| |
| |||||||
Log-Analyse und Auswertung: JRT komische FundeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.04.2016, 19:46
| #1 |
 |  JRT komische Funde Hi hatte heute mal ein JRT Scan gemacht, dabei fand er folgendes--> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.4 (03.14.2016) Operating System: Windows 7 Ultimate x86 Ran by wolverine (Administrator) on 08.04.2016 at 20:38:45.87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 14 Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\Users\wolverine\AppData\Roaming\productdata (Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2Q7I8XXS (Temporary Internet Files Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FND0P0D (Temporary Internet Files Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3BF8LO3 (Temporary Internet Files Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM7PUEPS (Temporary Internet Files Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8E987L0 (Temporary Internet Files Folder) Successfully deleted: C:\Users\wolverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHXF8FYR (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2Q7I8XXS (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FND0P0D (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3BF8LO3 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM7PUEPS (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8E987L0 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHXF8FYR (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08.04.2016 at 20:39:37.08 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ das komische dabei ist das ich diese Ordner vorher per CCleaner geleert hab.Allerdings läuft die CCleaner Überwachung vielleicht hängt das damit zusammen irgendwie  |
|
08.04.2016, 22:09
| #2 |
| /// TB-Ausbilder   | JRT komische Funde keine Adware in der Logdatei zu sehen.  Gibt es Probleme? |
|
09.04.2016, 08:39
| #3 | |
| | JRT komische FundeCode:
ATTFilter 09:14:32.0543 0x0f70 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:14:37.0347 0x0f70 ============================================================
09:14:37.0347 0x0f70 Current date / time: 2016/04/09 09:14:37.0347
09:14:37.0347 0x0f70 SystemInfo:
09:14:37.0347 0x0f70
09:14:37.0347 0x0f70 OS Version: 6.1.7601 ServicePack: 1.0
09:14:37.0347 0x0f70 Product type: Workstation
09:14:37.0347 0x0f70 ComputerName: X2
09:14:37.0347 0x0f70 UserName: wolverine
09:14:37.0347 0x0f70 Windows directory: C:\Windows
09:14:37.0347 0x0f70 System windows directory: C:\Windows
09:14:37.0347 0x0f70 Processor architecture: Intel x86
09:14:37.0347 0x0f70 Number of processors: 2
09:14:37.0347 0x0f70 Page size: 0x1000
09:14:37.0347 0x0f70 Boot type: Normal boot
09:14:37.0347 0x0f70 ============================================================
09:14:38.0673 0x0f70 KLMD registered as C:\Windows\system32\drivers\53861401.sys
09:14:39.0656 0x0f70 System UUID: {9F94B67F-8567-10DD-60E2-AD0413C2019A}
09:14:40.0233 0x0f70 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:14:41.0591 0x0f70 ============================================================
09:14:41.0591 0x0f70 \Device\Harddisk0\DR0:
09:14:41.0591 0x0f70 MBR partitions:
09:14:41.0591 0x0f70 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:14:41.0591 0x0f70 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
09:14:41.0591 0x0f70 ============================================================
09:14:41.0622 0x0f70 C: <-> \Device\Harddisk0\DR0\Partition2
09:14:41.0622 0x0f70 ============================================================
09:14:41.0622 0x0f70 Initialize success
09:14:41.0622 0x0f70 ============================================================
09:14:51.0700 0x0d90 ============================================================
09:14:51.0700 0x0d90 Scan started
09:14:51.0700 0x0d90 Mode: Manual; SigCheck; TDLFS;
09:14:51.0700 0x0d90 ============================================================
09:14:51.0700 0x0d90 KSN ping started
09:14:51.0793 0x0d90 KSN ping finished: false
09:14:52.0651 0x0d90 ================ Scan system memory ========================
09:14:52.0651 0x0d90 System memory - ok
09:14:52.0651 0x0d90 ================ Scan services =============================
09:14:52.0807 0x0d90 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:14:52.0870 0x0d90 1394ohci - ok
09:14:52.0901 0x0d90 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:14:52.0916 0x0d90 ACPI - ok
09:14:52.0932 0x0d90 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:14:52.0963 0x0d90 AcpiPmi - ok
09:14:53.0041 0x0d90 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:14:53.0057 0x0d90 AdobeFlashPlayerUpdateSvc - ok
09:14:53.0072 0x0d90 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:14:53.0088 0x0d90 adp94xx - ok
09:14:53.0104 0x0d90 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:14:53.0119 0x0d90 adpahci - ok
09:14:53.0135 0x0d90 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:14:53.0135 0x0d90 adpu320 - ok
09:14:53.0166 0x0d90 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:14:53.0213 0x0d90 AeLookupSvc - ok
09:14:53.0306 0x0d90 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
09:14:53.0353 0x0d90 AFD - ok
09:14:53.0369 0x0d90 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:14:53.0384 0x0d90 agp440 - ok
09:14:53.0431 0x0d90 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:14:53.0431 0x0d90 aic78xx - ok
09:14:53.0462 0x0d90 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
09:14:53.0525 0x0d90 ALG - ok
09:14:53.0556 0x0d90 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
09:14:53.0572 0x0d90 aliide - ok
09:14:53.0618 0x0d90 [ DAF40B44A575C72A4EEAF1741A2B292E, A8C99285F1A48C39144A9CD4069448510A6B92CC6E2BB2177E25B52624806F3E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:14:53.0806 0x0d90 AMD External Events Utility - ok
09:14:53.0821 0x0d90 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:14:53.0837 0x0d90 amdagp - ok
09:14:53.0852 0x0d90 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
09:14:53.0868 0x0d90 amdide - ok
09:14:53.0899 0x0d90 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:14:53.0946 0x0d90 AmdK8 - ok
09:14:54.0398 0x0d90 [ A803E2A6494CB9186E8B51A971E6F254, 9A8FED3647D8CC80443D8C86EE56ADA8DA4FD08B7C262964F7444EA9E4201D97 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:14:54.0991 0x0d90 amdkmdag - ok
09:14:55.0069 0x0d90 [ 38CAAD096BE5D563A03F583F181D9879, 9EE01DEAD2E2FD1CF3385F4BA54BC8B461A235E411739BCC969F22529D87DCB1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:14:55.0147 0x0d90 amdkmdap - ok
09:14:55.0178 0x0d90 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:14:55.0210 0x0d90 AmdPPM - ok
09:14:55.0241 0x0d90 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:14:55.0256 0x0d90 amdsata - ok
09:14:55.0288 0x0d90 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:14:55.0303 0x0d90 amdsbs - ok
09:14:55.0303 0x0d90 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:14:55.0319 0x0d90 amdxata - ok
09:14:55.0334 0x0d90 AndNetDiag - ok
09:14:55.0490 0x0d90 ANDNetModem - ok
09:14:55.0490 0x0d90 andnetndis - ok
09:14:55.0522 0x0d90 [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID C:\Windows\system32\drivers\appid.sys
09:14:55.0553 0x0d90 AppID - ok
09:14:55.0568 0x0d90 [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:14:55.0600 0x0d90 AppIDSvc - ok
09:14:55.0615 0x0d90 [ 9301097DEDE52B424D55361A9806AD46, D84C4316AA9436D93B273C71964D9D01773E4837C253E798C68DF43ABD356C93 ] Appinfo C:\Windows\System32\appinfo.dll
09:14:55.0646 0x0d90 Appinfo - ok
09:14:55.0662 0x0d90 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:14:55.0709 0x0d90 AppMgmt - ok
09:14:55.0756 0x0d90 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:14:55.0756 0x0d90 arc - ok
09:14:55.0771 0x0d90 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:14:55.0771 0x0d90 arcsas - ok
09:14:55.0865 0x0d90 [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:14:55.0880 0x0d90 aspnet_state - ok
09:14:55.0912 0x0d90 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:14:55.0943 0x0d90 AsyncMac - ok
09:14:55.0974 0x0d90 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
09:14:55.0990 0x0d90 atapi - ok
09:14:56.0021 0x0d90 [ 5C86176DD05907F40906A3F07F201965, DDF760690E412B75E1D3E0B0A624AB4D09D43E3D82CDAF0261B5A6AA08B408AE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
09:14:56.0052 0x0d90 AtiHDAudioService - ok
09:14:56.0083 0x0d90 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:14:56.0114 0x0d90 AudioEndpointBuilder - ok
09:14:56.0130 0x0d90 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:14:56.0146 0x0d90 Audiosrv - ok
09:14:56.0161 0x0d90 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:14:56.0208 0x0d90 AxInstSV - ok
09:14:56.0239 0x0d90 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:14:56.0286 0x0d90 b06bdrv - ok
09:14:56.0302 0x0d90 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:14:56.0348 0x0d90 b57nd60x - ok
09:14:56.0364 0x0d90 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
09:14:56.0473 0x0d90 BDESVC - ok
09:14:56.0489 0x0d90 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
09:14:56.0536 0x0d90 Beep - ok
09:14:56.0567 0x0d90 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
09:14:56.0645 0x0d90 BFE - ok
09:14:56.0676 0x0d90 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
09:14:56.0754 0x0d90 BITS - ok
09:14:56.0770 0x0d90 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:14:56.0801 0x0d90 blbdrive - ok
09:14:56.0832 0x0d90 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:14:56.0863 0x0d90 bowser - ok
09:14:56.0879 0x0d90 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:14:56.0957 0x0d90 BrFiltLo - ok
09:14:56.0957 0x0d90 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:14:56.0988 0x0d90 BrFiltUp - ok
09:14:57.0004 0x0d90 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:14:57.0035 0x0d90 BridgeMP - ok
09:14:57.0050 0x0d90 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
09:14:57.0097 0x0d90 Browser - ok
09:14:57.0113 0x0d90 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:14:57.0160 0x0d90 Brserid - ok
09:14:57.0175 0x0d90 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:14:57.0206 0x0d90 BrSerWdm - ok
09:14:57.0222 0x0d90 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:14:57.0253 0x0d90 BrUsbMdm - ok
09:14:57.0269 0x0d90 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:14:57.0300 0x0d90 BrUsbSer - ok
09:14:57.0316 0x0d90 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:14:57.0347 0x0d90 BTHMODEM - ok
09:14:57.0394 0x0d90 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
09:14:57.0456 0x0d90 bthserv - ok
09:14:57.0487 0x0d90 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:14:57.0534 0x0d90 cdfs - ok
09:14:57.0565 0x0d90 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:14:57.0596 0x0d90 cdrom - ok
09:14:57.0612 0x0d90 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
09:14:57.0659 0x0d90 CertPropSvc - ok
09:14:57.0659 0x0d90 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:14:57.0706 0x0d90 circlass - ok
09:14:57.0737 0x0d90 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
09:14:57.0752 0x0d90 CLFS - ok
09:14:57.0784 0x0d90 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:14:57.0799 0x0d90 clr_optimization_v2.0.50727_32 - ok
09:14:57.0846 0x0d90 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:14:57.0862 0x0d90 clr_optimization_v4.0.30319_32 - ok
09:14:57.0877 0x0d90 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:14:57.0908 0x0d90 CmBatt - ok
09:14:57.0924 0x0d90 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:14:57.0940 0x0d90 cmdide - ok
09:14:57.0955 0x0d90 [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG C:\Windows\system32\Drivers\cng.sys
09:14:57.0986 0x0d90 CNG - ok
09:14:58.0002 0x0d90 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:14:58.0002 0x0d90 Compbatt - ok
09:14:58.0018 0x0d90 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:14:58.0064 0x0d90 CompositeBus - ok
09:14:58.0064 0x0d90 COMSysApp - ok
09:14:58.0080 0x0d90 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:14:58.0096 0x0d90 crcdisk - ok
09:14:58.0127 0x0d90 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:14:58.0158 0x0d90 CryptSvc - ok
09:14:58.0189 0x0d90 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
09:14:58.0236 0x0d90 CSC - ok
09:14:58.0298 0x0d90 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
09:14:58.0376 0x0d90 CscService - ok
09:14:58.0423 0x0d90 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:14:58.0470 0x0d90 DcomLaunch - ok
09:14:58.0486 0x0d90 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
09:14:58.0548 0x0d90 defragsvc - ok
09:14:58.0595 0x0d90 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:14:58.0626 0x0d90 DfsC - ok
09:14:58.0657 0x0d90 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:14:58.0704 0x0d90 Dhcp - ok
09:14:58.0766 0x0d90 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
09:14:58.0844 0x0d90 DiagTrack - ok
09:14:58.0860 0x0d90 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
09:14:58.0907 0x0d90 discache - ok
09:14:58.0938 0x0d90 [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
09:14:58.0938 0x0d90 Disk - ok
09:14:58.0969 0x0d90 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:14:59.0032 0x0d90 Dnscache - ok
09:14:59.0063 0x0d90 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
09:14:59.0125 0x0d90 dot3svc - ok
09:14:59.0156 0x0d90 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
09:14:59.0203 0x0d90 DPS - ok
09:14:59.0250 0x0d90 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:14:59.0266 0x0d90 drmkaud - ok
09:14:59.0344 0x0d90 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:14:59.0359 0x0d90 DXGKrnl - ok
09:14:59.0390 0x0d90 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
09:14:59.0422 0x0d90 EapHost - ok
09:14:59.0515 0x0d90 eapihdrv - ok
09:14:59.0593 0x0d90 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:14:59.0718 0x0d90 ebdrv - ok
09:14:59.0749 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] EFS C:\Windows\System32\lsass.exe
09:14:59.0765 0x0d90 EFS - ok
09:14:59.0827 0x0d90 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:14:59.0936 0x0d90 ehRecvr - ok
09:14:59.0952 0x0d90 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
09:15:00.0014 0x0d90 ehSched - ok
09:15:00.0046 0x0d90 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:15:00.0061 0x0d90 elxstor - ok
09:15:00.0092 0x0d90 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:15:00.0108 0x0d90 ErrDev - ok
09:15:00.0139 0x0d90 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
09:15:00.0170 0x0d90 EventSystem - ok
09:15:00.0202 0x0d90 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
09:15:00.0248 0x0d90 exfat - ok
09:15:00.0264 0x0d90 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:15:00.0311 0x0d90 fastfat - ok
09:15:00.0358 0x0d90 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
09:15:00.0436 0x0d90 Fax - ok
09:15:00.0451 0x0d90 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:15:00.0467 0x0d90 fdc - ok
09:15:00.0498 0x0d90 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
09:15:00.0529 0x0d90 fdPHost - ok
09:15:00.0529 0x0d90 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
09:15:00.0576 0x0d90 FDResPub - ok
09:15:00.0607 0x0d90 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:15:00.0623 0x0d90 FileInfo - ok
09:15:00.0638 0x0d90 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:15:00.0670 0x0d90 Filetrace - ok
09:15:00.0685 0x0d90 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:15:00.0701 0x0d90 flpydisk - ok
09:15:00.0732 0x0d90 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:15:00.0748 0x0d90 FltMgr - ok
09:15:00.0794 0x0d90 [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache C:\Windows\system32\FntCache.dll
09:15:00.0888 0x0d90 FontCache - ok
09:15:00.0919 0x0d90 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:15:00.0935 0x0d90 FontCache3.0.0.0 - ok
09:15:00.0950 0x0d90 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:15:00.0966 0x0d90 FsDepends - ok
09:15:00.0982 0x0d90 [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
09:15:01.0013 0x0d90 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
09:15:01.0075 0x0d90 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
09:15:01.0138 0x0d90 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:15:01.0138 0x0d90 Fs_Rec - ok
09:15:01.0184 0x0d90 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:15:01.0184 0x0d90 fvevol - ok
09:15:01.0216 0x0d90 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:15:01.0216 0x0d90 gagp30kx - ok
09:15:01.0247 0x0d90 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
09:15:01.0294 0x0d90 gpsvc - ok
09:15:01.0309 0x0d90 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:15:01.0340 0x0d90 hcw85cir - ok
09:15:01.0372 0x0d90 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:15:01.0418 0x0d90 HdAudAddService - ok
09:15:01.0450 0x0d90 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:15:01.0512 0x0d90 HDAudBus - ok
09:15:01.0512 0x0d90 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:15:01.0543 0x0d90 HidBatt - ok
09:15:01.0543 0x0d90 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:15:01.0606 0x0d90 HidBth - ok
09:15:01.0606 0x0d90 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:15:01.0652 0x0d90 HidIr - ok
09:15:01.0668 0x0d90 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
09:15:01.0715 0x0d90 hidserv - ok
09:15:01.0746 0x0d90 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:15:01.0777 0x0d90 HidUsb - ok
09:15:01.0808 0x0d90 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
09:15:01.0840 0x0d90 hkmsvc - ok
09:15:01.0855 0x0d90 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:15:01.0918 0x0d90 HomeGroupListener - ok
09:15:01.0933 0x0d90 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:15:01.0980 0x0d90 HomeGroupProvider - ok
09:15:02.0011 0x0d90 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:15:02.0027 0x0d90 HpSAMD - ok
09:15:02.0058 0x0d90 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:15:02.0120 0x0d90 HTTP - ok
09:15:02.0183 0x0d90 [ 4004657E385E6C714825EB9031ED2062, 6AB3F3AE72B5939E5D551FBBAE1CDDA54CD63631685E311706FD2389B4F2BE56 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO32.SYS
09:15:02.0214 0x0d90 HWiNFO32 - ok
09:15:02.0230 0x0d90 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:15:02.0245 0x0d90 hwpolicy - ok
09:15:02.0261 0x0d90 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:15:02.0308 0x0d90 i8042prt - ok
09:15:02.0339 0x0d90 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:15:02.0354 0x0d90 iaStorV - ok
09:15:02.0401 0x0d90 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:15:02.0432 0x0d90 idsvc - ok
09:15:02.0464 0x0d90 IEEtwCollectorService - ok
09:15:02.0479 0x0d90 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:15:02.0479 0x0d90 iirsp - ok
09:15:02.0526 0x0d90 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
09:15:02.0588 0x0d90 IKEEXT - ok
09:15:02.0635 0x0d90 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
09:15:02.0651 0x0d90 intelide - ok
09:15:02.0666 0x0d90 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:15:02.0698 0x0d90 intelppm - ok
09:15:02.0713 0x0d90 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:15:02.0744 0x0d90 IPBusEnum - ok
09:15:02.0760 0x0d90 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:15:02.0791 0x0d90 IpFilterDriver - ok
09:15:02.0822 0x0d90 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:15:02.0869 0x0d90 iphlpsvc - ok
09:15:02.0900 0x0d90 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:15:02.0947 0x0d90 IPMIDRV - ok
09:15:02.0963 0x0d90 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:15:03.0025 0x0d90 IPNAT - ok
09:15:03.0056 0x0d90 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:15:03.0072 0x0d90 IRENUM - ok
09:15:03.0088 0x0d90 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:15:03.0103 0x0d90 isapnp - ok
09:15:03.0119 0x0d90 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:15:03.0134 0x0d90 iScsiPrt - ok
09:15:03.0166 0x0d90 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:15:03.0166 0x0d90 kbdclass - ok
09:15:03.0197 0x0d90 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:15:03.0228 0x0d90 kbdhid - ok
09:15:03.0244 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] KeyIso C:\Windows\system32\lsass.exe
09:15:03.0259 0x0d90 KeyIso - ok
09:15:03.0275 0x0d90 [ E908304E1F96BD79025A57D6C0E42F62, A1783750101F1FD73132E18AD4E3FC0073FC45BFF5F14B83F1FD4BC13D1D2D45 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:15:03.0290 0x0d90 KSecDD - ok
09:15:03.0290 0x0d90 [ 550B730505D7C9A1DB89427456C0F5C7, F7AEF196D5CFDF6AAA05378819462981618A05E43A0B88EAB416F910DD2A6517 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:15:03.0306 0x0d90 KSecPkg - ok
09:15:03.0337 0x0d90 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:15:03.0400 0x0d90 KtmRm - ok
09:15:03.0431 0x0d90 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:15:03.0493 0x0d90 LanmanServer - ok
09:15:03.0540 0x0d90 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:15:03.0571 0x0d90 LanmanWorkstation - ok
09:15:03.0602 0x0d90 [ 6FD6EE66E95A6539B35E42A3938FFB41, DCC9B6D6C5EE43B9875386FECB2BADF34899EBDC4B180E3C02FD3F075628814E ] LEqdUsb C:\Windows\system32\Drivers\LEqdUsb.Sys
09:15:03.0618 0x0d90 LEqdUsb - ok
09:15:03.0634 0x0d90 [ 06E86870F3370B1D64882D950FC00B1A, 19E96F05748FE69EA40DF5286733B15BDEA3F2C04812D8853D70AB08DAB97BFA ] LHidEqd C:\Windows\system32\Drivers\LHidEqd.Sys
09:15:03.0634 0x0d90 LHidEqd - ok
09:15:03.0649 0x0d90 [ B9E077D03FCCD05A8829DC5E0653E60B, 4752C4D77D2E9FFE82F1151289A78EB238F434795655F392BC1B749A7B695B33 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:15:03.0665 0x0d90 LHidFilt - ok
09:15:03.0899 0x0d90 [ 2D2DE301547146A79F6412075A66D731, 3F9F6F3D150C607DBDC16E6053E1DCF6D26E0141987DD6E4D826FA2A259113C2 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
09:15:03.0961 0x0d90 LiveUpdateSvc - ok
09:15:03.0992 0x0d90 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:15:04.0039 0x0d90 lltdio - ok
09:15:04.0055 0x0d90 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:15:04.0102 0x0d90 lltdsvc - ok
09:15:04.0117 0x0d90 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:15:04.0164 0x0d90 lmhosts - ok
09:15:04.0195 0x0d90 [ FBB88DD2236B263FF412AA7067BDFEE6, 8F6347B8CE4C5175208D45B60B04878886D955F90B37AFD33E414E795D68D8CC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:15:04.0211 0x0d90 LMouFilt - ok
09:15:04.0226 0x0d90 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:15:04.0242 0x0d90 LSI_FC - ok
09:15:04.0258 0x0d90 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:15:04.0273 0x0d90 LSI_SAS - ok
09:15:04.0289 0x0d90 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:15:04.0304 0x0d90 LSI_SAS2 - ok
09:15:04.0304 0x0d90 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:15:04.0320 0x0d90 LSI_SCSI - ok
09:15:04.0336 0x0d90 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
09:15:04.0367 0x0d90 luafv - ok
09:15:04.0382 0x0d90 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:15:04.0429 0x0d90 Mcx2Svc - ok
09:15:04.0445 0x0d90 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:15:04.0445 0x0d90 megasas - ok
09:15:04.0460 0x0d90 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:15:04.0476 0x0d90 MegaSR - ok
09:15:04.0492 0x0d90 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
09:15:04.0523 0x0d90 MMCSS - ok
09:15:04.0538 0x0d90 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
09:15:04.0570 0x0d90 Modem - ok
09:15:04.0616 0x0d90 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:15:04.0648 0x0d90 monitor - ok
09:15:04.0648 0x0d90 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:15:04.0663 0x0d90 mouclass - ok
09:15:04.0694 0x0d90 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:15:04.0741 0x0d90 mouhid - ok
09:15:04.0772 0x0d90 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:15:04.0788 0x0d90 mountmgr - ok
09:15:04.0835 0x0d90 [ 7F7FD183AEFC2F302EF1BF1CFCCB82CE, B13D8E8C92EDF1E885AF7E6FA5DD63978C3F319F200B59A955FE6AC3C9D26C32 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:15:04.0866 0x0d90 MpFilter - ok
09:15:04.0882 0x0d90 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
09:15:04.0882 0x0d90 mpio - ok
09:15:04.0913 0x0d90 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:15:04.0975 0x0d90 mpsdrv - ok
09:15:05.0022 0x0d90 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:15:05.0084 0x0d90 MpsSvc - ok
09:15:05.0116 0x0d90 [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:15:05.0147 0x0d90 MRxDAV - ok
09:15:05.0194 0x0d90 [ BA4369E0CA60B1674A66041C36E8754C, 3A4707BCF6D7F30FDAA083E0C03F8CA81F543CFDCFDAF54E99137058DFAC591D ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:15:05.0225 0x0d90 mrxsmb - ok
09:15:05.0272 0x0d90 [ 02086CA09812392E51A369727BC442BB, 0694CF908EAE8A8999CE099C6948AE067005F04C381BA85D768394519475D7B8 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:15:05.0334 0x0d90 mrxsmb10 - ok
09:15:05.0365 0x0d90 [ 083D60E62F91F9DAA8C1F46C756CA5EE, C9D3F6C740DCE4A765416DD114AAD41BD656007807D33B5D30B2A47C8D8B685B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:15:05.0381 0x0d90 mrxsmb20 - ok
09:15:05.0412 0x0d90 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
09:15:05.0428 0x0d90 msahci - ok
09:15:05.0443 0x0d90 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:15:05.0459 0x0d90 msdsm - ok
09:15:05.0474 0x0d90 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
09:15:05.0506 0x0d90 MSDTC - ok
09:15:05.0537 0x0d90 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:15:05.0568 0x0d90 Msfs - ok
09:15:05.0584 0x0d90 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:15:05.0630 0x0d90 mshidkmdf - ok
09:15:05.0662 0x0d90 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:15:05.0662 0x0d90 msisadrv - ok
09:15:05.0693 0x0d90 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:15:05.0755 0x0d90 MSiSCSI - ok
09:15:05.0755 0x0d90 msiserver - ok
09:15:05.0802 0x0d90 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:15:05.0833 0x0d90 MSKSSRV - ok
09:15:05.0896 0x0d90 [ DC8B329D6B4026D2D6E957BC79336022, B1EC02B57F2F7AFACDD498C21E3CD7F32F798ABE7C8041A2824DECAB8276520F ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:15:05.0911 0x0d90 MsMpSvc - ok
09:15:05.0911 0x0d90 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:15:05.0958 0x0d90 MSPCLOCK - ok
09:15:05.0958 0x0d90 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:15:05.0989 0x0d90 MSPQM - ok
09:15:06.0005 0x0d90 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:15:06.0020 0x0d90 MsRPC - ok
09:15:06.0052 0x0d90 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:15:06.0052 0x0d90 mssmbios - ok
09:15:06.0067 0x0d90 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:15:06.0098 0x0d90 MSTEE - ok
09:15:06.0098 0x0d90 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:15:06.0130 0x0d90 MTConfig - ok
09:15:06.0176 0x0d90 [ CBE71C122434805CB73FFB6619F60598, 332251B80AD5294188774A7A414A32DFC8C45DF348C736DB43C8E8DD8E7F08EC ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
09:15:06.0192 0x0d90 MTsensor - ok
09:15:06.0192 0x0d90 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
09:15:06.0208 0x0d90 Mup - ok
09:15:06.0223 0x0d90 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
09:15:06.0270 0x0d90 napagent - ok
09:15:06.0317 0x0d90 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:15:06.0364 0x0d90 NativeWifiP - ok
09:15:06.0395 0x0d90 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:15:06.0426 0x0d90 NDIS - ok
09:15:06.0457 0x0d90 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:15:06.0488 0x0d90 NdisCap - ok
09:15:06.0504 0x0d90 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:15:06.0535 0x0d90 NdisTapi - ok
09:15:06.0566 0x0d90 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:15:06.0598 0x0d90 Ndisuio - ok
09:15:06.0613 0x0d90 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:15:06.0676 0x0d90 NdisWan - ok
09:15:06.0722 0x0d90 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:15:06.0769 0x0d90 NDProxy - ok
09:15:06.0816 0x0d90 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:15:06.0847 0x0d90 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:15:06.0847 0x0d90 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:15:06.0894 0x0d90 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:15:06.0925 0x0d90 NetBIOS - ok
09:15:06.0956 0x0d90 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:15:07.0003 0x0d90 NetBT - ok
09:15:07.0019 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] Netlogon C:\Windows\system32\lsass.exe
09:15:07.0019 0x0d90 Netlogon - ok
09:15:07.0066 0x0d90 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
09:15:07.0097 0x0d90 Netman - ok
09:15:07.0128 0x0d90 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:15:07.0144 0x0d90 NetMsmqActivator - ok
09:15:07.0159 0x0d90 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:15:07.0175 0x0d90 NetPipeActivator - ok
09:15:07.0190 0x0d90 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
09:15:07.0237 0x0d90 netprofm - ok
09:15:07.0253 0x0d90 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:15:07.0268 0x0d90 NetTcpActivator - ok
09:15:07.0268 0x0d90 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:15:07.0284 0x0d90 NetTcpPortSharing - ok
09:15:07.0315 0x0d90 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:15:07.0331 0x0d90 nfrd960 - ok
09:15:07.0362 0x0d90 [ BFD3B47A46BF2BB6BB0CEC7127EE929E, 6DD73FD0AC57D025A1290D494BC4405A6A5D89AE76A3EC4E3F20C3F8A45A5E24 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:15:07.0378 0x0d90 NisDrv - ok
09:15:07.0409 0x0d90 [ F36D4743BCB636F1779E7CB36E950525, 176E3547B30579CE2D8901B5F9AE06C5BF493E81253A4A351FD304A561C8B3F1 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:15:07.0424 0x0d90 NisSrv - ok
09:15:07.0440 0x0d90 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:15:07.0487 0x0d90 NlaSvc - ok
09:15:07.0518 0x0d90 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:15:07.0549 0x0d90 Npfs - ok
09:15:07.0580 0x0d90 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
09:15:07.0612 0x0d90 nsi - ok
09:15:07.0612 0x0d90 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:15:07.0674 0x0d90 nsiproxy - ok
09:15:07.0752 0x0d90 [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:15:07.0799 0x0d90 Ntfs - ok
09:15:07.0814 0x0d90 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
09:15:07.0877 0x0d90 Null - ok
09:15:07.0908 0x0d90 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:15:07.0908 0x0d90 nvraid - ok
09:15:07.0939 0x0d90 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:15:07.0955 0x0d90 nvstor - ok
09:15:07.0970 0x0d90 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:15:07.0986 0x0d90 nv_agp - ok
09:15:08.0002 0x0d90 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:15:08.0033 0x0d90 ohci1394 - ok
09:15:08.0064 0x0d90 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:15:08.0111 0x0d90 p2pimsvc - ok
09:15:08.0126 0x0d90 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
09:15:08.0158 0x0d90 p2psvc - ok
09:15:08.0173 0x0d90 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:15:08.0204 0x0d90 Parport - ok
09:15:08.0236 0x0d90 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:15:08.0236 0x0d90 partmgr - ok
09:15:08.0251 0x0d90 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:15:08.0282 0x0d90 Parvdm - ok
09:15:08.0298 0x0d90 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
09:15:08.0345 0x0d90 PcaSvc - ok
09:15:08.0360 0x0d90 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
09:15:08.0376 0x0d90 pci - ok
09:15:08.0407 0x0d90 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
09:15:08.0423 0x0d90 pciide - ok
09:15:08.0438 0x0d90 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:15:08.0454 0x0d90 pcmcia - ok
09:15:08.0454 0x0d90 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
09:15:08.0470 0x0d90 pcw - ok
09:15:08.0516 0x0d90 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:15:08.0548 0x0d90 PEAUTH - ok
09:15:08.0610 0x0d90 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:15:08.0704 0x0d90 PeerDistSvc - ok
09:15:08.0766 0x0d90 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
09:15:08.0875 0x0d90 pla - ok
09:15:08.0938 0x0d90 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:15:08.0984 0x0d90 PlugPlay - ok
09:15:09.0016 0x0d90 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:15:09.0062 0x0d90 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:15:09.0062 0x0d90 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:15:09.0078 0x0d90 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:15:09.0109 0x0d90 PNRPAutoReg - ok
09:15:09.0125 0x0d90 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:15:09.0140 0x0d90 PNRPsvc - ok
09:15:09.0187 0x0d90 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:15:09.0250 0x0d90 PolicyAgent - ok
09:15:09.0265 0x0d90 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
09:15:09.0312 0x0d90 Power - ok
09:15:09.0343 0x0d90 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:15:09.0374 0x0d90 PptpMiniport - ok
09:15:09.0390 0x0d90 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:15:09.0421 0x0d90 Processor - ok
09:15:09.0452 0x0d90 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
09:15:09.0515 0x0d90 ProfSvc - ok
09:15:09.0530 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:15:09.0530 0x0d90 ProtectedStorage - ok
09:15:09.0562 0x0d90 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:15:09.0608 0x0d90 Psched - ok
09:15:09.0640 0x0d90 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:15:09.0686 0x0d90 ql2300 - ok
09:15:09.0686 0x0d90 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:15:09.0702 0x0d90 ql40xx - ok
09:15:09.0733 0x0d90 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
09:15:09.0780 0x0d90 QWAVE - ok
09:15:09.0796 0x0d90 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:15:09.0842 0x0d90 QWAVEdrv - ok
09:15:09.0874 0x0d90 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:15:09.0905 0x0d90 RasAcd - ok
09:15:09.0920 0x0d90 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:15:09.0967 0x0d90 RasAgileVpn - ok
09:15:09.0983 0x0d90 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
09:15:10.0030 0x0d90 RasAuto - ok
09:15:10.0045 0x0d90 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:15:10.0076 0x0d90 Rasl2tp - ok
09:15:10.0108 0x0d90 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
09:15:10.0170 0x0d90 RasMan - ok
09:15:10.0201 0x0d90 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:15:10.0248 0x0d90 RasPppoe - ok
09:15:10.0295 0x0d90 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:15:10.0342 0x0d90 RasSstp - ok
09:15:10.0357 0x0d90 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:15:10.0404 0x0d90 rdbss - ok
09:15:10.0404 0x0d90 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:15:10.0435 0x0d90 rdpbus - ok
09:15:10.0451 0x0d90 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:15:10.0482 0x0d90 RDPCDD - ok
09:15:10.0498 0x0d90 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:15:10.0544 0x0d90 RDPDR - ok
09:15:10.0560 0x0d90 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:15:10.0591 0x0d90 RDPENCDD - ok
09:15:10.0607 0x0d90 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:15:10.0638 0x0d90 RDPREFMP - ok
09:15:10.0716 0x0d90 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:15:10.0747 0x0d90 RdpVideoMiniport - ok
09:15:10.0794 0x0d90 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:15:10.0825 0x0d90 RDPWD - ok
09:15:10.0872 0x0d90 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:15:10.0888 0x0d90 rdyboost - ok
09:15:10.0903 0x0d90 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:15:10.0950 0x0d90 RemoteAccess - ok
09:15:10.0966 0x0d90 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:15:11.0012 0x0d90 RemoteRegistry - ok
09:15:11.0028 0x0d90 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:15:11.0075 0x0d90 RpcEptMapper - ok
09:15:11.0090 0x0d90 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
09:15:11.0122 0x0d90 RpcLocator - ok
09:15:11.0137 0x0d90 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
09:15:11.0153 0x0d90 RpcSs - ok
09:15:11.0184 0x0d90 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:15:11.0215 0x0d90 rspndr - ok
09:15:11.0262 0x0d90 [ 092AA3E6BE954A2D7D0DD800AB26FA1D, 43AEC30709A0378A9EFCC5AB172A790841A811F4451916A38577A5549A14298B ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
09:15:11.0293 0x0d90 RTL8167 - ok
09:15:11.0340 0x0d90 [ 26E8458AC7135726B651B3A9827677EF, 1935275A3BDEF4303AE16DBFCA5259A400EE7F651B22883783CA53BCDAA95495 ] RTLE8023xp C:\Windows\system32\DRIVERS\Rtenicxp.sys
09:15:11.0356 0x0d90 RTLE8023xp - ok
09:15:11.0371 0x0d90 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:15:11.0402 0x0d90 s3cap - ok
09:15:11.0418 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] SamSs C:\Windows\system32\lsass.exe
09:15:11.0434 0x0d90 SamSs - ok
09:15:11.0449 0x0d90 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:15:11.0465 0x0d90 sbp2port - ok
09:15:11.0480 0x0d90 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:15:11.0543 0x0d90 SCardSvr - ok
09:15:11.0574 0x0d90 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:15:11.0621 0x0d90 scfilter - ok
09:15:11.0668 0x0d90 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
09:15:11.0761 0x0d90 Schedule - ok
09:15:11.0777 0x0d90 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:15:11.0792 0x0d90 SCPolicySvc - ok
09:15:11.0824 0x0d90 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:15:11.0870 0x0d90 SDRSVC - ok
09:15:11.0902 0x0d90 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:15:11.0948 0x0d90 secdrv - ok
09:15:11.0964 0x0d90 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
09:15:12.0026 0x0d90 seclogon - ok
09:15:12.0058 0x0d90 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
09:15:12.0089 0x0d90 SENS - ok
09:15:12.0104 0x0d90 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:15:12.0136 0x0d90 SensrSvc - ok
09:15:12.0167 0x0d90 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:15:12.0198 0x0d90 Serenum - ok
09:15:12.0214 0x0d90 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:15:12.0260 0x0d90 Serial - ok
09:15:12.0276 0x0d90 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:15:12.0292 0x0d90 sermouse - ok
09:15:12.0323 0x0d90 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
09:15:12.0354 0x0d90 SessionEnv - ok
09:15:12.0370 0x0d90 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:15:12.0401 0x0d90 sffdisk - ok
09:15:12.0416 0x0d90 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:15:12.0432 0x0d90 sffp_mmc - ok
09:15:12.0448 0x0d90 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:15:12.0463 0x0d90 sffp_sd - ok
09:15:12.0494 0x0d90 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:15:12.0510 0x0d90 sfloppy - ok
09:15:12.0541 0x0d90 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:15:12.0619 0x0d90 SharedAccess - ok
09:15:12.0682 0x0d90 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:15:12.0728 0x0d90 ShellHWDetection - ok
09:15:12.0760 0x0d90 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:15:12.0760 0x0d90 sisagp - ok
09:15:12.0791 0x0d90 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:15:12.0806 0x0d90 SiSRaid2 - ok
09:15:12.0822 0x0d90 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:15:12.0822 0x0d90 SiSRaid4 - ok
09:15:12.0853 0x0d90 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:15:12.0900 0x0d90 Smb - ok
09:15:12.0947 0x0d90 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:15:12.0978 0x0d90 SNMPTRAP - ok
09:15:12.0994 0x0d90 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
09:15:12.0994 0x0d90 spldr - ok
09:15:13.0025 0x0d90 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
09:15:13.0103 0x0d90 Spooler - ok
09:15:13.0196 0x0d90 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
09:15:13.0368 0x0d90 sppsvc - ok
09:15:13.0399 0x0d90 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:15:13.0430 0x0d90 sppuinotify - ok
09:15:13.0446 0x0d90 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:15:13.0493 0x0d90 srv - ok
09:15:13.0508 0x0d90 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:15:13.0571 0x0d90 srv2 - ok
09:15:13.0571 0x0d90 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:15:13.0602 0x0d90 srvnet - ok
09:15:13.0633 0x0d90 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:15:13.0664 0x0d90 SSDPSRV - ok
09:15:13.0696 0x0d90 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:15:13.0742 0x0d90 SstpSvc - ok
09:15:13.0774 0x0d90 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
09:15:13.0805 0x0d90 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
09:15:13.0805 0x0d90 StarOpen ( UnsignedFile.Multi.Generic ) - warning
09:15:13.0820 0x0d90 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:15:13.0836 0x0d90 stexstor - ok
09:15:13.0867 0x0d90 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
09:15:13.0914 0x0d90 StiSvc - ok
09:15:13.0930 0x0d90 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:15:13.0930 0x0d90 storflt - ok
09:15:13.0945 0x0d90 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:15:13.0945 0x0d90 storvsc - ok
09:15:13.0961 0x0d90 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
09:15:13.0976 0x0d90 swenum - ok
09:15:13.0992 0x0d90 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
09:15:14.0039 0x0d90 swprv - ok
09:15:14.0086 0x0d90 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
09:15:14.0179 0x0d90 SysMain - ok
09:15:14.0210 0x0d90 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:15:14.0257 0x0d90 TabletInputService - ok
09:15:14.0288 0x0d90 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
09:15:14.0335 0x0d90 TapiSrv - ok
09:15:14.0398 0x0d90 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:15:14.0429 0x0d90 Tcpip - ok
09:15:14.0476 0x0d90 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:15:14.0522 0x0d90 TCPIP6 - ok
09:15:14.0538 0x0d90 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:15:14.0569 0x0d90 tcpipreg - ok
09:15:14.0585 0x0d90 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:15:14.0663 0x0d90 TDPIPE - ok
09:15:14.0678 0x0d90 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:15:14.0710 0x0d90 TDTCP - ok
09:15:14.0725 0x0d90 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:15:14.0756 0x0d90 tdx - ok
09:15:14.0772 0x0d90 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:15:14.0772 0x0d90 TermDD - ok
09:15:14.0803 0x0d90 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
09:15:14.0850 0x0d90 TermService - ok
09:15:14.0881 0x0d90 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
09:15:14.0912 0x0d90 Themes - ok
09:15:14.0944 0x0d90 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
09:15:14.0959 0x0d90 THREADORDER - ok
09:15:14.0990 0x0d90 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
09:15:15.0022 0x0d90 TrkWks - ok
09:15:15.0068 0x0d90 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:15:15.0131 0x0d90 TrustedInstaller - ok
09:15:15.0162 0x0d90 [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:15:15.0178 0x0d90 tssecsrv - ok
09:15:15.0209 0x0d90 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:15:15.0240 0x0d90 TsUsbFlt - ok
09:15:15.0271 0x0d90 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:15:15.0318 0x0d90 tunnel - ok
09:15:15.0334 0x0d90 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:15:15.0349 0x0d90 uagp35 - ok
09:15:15.0365 0x0d90 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:15:15.0427 0x0d90 udfs - ok
09:15:15.0474 0x0d90 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:15:15.0505 0x0d90 UI0Detect - ok
09:15:15.0521 0x0d90 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:15:15.0536 0x0d90 uliagpkx - ok
09:15:15.0568 0x0d90 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:15:15.0583 0x0d90 umbus - ok
09:15:15.0599 0x0d90 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:15:15.0614 0x0d90 UmPass - ok
09:15:15.0646 0x0d90 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
09:15:15.0677 0x0d90 UmRdpService - ok
09:15:15.0708 0x0d90 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
09:15:15.0755 0x0d90 upnphost - ok
09:15:15.0786 0x0d90 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:15:15.0817 0x0d90 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
09:15:15.0817 0x0d90 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
09:15:15.0817 0x0d90 Force sending object to P2P due to detect: USBAAPL
09:15:15.0817 0x0d90 Object send P2P result: false
09:15:15.0848 0x0d90 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:15:15.0864 0x0d90 usbccgp - ok
09:15:15.0895 0x0d90 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:15:15.0926 0x0d90 usbcir - ok
09:15:15.0942 0x0d90 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:15:15.0989 0x0d90 usbehci - ok
09:15:16.0004 0x0d90 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:15:16.0051 0x0d90 usbhub - ok
09:15:16.0067 0x0d90 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:15:16.0082 0x0d90 usbohci - ok
09:15:16.0114 0x0d90 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:15:16.0145 0x0d90 usbprint - ok
09:15:16.0176 0x0d90 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:15:16.0207 0x0d90 usbscan - ok
09:15:16.0238 0x0d90 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:15:16.0270 0x0d90 USBSTOR - ok
09:15:16.0285 0x0d90 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:15:16.0332 0x0d90 usbuhci - ok
09:15:16.0363 0x0d90 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
09:15:16.0410 0x0d90 UxSms - ok
09:15:16.0410 0x0d90 [ 67A49E0BA4E7BEB62CB9EF073D923C85, 91DF097D552399FA14873FEEEB0B55C6594A9DC1D4084F45425B1AB9833B9C32 ] VaultSvc C:\Windows\system32\lsass.exe
09:15:16.0426 0x0d90 VaultSvc - ok
09:15:16.0441 0x0d90 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:15:16.0457 0x0d90 vdrvroot - ok
09:15:16.0488 0x0d90 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
09:15:16.0535 0x0d90 vds - ok
09:15:16.0566 0x0d90 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:15:16.0597 0x0d90 vga - ok
09:15:16.0613 0x0d90 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:15:16.0644 0x0d90 VgaSave - ok
09:15:16.0644 0x0d90 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:15:16.0660 0x0d90 vhdmp - ok
09:15:16.0675 0x0d90 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:15:16.0691 0x0d90 viaagp - ok
09:15:16.0691 0x0d90 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
09:15:16.0722 0x0d90 ViaC7 - ok
09:15:16.0784 0x0d90 [ 562DADB935EFCF6E39EEC6CB7B9CF19A, 28EBB128840F8AFB1ABE7D9E15B797D9D8C1DF211907A555C1EFF439CE8EF01A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
09:15:16.0862 0x0d90 VIAHdAudAddService - ok
09:15:16.0878 0x0d90 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
09:15:16.0878 0x0d90 viaide - ok
09:15:16.0909 0x0d90 [ D6CFBEDBDECB1145C28CB18BA8476FB0, C00E530711CE86D9C92F2AE0CEEE750D0AD5F8A8283AF53FCF955DDAE551482D ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
09:15:16.0940 0x0d90 VIAKaraokeService - ok
09:15:16.0956 0x0d90 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:15:16.0972 0x0d90 vmbus - ok
09:15:16.0987 0x0d90 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:15:17.0018 0x0d90 VMBusHID - ok
09:15:17.0034 0x0d90 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:15:17.0050 0x0d90 volmgr - ok
09:15:17.0065 0x0d90 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:15:17.0081 0x0d90 volmgrx - ok
09:15:17.0096 0x0d90 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:15:17.0112 0x0d90 volsnap - ok
09:15:17.0143 0x0d90 [ B26536ADD1D748CDA104D856C979AE79, C88FBCD63DB3607232616FAB989F0FD7FB00ED542E6AC1BC76076A7C13A6FB22 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
09:15:17.0143 0x0d90 vpcbus - ok
09:15:17.0174 0x0d90 [ A0F7E923A6261760130F22B85DF9040E, E70ED14497262C75CC2D4B67B046BB43D8F47A4B8487D258694891E9B4C6DA44 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
09:15:17.0206 0x0d90 vpcnfltr - ok
09:15:17.0237 0x0d90 [ 5F4B55E91CE7E2523C9E1E0ECE858869, 3C395198C1845A15C4E39888383587A5E481E2761B885DBB5FC2C17C7075E6B4 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
09:15:17.0252 0x0d90 vpcusb - ok
09:15:17.0268 0x0d90 [ B487191FE18D6863381A1AC55482469A, 77A6C87E833E90FFD2FF51C6B28041D8AE9C6CE293DA4166E65470C18C017971 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
09:15:17.0284 0x0d90 vpcvmm - ok
09:15:17.0330 0x0d90 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:15:17.0330 0x0d90 vsmraid - ok
09:15:17.0377 0x0d90 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
09:15:17.0471 0x0d90 VSS - ok
09:15:17.0486 0x0d90 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:15:17.0502 0x0d90 vwifibus - ok
09:15:17.0533 0x0d90 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
09:15:17.0580 0x0d90 W32Time - ok
09:15:17.0596 0x0d90 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:15:17.0627 0x0d90 WacomPen - ok
09:15:17.0642 0x0d90 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:15:17.0674 0x0d90 WANARP - ok
09:15:17.0674 0x0d90 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:15:17.0705 0x0d90 Wanarpv6 - ok
09:15:17.0752 0x0d90 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
09:15:17.0876 0x0d90 wbengine - ok
09:15:17.0908 0x0d90 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:15:17.0954 0x0d90 WbioSrvc - ok
09:15:17.0986 0x0d90 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:15:18.0017 0x0d90 wcncsvc - ok
09:15:18.0048 0x0d90 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:15:18.0079 0x0d90 WcsPlugInService - ok
09:15:18.0095 0x0d90 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:15:18.0110 0x0d90 Wd - ok
09:15:18.0157 0x0d90 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:15:18.0188 0x0d90 Wdf01000 - ok
09:15:18.0204 0x0d90 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:15:18.0235 0x0d90 WdiServiceHost - ok
09:15:18.0251 0x0d90 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:15:18.0251 0x0d90 WdiSystemHost - ok
09:15:18.0298 0x0d90 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
09:15:18.0344 0x0d90 WebClient - ok
09:15:18.0360 0x0d90 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:15:18.0391 0x0d90 Wecsvc - ok
09:15:18.0391 0x0d90 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:15:18.0438 0x0d90 wercplsupport - ok
09:15:18.0454 0x0d90 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
09:15:18.0485 0x0d90 WerSvc - ok
09:15:18.0516 0x0d90 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:15:18.0547 0x0d90 WfpLwf - ok
09:15:18.0563 0x0d90 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:15:18.0563 0x0d90 WIMMount - ok
09:15:18.0610 0x0d90 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:15:18.0703 0x0d90 WinDefend - ok
09:15:18.0734 0x0d90 WinHttpAutoProxySvc - ok
09:15:18.0781 0x0d90 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:15:18.0812 0x0d90 Winmgmt - ok
09:15:18.0859 0x0d90 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
09:15:18.0937 0x0d90 WinRM - ok
09:15:18.0984 0x0d90 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:15:19.0000 0x0d90 WinUsb - ok
09:15:19.0093 0x0d90 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:15:19.0187 0x0d90 Wlansvc - ok
09:15:19.0202 0x0d90 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:15:19.0249 0x0d90 WmiAcpi - ok
09:15:19.0296 0x0d90 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:15:19.0327 0x0d90 wmiApSrv - ok
09:15:19.0405 0x0d90 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:15:19.0514 0x0d90 WMPNetworkSvc - ok
09:15:19.0546 0x0d90 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:15:19.0608 0x0d90 WPCSvc - ok
09:15:19.0624 0x0d90 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:15:19.0670 0x0d90 WPDBusEnum - ok
09:15:19.0702 0x0d90 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:15:19.0748 0x0d90 ws2ifsl - ok
09:15:19.0795 0x0d90 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
09:15:19.0826 0x0d90 wscsvc - ok
09:15:19.0826 0x0d90 WSearch - ok
09:15:19.0904 0x0d90 [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv C:\Windows\system32\wuaueng.dll
09:15:20.0014 0x0d90 wuauserv - ok
09:15:20.0060 0x0d90 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:15:20.0092 0x0d90 WudfPf - ok
09:15:20.0092 0x0d90 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:15:20.0123 0x0d90 WUDFRd - ok
09:15:20.0138 0x0d90 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:15:20.0170 0x0d90 wudfsvc - ok
09:15:20.0185 0x0d90 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
09:15:20.0232 0x0d90 WwanSvc - ok
09:15:20.0248 0x0d90 ZAM - ok
09:15:20.0263 0x0d90 ZAM_Guard - ok
09:15:20.0263 0x0d90 ================ Scan global ===============================
09:15:20.0294 0x0d90 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
09:15:20.0326 0x0d90 [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:15:20.0341 0x0d90 [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:15:20.0372 0x0d90 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:15:20.0404 0x0d90 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:15:20.0419 0x0d90 [ Global ] - ok
09:15:20.0419 0x0d90 ================ Scan MBR ==================================
09:15:20.0435 0x0d90 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:15:20.0809 0x0d90 \Device\Harddisk0\DR0 - ok
09:15:20.0809 0x0d90 ================ Scan VBR ==================================
09:15:20.0809 0x0d90 [ F773B7E81FC7CB1EE956F02DBBFAD542 ] \Device\Harddisk0\DR0\Partition1
09:15:20.0809 0x0d90 \Device\Harddisk0\DR0\Partition1 - ok
09:15:20.0840 0x0d90 [ CEAD7808A9F263F3A12FCC32A2C96A92 ] \Device\Harddisk0\DR0\Partition2
09:15:20.0840 0x0d90 \Device\Harddisk0\DR0\Partition2 - ok
09:15:20.0840 0x0d90 ================ Scan generic autorun ======================
09:15:20.0918 0x0d90 [ 6001F7750D4CAA170862D38FEE8BC46F, 14E8886EBDE90D7E37B97E6200F55DEEFE252BB25FC8DB039842B56BFCD524F1 ] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
09:15:20.0965 0x0d90 CanonQuickMenu - ok
09:15:21.0028 0x0d90 [ FBFE88C41595A7C12479A4FC52985557, 787FADD2FB932467E8004865B4CB8D48AF4969B61B9E36CC1D0C765DD35F7005 ] C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe
09:15:21.0043 0x0d90 StartCCC - ok
09:15:21.0090 0x0d90 [ EE4223FEE8AB8B9202FCA18036F157AE, 1B81391127BAB64E47DFC3C82143D8C370B80D4166CE5FFE30B96321C4DCCD51 ] c:\Program Files\Microsoft Security Client\msseces.exe
09:15:21.0121 0x0d90 MSC - ok
09:15:21.0199 0x0d90 [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\wolverine\AppData\Local\FluxSoftware\Flux\flux.exe
09:15:21.0386 0x0d90 f.lux - ok
09:15:21.0496 0x0d90 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
09:15:21.0511 0x0d90 Win FW state via NFP2: enabled ( trusted )
09:15:21.0511 0x0d90 ============================================================
09:15:21.0511 0x0d90 Scan finished
09:15:21.0511 0x0d90 ============================================================
09:15:21.0527 0x0b44 Detected object count: 5
09:15:21.0527 0x0b44 Actual detected object count: 5
09:16:14.0614 0x0b44 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:14.0614 0x0b44 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:14.0614 0x0b44 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:14.0614 0x0b44 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:14.0614 0x0b44 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:14.0614 0x0b44 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:14.0614 0x0b44 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:14.0614 0x0b44 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:14.0614 0x0b44 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:14.0614 0x0b44 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
Zitat:
ja, verzögertes Laden von Seiten...bei youtube z.B oder auch anderen.Und vorhin als ich mich mit dem Internet verbunden habe hat sich ne USB Device irgendwas installiert (siehe TDDS log). |
|
09.04.2016, 20:52
| #4 |
| /// TB-Ausbilder | JRT komische Funde Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST ausführen: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
10.04.2016, 20:21
| #5 |
| | JRT komische FundeCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
durchgeführt von wolverine (Administrator) auf X2 (10-04-2016 20:37:36)
Gestartet von C:\Users\wolverine\Desktop
Geladene Profile: wolverine (Verfügbare Profile: wolverine)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\Run: [f.lux] => C:\Users\wolverine\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei
Tcpip\Parameters: [DhcpNameServer] 82.212.62.39 78.42.43.39
Tcpip\..\Interfaces\{DE3A6D0B-97D3-4621-AD2A-3274BE425E4B}: [DhcpNameServer] 82.212.62.39 78.42.43.39
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000 -> DefaultScope {F659E625-502C-45A6-B0CC-A0BCF2920531} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000 -> {F659E625-502C-45A6-B0CC-A0BCF2920531} URL = hxxps://www.google.com/search?q={searchTerms}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-03-14]
FF Extension: YouTube ALL HTML5 - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2016-03-14]
FF Extension: uBlock Origin - C:\Users\wolverine\AppData\Roaming\Mozilla\Firefox\Profiles\x23jhe65.default\Extensions\uBlock0@raymondhill.net.xpi [2016-04-06]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\wolverine\AppData\Local\Google\Chrome\User Data\Default
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-03-10] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-03-10] (REALiX(tm))
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-19] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-19] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R1 MpKsla8d0c8e9; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAE95DED-9E42-47B3-9B68-55E609329834}\MpKsla8d0c8e9.sys [39168 2016-04-09] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Datei ist nicht signiert]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [565424 2016-03-10] (VIA Technologies, Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 eapihdrv; \??\C:\Users\WOLVER~1\AppData\Local\Temp\ehdrv.sys [X]
U3 ImapiService; kein ImagePath
U4 TlntSvr; kein ImagePath
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-10 20:37 - 2016-04-10 20:37 - 00009534 _____ C:\Users\wolverine\Desktop\FRST.txt
2016-04-10 20:37 - 2016-04-10 20:37 - 00000000 ____D C:\FRST
2016-04-10 20:35 - 2016-04-10 20:35 - 01725440 _____ (Farbar) C:\Users\wolverine\Desktop\FRST.exe
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Videos
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Pictures
2016-04-09 11:25 - 2016-04-09 11:25 - 00000000 ___DL C:\Users\wolverine\Documents\My Music
2016-04-09 10:07 - 2016-04-09 10:07 - 06868672 _____ (Piriform Ltd) C:\Users\wolverine\Desktop\ccsetup516.exe
2016-04-09 09:31 - 2016-04-09 09:31 - 00000000 _____ C:\Users\wolverine\Desktop\Neues Textdokument.txt
2016-04-09 09:14 - 2016-04-09 09:32 - 00194544 _____ C:\TDSSKiller.3.1.0.9_09.04.2016_09.14.32_log.txt
2016-04-08 20:49 - 2016-04-08 20:54 - 00193144 _____ C:\TDSSKiller.3.1.0.9_08.04.2016_20.49.08_log.txt
2016-04-08 20:48 - 2016-04-08 20:48 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\wolverine\Desktop\tdsskiller.exe
2016-04-05 16:55 - 2016-04-05 16:55 - 01610352 _____ (Malwarebytes) C:\Users\wolverine\Desktop\JRT.exe
2016-04-05 16:42 - 2016-03-25 20:36 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-05 16:42 - 2016-03-25 20:25 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-05 16:42 - 2016-03-23 16:02 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-05 16:42 - 2016-03-23 16:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-05 16:42 - 2016-03-17 20:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-05 16:42 - 2016-03-17 20:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-05 16:42 - 2016-03-17 20:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-05 16:42 - 2016-03-17 20:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-05 16:36 - 2016-04-10 20:33 - 00001550 _____ C:\Users\wolverine\Desktop\JRT.txt
2016-03-29 18:10 - 2016-03-29 18:11 - 02870984 _____ (ESET) C:\Users\wolverine\Desktop\esetsmartinstaller_deu.exe
2016-03-23 11:54 - 2016-03-23 11:54 - 02364928 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:54 - 2016-03-23 11:54 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:54 - 2016-03-23 11:54 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:54 - 2016-03-23 11:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-23 11:54 - 2016-03-23 11:54 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:54 - 2016-03-23 11:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:54 - 2016-03-23 11:54 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-23 11:53 - 2016-03-23 11:53 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-23 11:53 - 2016-03-23 11:53 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-23 11:53 - 2016-03-23 11:53 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:53 - 2016-03-23 11:53 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-11 10:17 - 2016-04-05 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-10 20:35 - 2009-07-14 06:34 - 00013728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-10 20:35 - 2009-07-14 06:34 - 00013728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-10 20:03 - 2016-03-04 13:49 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-10 15:20 - 2014-05-27 13:56 - 00000000 ____D C:\Users\wolverine\AppData\Local\ElevatedDiagnostics
2016-04-10 09:57 - 2011-11-06 03:32 - 01599580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-10 09:57 - 2009-07-14 10:47 - 00679238 _____ C:\Windows\system32\perfh007.dat
2016-04-10 09:57 - 2009-07-14 10:47 - 00143384 _____ C:\Windows\system32\perfc007.dat
2016-04-10 09:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-10 09:52 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-09 11:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2016-04-09 10:17 - 2014-11-30 16:54 - 00000000 ____D C:\Users\wolverine\AppData\Local\Tempff1db1f598cdd6e53a58c373b6a7eb23
2016-04-09 10:17 - 2014-11-30 16:54 - 00000000 ____D C:\Users\wolverine\AppData\Local\Temp6f75275dca034605a14b092b029a73c8
2016-04-09 10:17 - 2014-11-30 16:54 - 00000000 ____D C:\Users\wolverine\AppData\Local\Temp4616d5f31b3085fdff1c9fad78927948
2016-04-09 10:08 - 2014-03-25 22:08 - 00000929 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-08 09:03 - 2016-03-04 13:49 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 09:03 - 2016-03-04 13:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-05 17:02 - 2016-03-10 12:50 - 00000000 ____D C:\Program Files\IObit
2016-04-05 16:52 - 2016-03-10 14:06 - 51347456 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-04-05 16:52 - 2016-03-10 14:06 - 32817152 _____ C:\Windows\system32\config\COMPONENTS.iobit
2016-04-05 16:52 - 2016-03-10 14:06 - 00368640 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-04-05 16:52 - 2016-03-10 14:06 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2016-04-05 16:52 - 2016-03-10 14:06 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2016-04-05 16:43 - 2015-04-12 01:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-05 16:42 - 2015-03-31 12:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-05 16:36 - 2013-11-17 16:48 - 00000000 ____D C:\Users\wolverine\AppData\Roaming\IObit
2016-04-05 16:36 - 2013-11-17 16:48 - 00000000 ____D C:\ProgramData\IObit
2016-04-02 19:24 - 2011-11-06 03:52 - 00074640 _____ C:\Users\wolverine\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-02 19:23 - 2009-07-14 10:56 - 00000000 ____D C:\Windows\CSC
2016-04-02 19:23 - 2009-07-14 06:33 - 00330880 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-02 18:57 - 2016-01-28 15:19 - 00002081 _____ C:\Users\wolverine\Desktop\Tweaking.com - Windows Repair.lnk
2016-04-02 18:56 - 2016-01-28 15:17 - 21080792 _____ (Tweaking.com) C:\Users\wolverine\Desktop\tweaking.com_windows_repair_aio_setup.exe
2016-03-26 14:08 - 2015-02-09 22:30 - 00000000 ____D C:\Users\wolverine\AppData\Local\CrashDumps
2016-03-23 13:25 - 2014-09-10 11:57 - 00000000 ____D C:\Windows\rescache
2016-03-19 14:13 - 2016-03-10 18:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-15 22:25 - 2009-07-14 04:04 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_521
2016-03-14 20:38 - 2014-03-25 22:08 - 00000000 ____D C:\Program Files\CCleaner
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-01-07 03:25 - 2015-12-23 14:38 - 0000715 _____ () C:\Users\wolverine\AppData\Roaming\burnaware.ini
2011-11-06 04:17 - 2011-11-28 15:58 - 0001877 ____H () C:\Users\wolverine\AppData\Roaming\xpy.ini
2011-12-20 15:41 - 2011-12-20 15:41 - 0106226 _____ () C:\Users\wolverine\AppData\Local\ars.cache
2011-12-20 15:41 - 2011-12-20 15:41 - 0458083 _____ () C:\Users\wolverine\AppData\Local\census.cache
2011-12-20 14:47 - 2011-12-20 14:47 - 0000036 _____ () C:\Users\wolverine\AppData\Local\housecall.guid.cache
2013-01-24 22:19 - 2013-01-24 23:11 - 0001461 _____ () C:\Users\wolverine\AppData\Local\RecConfig.xml
2012-04-04 11:07 - 2015-06-14 21:19 - 0007605 _____ () C:\Users\wolverine\AppData\Local\Resmon.ResmonCfg
2011-11-09 19:44 - 2013-10-06 16:48 - 0008723 _____ () C:\ProgramData\hpzinstall.log
2011-11-06 19:38 - 2011-11-25 00:54 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-08 10:15
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
durchgeführt von wolverine (2016-04-10 20:38:30)
Gestartet von C:\Users\wolverine\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2011-11-06 01:26:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2851574506-1057980830-1205925942-500 - Administrator - Disabled)
Gast (S-1-5-21-2851574506-1057980830-1205925942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2851574506-1057980830-1205925942-1002 - Limited - Enabled)
wolverine (S-1-5-21-2851574506-1057980830-1205925942-1000 - Administrator - Enabled) => C:\Users\wolverine
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7601F4BD-2DFD-2C85-F623-F06E097D2D61}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Profiles (Version: 2.0.4331.36041 - Ihr Firmenname) Hidden
ATI AVIVO Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
calibre (HKLM\...\{D9A85F14-FFA5-40B1-8402-80D510D48D01}) (Version: 1.8.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX390 series Benutzerregistrierung (HKLM\...\Canon MX390 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\Flux) (Version: - )
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
LibreOffice 4.3.2.2 (HKLM\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 45.0.1 (x86 de) (HKLM\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.8.5 - Tweaking.com)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2D41C051-FFE9-491D-AD09-24511361B635} - System32\Tasks\{AAF70C11-E6F9-4055-A6CC-B55068489C36} => pcalua.exe -a "C:\Program Files\Realtek\NICDRV_8169\RTINSTALLER32.EXE" -d "C:\Program Files\Realtek\NICDRV_8169"
Task: {559015D3-447D-452E-8235-446BF12C5332} - System32\Tasks\{6E9C1D62-EA95-47D6-8920-408B3B3BF1DE} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {78072229-A541-4C1F-8913-1AE6BBE4353F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {A03096E2-E98E-4F22-A904-3F03EDBC1A8F} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {A0434484-3044-42DD-AEB6-AFDED2CF8C65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {C289A403-E167-4456-B1B7-6AD4E10894BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-06] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4789 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2016-04-02 19:17 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2851574506-1057980830-1205925942-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wolverine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.212.62.39 - 78.42.43.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{5451947D-1B35-48F3-8959-D610FC05AC6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CDD0892-C89F-4D6C-9808-4E19944FF178}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Systemfehler:
=============
CodeIntegrity:
===================================
Date: 2014-11-26 16:56:15.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 15:41:49.293
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 15:27:35.281
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 14:54:06.737
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-26 12:55:54.880
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 13:34:01.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 12:18:02.331
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 10:47:26.194
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-25 10:32:46.058
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-24 21:43:18.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 3583.05 MB
Verfügbarer physikalischer RAM: 2803.18 MB
Summe virtueller Speicher: 7164.43 MB
Verfügbarer virtueller Speicher: 6324.11 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:427.65 GB) NTFS
Drive d: (iTMS Dicom) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81496245)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
11.04.2016, 20:28
| #6 |
| /// TB-Ausbilder | JRT komische Funde Servus, Downloade Dir bitte  Malwarebytes Anti-Malware
|
|
12.04.2016, 08:56
| #7 |
| | JRT komische Funde keine Funde |
|
12.04.2016, 13:25
| #8 |
| /// TB-Ausbilder | JRT komische Funde Servus, Schritt 1 ESET Online Scanner
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
|
|
13.04.2016, 12:07
| #9 |
| | JRT komische Funde keine Funde, soll ich das log file trotzdem posten? ich würde gern mal mit dem CMC Anti Virus einen Scan machen. |
|
13.04.2016, 15:22
| #10 | ||||||||||
| /// TB-Ausbilder | JRT komische Funde Servus, mach das, ich sehe keine Malware.  Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
17.04.2016, 11:18
| #11 |
| /// TB-Ausbilder | JRT komische Funde Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu JRT komische Funde |
| administrator, appdata, c:\windows, ccleaner, config, files, folge, fund, heute, hängt, interne, internet, komische, microsoft, ordner, removal, roaming, scan, system, system32, temporary, tool, windows, windows 7, zusammen |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
