e10  \Device\Harddisk0\DR0:
20:23:31.0186 0x0e10  MBR partitions:
20:23:31.0186 0x0e10  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:23:31.0186 0x0e10  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F800, BlocksNum 0x124F8000
20:23:31.0186 0x0e10  ============================================================
20:23:31.0282 0x0e10  C: <-> \Device\Harddisk0\DR0\Partition2
20:23:31.0321 0x0e10  D: <-> \Device\Harddisk0\DR0\Partition1
20:23:31.0322 0x0e10  ============================================================
20:23:31.0322 0x0e10  Initialize success
20:23:31.0322 0x0e10  ============================================================
20:23:39.0491 0x0e10  ============================================================
20:23:39.0491 0x0e10  Scan started
20:23:39.0491 0x0e10  Mode: Manual; SigCheck; TDLFS; 
20:23:39.0491 0x0e10  ============================================================
20:23:39.0491 0x0e10  KSN ping started
20:23:42.0010 0x0e10  KSN ping finished: true
20:24:19.0056 0x0e10  ================ Scan system memory ========================
20:24:19.0056 0x0e10  System memory - ok
20:24:19.0058 0x0e10  ================ Scan services =============================
20:24:19.0496 0x0e10  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:24:19.0750 0x0e10  1394ohci - ok
20:24:19.0837 0x0e10  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:24:19.0903 0x0e10  3ware - ok
20:24:20.0102 0x0e10  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:24:20.0188 0x0e10  ACPI - ok
20:24:20.0246 0x0e10  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:24:20.0298 0x0e10  acpiex - ok
20:24:20.0325 0x0e10  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:24:20.0400 0x0e10  acpipagr - ok
20:24:20.0444 0x0e10  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:24:20.0577 0x0e10  AcpiPmi - ok
20:24:20.0626 0x0e10  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:24:20.0695 0x0e10  acpitime - ok
20:24:20.0965 0x0e10  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:21.0002 0x0e10  AdobeARMservice - ok
20:24:21.0637 0x0e10  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:21.0774 0x0e10  AdobeFlashPlayerUpdateSvc - ok
20:24:21.0966 0x0e10  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:24:22.0084 0x0e10  ADP80XX - ok
20:24:22.0179 0x0e10  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
20:24:22.0341 0x0e10  AeLookupSvc - ok
20:24:22.0513 0x0e10  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:24:22.0787 0x0e10  AFD - ok
20:24:22.0823 0x0e10  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:24:22.0859 0x0e10  agp440 - ok
20:24:22.0895 0x0e10  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:24:23.0017 0x0e10  ahcache - ok
20:24:23.0060 0x0e10  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
20:24:23.0194 0x0e10  ALG - ok
20:24:23.0228 0x0e10  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:24:23.0354 0x0e10  AmdK8 - ok
20:24:23.0448 0x0e10  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:24:23.0515 0x0e10  AmdPPM - ok
20:24:23.0542 0x0e10  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:24:23.0589 0x0e10  amdsata - ok
20:24:23.0650 0x0e10  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:24:23.0758 0x0e10  amdsbs - ok
20:24:23.0789 0x0e10  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:24:23.0834 0x0e10  amdxata - ok
20:24:24.0092 0x0e10  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:24:24.0214 0x0e10  AntiVirMailService - ok
20:24:24.0291 0x0e10  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:24.0425 0x0e10  AntiVirSchedulerService - ok
20:24:24.0555 0x0e10  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:24.0609 0x0e10  AntiVirService - ok
20:24:24.0882 0x0e10  [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:24:24.0987 0x0e10  AntiVirWebService - ok
20:24:25.0076 0x0e10  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:24:25.0246 0x0e10  AppID - ok
20:24:25.0284 0x0e10  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:24:25.0346 0x0e10  AppIDSvc - ok
20:24:25.0385 0x0e10  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:24:25.0542 0x0e10  Appinfo - ok
20:24:25.0810 0x0e10  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:25.0846 0x0e10  Apple Mobile Device Service - ok
20:24:25.0972 0x0e10  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:24:26.0156 0x0e10  AppReadiness - ok
20:24:26.0462 0x0e10  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:24:26.0802 0x0e10  AppXSvc - ok
20:24:26.0856 0x0e10  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:24:26.0951 0x0e10  arcsas - ok
20:24:26.0989 0x0e10  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:24:27.0018 0x0e10  atapi - ok
20:24:27.0610 0x0e10  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:24:28.0101 0x0e10  athr - ok
20:24:28.0176 0x0e10  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:24:28.0322 0x0e10  AudioEndpointBuilder - ok
20:24:28.0412 0x0e10  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:24:28.0614 0x0e10  Audiosrv - ok
20:24:28.0690 0x0e10  [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:24:28.0755 0x0e10  avgntflt - ok
20:24:28.0824 0x0e10  [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:24:28.0885 0x0e10  avipbb - ok
20:24:29.0028 0x0e10  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
20:24:29.0061 0x0e10  Avira.OE.ServiceHost - ok
20:24:29.0092 0x0e10  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:24:29.0135 0x0e10  avkmgr - ok
20:24:29.0222 0x0e10  [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
20:24:29.0340 0x0e10  avnetflt - ok
20:24:29.0398 0x0e10  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:24:29.0500 0x0e10  AxInstSV - ok
20:24:29.0666 0x0e10  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:24:29.0774 0x0e10  b06bdrv - ok
20:24:29.0871 0x0e10  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:24:30.0000 0x0e10  BasicDisplay - ok
20:24:30.0074 0x0e10  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:24:30.0276 0x0e10  BasicRender - ok
20:24:30.0353 0x0e10  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:24:30.0398 0x0e10  bcmfn2 - ok
20:24:30.0477 0x0e10  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:24:30.0680 0x0e10  BDESVC - ok
20:24:30.0737 0x0e10  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:24:30.0865 0x0e10  Beep - ok
20:24:31.0086 0x0e10  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
20:24:31.0280 0x0e10  BFE - ok
20:24:31.0455 0x0e10  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
20:24:31.0633 0x0e10  BITS - ok
20:24:31.0755 0x0e10  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:31.0822 0x0e10  Bonjour Service - ok
20:24:31.0851 0x0e10  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:24:31.0997 0x0e10  bowser - ok
20:24:32.0074 0x0e10  BRDriver64_1_3_3_E02B25FC - ok
20:24:32.0138 0x0e10  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:24:32.0315 0x0e10  BrokerInfrastructure - ok
20:24:32.0368 0x0e10  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
20:24:32.0491 0x0e10  Browser - ok
20:24:32.0500 0x0e10  BTCFilterService - ok
20:24:32.0560 0x0e10  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:24:32.0617 0x0e10  BthAvrcpTg - ok
20:24:32.0652 0x0e10  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:24:32.0733 0x0e10  BthHFEnum - ok
20:24:32.0785 0x0e10  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:24:32.0849 0x0e10  bthhfhid - ok
20:24:32.0957 0x0e10  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:24:33.0085 0x0e10  BthHFSrv - ok
20:24:33.0131 0x0e10  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:24:33.0206 0x0e10  BTHMODEM - ok
20:24:33.0252 0x0e10  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:24:33.0360 0x0e10  bthserv - ok
20:24:33.0409 0x0e10  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:24:33.0518 0x0e10  cdfs - ok
20:24:33.0549 0x0e10  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:24:33.0602 0x0e10  cdrom - ok
20:24:33.0697 0x0e10  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:24:33.0792 0x0e10  CertPropSvc - ok
20:24:33.0839 0x0e10  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:24:33.0915 0x0e10  circlass - ok
20:24:34.0013 0x0e10  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:24:34.0079 0x0e10  CLFS - ok
20:24:34.0163 0x0e10  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:24:34.0265 0x0e10  CmBatt - ok
20:24:34.0320 0x0e10  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:24:34.0416 0x0e10  CNG - ok
20:24:34.0445 0x0e10  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
20:24:34.0504 0x0e10  CompositeBus - ok
20:24:34.0513 0x0e10  COMSysApp - ok
20:24:34.0541 0x0e10  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:24:34.0625 0x0e10  condrv - ok
20:24:34.0940 0x0e10  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:24:35.0006 0x0e10  cphs - ok
20:24:35.0059 0x0e10  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:24:35.0197 0x0e10  CryptSvc - ok
20:24:35.0237 0x0e10  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:24:35.0284 0x0e10  dam - ok
20:24:35.0468 0x0e10  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:24:35.0686 0x0e10  DcomLaunch - ok
20:24:35.0821 0x0e10  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:24:35.0953 0x0e10  defragsvc - ok
20:24:36.0051 0x0e10  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:24:36.0217 0x0e10  DeviceAssociationService - ok
20:24:36.0274 0x0e10  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:24:36.0359 0x0e10  DeviceInstall - ok
20:24:36.0393 0x0e10  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:24:36.0531 0x0e10  Dfsc - ok
20:24:36.0563 0x0e10  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:24:36.0603 0x0e10  dg_ssudbus - ok
20:24:36.0704 0x0e10  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:24:36.0852 0x0e10  Dhcp - ok
20:24:37.0165 0x0e10  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:24:37.0541 0x0e10  DiagTrack - ok
20:24:37.0639 0x0e10  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:24:37.0675 0x0e10  disk - ok
20:24:37.0690 0x0e10  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:24:37.0843 0x0e10  dmvsc - ok
20:24:37.0930 0x0e10  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:24:38.0008 0x0e10  Dnscache - ok
20:24:38.0093 0x0e10  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:24:38.0287 0x0e10  dot3svc - ok
20:24:38.0348 0x0e10  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
20:24:38.0434 0x0e10  DPS - ok
20:24:38.0476 0x0e10  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:24:38.0535 0x0e10  drmkaud - ok
20:24:38.0594 0x0e10  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:24:38.0655 0x0e10  DsmSvc - ok
20:24:38.0931 0x0e10  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:24:39.0179 0x0e10  DXGKrnl - ok
20:24:39.0228 0x0e10  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:24:39.0383 0x0e10  Eaphost - ok
20:24:39.0395 0x0e10  EasyAntiCheat - ok
20:24:39.0877 0x0e10  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:24:40.0367 0x0e10  ebdrv - ok
20:24:40.0436 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
20:24:40.0465 0x0e10  EFS - ok
20:24:40.0524 0x0e10  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:24:40.0563 0x0e10  EhStorClass - ok
20:24:40.0595 0x0e10  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:24:40.0633 0x0e10  EhStorTcgDrv - ok
20:24:40.0653 0x0e10  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:24:40.0714 0x0e10  ErrDev - ok
20:24:40.0838 0x0e10  esgiguard - ok
20:24:40.0930 0x0e10  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
20:24:41.0118 0x0e10  EventSystem - ok
20:24:41.0149 0x0e10  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:24:41.0284 0x0e10  exfat - ok
20:24:41.0381 0x0e10  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:24:41.0442 0x0e10  fastfat - ok
20:24:41.0609 0x0e10  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:24:41.0797 0x0e10  Fax - ok
20:24:41.0838 0x0e10  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:24:41.0922 0x0e10  fdc - ok
20:24:41.0958 0x0e10  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:24:42.0053 0x0e10  fdPHost - ok
20:24:42.0102 0x0e10  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:24:42.0169 0x0e10  FDResPub - ok
20:24:42.0228 0x0e10  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:24:42.0350 0x0e10  fhsvc - ok
20:24:42.0399 0x0e10  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:24:42.0466 0x0e10  FileInfo - ok
20:24:42.0528 0x0e10  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:24:42.0596 0x0e10  Filetrace - ok
20:24:42.0635 0x0e10  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:24:42.0689 0x0e10  flpydisk - ok
20:24:42.0769 0x0e10  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:24:42.0837 0x0e10  FltMgr - ok
20:24:42.0988 0x0e10  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:24:43.0269 0x0e10  FontCache - ok
20:24:43.0483 0x0e10  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:43.0514 0x0e10  FontCache3.0.0.0 - ok
20:24:43.0570 0x0e10  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:24:43.0607 0x0e10  FsDepends - ok
20:24:43.0672 0x0e10  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:24:43.0702 0x0e10  Fs_Rec - ok
20:24:43.0859 0x0e10  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:24:43.0945 0x0e10  fvevol - ok
20:24:44.0021 0x0e10  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
20:24:44.0108 0x0e10  FxPPM - ok
20:24:44.0142 0x0e10  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:24:44.0186 0x0e10  gagp30kx - ok
20:24:44.0241 0x0e10  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:24:44.0274 0x0e10  GEARAspiWDM - ok
20:24:44.0335 0x0e10  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:24:44.0410 0x0e10  gencounter - ok
20:24:44.0488 0x0e10  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:24:44.0545 0x0e10  GPIOClx0101 - ok
20:24:44.0707 0x0e10  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:24:44.0930 0x0e10  gpsvc - ok
20:24:45.0059 0x0e10  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:45.0083 0x0e10  gupdate - ok
20:24:45.0100 0x0e10  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:45.0127 0x0e10  gupdatem - ok
20:24:45.0269 0x0e10  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:24:45.0388 0x0e10  HdAudAddService - ok
20:24:45.0433 0x0e10  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:24:45.0571 0x0e10  HDAudBus - ok
20:24:45.0613 0x0e10  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:24:45.0676 0x0e10  HidBatt - ok
20:24:45.0747 0x0e10  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:24:45.0866 0x0e10  HidBth - ok
20:24:45.0890 0x0e10  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:24:45.0939 0x0e10  hidi2c - ok
20:24:45.0980 0x0e10  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:24:46.0030 0x0e10  HidIr - ok
20:24:46.0070 0x0e10  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:24:46.0177 0x0e10  hidserv - ok
20:24:46.0229 0x0e10  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
20:24:46.0257 0x0e10  HIDSwitch - ok
20:24:46.0287 0x0e10  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:24:46.0429 0x0e10  HidUsb - ok
20:24:46.0471 0x0e10  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
20:24:46.0623 0x0e10  hkmsvc - ok
20:24:46.0698 0x0e10  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:24:46.0799 0x0e10  HomeGroupListener - ok
20:24:46.0895 0x0e10  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:24:46.0964 0x0e10  HomeGroupProvider - ok
20:24:47.0212 0x0e10  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:24:47.0256 0x0e10  HpSAMD - ok
20:24:47.0409 0x0e10  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:24:47.0534 0x0e10  HTTP - ok
20:24:47.0557 0x0e10  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:24:47.0585 0x0e10  hwpolicy - ok
20:24:47.0609 0x0e10  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:24:47.0675 0x0e10  hyperkbd - ok
20:24:47.0716 0x0e10  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:24:47.0782 0x0e10  HyperVideo - ok
20:24:47.0836 0x0e10  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:24:47.0960 0x0e10  i8042prt - ok
20:24:48.0016 0x0e10  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:24:48.0054 0x0e10  iaLPSSi_GPIO - ok
20:24:48.0085 0x0e10  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:24:48.0128 0x0e10  iaLPSSi_I2C - ok
20:24:48.0248 0x0e10  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:24:48.0375 0x0e10  iaStorAV - ok
20:24:48.0442 0x0e10  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:24:48.0519 0x0e10  iaStorV - ok
20:24:48.0532 0x0e10  IEEtwCollectorService - ok
20:24:49.0351 0x0e10  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:24:49.0985 0x0e10  igfx - ok
20:24:50.0218 0x0e10  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:24:50.0363 0x0e10  IKEEXT - ok
20:24:50.0421 0x0e10  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:24:50.0465 0x0e10  intelide - ok
20:24:50.0511 0x0e10  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:24:50.0544 0x0e10  intelpep - ok
20:24:50.0585 0x0e10  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:24:50.0647 0x0e10  intelppm - ok
20:24:50.0690 0x0e10  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:24:50.0819 0x0e10  IpFilterDriver - ok
20:24:51.0045 0x0e10  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:24:51.0193 0x0e10  iphlpsvc - ok
20:24:51.0237 0x0e10  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:24:51.0417 0x0e10  IPMIDRV - ok
20:24:51.0445 0x0e10  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:24:51.0546 0x0e10  IPNAT - ok
20:24:51.0715 0x0e10  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:24:51.0817 0x0e10  iPod Service - ok
20:24:51.0878 0x0e10  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:24:51.0941 0x0e10  IRENUM - ok
20:24:52.0033 0x0e10  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:24:52.0073 0x0e10  isapnp - ok
20:24:52.0186 0x0e10  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:24:52.0279 0x0e10  iScsiPrt - ok
20:24:52.0309 0x0e10  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:24:52.0350 0x0e10  kbdclass - ok
20:24:52.0398 0x0e10  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:24:52.0436 0x0e10  kbdhid - ok
20:24:52.0485 0x0e10  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:24:52.0636 0x0e10  kdnic - ok
20:24:52.0659 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:24:52.0692 0x0e10  KeyIso - ok
20:24:52.0751 0x0e10  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:24:52.0794 0x0e10  KSecDD - ok
20:24:52.0875 0x0e10  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:24:52.0937 0x0e10  KSecPkg - ok
20:24:52.0984 0x0e10  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:24:53.0055 0x0e10  ksthunk - ok
20:24:53.0097 0x0e10  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:24:53.0170 0x0e10  KtmRm - ok
20:24:53.0242 0x0e10  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
20:24:53.0289 0x0e10  L1C - ok
20:24:53.0406 0x0e10  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:24:53.0515 0x0e10  LanmanServer - ok
20:24:53.0571 0x0e10  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:24:53.0628 0x0e10  LanmanWorkstation - ok
20:24:53.0784 0x0e10  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
20:24:54.0019 0x0e10  lfsvc - ok
20:24:54.0062 0x0e10  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:24:54.0136 0x0e10  lltdio - ok
20:24:54.0250 0x0e10  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:24:54.0324 0x0e10  lltdsvc - ok
20:24:54.0354 0x0e10  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:24:54.0475 0x0e10  lmhosts - ok
20:24:54.0530 0x0e10  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:24:54.0584 0x0e10  LSI_SAS - ok
20:24:54.0610 0x0e10  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:24:54.0662 0x0e10  LSI_SAS2 - ok
20:24:54.0721 0x0e10  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:24:54.0806 0x0e10  LSI_SAS3 - ok
20:24:54.0842 0x0e10  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:24:54.0892 0x0e10  LSI_SSS - ok
20:24:55.0085 0x0e10  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
20:24:55.0271 0x0e10  LSM - ok
20:24:55.0317 0x0e10  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:24:55.0453 0x0e10  luafv - ok
20:24:55.0492 0x0e10  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:24:55.0538 0x0e10  megasas - ok
20:24:55.0658 0x0e10  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:24:55.0762 0x0e10  megasr - ok
20:24:55.0846 0x0e10  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
20:24:55.0880 0x0e10  MEIx64 - ok
20:24:55.0931 0x0e10  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
20:24:56.0030 0x0e10  MMCSS - ok
20:24:56.0075 0x0e10  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:24:56.0136 0x0e10  Modem - ok
20:24:56.0160 0x0e10  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:24:56.0250 0x0e10  monitor - ok
20:24:56.0260 0x0e10  motccgp - ok
20:24:56.0270 0x0e10  motccgpfl - ok
20:24:56.0281 0x0e10  motmodem - ok
20:24:56.0291 0x0e10  MotoSwitchService - ok
20:24:56.0301 0x0e10  Motousbnet - ok
20:24:56.0312 0x0e10  motusbdevice - ok
20:24:56.0348 0x0e10  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:24:56.0390 0x0e10  mouclass - ok
20:24:56.0450 0x0e10  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:24:56.0500 0x0e10  mouhid - ok
20:24:56.0558 0x0e10  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:24:56.0598 0x0e10  mountmgr - ok
20:24:56.0674 0x0e10  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:56.0725 0x0e10  MozillaMaintenance - ok
20:24:56.0778 0x0e10  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:24:56.0861 0x0e10  mpsdrv - ok
20:24:57.0062 0x0e10  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:24:57.0217 0x0e10  MpsSvc - ok
20:24:57.0308 0x0e10  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:24:57.0404 0x0e10  MRxDAV - ok
20:24:57.0524 0x0e10  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:24:57.0699 0x0e10  mrxsmb - ok
20:24:57.0784 0x0e10  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:24:57.0894 0x0e10  mrxsmb10 - ok
20:24:57.0928 0x0e10  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:24:57.0992 0x0e10  mrxsmb20 - ok
20:24:58.0052 0x0e10  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
20:24:58.0095 0x0e10  MsBridge - ok
20:24:58.0142 0x0e10  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:24:58.0192 0x0e10  MSDTC - ok
20:24:58.0264 0x0e10  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:24:58.0332 0x0e10  Msfs - ok
20:24:58.0384 0x0e10  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:24:58.0423 0x0e10  msgpiowin32 - ok
20:24:58.0473 0x0e10  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:24:58.0530 0x0e10  mshidkmdf - ok
20:24:58.0560 0x0e10  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:24:58.0619 0x0e10  mshidumdf - ok
20:24:58.0649 0x0e10  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:24:58.0685 0x0e10  msisadrv - ok
20:24:58.0765 0x0e10  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:24:58.0829 0x0e10  MSiSCSI - ok
20:24:58.0839 0x0e10  msiserver - ok
20:24:58.0896 0x0e10  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:24:58.0957 0x0e10  MSKSSRV - ok
20:24:59.0011 0x0e10  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:24:59.0106 0x0e10  MsLldp - ok
20:24:59.0125 0x0e10  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:24:59.0177 0x0e10  MSPCLOCK - ok
20:24:59.0199 0x0e10  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:24:59.0258 0x0e10  MSPQM - ok
20:24:59.0353 0x0e10  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:24:59.0450 0x0e10  MsRPC - ok
20:24:59.0511 0x0e10  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:24:59.0557 0x0e10  mssmbios - ok
20:24:59.0717 0x0e10  MSSQL$SQLEXPRESS - ok
20:24:59.0872 0x0e10  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:24:59.0954 0x0e10  MSSQLServerADHelper100 - ok
20:24:59.0993 0x0e10  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:25:00.0051 0x0e10  MSTEE - ok
20:25:00.0944 0x0e10  [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
20:25:01.0581 0x0e10  msvsmon90 - ok
20:25:01.0629 0x0e10  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:25:01.0681 0x0e10  MTConfig - ok
20:25:01.0705 0x0e10  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:25:01.0739 0x0e10  Mup - ok
20:25:01.0792 0x0e10  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:25:01.0844 0x0e10  mvumis - ok
20:25:01.0958 0x0e10  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
20:25:02.0080 0x0e10  napagent - ok
20:25:02.0186 0x0e10  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:25:02.0341 0x0e10  NativeWifiP - ok
20:25:02.0407 0x0e10  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:25:02.0511 0x0e10  NcaSvc - ok
20:25:02.0591 0x0e10  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:25:02.0724 0x0e10  NcbService - ok
20:25:02.0779 0x0e10  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:25:02.0901 0x0e10  NcdAutoSetup - ok
20:25:03.0132 0x0e10  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:25:03.0298 0x0e10  NDIS - ok
20:25:03.0343 0x0e10  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:25:03.0422 0x0e10  NdisCap - ok
20:25:03.0478 0x0e10  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:25:03.0597 0x0e10  NdisImPlatform - ok
20:25:03.0637 0x0e10  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:25:03.0723 0x0e10  NdisTapi - ok
20:25:03.0773 0x0e10  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:25:03.0869 0x0e10  Ndisuio - ok
20:25:03.0891 0x0e10  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:25:03.0954 0x0e10  NdisVirtualBus - ok
20:25:04.0034 0x0e10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:25:04.0091 0x0e10  NdisWan - ok
20:25:04.0140 0x0e10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:25:04.0193 0x0e10  NdisWanLegacy - ok
20:25:04.0263 0x0e10  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:25:04.0317 0x0e10  NDProxy - ok
20:25:04.0357 0x0e10  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:25:04.0489 0x0e10  Ndu - ok
20:25:04.0548 0x0e10  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:25:04.0609 0x0e10  NetBIOS - ok
20:25:04.0685 0x0e10  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:25:04.0829 0x0e10  NetBT - ok
20:25:04.0860 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:25:04.0895 0x0e10  Netlogon - ok
20:25:05.0011 0x0e10  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
20:25:05.0066 0x0e10  Netman - ok
20:25:05.0175 0x0e10  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:25:05.0249 0x0e10  netprofm - ok
20:25:05.0495 0x0e10  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:05.0605 0x0e10  NetTcpPortSharing - ok
20:25:05.0652 0x0e10  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
20:25:05.0783 0x0e10  netvsc - ok
20:25:05.0876 0x0e10  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:25:06.0011 0x0e10  NlaSvc - ok
20:25:06.0074 0x0e10  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:25:06.0152 0x0e10  Npfs - ok
20:25:06.0204 0x0e10  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:25:06.0299 0x0e10  npsvctrig - ok
20:25:06.0349 0x0e10  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:25:06.0438 0x0e10  nsi - ok
20:25:06.0479 0x0e10  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:25:06.0535 0x0e10  nsiproxy - ok
20:25:06.0965 0x0e10  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:25:07.0229 0x0e10  Ntfs - ok
20:25:07.0278 0x0e10  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:25:07.0330 0x0e10  Null - ok
20:25:08.0759 0x0e10  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:25:10.0070 0x0e10  nvlddmkm - ok
20:25:10.0173 0x0e10  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
20:25:10.0201 0x0e10  nvpciflt - ok
20:25:10.0270 0x0e10  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:25:10.0314 0x0e10  nvraid - ok
20:25:10.0360 0x0e10  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:25:10.0431 0x0e10  nvstor - ok
20:25:10.0571 0x0e10  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:25:10.0665 0x0e10  nvsvc - ok
20:25:10.0858 0x0e10  [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:25:11.0020 0x0e10  nvUpdatusService - ok
20:25:11.0063 0x0e10  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:25:11.0136 0x0e10  nv_agp - ok
20:25:11.0246 0x0e10  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:25:11.0380 0x0e10  p2pimsvc - ok
20:25:11.0491 0x0e10  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:25:11.0582 0x0e10  p2psvc - ok
20:25:11.0611 0x0e10  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:25:11.0648 0x0e10  Parport - ok
20:25:11.0706 0x0e10  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:25:11.0750 0x0e10  partmgr - ok
20:25:11.0867 0x0e10  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:25:11.0968 0x0e10  PcaSvc - ok
20:25:12.0091 0x0e10  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:25:12.0164 0x0e10  pci - ok
20:25:12.0222 0x0e10  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:25:12.0251 0x0e10  pciide - ok
20:25:12.0282 0x0e10  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:25:12.0320 0x0e10  pcmcia - ok
20:25:12.0384 0x0e10  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:25:12.0419 0x0e10  pcw - ok
20:25:12.0461 0x0e10  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:25:12.0507 0x0e10  pdc - ok
20:25:12.0663 0x0e10  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:25:12.0864 0x0e10  PEAUTH - ok
20:25:13.0164 0x0e10  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:25:13.0286 0x0e10  PerfHost - ok
20:25:13.0656 0x0e10  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
20:25:13.0861 0x0e10  pla - ok
20:25:13.0932 0x0e10  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:25:13.0981 0x0e10  PlugPlay - ok
20:25:14.0031 0x0e10  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:25:14.0088 0x0e10  PNRPAutoReg - ok
20:25:14.0138 0x0e10  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:25:14.0196 0x0e10  PNRPsvc - ok
20:25:14.0262 0x0e10  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:25:14.0353 0x0e10  PolicyAgent - ok
20:25:14.0393 0x0e10  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
20:25:14.0511 0x0e10  Power - ok
20:25:14.0833 0x0e10  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:25:15.0235 0x0e10  PrintNotify - ok
20:25:15.0300 0x0e10  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:25:15.0400 0x0e10  Processor - ok
20:25:15.0443 0x0e10  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:25:15.0666 0x0e10  ProfSvc - ok
20:25:15.0718 0x0e10  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
20:25:15.0772 0x0e10  Psched - ok
20:25:15.0843 0x0e10  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:25:15.0913 0x0e10  QWAVE - ok
20:25:15.0960 0x0e10  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:25:16.0006 0x0e10  QWAVEdrv - ok
20:25:16.0030 0x0e10  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:25:16.0073 0x0e10  RasAcd - ok
20:25:16.0123 0x0e10  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:25:16.0181 0x0e10  RasAuto - ok
20:25:16.0308 0x0e10  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:25:16.0410 0x0e10  RasMan - ok
20:25:16.0455 0x0e10  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:25:16.0522 0x0e10  RasPppoe - ok
20:25:16.0633 0x0e10  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:25:16.0857 0x0e10  rdbss - ok
20:25:16.0905 0x0e10  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:25:17.0020 0x0e10  rdpbus - ok
20:25:17.0051 0x0e10  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:25:17.0133 0x0e10  RDPDR - ok
20:25:17.0184 0x0e10  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:25:17.0238 0x0e10  RdpVideoMiniport - ok
20:25:17.0310 0x0e10  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:25:17.0362 0x0e10  rdyboost - ok
20:25:17.0529 0x0e10  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:25:17.0689 0x0e10  ReFS - ok
20:25:17.0764 0x0e10  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:25:17.0813 0x0e10  RemoteAccess - ok
20:25:17.0892 0x0e10  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:25:18.0004 0x0e10  RemoteRegistry - ok
20:25:18.0057 0x0e10  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:25:18.0122 0x0e10  RpcEptMapper - ok
20:25:18.0157 0x0e10  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:25:18.0281 0x0e10  RpcLocator - ok
20:25:18.0481 0x0e10  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:25:18.0576 0x0e10  RpcSs - ok
20:25:18.0637 0x0e10  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:25:18.0695 0x0e10  rspndr - ok
20:25:18.0724 0x0e10  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:25:18.0781 0x0e10  s3cap - ok
20:25:18.0826 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
20:25:18.0861 0x0e10  SamSs - ok
20:25:18.0964 0x0e10  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:25:19.0002 0x0e10  sbp2port - ok
20:25:19.0070 0x0e10  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:25:19.0146 0x0e10  SCardSvr - ok
20:25:19.0192 0x0e10  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:25:19.0309 0x0e10  ScDeviceEnum - ok
20:25:19.0406 0x0e10  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:25:19.0465 0x0e10  scfilter - ok
20:25:19.0659 0x0e10  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:25:19.0924 0x0e10  Schedule - ok
20:25:19.0997 0x0e10  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:25:20.0079 0x0e10  SCPolicySvc - ok
20:25:20.0172 0x0e10  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:25:20.0261 0x0e10  sdbus - ok
20:25:20.0318 0x0e10  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:25:20.0410 0x0e10  sdstor - ok
20:25:20.0462 0x0e10  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:25:20.0541 0x0e10  seclogon - ok
20:25:20.0585 0x0e10  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
20:25:20.0632 0x0e10  SENS - ok
20:25:20.0738 0x0e10  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:25:20.0833 0x0e10  SensrSvc - ok
20:25:20.0904 0x0e10  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:25:20.0944 0x0e10  SerCx - ok
20:25:21.0000 0x0e10  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:25:21.0049 0x0e10  SerCx2 - ok
20:25:21.0070 0x0e10  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:25:21.0108 0x0e10  Serenum - ok
20:25:21.0137 0x0e10  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:25:21.0202 0x0e10  Serial - ok
20:25:21.0247 0x0e10  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:25:21.0294 0x0e10  sermouse - ok
20:25:21.0418 0x0e10  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:25:21.0619 0x0e10  SessionEnv - ok
20:25:21.0661 0x0e10  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:25:21.0711 0x0e10  sfloppy - ok
20:25:21.0834 0x0e10  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:25:21.0925 0x0e10  SharedAccess - ok
20:25:22.0034 0x0e10  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:25:22.0182 0x0e10  ShellHWDetection - ok
20:25:22.0206 0x0e10  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:25:22.0246 0x0e10  SiSRaid2 - ok
20:25:22.0319 0x0e10  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:25:22.0449 0x0e10  SiSRaid4 - ok
20:25:22.0649 0x0e10  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:22.0723 0x0e10  SkypeUpdate - ok
20:25:22.0827 0x0e10  [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:25:22.0861 0x0e10  SmbDrvI - ok
20:25:22.0906 0x0e10  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
20:25:23.0000 0x0e10  smphost - ok
20:25:23.0046 0x0e10  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:25:23.0095 0x0e10  SNMPTRAP - ok
20:25:23.0212 0x0e10  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:25:23.0296 0x0e10  spaceport - ok
20:25:23.0370 0x0e10  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:25:23.0414 0x0e10  SpbCx - ok
20:25:23.0575 0x0e10  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:25:23.0767 0x0e10  Spooler - ok
20:25:24.0417 0x0e10  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:25:25.0130 0x0e10  sppsvc - ok
20:25:25.0341 0x0e10  [ EB2FD937449B7ACEB39372F875EB8E78, ED99556AF0E342F534FE8A1B24C254FEE841CBD683CD3528B2D05C809765EAC3 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:25:25.0412 0x0e10  SQLAgent$SQLEXPRESS - ok
20:25:25.0477 0x0e10  [ 99DE6ACFA5CA83FAD6A765C81C6F129F, E152BEBFA302BDB1BEF53F1B4C710BE2EA6DC5AD9D04704575B73B1D464CD582 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:25:25.0560 0x0e10  SQLBrowser - ok
20:25:25.0745 0x0e10  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:25:25.0789 0x0e10  SQLWriter - ok
20:25:25.0903 0x0e10  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:25:26.0107 0x0e10  srv - ok
20:25:26.0290 0x0e10  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:25:26.0443 0x0e10  srv2 - ok
20:25:26.0510 0x0e10  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:25:26.0669 0x0e10  srvnet - ok
20:25:26.0751 0x0e10  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:25:26.0837 0x0e10  SSDPSRV - ok
20:25:26.0884 0x0e10  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:25:26.0952 0x0e10  SstpSvc - ok
20:25:27.0010 0x0e10  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:25:27.0063 0x0e10  ssudmdm - ok
20:25:27.0208 0x0e10  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:25:27.0286 0x0e10  Steam Client Service - ok
20:25:27.0357 0x0e10  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:25:27.0470 0x0e10  stexstor - ok
20:25:27.0643 0x0e10  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:25:27.0818 0x0e10  stisvc - ok
20:25:27.0840 0x0e10  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:25:27.0888 0x0e10  storahci - ok
20:25:27.0950 0x0e10  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:25:28.0001 0x0e10  storflt - ok
20:25:28.0054 0x0e10  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:25:28.0094 0x0e10  stornvme - ok
20:25:28.0146 0x0e10  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:25:28.0235 0x0e10  StorSvc - ok
20:25:28.0279 0x0e10  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:25:28.0363 0x0e10  storvsc - ok
20:25:28.0404 0x0e10  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:25:28.0475 0x0e10  svsvc - ok
20:25:28.0525 0x0e10  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:25:28.0567 0x0e10  swenum - ok
20:25:28.0707 0x0e10  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
20:25:28.0830 0x0e10  swprv - ok
20:25:28.0983 0x0e10  [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:25:29.0056 0x0e10  SynTP - ok
20:25:29.0295 0x0e10  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:25:29.0513 0x0e10  SysMain - ok
20:25:29.0654 0x0e10  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:25:29.0750 0x0e10  SystemEventsBroker - ok
20:25:29.0807 0x0e10  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:25:29.0937 0x0e10  TabletInputService - ok
20:25:30.0089 0x0e10  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:25:30.0202 0x0e10  TapiSrv - ok
20:25:30.0522 0x0e10  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:25:30.0831 0x0e10  Tcpip - ok
20:25:31.0090 0x0e10  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:25:31.0327 0x0e10  TCPIP6 - ok
20:25:31.0378 0x0e10  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:25:31.0467 0x0e10  tcpipreg - ok
20:25:31.0522 0x0e10  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:25:31.0564 0x0e10  tdx - ok
20:25:31.0609 0x0e10  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:25:31.0646 0x0e10  terminpt - ok
20:25:31.0834 0x0e10  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:25:31.0987 0x0e10  TermService - ok
20:25:32.0050 0x0e10  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
20:25:32.0089 0x0e10  Themes - ok
20:25:32.0155 0x0e10  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
20:25:32.0192 0x0e10  THREADORDER - ok
20:25:32.0314 0x0e10  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:25:32.0415 0x0e10  TimeBroker - ok
20:25:32.0480 0x0e10  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
20:25:32.0526 0x0e10  TPM - ok
20:25:32.0600 0x0e10  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:25:32.0664 0x0e10  TrkWks - ok
20:25:32.0771 0x0e10  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:25:32.0862 0x0e10  TrustedInstaller - ok
20:25:32.0913 0x0e10  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:25:33.0021 0x0e10  TsUsbFlt - ok
20:25:33.0068 0x0e10  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:25:33.0147 0x0e10  TsUsbGD - ok
20:25:33.0183 0x0e10  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:25:33.0252 0x0e10  tunnel - ok
20:25:33.0312 0x0e10  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:25:33.0367 0x0e10  uagp35 - ok
20:25:33.0415 0x0e10  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:25:33.0458 0x0e10  UASPStor - ok
20:25:33.0551 0x0e10  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
20:25:33.0600 0x0e10  UCX01000 - ok
20:25:33.0683 0x0e10  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:25:33.0776 0x0e10  udfs - ok
20:25:33.0834 0x0e10  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:25:33.0868 0x0e10  UEFI - ok
20:25:33.0925 0x0e10  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:25:34.0018 0x0e10  UI0Detect - ok
20:25:34.0043 0x0e10  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:25:34.0105 0x0e10  uliagpkx - ok
20:25:34.0155 0x0e10  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:25:34.0210 0x0e10  umbus - ok
20:25:34.0232 0x0e10  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:25:34.0281 0x0e10  UmPass - ok
20:25:34.0376 0x0e10  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:25:34.0475 0x0e10  UmRdpService - ok
20:25:34.0612 0x0e10  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:25:34.0690 0x0e10  upnphost - ok
20:25:34.0743 0x0e10  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:25:34.0847 0x0e10  USBAAPL64 - ok
20:25:34.0893 0x0e10  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:25:35.0055 0x0e10  usbaudio - ok
20:25:35.0135 0x0e10  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:25:35.0191 0x0e10  usbccgp - ok
20:25:35.0260 0x0e10  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:25:35.0339 0x0e10  usbcir - ok
20:25:35.0398 0x0e10  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:25:35.0441 0x0e10  usbehci - ok
20:25:35.0598 0x0e10  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:25:35.0668 0x0e10  usbhub - ok
20:25:35.0780 0x0e10  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:25:35.0855 0x0e10  USBHUB3 - ok
20:25:35.0927 0x0e10  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:25:36.0226 0x0e10  usbohci - ok
20:25:36.0268 0x0e10  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:25:36.0357 0x0e10  usbprint - ok
20:25:36.0420 0x0e10  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:25:36.0478 0x0e10  USBSTOR - ok
20:25:36.0517 0x0e10  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:25:36.0581 0x0e10  usbuhci - ok
20:25:36.0697 0x0e10  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:25:36.0766 0x0e10  usbvideo - ok
20:25:36.0875 0x0e10  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:25:36.0935 0x0e10  USBXHCI - ok
20:25:36.0960 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:25:36.0993 0x0e10  VaultSvc - ok
20:25:37.0058 0x0e10  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:25:37.0089 0x0e10  vdrvroot - ok
20:25:37.0255 0x0e10  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
20:25:37.0452 0x0e10  vds - ok
20:25:37.0531 0x0e10  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:25:37.0583 0x0e10  VerifierExt - ok
20:25:37.0711 0x0e10  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:25:37.0880 0x0e10  vhdmp - ok
20:25:37.0931 0x0e10  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
20:25:37.0986 0x0e10  viaide - ok
20:25:38.0068 0x0e10  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:25:38.0154 0x0e10  vmbus - ok
20:25:38.0217 0x0e10  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:25:38.0263 0x0e10  VMBusHID - ok
20:25:38.0403 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:25:38.0472 0x0e10  vmicguestinterface - ok
20:25:38.0548 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:25:38.0618 0x0e10  vmicheartbeat - ok
20:25:38.0707 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:25:38.0790 0x0e10  vmickvpexchange - ok
20:25:38.0851 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:25:38.0916 0x0e10  vmicrdv - ok
20:25:39.0053 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:25:39.0124 0x0e10  vmicshutdown - ok
20:25:39.0202 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:25:39.0277 0x0e10  vmictimesync - ok
20:25:39.0341 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:25:39.0409 0x0e10  vmicvss - ok
20:25:39.0485 0x0e10  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:25:39.0520 0x0e10  volmgr - ok
20:25:39.0553 0x0e10  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:25:39.0614 0x0e10  volmgrx - ok
20:25:39.0690 0x0e10  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:25:39.0748 0x0e10  volsnap - ok
20:25:39.0781 0x0e10  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:25:39.0839 0x0e10  vpci - ok
20:25:39.0888 0x0e10  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:25:39.0947 0x0e10  vsmraid - ok
20:25:40.0139 0x0e10  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
20:25:40.0346 0x0e10  VSS - ok
20:25:40.0437 0x0e10  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:25:40.0544 0x0e10  VSTXRAID - ok
20:25:40.0645 0x0e10  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:25:40.0774 0x0e10  vwifibus - ok
20:25:40.0849 0x0e10  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:25:40.0920 0x0e10  vwififlt - ok
20:25:40.0971 0x0e10  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:25:41.0029 0x0e10  vwifimp - ok
20:25:41.0117 0x0e10  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
20:25:41.0256 0x0e10  W32Time - ok
20:25:41.0276 0x0e10  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:25:41.0326 0x0e10  WacomPen - ok
20:25:41.0559 0x0e10  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:25:41.0848 0x0e10  wbengine - ok
20:25:42.0001 0x0e10  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:25:42.0174 0x0e10  WbioSrvc - ok
20:25:42.0294 0x0e10  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:25:42.0378 0x0e10  Wcmsvc - ok
20:25:42.0467 0x0e10  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:25:42.0536 0x0e10  wcncsvc - ok
20:25:42.0594 0x0e10  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:25:42.0749 0x0e10  WcsPlugInService - ok
20:25:42.0798 0x0e10  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:25:42.0830 0x0e10  WdBoot - ok
20:25:42.0955 0x0e10  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:25:43.0099 0x0e10  Wdf01000 - ok
20:25:43.0176 0x0e10  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:25:43.0229 0x0e10  WdFilter - ok
20:25:43.0295 0x0e10  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:25:43.0384 0x0e10  WdiServiceHost - ok
20:25:43.0416 0x0e10  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:25:43.0462 0x0e10  WdiSystemHost - ok
20:25:43.0534 0x0e10  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:25:43.0571 0x0e10  WdNisDrv - ok
20:25:43.0623 0x0e10  WdNisSvc - ok
20:25:43.0692 0x0e10  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:25:43.0788 0x0e10  WebClient - ok
20:25:43.0863 0x0e10  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:25:43.0933 0x0e10  Wecsvc - ok
20:25:43.0974 0x0e10  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:25:44.0035 0x0e10  WEPHOSTSVC - ok
20:25:44.0077 0x0e10  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:25:44.0212 0x0e10  wercplsupport - ok
20:25:44.0269 0x0e10  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:25:44.0349 0x0e10  WerSvc - ok
20:25:44.0403 0x0e10  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:25:44.0452 0x0e10  WFPLWFS - ok
20:25:44.0496 0x0e10  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:25:44.0536 0x0e10  WiaRpc - ok
20:25:44.0582 0x0e10  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:25:44.0617 0x0e10  WIMMount - ok
20:25:44.0623 0x0e10  WinDefend - ok
20:25:44.0786 0x0e10  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:25:44.0901 0x0e10  WinHttpAutoProxySvc - ok
20:25:45.0009 0x0e10  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:25:45.0112 0x0e10  Winmgmt - ok
20:25:45.0395 0x0e10  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:25:45.0704 0x0e10  WinRM - ok
20:25:45.0778 0x0e10  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
20:25:45.0846 0x0e10  WinUsb - ok
20:25:45.0977 0x0e10  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:25:46.0179 0x0e10  WlanSvc - ok
20:25:46.0360 0x0e10  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:25:46.0561 0x0e10  wlidsvc - ok
20:25:46.0622 0x0e10  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:25:46.0649 0x0e10  WmiAcpi - ok
20:25:46.0722 0x0e10  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:25:46.0796 0x0e10  wmiApSrv - ok
20:25:46.0824 0x0e10  WMPNetworkSvc - ok
20:25:46.0909 0x0e10  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:25:46.0952 0x0e10  Wof - ok
20:25:47.0170 0x0e10  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:25:47.0424 0x0e10  workfolderssvc - ok
20:25:47.0474 0x0e10  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:25:47.0517 0x0e10  wpcfltr - ok
20:25:47.0578 0x0e10  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
20:25:47.0682 0x0e10  WPCSvc - ok
20:25:47.0733 0x0e10  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:25:47.0810 0x0e10  WPDBusEnum - ok
20:25:47.0849 0x0e10  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:25:47.0882 0x0e10  WpdUpFltr - ok
20:25:47.0938 0x0e10  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:25:47.0997 0x0e10  ws2ifsl - ok
20:25:48.0044 0x0e10  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:25:48.0156 0x0e10  wscsvc - ok
20:25:48.0165 0x0e10  WSearch - ok
20:25:48.0645 0x0e10  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
20:25:49.0049 0x0e10  WSService - ok
20:25:49.0440 0x0e10  [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:25:50.0022 0x0e10  wuauserv - ok
20:25:50.0134 0x0e10  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:25:50.0233 0x0e10  WudfPf - ok
20:25:50.0299 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0367 0x0e10  WUDFRd - ok
20:25:50.0461 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0515 0x0e10  WUDFSensorLP - ok
20:25:50.0577 0x0e10  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:25:50.0642 0x0e10  wudfsvc - ok
20:25:50.0701 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdComp     C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0750 0x0e10  WUDFWpdComp - ok
20:25:50.0776 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0823 0x0e10  WUDFWpdFs - ok
20:25:50.0860 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0907 0x0e10  WUDFWpdMtp - ok
20:25:51.0025 0x0e10  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:25:51.0102 0x0e10  WwanSvc - ok
20:25:51.0134 0x0e10  ================ Scan global ===============================
20:25:51.0221 0x0e10  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
20:25:51.0323 0x0e10  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
20:25:51.0389 0x0e10  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
20:25:51.0445 0x0e10  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
20:25:51.0473 0x0e10  [ Global ] - ok
20:25:51.0475 0x0e10  ================ Scan MBR ==================================
20:25:51.0525 0x0e10  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:25:52.0362 0x0e10  \Device\Harddisk0\DR0 - ok
20:25:52.0364 0x0e10  ================ Scan VBR ==================================
20:25:52.0391 0x0e10  [ 3E11DBB9BBAB905839083B3D45D63D77 ] \Device\Harddisk0\DR0\Partition1
20:25:52.0435 0x0e10  \Device\Harddisk0\DR0\Partition1 - ok
20:25:52.0453 0x0e10  [ 2AB5562AE31A11B41FE145C67364D6D2 ] \Device\Harddisk0\DR0\Partition2
20:25:52.0491 0x0e10  \Device\Harddisk0\DR0\Partition2 - ok
20:25:52.0492 0x0e10  ================ Scan generic autorun ======================
20:25:52.0548 0x0e10  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
20:25:52.0588 0x0e10  IgfxTray - ok
20:25:52.0641 0x0e10  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\WINDOWS\system32\hkcmd.exe
20:25:52.0689 0x0e10  HotKeysCmds - ok
20:25:52.0770 0x0e10  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
20:25:52.0828 0x0e10  Persistence - ok
20:25:52.0831 0x0e10  SynTPEnh - ok
20:25:52.0930 0x0e10  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
20:25:52.0980 0x0e10  iTunesHelper - ok
20:25:53.0169 0x0e10  [ 9F60097061F79620C9C59FF37A61D852, 9B94C00CAA1F4DF95485F994576DA68B30635C628CFE3D6AE1811E6FEB1A56CA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:25:53.0205 0x0e10  APSDaemon - ok
20:25:53.0485 0x0e10  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:25:53.0572 0x0e10  avgnt - ok
20:25:53.0699 0x0e10  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
20:25:53.0729 0x0e10  Avira Systray - ok
20:25:54.0074 0x0e10  [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:25:54.0321 0x0e10  Spotify Web Helper - ok
20:25:54.0719 0x0e10  [ B0C5B0AC6D5AA99B78CEB418A6FF80D1, 9544B0DF4AAC6EC6399619784E3BBC1180977DA1ED25F4D89EE22DA7A195E79A ] C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
20:25:55.0199 0x0e10  Amazon Music - ok
20:25:55.0525 0x0e10  [ 71DCFA65CC4349CF08BFFF7A14D8BAE4, 61DAE2C9EED97F325F449A77FB2E1AAAB90AA2329A0B7AE182B8A808017C11F0 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:25:55.0610 0x0e10  GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56 - ok
20:25:55.0654 0x0e10  Skype - ok
20:25:56.0082 0x0e10  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
20:25:56.0287 0x0e10  Steam - ok
20:25:57.0037 0x0e10  [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
20:25:57.0693 0x0e10  Spotify - ok
20:25:57.0808 0x0e10  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
20:25:57.0951 0x0e10  WAB Migrate - ok
20:25:57.0954 0x0e10  Waiting for KSN requests completion. In queue: 222
20:25:58.0955 0x0e10  Waiting for KSN requests completion. In queue: 222
20:25:59.0955 0x0e10  Waiting for KSN requests completion. In queue: 222
20:26:00.0984 0x0e10  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
20:26:01.0051 0x0e10  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:26:01.0069 0x0e10  Win FW state via NFP2: enabled ( trusted )
20:26:03.0515 0x0e10  ============================================================
20:26:03.0515 0x0e10  Scan finished
20:26:03.0515 0x0e10  ============================================================
20:26:03.0539 0x0c3c  Detected object count: 0
20:26:03.0539 0x0c3c  Actual detected object count: 0
         
MFG CrshdBounty

Alt 01.10.2015, 19:22   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.10.2015, 15:45   #6
CrshdBounty
 
Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails



Danke wiedereinmal für die schnelle Antwort. Die Logs:

1.Malewarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.10.2015
Suchlaufzeit: 11:57
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.02.03
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: *****

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgebrochen
Durchsuchte Objekte: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 1 Min., 22 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
2.AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.009 - Bericht erstellt am 02/10/2015 um 14:55:09
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : ***** - X75V
# Gestartet von : C:\Users\*****\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\ProgramData\Tarma Installer
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\Software_Updater
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\SoftwareUpdater
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Activeris
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Babylon
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\goforfiles
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsmode.com_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsmode.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.moderndaybabylon.net_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.moderndaybabylon.net_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : BrowserProtect
[-] Task Gelöscht : GoforFilesUpdate
[-] Task Gelöscht : Software Updater
[-] Task Gelöscht : Software Updater Ui
[-] Task Gelöscht : amiupdaterExd
[-] Task Gelöscht : amiupdaterExi
[-] Task Gelöscht : Adobe Flash Player Updater
[-] Task Gelöscht : AdobeFlashPlayerUpdate
[-] Task Gelöscht : AdobeFlashPlayerUpdate 2

***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
[-] Schlüssel Gelöscht : HKCU\Software\5d2d68bbd34be10
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\5d2d68bbd34be10
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
[-] Schlüssel Gelöscht : HKCU\Software\GoforFiles
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GoforFiles
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\IePlugin
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\BABSOLUTION
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\GoforFiles
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\re-markit
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\re-markit
[-] Daten Wiederhergestellt : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

***** [ Internetbrowser ] *****

[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npnkeeiehehhefofiekoflfedgehcdhl
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6805 Bytes] ##########
         
3.Junkware Removal Tool
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Bosch on 02.10.2015 at 15:11:22,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\esellerate
Successfully deleted: [Folder] C:\Users\*****\Appdata\Local\com



~~~ Chrome


[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.10.2015 at 15:18:03,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
4.FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von ***** (Administrator) auf X75V (02-10-2015 15:25:44)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** &  (Verfügbare Profile: *****)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-29] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-05] ()
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-29] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {3448ea64-ee3a-11e3-befc-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {49c230f1-ad5d-11e3-beee-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {4f2c859f-72f7-11e4-bf22-08606e4c35fc} - "F:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {824887c6-2e6f-11e3-bea7-08606e4c35fc} - "G:\Startme.exe" 
HKU\S-1-5-21-226644849-438525468-1118309550-1008-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{6E7F3371-D941-4CC4-9896-A6088121ED37}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{ED68718E-4F13-41D3-8285-B7D0E3D13572}: [NameServer] 192.168.0.1,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
URLSearchHook: [S-1-5-21-226644849-438525468-1118309550-1008-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-06-09]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-04] (EasyAntiCheat Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-22] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
U4 secdrv; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 15:18 - 2015-10-02 15:18 - 00001340 _____ C:\Users\*****\Desktop\JRT.txt
2015-10-02 15:09 - 2015-10-02 15:09 - 01798976 _____ (Malwarebytes) C:\Users\*****\Desktop\JRT.exe
2015-10-02 15:01 - 2015-10-02 15:01 - 00006908 _____ C:\Users\*****\Desktop\AdwCleaner[C1].txt
2015-10-02 14:52 - 2015-10-02 14:55 - 00000000 ____D C:\AdwCleaner
2015-10-02 14:48 - 2015-10-02 14:48 - 01670656 _____ C:\Users\*****\Desktop\AdwCleaner_5.009.exe
2015-10-02 14:47 - 2015-10-02 14:47 - 00001226 _____ C:\Users\*****\Desktop\mbam.txt
2015-10-02 11:53 - 2015-10-02 14:47 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-02 11:53 - 2015-10-02 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-02 11:53 - 2015-10-02 11:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-02 11:53 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-02 11:53 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-02 11:50 - 2015-10-02 11:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-02 08:53 - 2015-10-02 08:53 - 00049541 _____ C:\Users\*****\Desktop\CharakterisierungNick.odt
2015-09-30 15:49 - 2015-10-02 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-30 15:48 - 2015-10-02 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-30 15:48 - 2015-10-02 11:55 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-30 15:45 - 2015-09-30 19:49 - 00000000 ____D C:\Users\*****\Desktop\mbar
2015-09-30 15:45 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-30 15:44 - 2015-09-30 15:44 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\*****\Downloads\tdsskiller.exe
2015-09-30 15:41 - 2015-09-30 15:42 - 16563352 _____ (Malwarebytes Corp.) C:\Users\*****\Downloads\mbar-1.09.3.1001.exe
2015-09-29 18:07 - 2015-09-29 18:34 - 00009743 _____ C:\Users\*****\Downloads\Gmer.log
2015-09-29 17:20 - 2015-09-29 17:20 - 00380416 _____ C:\Users\*****\Downloads\Gmer-19357.exe
2015-09-29 17:05 - 2015-09-29 18:36 - 00041422 _____ C:\Users\*****\Downloads\Addition.txt
2015-09-29 17:02 - 2015-10-02 15:25 - 00014759 _____ C:\Users\*****\Downloads\FRST.txt
2015-09-29 17:02 - 2015-10-02 15:25 - 00000000 ____D C:\FRST
2015-09-29 17:01 - 2015-09-29 17:01 - 02192384 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-09-29 17:00 - 2015-09-29 18:33 - 00000474 _____ C:\Users\*****\Downloads\defogger_disable.log
2015-09-29 17:00 - 2015-09-29 17:00 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-09-29 16:59 - 2015-09-29 16:59 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2015-09-25 17:40 - 2015-09-26 19:54 - 00091836 _____ C:\Users\*****\Desktop\Die Hexer.odt
2015-09-25 16:05 - 2015-09-25 16:05 - 00000222 _____ C:\Users\*****\Desktop\Europa Universalis IV.url
2015-09-25 13:03 - 2015-09-25 13:08 - 00000619 _____ C:\Users\*****\Desktop\Über Katzen.txt
2015-09-23 20:16 - 2015-09-23 20:16 - 00000221 _____ C:\Users\*****\Desktop\Victoria Revolutions.url
2015-09-22 17:29 - 2015-09-24 21:19 - 00058932 _____ C:\Users\*****\Desktop\HannesCharakterisierung.odt
2015-09-16 16:17 - 2015-09-23 18:41 - 00000000 ____D C:\Users\*****\Desktop\Writing Excuses 5
2015-09-12 16:06 - 2015-09-18 18:04 - 00000000 ____D C:\Users\*****\Downloads\FTG_1_3_29Dec
2015-09-12 16:05 - 2015-09-12 16:06 - 18820710 _____ C:\Users\*****\Downloads\FTG_1_3_29Dec.7z
2015-09-12 13:16 - 2015-09-18 17:25 - 00000221 _____ C:\Users\*****\Desktop\For The Glory.url
2015-09-11 16:57 - 2015-09-11 16:57 - 00000222 _____ C:\Users\*****\Desktop\Crusader Kings Complete.url
2015-09-11 16:46 - 2015-10-02 15:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-11 16:46 - 2015-10-02 14:47 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-11 16:46 - 2015-09-11 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-10 21:50 - 2015-09-10 22:55 - 00000000 ____D C:\Program Files (x86)\C-evo
2015-09-10 13:00 - 2015-09-10 22:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\C-evo
2015-09-08 22:48 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:48 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:48 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:48 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 22:48 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:48 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:48 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:48 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:48 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:48 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:48 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:48 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:48 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:48 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:48 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:48 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:48 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:48 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:48 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:48 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:48 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:48 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 22:48 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 22:48 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 22:48 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 22:48 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 22:47 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:47 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:47 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:47 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:47 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:47 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:47 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:47 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:47 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 22:47 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 22:47 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 22:47 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 22:47 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-06 21:24 - 2015-09-06 21:24 - 00000847 _____ C:\Users\*****\AppData\Local\recently-used.xbel
2015-09-06 17:51 - 2015-09-06 17:53 - 04762478 _____ C:\Users\*****\Desktop\Weltkarte-blank.svg
2015-09-06 14:33 - 2015-09-06 14:33 - 00000087 ____H C:\Users\*****\Desktop\.~lock.Homo faber.MP4#

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 15:18 - 2014-01-12 22:24 - 00000000 __RDO C:\Users\*****\SkyDrive
2015-10-02 15:18 - 2013-02-05 12:58 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-226644849-438525468-1118309550-1001
2015-10-02 15:00 - 2013-10-08 19:40 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job
2015-10-02 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-02 14:58 - 2015-01-02 18:42 - 00041319 _____ C:\WINDOWS\setupact.log
2015-10-02 14:58 - 2015-01-02 16:53 - 00221120 _____ C:\WINDOWS\PFRO.log
2015-10-02 14:58 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-02 14:57 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-02 14:54 - 2014-09-11 02:34 - 01376649 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-02 14:48 - 2015-06-12 13:16 - 00002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-10-02 14:48 - 2014-05-26 17:47 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-10-02 14:48 - 2014-01-12 21:35 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-02 14:48 - 2013-02-11 16:58 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-02 14:48 - 2013-02-10 18:56 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-02 14:47 - 2015-07-24 19:28 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-02 14:47 - 2015-03-03 15:43 - 00001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-02 14:47 - 2013-04-13 14:51 - 00000872 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-02 14:46 - 2015-03-24 03:03 - 00001847 _____ C:\Users\*****\Desktop\Spotify.lnk
2015-10-02 14:46 - 2014-11-05 01:22 - 00001512 _____ C:\Users\*****\Desktop\Lazarus.lnk
2015-10-02 14:46 - 2014-07-18 21:42 - 00000793 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2015-10-02 14:46 - 2014-06-06 17:11 - 00001019 _____ C:\Users\*****\Desktop\yWriter5.lnk
2015-10-02 14:46 - 2014-06-03 17:23 - 00001127 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2015-10-02 14:46 - 2014-06-03 17:23 - 00001103 _____ C:\Users\*****\Desktop\FreeMind.lnk
2015-10-02 14:46 - 2014-01-12 22:21 - 00001450 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-02 14:46 - 2013-12-17 16:31 - 00002230 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2015-10-02 14:46 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-10-02 14:46 - 2013-05-19 23:09 - 00001555 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft.WindowsLive.Calendar.lnk
2015-10-02 14:46 - 2013-05-04 13:52 - 00001833 _____ C:\Users\v\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-02 14:30 - 2013-09-02 14:21 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 13:59 - 2014-03-18 20:40 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A674EFEF-598F-41CF-A610-7C4F5B9A8590}
2015-10-02 07:34 - 2015-01-10 23:51 - 00000000 ____D C:\Users\*****\Desktop\Schulische Dolument K1
2015-10-01 07:29 - 2013-11-14 09:27 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-01 07:29 - 2013-11-14 09:11 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-01 07:29 - 2013-11-14 09:11 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-29 22:11 - 2013-05-04 13:52 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2015-09-29 21:33 - 2013-05-04 13:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2015-09-29 17:00 - 2014-01-12 21:30 - 00000000 ____D C:\Users\*****
2015-09-29 13:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-24 17:40 - 2015-04-22 21:12 - 00000000 ____D C:\Users\*****\Videos\Documents\My Games
2015-09-24 16:08 - 2014-06-18 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-24 16:08 - 2014-03-11 23:11 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2015-09-22 21:44 - 2013-04-10 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-22 21:41 - 2013-05-07 22:07 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 21:41 - 2013-04-10 19:25 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 19:56 - 2015-07-04 16:13 - 00000000 ____D C:\Program Files (x86)\TripleA
2015-09-22 16:58 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 17:35 - 2013-12-16 19:49 - 00025418 _____ C:\Users\*****\Videos\Documents\Unbenannt 1.odt
2015-09-18 17:25 - 2013-12-10 14:27 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e
2015-09-18 17:25 - 2013-09-02 14:21 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:42 - 2013-06-05 14:19 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-09-16 13:55 - 2013-09-02 14:21 - 00000000 ____D C:\Users\*****\AppData\Local\Google
2015-09-15 03:18 - 2015-03-13 14:04 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-13 14:04 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 13:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-13 20:23 - 2015-03-29 18:42 - 00000000 ____D C:\Users\*****\Desktop\Projekte
2015-09-11 17:31 - 2015-01-27 20:29 - 00072952 _____ C:\WINDOWS\DirectX.log
2015-09-11 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-11 14:00 - 2013-08-22 16:44 - 00497528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 23:39 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 22:55 - 2015-04-10 01:12 - 00000651 _____ C:\Users\*****\Videos\Documents\Uninstall STAR WARS The Old Republic.log
2015-09-09 13:34 - 2013-08-31 21:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:50 - 2014-05-26 17:51 - 00000000 ____D C:\Users\*****\.gimp-2.8
2015-09-06 21:24 - 2014-05-27 13:17 - 00000000 ____D C:\Users\*****\AppData\Local\gtk-2.0
2015-09-03 15:07 - 2013-04-10 19:25 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-06 21:24 - 2015-09-06 21:24 - 0000847 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2013-12-20 14:30 - 2013-12-20 14:30 - 0007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\BRSVC_18420437_hlp.exe
C:\Users\*****\AppData\Local\Temp\comver.dll
C:\Users\*****\AppData\Local\Temp\EBU252A.exe
C:\Users\*****\AppData\Local\Temp\EBU3CAA.DLL
C:\Users\*****\AppData\Local\Temp\iiuninst.exe
C:\Users\*****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\Temp\project1.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-02 15:18

==================== Ende von FRST.txt ============================
         
MFG CrshdBounty

Alt 03.10.2015, 12:31   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Email-Adresse versendet Spammails - Standard

Email-Adresse versendet Spammails




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Email-Adresse versendet Spammails
akamai, antivir, antivirus, avira, bonjour, converter, cpu, desktop, device driver, dnsapi.dll, flash player, google, iexplore.exe, mozilla, mp3, problem, prozesse, registry, rundll, scan, server, software, spam versand von meinem account, svchost.exe, system, virus, warnung, windows



Ähnliche Themen: Email-Adresse versendet Spammails


  1. Email Adresse versendet Spam (über 4000 Mails) trotz Passwortänderung/Formatierung/Systemwechsel an Kontakte und Fremde (kein Spoofing)
    Plagegeister aller Art und deren Bekämpfung - 01.10.2015 (9)
  2. Täglich Spam versendet von meiner T-online Email Adresse
    Log-Analyse und Auswertung - 21.08.2015 (10)
  3. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  4. Win7: Email versendet Spammails
    Log-Analyse und Auswertung - 11.12.2014 (18)
  5. Mailaccount versendet mutmaßlich Spammails
    Überwachung, Datenschutz und Spam - 04.06.2014 (5)
  6. Emailadresse versendet Spammails
    Log-Analyse und Auswertung - 03.02.2014 (7)
  7. Email an meine Mutter unter meinem Namen von unbekannter Email Adresse
    Überwachung, Datenschutz und Spam - 01.11.2013 (1)
  8. Spammail wird von meiner Email Adresse versendet
    Log-Analyse und Auswertung - 19.10.2013 (16)
  9. Email-Adresse versendet eigenständig Inkasso-Emails
    Plagegeister aller Art und deren Bekämpfung - 05.09.2013 (8)
  10. IPhone versendet Spammails aus GMX Account
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (0)
  11. Spammails von GMX-Adresse
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (3)
  12. Hotmail versendet automatisch Spammails
    Log-Analyse und Auswertung - 08.06.2012 (3)
  13. Von meiner Web Adresse werden Email versendet obwohl der PC aus ist.
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (4)
  14. Über meine email-Adresse wurde Spam an Kontakte versendet! Malware gefunden!
    Log-Analyse und Auswertung - 16.11.2010 (12)
  15. Spam über meine email Adresse versendet
    Log-Analyse und Auswertung - 17.10.2010 (1)
  16. Über IP-Adresse werden Spammails versendet, T-Online beschränkt Mailversand
    Überwachung, Datenschutz und Spam - 05.07.2010 (1)

Zum Thema Email-Adresse versendet Spammails - Hallo zusammen, ich habe seit einigen Tagen das Problem, dass von meinem Mailaccount Spammails verschickt werden. Es ist mir unbekannt wo ich mir diesen Virus eingefangen habe oder ob es - Email-Adresse versendet Spammails...
Archiv
Du betrachtest: Email-Adresse versendet Spammails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.