Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 7 Laptop, infiziert, gehackt, verlangsamt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.04.2016, 05:47   #1
Hazor1987
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Win 7 Laptop, infiziert, gehackt, verlangsamt



Hallo liebes Trojaner-board!
In meinem aller ersten Post suche ich direkt eure Hilfe auf

Folgendes Problem:
1)bei meinem Laptop ist Win 7 stark verlangsamt,
2) Die CPU Auslastung ist viel höher, sodass Surfen mit Firefox in mehreren Tabs oder streamen nicht mehr möglich ist.
4) Buttons wie z.B. Suchfunktionen oder Downloads oder die Texteditorfunktionen hier lassen sich nicht mehr in Firefox starten, sodass ich jetzt über den Internetexplorer schreiben muss
3) Ich kann keine Dokumente mehr drucken
5) Irgendwie hat sich mein Biospasswort geändert, obwohl ich es genauso eintippe wie ich es mir aufgeschrieben habe
6) Kaspersky Internet Security findet nichts

Und alles trotz aktualisierter Treiber und Systemprogramme

Danke schon mal im Voraus und hier sind meine logs, denn ich hoffe es ist noch zu retten, bevor ich ihn platt machen muss bzw. selbst wenn ,wie komme ich jetzt an den Bios dran?

Code:
ATTFilter
04:23:24.0576 0x42c4  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
04:23:31.0425 0x42c4  ============================================================
04:23:31.0425 0x42c4  Current date / time: 2016/04/19 04:23:31.0425
04:23:31.0425 0x42c4  SystemInfo:
04:23:31.0425 0x42c4  
04:23:31.0425 0x42c4  OS Version: 6.1.7601 ServicePack: 1.0
04:23:31.0425 0x42c4  Product type: Workstation
04:23:31.0425 0x42c4  ComputerName: SEBBO
04:23:31.0425 0x42c4  UserName: LaptopSeb
04:23:31.0425 0x42c4  Windows directory: C:\Windows
04:23:31.0425 0x42c4  System windows directory: C:\Windows
04:23:31.0425 0x42c4  Processor architecture: Intel x86
04:23:31.0425 0x42c4  Number of processors: 2
04:23:31.0425 0x42c4  Page size: 0x1000
04:23:31.0425 0x42c4  Boot type: Normal boot
04:23:31.0425 0x42c4  ============================================================
04:23:34.0997 0x42c4  KLMD registered as C:\Windows\system32\drivers\55020932.sys
04:23:35.0621 0x42c4  System UUID: {93B157FC-376E-D061-5E32-FF35090935AA}
04:23:37.0041 0x42c4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:23:37.0041 0x42c4  ============================================================
04:23:37.0041 0x42c4  \Device\Harddisk0\DR0:
04:23:37.0041 0x42c4  MBR partitions:
04:23:37.0041 0x42c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
04:23:37.0041 0x42c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9CFB000
04:23:37.0041 0x42c4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9D2D800, BlocksNum 0x13497800
04:23:37.0041 0x42c4  ============================================================
04:23:37.0056 0x42c4  C: <-> \Device\Harddisk0\DR0\Partition2
04:23:37.0103 0x42c4  D: <-> \Device\Harddisk0\DR0\Partition3
04:23:37.0103 0x42c4  ============================================================
04:23:37.0103 0x42c4  Initialize success
04:23:37.0103 0x42c4  ============================================================
04:29:09.0317 0x3824  ============================================================
04:29:09.0317 0x3824  Scan started
04:29:09.0317 0x3824  Mode: Manual; SigCheck; TDLFS; 
04:29:09.0317 0x3824  ============================================================
04:29:09.0317 0x3824  KSN ping started
04:29:12.0047 0x3824  KSN ping finished: true
04:29:13.0950 0x3824  ================ Scan system memory ========================
04:29:13.0950 0x3824  System memory - ok
04:29:13.0950 0x3824  ================ Scan services =============================
04:29:14.0153 0x3824  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
04:29:14.0262 0x3824  1394ohci - ok
04:29:14.0324 0x3824  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
04:29:14.0355 0x3824  ACPI - ok
04:29:14.0387 0x3824  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
04:29:14.0465 0x3824  AcpiPmi - ok
04:29:14.0605 0x3824  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
04:29:14.0621 0x3824  AdobeARMservice - ok
04:29:14.0699 0x3824  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:29:14.0730 0x3824  AdobeFlashPlayerUpdateSvc - ok
04:29:14.0761 0x3824  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
04:29:14.0808 0x3824  adp94xx - ok
04:29:14.0839 0x3824  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
04:29:14.0870 0x3824  adpahci - ok
04:29:14.0901 0x3824  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
04:29:14.0917 0x3824  adpu320 - ok
04:29:15.0057 0x3824  [ 91C596BE98F65830352B466C19705533, 4FB4614839E405F127B7E9B801CF9E6166EBCBAB62506F2153CEAFB07CA6BB8D ] AdvancedSystemCareService9 C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
04:29:15.0089 0x3824  AdvancedSystemCareService9 - ok
04:29:15.0135 0x3824  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
04:29:15.0182 0x3824  AeLookupSvc - ok
04:29:15.0229 0x3824  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
04:29:15.0307 0x3824  AFD - ok
04:29:15.0338 0x3824  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
04:29:15.0354 0x3824  agp440 - ok
04:29:15.0385 0x3824  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
04:29:15.0401 0x3824  aic78xx - ok
04:29:15.0432 0x3824  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
04:29:15.0463 0x3824  ALG - ok
04:29:15.0494 0x3824  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
04:29:15.0510 0x3824  aliide - ok
04:29:15.0525 0x3824  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
04:29:15.0541 0x3824  amdagp - ok
04:29:15.0557 0x3824  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
04:29:15.0572 0x3824  amdide - ok
04:29:15.0603 0x3824  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
04:29:15.0635 0x3824  AmdK8 - ok
04:29:15.0650 0x3824  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
04:29:15.0681 0x3824  AmdPPM - ok
04:29:15.0713 0x3824  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
04:29:15.0728 0x3824  amdsata - ok
04:29:15.0759 0x3824  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
04:29:15.0775 0x3824  amdsbs - ok
04:29:15.0806 0x3824  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
04:29:15.0822 0x3824  amdxata - ok
04:29:15.0853 0x3824  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
04:29:15.0900 0x3824  AppID - ok
04:29:15.0931 0x3824  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
04:29:15.0947 0x3824  AppIDSvc - ok
04:29:15.0993 0x3824  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
04:29:16.0025 0x3824  Appinfo - ok
04:29:16.0087 0x3824  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
04:29:16.0134 0x3824  AppMgmt - ok
04:29:16.0165 0x3824  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
04:29:16.0181 0x3824  arc - ok
04:29:16.0196 0x3824  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
04:29:16.0227 0x3824  arcsas - ok
04:29:16.0352 0x3824  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
04:29:16.0368 0x3824  aspnet_state - ok
04:29:16.0415 0x3824  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
04:29:16.0508 0x3824  AsyncMac - ok
04:29:16.0539 0x3824  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
04:29:16.0555 0x3824  atapi - ok
04:29:16.0617 0x3824  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:29:16.0680 0x3824  AudioEndpointBuilder - ok
04:29:16.0727 0x3824  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
04:29:16.0758 0x3824  Audiosrv - ok
04:29:16.0820 0x3824  [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2       C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
04:29:16.0851 0x3824  AVP15.0.2 - ok
04:29:16.0898 0x3824  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
04:29:16.0976 0x3824  AxInstSV - ok
04:29:17.0023 0x3824  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
04:29:17.0085 0x3824  b06bdrv - ok
04:29:17.0101 0x3824  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
04:29:17.0148 0x3824  b57nd60x - ok
04:29:17.0179 0x3824  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
04:29:17.0241 0x3824  BDESVC - ok
04:29:17.0257 0x3824  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
04:29:17.0288 0x3824  Beep - ok
04:29:17.0335 0x3824  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
04:29:17.0397 0x3824  BFE - ok
04:29:17.0460 0x3824  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
04:29:17.0538 0x3824  BITS - ok
04:29:17.0569 0x3824  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
04:29:17.0585 0x3824  blbdrive - ok
04:29:17.0616 0x3824  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
04:29:17.0647 0x3824  bowser - ok
04:29:17.0678 0x3824  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
04:29:17.0709 0x3824  BrFiltLo - ok
04:29:17.0741 0x3824  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
04:29:17.0756 0x3824  BrFiltUp - ok
04:29:17.0819 0x3824  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
04:29:17.0897 0x3824  Browser - ok
04:29:17.0943 0x3824  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
04:29:17.0990 0x3824  Brserid - ok
04:29:18.0037 0x3824  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
04:29:18.0053 0x3824  BrSerWdm - ok
04:29:18.0068 0x3824  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
04:29:18.0099 0x3824  BrUsbMdm - ok
04:29:18.0131 0x3824  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
04:29:18.0193 0x3824  BrUsbSer - ok
04:29:18.0271 0x3824  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
04:29:18.0302 0x3824  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
04:29:20.0985 0x3824  Detect skipped due to KSN trusted
04:29:20.0985 0x3824  BrYNSvc - ok
04:29:21.0048 0x3824  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
04:29:21.0079 0x3824  BTHMODEM - ok
04:29:21.0141 0x3824  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
04:29:21.0219 0x3824  BTHPORT - ok
04:29:21.0251 0x3824  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
04:29:21.0297 0x3824  bthserv - ok
04:29:21.0360 0x3824  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
04:29:21.0391 0x3824  BTHUSB - ok
04:29:21.0407 0x3824  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
04:29:21.0453 0x3824  cdfs - ok
04:29:21.0485 0x3824  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
04:29:21.0516 0x3824  cdrom - ok
04:29:21.0547 0x3824  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
04:29:21.0578 0x3824  CertPropSvc - ok
04:29:21.0609 0x3824  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
04:29:21.0641 0x3824  circlass - ok
04:29:21.0687 0x3824  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
04:29:21.0719 0x3824  CLFS - ok
04:29:21.0765 0x3824  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:29:21.0797 0x3824  clr_optimization_v2.0.50727_32 - ok
04:29:21.0843 0x3824  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:29:21.0875 0x3824  clr_optimization_v4.0.30319_32 - ok
04:29:21.0921 0x3824  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
04:29:21.0953 0x3824  CmBatt - ok
04:29:21.0984 0x3824  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
04:29:21.0999 0x3824  cmdide - ok
04:29:22.0109 0x3824  [ 7B02F50D5BCA75B85C0A83B8E229BD18, CCE92E22C21068DD8A0CB7A69DDD8847564813C393518DB5F5485243F9BB9B5C ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
04:29:22.0124 0x3824  cm_km_w - ok
04:29:22.0171 0x3824  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
04:29:22.0218 0x3824  CNG - ok
04:29:22.0233 0x3824  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
04:29:22.0249 0x3824  Compbatt - ok
04:29:22.0265 0x3824  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
04:29:22.0296 0x3824  CompositeBus - ok
04:29:22.0311 0x3824  COMSysApp - ok
04:29:22.0327 0x3824  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
04:29:22.0358 0x3824  crcdisk - ok
04:29:22.0405 0x3824  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
04:29:22.0452 0x3824  CryptSvc - ok
04:29:22.0499 0x3824  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
04:29:22.0545 0x3824  CSC - ok
04:29:22.0592 0x3824  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
04:29:22.0639 0x3824  CscService - ok
04:29:22.0701 0x3824  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
04:29:22.0764 0x3824  DcomLaunch - ok
04:29:22.0811 0x3824  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
04:29:22.0904 0x3824  defragsvc - ok
04:29:22.0920 0x3824  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
04:29:22.0967 0x3824  DfsC - ok
04:29:23.0013 0x3824  [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
04:29:23.0029 0x3824  dg_ssudbus - ok
04:29:23.0076 0x3824  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
04:29:23.0154 0x3824  Dhcp - ok
04:29:23.0247 0x3824  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
04:29:23.0388 0x3824  DiagTrack - ok
04:29:23.0528 0x3824  [ 74F7E518FB12C2D10C9BCF9C8E72B885, 2123A5F4B739B9EE536D26C4FB2AC6448664848FAC4B58260CD2285BE28D16D5 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
04:29:23.0591 0x3824  Disc Soft Lite Bus Service - ok
04:29:23.0622 0x3824  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
04:29:23.0669 0x3824  discache - ok
04:29:23.0684 0x3824  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
04:29:23.0715 0x3824  Disk - ok
04:29:23.0747 0x3824  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
04:29:23.0778 0x3824  dmvsc - ok
04:29:23.0825 0x3824  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
04:29:23.0871 0x3824  Dnscache - ok
04:29:23.0918 0x3824  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
04:29:23.0965 0x3824  dot3svc - ok
04:29:23.0996 0x3824  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
04:29:24.0043 0x3824  DPS - ok
04:29:24.0074 0x3824  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
04:29:24.0105 0x3824  drmkaud - ok
04:29:24.0168 0x3824  [ 0026A0408C87AB8DCA6FF9A8977C7066, EF64AE4717E68A090D5D86A39C32994A521B7488622569E6B42ED31E83C1AA8C ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
04:29:24.0183 0x3824  dtlitescsibus - ok
04:29:24.0230 0x3824  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
04:29:24.0293 0x3824  DXGKrnl - ok
04:29:24.0308 0x3824  [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
04:29:24.0324 0x3824  E1G60 - ok
04:29:24.0355 0x3824  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
04:29:24.0402 0x3824  EapHost - ok
04:29:24.0558 0x3824  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
04:29:24.0729 0x3824  ebdrv - ok
04:29:24.0761 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] EFS             C:\Windows\System32\lsass.exe
04:29:24.0807 0x3824  EFS - ok
04:29:24.0885 0x3824  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
04:29:24.0963 0x3824  ehRecvr - ok
04:29:24.0979 0x3824  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
04:29:25.0010 0x3824  ehSched - ok
04:29:25.0073 0x3824  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
04:29:25.0104 0x3824  elxstor - ok
04:29:25.0135 0x3824  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
04:29:25.0151 0x3824  ErrDev - ok
04:29:25.0229 0x3824  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
04:29:25.0275 0x3824  EventSystem - ok
04:29:25.0322 0x3824  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
04:29:25.0353 0x3824  exfat - ok
04:29:25.0369 0x3824  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
04:29:25.0431 0x3824  fastfat - ok
04:29:25.0463 0x3824  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
04:29:25.0587 0x3824  Fax - ok
04:29:25.0619 0x3824  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
04:29:25.0634 0x3824  fdc - ok
04:29:25.0650 0x3824  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
04:29:25.0697 0x3824  fdPHost - ok
04:29:25.0728 0x3824  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
04:29:25.0775 0x3824  FDResPub - ok
04:29:25.0806 0x3824  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
04:29:25.0821 0x3824  FileInfo - ok
04:29:25.0868 0x3824  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
04:29:25.0915 0x3824  Filetrace - ok
04:29:25.0931 0x3824  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
04:29:25.0977 0x3824  flpydisk - ok
04:29:25.0993 0x3824  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
04:29:26.0024 0x3824  FltMgr - ok
04:29:26.0087 0x3824  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
04:29:26.0196 0x3824  FontCache - ok
04:29:26.0258 0x3824  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
04:29:26.0274 0x3824  FontCache3.0.0.0 - ok
04:29:26.0289 0x3824  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
04:29:26.0305 0x3824  FsDepends - ok
04:29:26.0336 0x3824  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
04:29:26.0352 0x3824  Fs_Rec - ok
04:29:26.0383 0x3824  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
04:29:26.0399 0x3824  fvevol - ok
04:29:26.0430 0x3824  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
04:29:26.0445 0x3824  gagp30kx - ok
04:29:26.0508 0x3824  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
04:29:26.0570 0x3824  gpsvc - ok
04:29:26.0601 0x3824  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
04:29:26.0648 0x3824  hcw85cir - ok
04:29:26.0695 0x3824  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:29:26.0726 0x3824  HdAudAddService - ok
04:29:26.0757 0x3824  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
04:29:26.0789 0x3824  HDAudBus - ok
04:29:26.0804 0x3824  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
04:29:26.0835 0x3824  HidBatt - ok
04:29:26.0867 0x3824  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
04:29:26.0898 0x3824  HidBth - ok
04:29:26.0898 0x3824  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
04:29:26.0929 0x3824  HidIr - ok
04:29:26.0945 0x3824  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
04:29:26.0991 0x3824  hidserv - ok
04:29:27.0023 0x3824  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
04:29:27.0069 0x3824  HidUsb - ok
04:29:27.0101 0x3824  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
04:29:27.0132 0x3824  hkmsvc - ok
04:29:27.0163 0x3824  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:29:27.0210 0x3824  HomeGroupListener - ok
04:29:27.0257 0x3824  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:29:27.0303 0x3824  HomeGroupProvider - ok
04:29:27.0335 0x3824  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
04:29:27.0350 0x3824  HpSAMD - ok
04:29:27.0397 0x3824  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
04:29:27.0444 0x3824  HTTP - ok
04:29:27.0506 0x3824  [ 4004657E385E6C714825EB9031ED2062, 6AB3F3AE72B5939E5D551FBBAE1CDDA54CD63631685E311706FD2389B4F2BE56 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO32.SYS
04:29:27.0522 0x3824  HWiNFO32 - ok
04:29:27.0537 0x3824  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
04:29:27.0553 0x3824  hwpolicy - ok
04:29:27.0584 0x3824  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
04:29:27.0600 0x3824  i8042prt - ok
04:29:27.0662 0x3824  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
04:29:27.0678 0x3824  iaStorV - ok
04:29:27.0771 0x3824  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:29:27.0834 0x3824  idsvc - ok
04:29:27.0849 0x3824  IEEtwCollectorService - ok
04:29:28.0083 0x3824  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
04:29:28.0395 0x3824  igfx - ok
04:29:28.0458 0x3824  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
04:29:28.0473 0x3824  iirsp - ok
04:29:28.0567 0x3824  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
04:29:28.0661 0x3824  IKEEXT - ok
04:29:28.0707 0x3824  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
04:29:28.0707 0x3824  intelide - ok
04:29:28.0754 0x3824  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
04:29:28.0801 0x3824  intelppm - ok
04:29:28.0817 0x3824  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
04:29:28.0848 0x3824  IPBusEnum - ok
04:29:28.0879 0x3824  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:29:28.0926 0x3824  IpFilterDriver - ok
04:29:28.0973 0x3824  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
04:29:29.0019 0x3824  iphlpsvc - ok
04:29:29.0066 0x3824  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
04:29:29.0097 0x3824  IPMIDRV - ok
04:29:29.0129 0x3824  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
04:29:29.0175 0x3824  IPNAT - ok
04:29:29.0191 0x3824  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
04:29:29.0269 0x3824  IRENUM - ok
04:29:29.0285 0x3824  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
04:29:29.0316 0x3824  isapnp - ok
04:29:29.0347 0x3824  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
04:29:29.0363 0x3824  iScsiPrt - ok
04:29:29.0394 0x3824  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
04:29:29.0409 0x3824  kbdclass - ok
04:29:29.0456 0x3824  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
04:29:29.0472 0x3824  kbdhid - ok
04:29:29.0503 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] KeyIso          C:\Windows\system32\lsass.exe
04:29:29.0519 0x3824  KeyIso - ok
04:29:29.0597 0x3824  [ B1DE832A8D46E3AB591EFE7BBD343338, 7348C26900CA9051BAA77E6D13071898CFD2DC973104AF725F3E8446EBD1BBB6 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
04:29:29.0628 0x3824  kl1 - ok
04:29:29.0659 0x3824  [ F427E0844E07AF495EB3DEB6C46531D8, F1BBF652EFE060AA2FED677F4D9D293981D0EE47B70BB0F86C921539AA8FDA61 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
04:29:29.0690 0x3824  kldisk - ok
04:29:29.0737 0x3824  [ A68696E4973081A57EE93A1CA74FA069, 24E5910982C864EED45B7BE42C63FF96B138152C3C21E1654D7E539C4496CD20 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
04:29:29.0753 0x3824  klflt - ok
04:29:29.0831 0x3824  [ 1B1A0F3FADE99452881823DF00851813, 2109F6190ABA3527C65BA4DABC3E3EA462D91334793129D9D55ADAB39863B301 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
04:29:29.0846 0x3824  klhk - ok
04:29:29.0893 0x3824  [ 8775275A4DB1F7BB230116D31F252771, 50EB71FA52D461D89E4B48C2A9590670C9F036E5CE463071E3567BAC9D1D22D4 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
04:29:29.0955 0x3824  KLIF - ok
04:29:29.0971 0x3824  [ B095E4E96165B85E4347CE4CC5F6663C, 5B4B92C95326FBFC8DDAEBE3B233B170FEC0E0F80AD16E3C491EB7686FD06A17 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
04:29:29.0987 0x3824  KLIM6 - ok
04:29:30.0033 0x3824  [ 69C131D4BC961DB09924A2D22A525A29, 724C20A45452C1AA188BEEB3F47D285978864FA012E4D8F4438A1B342439AAAE ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
04:29:30.0065 0x3824  klkbdflt - ok
04:29:30.0080 0x3824  [ 90706424106B9155CBFB8811EA906890, 7FCE21ADC2BC1C7AEB7716E2454BC7F8F39ED46FC189BCF5164A8BDF50472517 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
04:29:30.0111 0x3824  klmouflt - ok
04:29:30.0127 0x3824  [ 0F2C2BA832893F65D97AB8B75FCD3CCD, 9BA8C0CE08320B60D1E069694301777B217842482053EB827DCF0160DDE06815 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
04:29:30.0143 0x3824  klpd - ok
04:29:30.0158 0x3824  [ 8E682FBB727A3A3C3B7FAF986FF4EA54, 7AA1A8E71D665B33E00E36BD076C0AA4450769D6F51A70C932CEB02108690A0D ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
04:29:30.0174 0x3824  kltdi - ok
04:29:30.0221 0x3824  [ 2D93705D0EA33B34F796169D2830CD8E, 64E3CFE035DA49D2F5075420A0793C82601184D6EA83534B7E3A3E4E48CFE9E4 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
04:29:30.0252 0x3824  Klwtp - ok
04:29:30.0267 0x3824  [ 7763289520B9BB8803E2778D332EADEB, 0851A5B6320BBB3F7A5E8E1F899A4DA1EDF1DD718AB5865F90AD6902DDBE2A46 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
04:29:30.0283 0x3824  kneps - ok
04:29:30.0330 0x3824  [ E58CFE0F44B9775603BA70813D48D66A, C65EC45F05B3C000D2328FE454A7C3C0D328CB16DF9C197A129E8FF7225480F6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
04:29:30.0345 0x3824  KSecDD - ok
04:29:30.0408 0x3824  [ 50D1D9B3C24E783B6A8451158215AA55, DDF0D0736097B4F643C8664F2115F860101CA447F6B9D9F2FAE0BBDBA6F25DA4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
04:29:30.0423 0x3824  KSecPkg - ok
04:29:30.0470 0x3824  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
04:29:30.0564 0x3824  KtmRm - ok
04:29:30.0595 0x3824  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
04:29:30.0657 0x3824  LanmanServer - ok
04:29:30.0689 0x3824  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:29:30.0720 0x3824  LanmanWorkstation - ok
04:29:30.0907 0x3824  [ ED6923BF4D8D4383893825E2F74E2543, 55B044E09B0D254E5E76A054046CF76B6AB91D3A585630A272B832B3DF94C838 ] LiveUpdateSvc   C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
04:29:31.0063 0x3824  LiveUpdateSvc - ok
04:29:31.0110 0x3824  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
04:29:31.0157 0x3824  lltdio - ok
04:29:31.0188 0x3824  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
04:29:31.0235 0x3824  lltdsvc - ok
04:29:31.0266 0x3824  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
04:29:31.0297 0x3824  lmhosts - ok
04:29:31.0328 0x3824  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
04:29:31.0344 0x3824  LSI_FC - ok
04:29:31.0359 0x3824  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
04:29:31.0375 0x3824  LSI_SAS - ok
04:29:31.0406 0x3824  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
04:29:31.0422 0x3824  LSI_SAS2 - ok
04:29:31.0437 0x3824  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
04:29:31.0453 0x3824  LSI_SCSI - ok
04:29:31.0484 0x3824  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
04:29:31.0515 0x3824  luafv - ok
04:29:31.0562 0x3824  [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
04:29:31.0578 0x3824  MBAMProtector - ok
04:29:31.0718 0x3824  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
04:29:31.0812 0x3824  MBAMScheduler - ok
04:29:31.0890 0x3824  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
04:29:31.0968 0x3824  MBAMService - ok
04:29:32.0015 0x3824  [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
04:29:32.0030 0x3824  MBAMSwissArmy - ok
04:29:32.0061 0x3824  [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
04:29:32.0077 0x3824  MBAMWebAccessControl - ok
04:29:32.0124 0x3824  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
04:29:32.0155 0x3824  Mcx2Svc - ok
04:29:32.0186 0x3824  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
04:29:32.0202 0x3824  megasas - ok
04:29:32.0280 0x3824  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
04:29:32.0295 0x3824  MegaSR - ok
04:29:32.0373 0x3824  Microsoft SharePoint Workspace Audit Service - ok
04:29:32.0405 0x3824  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
04:29:32.0451 0x3824  MMCSS - ok
04:29:32.0467 0x3824  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
04:29:32.0529 0x3824  Modem - ok
04:29:32.0561 0x3824  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
04:29:32.0576 0x3824  monitor - ok
04:29:32.0607 0x3824  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
04:29:32.0623 0x3824  mouclass - ok
04:29:32.0639 0x3824  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
04:29:32.0670 0x3824  mouhid - ok
04:29:32.0717 0x3824  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
04:29:32.0732 0x3824  mountmgr - ok
04:29:32.0795 0x3824  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
04:29:32.0810 0x3824  MozillaMaintenance - ok
04:29:32.0841 0x3824  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
04:29:32.0857 0x3824  mpio - ok
04:29:32.0919 0x3824  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
04:29:32.0966 0x3824  mpsdrv - ok
04:29:33.0029 0x3824  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
04:29:33.0107 0x3824  MpsSvc - ok
04:29:33.0138 0x3824  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
04:29:33.0169 0x3824  MRxDAV - ok
04:29:33.0216 0x3824  [ 1D5CC65FECC628397CB72F87DD6A78F3, D011572DA403281DEB211870FA52B3886D2019302079F46E3B52A0A2EC4688E0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
04:29:33.0263 0x3824  mrxsmb - ok
04:29:33.0294 0x3824  [ D405E63A7FEED75B40ACE03E57B44AB5, 99C109BF745D60B2A1032D4D8C74790B26FD546C200061AEFEF7DBCAD20086E8 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:29:33.0341 0x3824  mrxsmb10 - ok
04:29:33.0372 0x3824  [ E688B7D9B5422F23102E1920E19473E9, 762B242B94153C813129F806A4E92BB33DE11C27CA52241D9317FC4B483639BA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:29:33.0387 0x3824  mrxsmb20 - ok
04:29:33.0434 0x3824  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
04:29:33.0450 0x3824  msahci - ok
04:29:33.0481 0x3824  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
04:29:33.0497 0x3824  msdsm - ok
04:29:33.0528 0x3824  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
04:29:33.0559 0x3824  MSDTC - ok
04:29:33.0590 0x3824  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
04:29:33.0637 0x3824  Msfs - ok
04:29:33.0653 0x3824  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
04:29:33.0699 0x3824  mshidkmdf - ok
04:29:33.0731 0x3824  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
04:29:33.0746 0x3824  msisadrv - ok
04:29:33.0777 0x3824  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
04:29:33.0824 0x3824  MSiSCSI - ok
04:29:33.0824 0x3824  msiserver - ok
04:29:33.0855 0x3824  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
04:29:33.0887 0x3824  MSKSSRV - ok
04:29:33.0918 0x3824  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
04:29:33.0949 0x3824  MSPCLOCK - ok
04:29:33.0965 0x3824  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
04:29:33.0996 0x3824  MSPQM - ok
04:29:34.0027 0x3824  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
04:29:34.0043 0x3824  MsRPC - ok
04:29:34.0074 0x3824  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
04:29:34.0089 0x3824  mssmbios - ok
04:29:34.0105 0x3824  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
04:29:34.0136 0x3824  MSTEE - ok
04:29:34.0167 0x3824  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
04:29:34.0183 0x3824  MTConfig - ok
04:29:34.0199 0x3824  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
04:29:34.0214 0x3824  Mup - ok
04:29:34.0261 0x3824  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
04:29:34.0308 0x3824  napagent - ok
04:29:34.0355 0x3824  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
04:29:34.0386 0x3824  NativeWifiP - ok
04:29:34.0448 0x3824  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
04:29:34.0495 0x3824  NDIS - ok
04:29:34.0526 0x3824  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
04:29:34.0557 0x3824  NdisCap - ok
04:29:34.0573 0x3824  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
04:29:34.0620 0x3824  NdisTapi - ok
04:29:34.0651 0x3824  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
04:29:34.0682 0x3824  Ndisuio - ok
04:29:34.0698 0x3824  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
04:29:34.0729 0x3824  NdisWan - ok
04:29:34.0745 0x3824  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
04:29:34.0791 0x3824  NDProxy - ok
04:29:34.0823 0x3824  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
04:29:34.0869 0x3824  NetBIOS - ok
04:29:34.0901 0x3824  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
04:29:34.0947 0x3824  NetBT - ok
04:29:34.0979 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] Netlogon        C:\Windows\system32\lsass.exe
04:29:34.0994 0x3824  Netlogon - ok
04:29:35.0041 0x3824  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
04:29:35.0103 0x3824  Netman - ok
04:29:35.0135 0x3824  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0166 0x3824  NetMsmqActivator - ok
04:29:35.0181 0x3824  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0197 0x3824  NetPipeActivator - ok
04:29:35.0244 0x3824  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
04:29:35.0275 0x3824  netprofm - ok
04:29:35.0291 0x3824  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0322 0x3824  NetTcpActivator - ok
04:29:35.0337 0x3824  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:29:35.0353 0x3824  NetTcpPortSharing - ok
04:29:35.0587 0x3824  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
04:29:35.0837 0x3824  netw5v32 - ok
04:29:36.0164 0x3824  [ D4EF7A9767C05905500EC312CB29EF46, 464DE67D1BE3A3A684206B2D494FEE723FB5B6559F3783EF929352F22B0A9492 ] NETwLv32        C:\Windows\system32\DRIVERS\NETwLv32.sys
04:29:36.0570 0x3824  NETwLv32 - ok
04:29:36.0617 0x3824  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
04:29:36.0632 0x3824  nfrd960 - ok
04:29:36.0679 0x3824  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
04:29:36.0710 0x3824  NlaSvc - ok
04:29:36.0726 0x3824  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
04:29:36.0757 0x3824  Npfs - ok
04:29:36.0819 0x3824  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
04:29:36.0851 0x3824  nsi - ok
04:29:36.0866 0x3824  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
04:29:36.0913 0x3824  nsiproxy - ok
04:29:36.0991 0x3824  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
04:29:37.0069 0x3824  Ntfs - ok
04:29:37.0085 0x3824  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
04:29:37.0116 0x3824  Null - ok
04:29:37.0147 0x3824  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
04:29:37.0163 0x3824  nvraid - ok
04:29:37.0194 0x3824  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
04:29:37.0209 0x3824  nvstor - ok
04:29:37.0241 0x3824  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
04:29:37.0256 0x3824  nv_agp - ok
04:29:37.0272 0x3824  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
04:29:37.0287 0x3824  ohci1394 - ok
04:29:37.0365 0x3824  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:29:37.0381 0x3824  ose - ok
04:29:37.0615 0x3824  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
04:29:37.0849 0x3824  osppsvc - ok
04:29:37.0911 0x3824  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
04:29:37.0974 0x3824  p2pimsvc - ok
04:29:38.0005 0x3824  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
04:29:38.0052 0x3824  p2psvc - ok
04:29:38.0083 0x3824  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
04:29:38.0114 0x3824  Parport - ok
04:29:38.0145 0x3824  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
04:29:38.0161 0x3824  partmgr - ok
04:29:38.0177 0x3824  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
04:29:38.0192 0x3824  Parvdm - ok
04:29:38.0286 0x3824  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
04:29:38.0317 0x3824  PcaSvc - ok
04:29:38.0379 0x3824  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
04:29:38.0395 0x3824  pci - ok
04:29:38.0426 0x3824  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
04:29:38.0442 0x3824  pciide - ok
04:29:38.0473 0x3824  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
04:29:38.0489 0x3824  pcmcia - ok
04:29:38.0520 0x3824  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
04:29:38.0535 0x3824  pcw - ok
04:29:38.0598 0x3824  [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
04:29:38.0613 0x3824  PDFProFiltSrvPP - ok
04:29:38.0660 0x3824  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
04:29:38.0723 0x3824  PEAUTH - ok
04:29:38.0801 0x3824  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
04:29:38.0910 0x3824  PeerDistSvc - ok
04:29:39.0003 0x3824  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
04:29:39.0097 0x3824  pla - ok
04:29:39.0144 0x3824  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
04:29:39.0206 0x3824  PlugPlay - ok
04:29:39.0237 0x3824  [ 0C0FF5946A63C75A3D4D0CB35F787B12, 08BC45E48C3008109749C41899CAFE344BA4AFBD841C274AD2A73E4D1D940F64 ] PNPMEM          C:\Windows\system32\DRIVERS\pnpmem.sys
04:29:39.0269 0x3824  PNPMEM - ok
04:29:39.0300 0x3824  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
04:29:39.0315 0x3824  PNRPAutoReg - ok
04:29:39.0347 0x3824  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
04:29:39.0378 0x3824  PNRPsvc - ok
04:29:39.0425 0x3824  [ 438302072ED37F3F7320AB3DA3525822, 761FF92708EDDF5531513582A447123E739B5C162DFB2CA49D3C0D8CC559521D ] Point32         C:\Windows\system32\DRIVERS\point32.sys
04:29:39.0456 0x3824  Point32 - ok
04:29:39.0487 0x3824  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
04:29:39.0534 0x3824  PolicyAgent - ok
04:29:39.0565 0x3824  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
04:29:39.0612 0x3824  Power - ok
04:29:39.0643 0x3824  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
04:29:39.0674 0x3824  PptpMiniport - ok
04:29:39.0721 0x3824  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
04:29:39.0752 0x3824  Processor - ok
04:29:39.0799 0x3824  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
04:29:39.0846 0x3824  ProfSvc - ok
04:29:39.0861 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:29:39.0877 0x3824  ProtectedStorage - ok
04:29:39.0908 0x3824  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
04:29:39.0939 0x3824  Psched - ok
04:29:40.0017 0x3824  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
04:29:40.0111 0x3824  ql2300 - ok
04:29:40.0142 0x3824  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
04:29:40.0158 0x3824  ql40xx - ok
04:29:40.0189 0x3824  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
04:29:40.0220 0x3824  QWAVE - ok
04:29:40.0236 0x3824  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
04:29:40.0267 0x3824  QWAVEdrv - ok
04:29:40.0298 0x3824  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
04:29:40.0329 0x3824  RasAcd - ok
04:29:40.0423 0x3824  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
04:29:40.0454 0x3824  RasAgileVpn - ok
04:29:40.0501 0x3824  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
04:29:40.0532 0x3824  RasAuto - ok
04:29:40.0563 0x3824  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
04:29:40.0610 0x3824  Rasl2tp - ok
04:29:40.0657 0x3824  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
04:29:40.0751 0x3824  RasMan - ok
04:29:40.0813 0x3824  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
04:29:40.0860 0x3824  RasPppoe - ok
04:29:40.0875 0x3824  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
04:29:40.0938 0x3824  RasSstp - ok
04:29:40.0985 0x3824  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
04:29:41.0016 0x3824  rdbss - ok
04:29:41.0063 0x3824  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
04:29:41.0094 0x3824  rdpbus - ok
04:29:41.0141 0x3824  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
04:29:41.0172 0x3824  RDPCDD - ok
04:29:41.0203 0x3824  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
04:29:41.0234 0x3824  RDPDR - ok
04:29:41.0250 0x3824  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
04:29:41.0281 0x3824  RDPENCDD - ok
04:29:41.0312 0x3824  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
04:29:41.0343 0x3824  RDPREFMP - ok
04:29:41.0375 0x3824  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
04:29:41.0421 0x3824  RdpVideoMiniport - ok
04:29:41.0437 0x3824  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
04:29:41.0453 0x3824  RDPWD - ok
04:29:41.0484 0x3824  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
04:29:41.0499 0x3824  rdyboost - ok
04:29:41.0531 0x3824  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
04:29:41.0562 0x3824  RemoteAccess - ok
04:29:41.0609 0x3824  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
04:29:41.0655 0x3824  RemoteRegistry - ok
04:29:41.0671 0x3824  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
04:29:41.0702 0x3824  RpcEptMapper - ok
04:29:41.0733 0x3824  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
04:29:41.0749 0x3824  RpcLocator - ok
04:29:41.0796 0x3824  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
04:29:41.0827 0x3824  RpcSs - ok
04:29:41.0858 0x3824  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
04:29:41.0889 0x3824  rspndr - ok
04:29:41.0983 0x3824  [ 1E4AE018CD65B242C99FA19A3CAC1F09, 06C8737CEC445ED88478B9F9F3E7DDFE10741EA0E853A8E51F4AA0EC22A11151 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
04:29:42.0030 0x3824  RTL8167 - ok
04:29:42.0108 0x3824  [ 51053B3D3CF8DB997C850D21E73A3983, EBF5DC463F5A12FF4D34417F44968AB3ECB6A9A4CEDC2B7FA2009ABCC1F8443C ] RTSUER          C:\Windows\system32\Drivers\RtsUer.sys
04:29:42.0139 0x3824  RTSUER - ok
04:29:42.0155 0x3824  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
04:29:42.0217 0x3824  s3cap - ok
04:29:42.0248 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] SamSs           C:\Windows\system32\lsass.exe
04:29:42.0264 0x3824  SamSs - ok
04:29:42.0279 0x3824  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
04:29:42.0311 0x3824  sbp2port - ok
04:29:42.0404 0x3824  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
04:29:42.0451 0x3824  SCardSvr - ok
04:29:42.0498 0x3824  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
04:29:42.0529 0x3824  scfilter - ok
04:29:42.0607 0x3824  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
04:29:42.0669 0x3824  Schedule - ok
04:29:42.0716 0x3824  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
04:29:42.0747 0x3824  SCPolicySvc - ok
04:29:42.0794 0x3824  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
04:29:42.0841 0x3824  SDRSVC - ok
04:29:42.0857 0x3824  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
04:29:42.0888 0x3824  secdrv - ok
04:29:42.0903 0x3824  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
04:29:42.0950 0x3824  seclogon - ok
04:29:42.0966 0x3824  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
04:29:43.0028 0x3824  SENS - ok
04:29:43.0059 0x3824  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
04:29:43.0091 0x3824  SensrSvc - ok
04:29:43.0106 0x3824  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
04:29:43.0122 0x3824  Serenum - ok
04:29:43.0153 0x3824  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
04:29:43.0184 0x3824  Serial - ok
04:29:43.0231 0x3824  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
04:29:43.0247 0x3824  sermouse - ok
04:29:43.0293 0x3824  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
04:29:43.0340 0x3824  SessionEnv - ok
04:29:43.0340 0x3824  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
04:29:43.0371 0x3824  sffdisk - ok
04:29:43.0387 0x3824  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
04:29:43.0403 0x3824  sffp_mmc - ok
04:29:43.0449 0x3824  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
04:29:43.0512 0x3824  sffp_sd - ok
04:29:43.0543 0x3824  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
04:29:43.0605 0x3824  sfloppy - ok
04:29:43.0715 0x3824  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
04:29:43.0761 0x3824  SharedAccess - ok
04:29:43.0824 0x3824  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:29:43.0871 0x3824  ShellHWDetection - ok
04:29:43.0886 0x3824  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
04:29:43.0917 0x3824  sisagp - ok
04:29:43.0933 0x3824  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
04:29:43.0949 0x3824  SiSRaid2 - ok
04:29:43.0964 0x3824  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
04:29:43.0980 0x3824  SiSRaid4 - ok
04:29:44.0011 0x3824  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
04:29:44.0058 0x3824  Smb - ok
04:29:44.0089 0x3824  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
04:29:44.0120 0x3824  SNMPTRAP - ok
04:29:44.0136 0x3824  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
04:29:44.0151 0x3824  spldr - ok
04:29:44.0167 0x3824  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
04:29:44.0245 0x3824  Spooler - ok
04:29:44.0463 0x3824  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
04:29:44.0651 0x3824  sppsvc - ok
04:29:44.0682 0x3824  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
04:29:44.0729 0x3824  sppuinotify - ok
04:29:44.0775 0x3824  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
04:29:44.0838 0x3824  srv - ok
04:29:44.0869 0x3824  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
04:29:44.0885 0x3824  srv2 - ok
04:29:44.0916 0x3824  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
04:29:44.0931 0x3824  srvnet - ok
04:29:44.0963 0x3824  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
04:29:44.0994 0x3824  SSDPSRV - ok
04:29:45.0025 0x3824  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
04:29:45.0056 0x3824  SstpSvc - ok
04:29:45.0087 0x3824  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
04:29:45.0103 0x3824  stexstor - ok
04:29:45.0181 0x3824  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
04:29:45.0228 0x3824  StiSvc - ok
04:29:45.0259 0x3824  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
04:29:45.0275 0x3824  storflt - ok
04:29:45.0290 0x3824  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
04:29:45.0306 0x3824  storvsc - ok
04:29:45.0321 0x3824  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
04:29:45.0337 0x3824  swenum - ok
04:29:45.0368 0x3824  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
04:29:45.0431 0x3824  swprv - ok
04:29:45.0446 0x3824  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
04:29:45.0462 0x3824  Synth3dVsc - ok
04:29:45.0555 0x3824  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
04:29:45.0649 0x3824  SysMain - ok
04:29:45.0665 0x3824  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
04:29:45.0696 0x3824  TabletInputService - ok
04:29:45.0711 0x3824  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
04:29:45.0758 0x3824  TapiSrv - ok
04:29:45.0789 0x3824  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
04:29:45.0821 0x3824  TBS - ok
04:29:45.0899 0x3824  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
04:29:45.0977 0x3824  Tcpip - ok
04:29:46.0039 0x3824  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
04:29:46.0101 0x3824  TCPIP6 - ok
04:29:46.0148 0x3824  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
04:29:46.0179 0x3824  tcpipreg - ok
04:29:46.0211 0x3824  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
04:29:46.0226 0x3824  TDPIPE - ok
04:29:46.0242 0x3824  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
04:29:46.0273 0x3824  TDTCP - ok
04:29:46.0335 0x3824  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
04:29:46.0382 0x3824  tdx - ok
04:29:46.0398 0x3824  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
04:29:46.0445 0x3824  TermDD - ok
04:29:46.0460 0x3824  [ E951866BAC5A23403F62A349EDBB6EEB, BE6FB3C09D1CF8952B4D041F45B4DEE53D78EE7D27A5135012BC92B2F7CFBEA3 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
04:29:46.0507 0x3824  terminpt - ok
04:29:46.0569 0x3824  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
04:29:46.0647 0x3824  TermService - ok
04:29:46.0694 0x3824  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
04:29:46.0725 0x3824  Themes - ok
04:29:46.0772 0x3824  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
04:29:46.0803 0x3824  THREADORDER - ok
04:29:46.0866 0x3824  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
04:29:46.0913 0x3824  TrkWks - ok
04:29:47.0006 0x3824  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:29:47.0037 0x3824  TrustedInstaller - ok
04:29:47.0084 0x3824  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
04:29:47.0115 0x3824  tssecsrv - ok
04:29:47.0147 0x3824  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
04:29:47.0178 0x3824  TsUsbFlt - ok
04:29:47.0209 0x3824  [ 7E6E0797EB91F1D63641058416044313, 3A681A337DFCE9108B73CC4707462114E8D534C52BF8C8E226C0B31326FF24D5 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
04:29:47.0240 0x3824  TsUsbGD - ok
04:29:47.0271 0x3824  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
04:29:47.0303 0x3824  tsusbhub - ok
04:29:47.0318 0x3824  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
04:29:47.0381 0x3824  tunnel - ok
04:29:47.0412 0x3824  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
04:29:47.0427 0x3824  uagp35 - ok
04:29:47.0459 0x3824  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
04:29:47.0505 0x3824  udfs - ok
04:29:47.0552 0x3824  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
04:29:47.0583 0x3824  UI0Detect - ok
04:29:47.0583 0x3824  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
04:29:47.0615 0x3824  uliagpkx - ok
04:29:47.0630 0x3824  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
04:29:47.0646 0x3824  umbus - ok
04:29:47.0677 0x3824  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
04:29:47.0708 0x3824  UmPass - ok
04:29:47.0739 0x3824  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
04:29:47.0755 0x3824  UmRdpService - ok
04:29:47.0786 0x3824  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
04:29:47.0833 0x3824  upnphost - ok
04:29:47.0864 0x3824  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
04:29:47.0895 0x3824  usbccgp - ok
04:29:47.0911 0x3824  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
04:29:47.0958 0x3824  usbcir - ok
04:29:47.0973 0x3824  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
04:29:48.0005 0x3824  usbehci - ok
04:29:48.0051 0x3824  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
04:29:48.0067 0x3824  usbhub - ok
04:29:48.0098 0x3824  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
04:29:48.0114 0x3824  usbohci - ok
04:29:48.0176 0x3824  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
04:29:48.0207 0x3824  usbprint - ok
04:29:48.0239 0x3824  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
04:29:48.0270 0x3824  usbscan - ok
04:29:48.0332 0x3824  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:29:48.0441 0x3824  USBSTOR - ok
04:29:48.0488 0x3824  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
04:29:48.0519 0x3824  usbuhci - ok
04:29:48.0582 0x3824  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
04:29:48.0629 0x3824  UxSms - ok
04:29:48.0691 0x3824  [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] VaultSvc        C:\Windows\system32\lsass.exe
04:29:48.0707 0x3824  VaultSvc - ok
04:29:48.0738 0x3824  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
04:29:48.0800 0x3824  vdrvroot - ok
04:29:48.0847 0x3824  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
04:29:48.0909 0x3824  vds - ok
04:29:48.0941 0x3824  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
04:29:48.0956 0x3824  vga - ok
04:29:48.0987 0x3824  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
04:29:49.0019 0x3824  VgaSave - ok
04:29:49.0034 0x3824  VGPU - ok
04:29:49.0065 0x3824  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
04:29:49.0081 0x3824  vhdmp - ok
04:29:49.0097 0x3824  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
04:29:49.0112 0x3824  viaagp - ok
04:29:49.0128 0x3824  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
04:29:49.0175 0x3824  ViaC7 - ok
04:29:49.0190 0x3824  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
04:29:49.0206 0x3824  viaide - ok
04:29:49.0237 0x3824  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
04:29:49.0253 0x3824  vmbus - ok
04:29:49.0268 0x3824  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
04:29:49.0299 0x3824  VMBusHID - ok
04:29:49.0315 0x3824  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
04:29:49.0331 0x3824  volmgr - ok
04:29:49.0377 0x3824  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
04:29:49.0393 0x3824  volmgrx - ok
04:29:49.0424 0x3824  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
04:29:49.0440 0x3824  volsnap - ok
04:29:49.0471 0x3824  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
04:29:49.0487 0x3824  vsmraid - ok
04:29:49.0565 0x3824  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
04:29:49.0643 0x3824  VSS - ok
04:29:49.0643 0x3824  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
04:29:49.0689 0x3824  vwifibus - ok
04:29:49.0736 0x3824  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
04:29:49.0799 0x3824  W32Time - ok
04:29:49.0814 0x3824  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
04:29:49.0830 0x3824  WacomPen - ok
04:29:49.0861 0x3824  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
04:29:49.0892 0x3824  WANARP - ok
04:29:49.0908 0x3824  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
04:29:49.0939 0x3824  Wanarpv6 - ok
04:29:50.0001 0x3824  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
04:29:50.0095 0x3824  wbengine - ok
04:29:50.0142 0x3824  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
04:29:50.0173 0x3824  WbioSrvc - ok
04:29:50.0204 0x3824  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
04:29:50.0235 0x1b54  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
04:29:50.0298 0x3824  wcncsvc - ok
04:29:50.0313 0x3824  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:29:50.0423 0x3824  WcsPlugInService - ok
04:29:50.0485 0x3824  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
04:29:50.0501 0x3824  Wd - ok
04:29:50.0563 0x3824  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
04:29:50.0610 0x3824  Wdf01000 - ok
04:29:50.0672 0x3824  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
04:29:50.0735 0x3824  WdiServiceHost - ok
04:29:50.0750 0x3824  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
04:29:50.0766 0x3824  WdiSystemHost - ok
04:29:50.0813 0x3824  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
04:29:50.0859 0x3824  WebClient - ok
04:29:50.0922 0x3824  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
04:29:50.0969 0x3824  Wecsvc - ok
04:29:51.0000 0x3824  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
04:29:51.0031 0x3824  wercplsupport - ok
04:29:51.0062 0x3824  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
04:29:51.0109 0x3824  WerSvc - ok
04:29:51.0156 0x3824  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
04:29:51.0203 0x3824  WfpLwf - ok
04:29:51.0218 0x3824  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
04:29:51.0234 0x3824  WIMMount - ok
04:29:51.0327 0x3824  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
04:29:51.0452 0x3824  WinDefend - ok
04:29:51.0499 0x3824  WinHttpAutoProxySvc - ok
04:29:51.0561 0x3824  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
04:29:51.0608 0x3824  Winmgmt - ok
04:29:51.0686 0x3824  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
04:29:51.0795 0x3824  WinRM - ok
04:29:51.0858 0x3824  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
04:29:51.0889 0x3824  WinUSB - ok
04:29:51.0967 0x3824  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
04:29:52.0045 0x3824  Wlansvc - ok
04:29:52.0092 0x3824  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
04:29:52.0107 0x3824  WmiAcpi - ok
04:29:52.0185 0x3824  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
04:29:52.0217 0x3824  wmiApSrv - ok
04:29:52.0326 0x3824  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
04:29:52.0435 0x3824  WMPNetworkSvc - ok
04:29:52.0700 0x3824  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
04:29:52.0763 0x3824  WPCSvc - ok
04:29:52.0950 0x3824  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
04:29:53.0012 0x3824  WPDBusEnum - ok
04:29:53.0043 0x3824  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
04:29:53.0075 0x1b54  Object send P2P result: true
04:29:53.0090 0x1b54  Object required for P2P: [ 51053B3D3CF8DB997C850D21E73A3983 ] RTSUER
04:29:53.0106 0x3824  ws2ifsl - ok
04:29:53.0246 0x3824  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
04:29:53.0340 0x3824  wscsvc - ok
04:29:53.0480 0x3824  WSearch - ok
04:29:53.0636 0x3824  [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv        C:\Windows\system32\wuaueng.dll
04:29:53.0823 0x3824  wuauserv - ok
04:29:53.0870 0x3824  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
04:29:53.0901 0x3824  WudfPf - ok
04:29:53.0948 0x3824  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
04:29:53.0964 0x3824  WUDFRd - ok
04:29:54.0026 0x3824  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
04:29:54.0042 0x3824  wudfsvc - ok
04:29:54.0104 0x3824  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
04:29:54.0135 0x3824  WwanSvc - ok
04:29:54.0151 0x3824  ================ Scan global ===============================
04:29:54.0213 0x3824  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
04:29:54.0260 0x3824  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
04:29:54.0276 0x3824  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
04:29:54.0307 0x3824  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
04:29:54.0354 0x3824  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
04:29:54.0354 0x3824  [ Global ] - ok
04:29:54.0354 0x3824  ================ Scan MBR ==================================
04:29:54.0385 0x3824  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:29:55.0056 0x3824  \Device\Harddisk0\DR0 - ok
04:29:55.0056 0x3824  ================ Scan VBR ==================================
04:29:55.0056 0x3824  [ 101D51509FB7CD44747AF7670D25BED7 ] \Device\Harddisk0\DR0\Partition1
04:29:55.0056 0x3824  \Device\Harddisk0\DR0\Partition1 - ok
04:29:55.0071 0x3824  [ 3AC3CC82A6BB6A7D8663BCD1C54D1C87 ] \Device\Harddisk0\DR0\Partition2
04:29:55.0071 0x3824  \Device\Harddisk0\DR0\Partition2 - ok
04:29:55.0071 0x3824  [ 8FB2E8ED60BCECAA2D6F949305062018 ] \Device\Harddisk0\DR0\Partition3
04:29:55.0071 0x3824  \Device\Harddisk0\DR0\Partition3 - ok
04:29:55.0071 0x3824  ================ Scan generic autorun ======================
04:29:55.0149 0x3824  [ DFC2F8E34E5D4C9C8EF88353B8457A45, 49C25AEBF09B13D7BE218332129E50A1DFF01F40D04FE36256E82926C93E8078 ] C:\Program Files\PDF24\pdf24.exe
04:29:55.0165 0x3824  PDFPrint - ok
04:29:55.0196 0x3824  [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
04:29:55.0212 0x3824  IgfxTray - ok
04:29:55.0243 0x3824  [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
04:29:55.0259 0x3824  HotKeysCmds - ok
04:29:55.0305 0x3824  [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files\ControlCenter4\BrCcBoot.exe
04:29:55.0321 0x3824  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
04:29:55.0914 0x1b54  Object send P2P result: true
04:29:58.0004 0x3824  Detect skipped due to KSN trusted
04:29:58.0004 0x3824  ControlCenter4 - ok
04:29:58.0285 0x3824  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files\Browny02\Brother\BrStMonW.exe
04:29:58.0503 0x3824  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
04:30:01.0233 0x3824  Detect skipped due to KSN trusted
04:30:01.0233 0x3824  BrStsMon00 - ok
04:30:01.0374 0x3824  [ CCD7E282045AB48CEA58AA2E2A715362, 87952B5BD23F451DB5A17B280B4047E41AEF37DEB0B8FECDA48D6F1F9C7DE866 ] C:\Program Files\Brother\Brother Help\BrotherHelp.exe
04:30:01.0499 0x3824  BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
04:30:04.0166 0x3824  Detect skipped due to KSN trusted
04:30:04.0166 0x3824  BrHelp - ok
04:30:04.0307 0x3824  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
04:30:04.0385 0x3824  Sidebar - ok
04:30:04.0416 0x3824  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
04:30:04.0463 0x3824  mctadmin - ok
04:30:04.0509 0x3824  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
04:30:04.0556 0x3824  Sidebar - ok
04:30:04.0572 0x3824  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
04:30:04.0603 0x3824  mctadmin - ok
04:30:04.0759 0x3824  [ 88B052F686DA7B7E1423F0879E68CF41, 97FDFEF5A2E393642BC0136C64C0570668E58A49CA2EAD8ACFF61EF25383B3CB ] C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
04:30:04.0868 0x3824  Advanced SystemCare 9 - ok
04:30:04.0884 0x3824  Waiting for KSN requests completion. In queue: 5
04:30:05.0898 0x3824  Waiting for KSN requests completion. In queue: 5
04:30:06.0912 0x3824  Waiting for KSN requests completion. In queue: 5
04:30:08.0004 0x3824  AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41000 ( enabled : updated )
04:30:08.0004 0x3824  FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
04:30:10.0765 0x3824  ============================================================
04:30:10.0765 0x3824  Scan finished
04:30:10.0765 0x3824  ============================================================
04:30:10.0765 0x0a04  Detected object count: 0
04:30:10.0765 0x0a04  Actual detected object count: 0
         
2.
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Ultimate x86 
Ran by LaptopSeb (Administrator) on 19.04.2016 at  4:16:11,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 13 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\LaptopSeb\AppData\Local\ysearchutil (Folder) 
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\extensions\anttoolbar@ant.com (Folder) 
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\user.js (File) 
Successfully deleted: C:\Users\LaptopSeb\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Windows\System32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\System32\Tasks\Driver Booster SkipUAC (LaptopSeb) (Task)
Successfully deleted: C:\Windows\System32\Tasks\Uninstaller_SkipUac_LaptopSeb (Task)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-85146E71.pf (File) 

Registry: 1 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.04.2016 at  4:19:31,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
3.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.04.19.01
  rootkit: v2016.04.17.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18163
LaptopSeb :: SEBBO [administrator]

19.04.2016 04:12:36
mbar-log-2016-04-19 (04-12-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 286638
Time elapsed: 3 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
4.

Code:
ATTFilter
# AdwCleaner v5.112 - Bericht erstellt am 19/04/2016 um 04:44:48
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-17.1 [Lokal]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X86)
# Benutzername : LaptopSeb - SEBBO
# Gestartet von : C:\Users\LaptopSeb\Desktop\AdwCleaner_5.112.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner gefunden : C:\Windows\system32\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Schlüssel gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Internetbrowser ] *****

[C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\prefs.js] gefunden : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

C:\AdwCleaner\AdwCleaner[S2].txt - [1285 Bytes] - [19/04/2016 04:36:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1206 Bytes] - [19/04/2016 04:44:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1279 Bytes] ##########
         
FRST+ Addition kommen im nächsten Beitrag

Alt 19.04.2016, 05:50   #2
Hazor1987
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Beitragweiterführung LOGS



5.FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016
durchgeführt von LaptopSeb (Administrator) auf SEBBO (19-04-2016 04:39:11)
Gestartet von C:\Users\LaptopSeb\Desktop
Geladene Profile: LaptopSeb (Verfügbare Profile: LaptopSeb)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmi32.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM\...\Run: [BrHelp] => C:\Program Files\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\MountPoints2: {fe5dfe72-6ec7-11e5-bfc1-0016d38dd97d} - H:\SETUP.EXE
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9AB1E05F-EDA4-4FB0-81D4-23CFB5A3C509}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.Fujitsu.com
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.Fujitsu.com
SearchScopes: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000 -> {49791F18-74DD-447A-8D29-ABAB515D8DB6} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2016-04-11] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-18] ()
FF Plugin: @kaspersky.com/content_blocker_663BE8 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-04-11] ()
FF Plugin: @kaspersky.com/online_banking_08806E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-04-11] ()
FF Plugin: @kaspersky.com/virtual_keyboard_074028 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\searchplugins\yahoo-ysp.xml [2015-11-24]
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-04-11]
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016-04-11]
FF Extension: NoScript - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-18]
FF Extension: Adblock Converter - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{195327b1-7b71-40c1-81c8-8dc19c4777df}.xpi [2016-02-24] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-28]
FF Extension: Adblock Plus - C:\Users\LaptopSeb\AppData\Roaming\Mozilla\Firefox\Profiles\6q2jgxoz.default-1447615816336\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-31]
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE8@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016-04-11]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_074028@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF HKLM\...\Firefox\Extensions: [online_banking_08806E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files\Free Download Manager\Firefox\Extension [2016-04-19]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-07-09] (Kaspersky Lab UK Ltd)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-10-10] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-02-04] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [155304 2016-04-11] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-07-09] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-07-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44728 2016-04-11] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [704416 2016-04-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-07-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [44920 2016-04-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [44408 2016-04-11] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-07-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-07-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [76472 2016-04-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-10-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2016-02-05] (Intel Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [302808 2016-04-18] (Realsil Semiconductor Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 04:39 - 2016-04-19 04:39 - 00013507 _____ C:\Users\LaptopSeb\Desktop\FRST.txt
2016-04-19 04:38 - 2016-04-19 04:38 - 00001288 _____ C:\Users\LaptopSeb\Desktop\AdwCleaner[S2].txt
2016-04-19 04:32 - 2016-04-19 04:36 - 00000000 ____D C:\AdwCleaner
2016-04-19 04:31 - 2016-04-19 04:32 - 00102572 _____ C:\Users\LaptopSeb\Desktop\Tdsskiller report 19.04.2016 0431.txt
2016-04-19 04:25 - 2016-04-19 04:25 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\ProductData
2016-04-19 04:25 - 2016-04-19 04:25 - 00000000 ____D C:\ProgramData\ProductData
2016-04-19 04:23 - 2016-04-19 04:32 - 00205234 _____ C:\TDSSKiller.3.1.0.9_19.04.2016_04.23.24_log.txt
2016-04-19 04:23 - 2016-04-19 04:15 - 00002116 _____ C:\Users\LaptopSeb\Desktop\mbar-log-2016-04-19 (04-12-36).txt
2016-04-19 04:19 - 2016-04-19 04:19 - 00001835 _____ C:\Users\LaptopSeb\Desktop\JRT.exe report.txt
2016-04-19 04:12 - 2016-04-19 04:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-19 04:11 - 2016-04-19 04:15 - 00000000 ____D C:\Users\LaptopSeb\Desktop\mbar
2016-04-19 04:09 - 2016-04-19 04:09 - 03683904 _____ C:\Users\LaptopSeb\Desktop\AdwCleaner_5.112.exe
2016-04-19 04:08 - 2016-04-19 04:09 - 01610352 _____ (Malwarebytes) C:\Users\LaptopSeb\Desktop\JRT.exe
2016-04-19 04:07 - 2016-04-19 04:07 - 16563352 _____ (Malwarebytes Corp.) C:\Users\LaptopSeb\Desktop\mbar-1.09.3.1001.exe
2016-04-19 03:15 - 2016-04-19 03:16 - 00002206 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-04-19 02:53 - 2016-04-19 04:39 - 00000000 ____D C:\FRST
2016-04-19 02:51 - 2016-04-19 02:51 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\LaptopSeb\Desktop\tdsskiller.exe
2016-04-19 02:48 - 2016-04-19 02:48 - 01726464 _____ (Farbar) C:\Users\LaptopSeb\Desktop\FRST.exe
2016-04-18 17:51 - 2016-04-19 04:10 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Free Download Manager
2016-04-18 17:51 - 2016-04-19 01:31 - 00001029 _____ C:\Users\LaptopSeb\Desktop\Free Download Manager.lnk
2016-04-18 17:51 - 2016-04-19 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-04-18 17:51 - 2016-04-19 01:31 - 00000000 ____D C:\Program Files\Free Download Manager
2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\FreeDownloadManager.ORG
2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\ProgramData\FreeDownloadManager.ORG
2016-04-18 17:51 - 2016-04-18 17:51 - 00000000 ____D C:\ProgramData\Free Download Manager
2016-04-18 17:49 - 2016-04-18 17:49 - 10796688 _____ (FreeDownloadManager.ORG ) C:\Users\LaptopSeb\Downloads\fdminst397.exe
2016-04-18 17:18 - 2016-04-18 17:18 - 00242344 _____ C:\Users\LaptopSeb\Downloads\Firefox Setup Stub 45.0.2.exe
2016-04-18 10:18 - 2016-04-18 10:18 - 03567320 _____ (TODO: <Company name>) C:\Windows\RtCRU32.exe
2016-04-18 10:18 - 2016-04-18 10:18 - 00302808 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-04-18 10:16 - 2016-04-18 10:18 - 00000000 ____D C:\Windows\LastGood
2016-04-18 10:14 - 2016-04-18 10:14 - 00770304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2016-04-18 10:14 - 2016-04-18 10:14 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2016-04-17 22:18 - 2016-04-17 22:18 - 00142657 _____ C:\Users\LaptopSeb\Downloads\vorsorgeuntersuchung(1).pdf
2016-04-17 22:18 - 2016-04-17 22:18 - 00115783 _____ C:\Users\LaptopSeb\Downloads\Ablauf-Praktikum-Berufsfelderkundung.pdf
2016-04-16 23:09 - 2016-04-17 14:19 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\3CB06E41.sys
2016-04-15 22:59 - 2016-04-15 22:59 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\559718CC.sys
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\calibre-cache
2016-04-14 02:29 - 2016-04-14 04:09 - 00000000 ____D C:\Users\LaptopSeb\Documents\Calibre-Bibliothek
2016-04-14 02:29 - 2016-04-14 04:07 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\calibre
2016-04-14 02:29 - 2016-04-14 04:05 - 00000000 ____D C:\Program Files\Calibre2
2016-04-14 02:29 - 2016-04-14 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-04-14 02:24 - 2016-04-14 02:25 - 67674112 _____ C:\Users\LaptopSeb\Downloads\calibre-2.54.0.msi
2016-04-14 02:08 - 2016-04-14 03:04 - 00000000 ____D C:\Users\LaptopSeb\Documents\My Kindle Content
2016-04-14 02:08 - 2016-04-14 02:08 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2016-04-14 02:07 - 2016-04-14 02:08 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\Amazon
2016-04-14 02:03 - 2016-04-14 02:03 - 45580176 _____ (Amazon.com) C:\Users\LaptopSeb\Downloads\KindleForPC-installer-1.15.43061.exe
2016-04-13 19:49 - 2016-04-13 19:49 - 00097239 _____ C:\Users\LaptopSeb\Downloads\PrüfTermine-HM_Vorklinik-SoSe2016.pdf
2016-04-13 19:49 - 2016-04-13 19:49 - 00047396 _____ C:\Users\LaptopSeb\Downloads\Prüfungsrichtlinien.pdf
2016-04-12 15:53 - 2016-04-12 15:53 - 00228447 _____ C:\Users\LaptopSeb\Downloads\preisliste.pdf
2016-04-12 01:10 - 2016-04-12 01:24 - 204186672 _____ C:\Users\LaptopSeb\Downloads\BangPOV.16.04.09.Goldie.mp4
2016-04-12 01:08 - 2016-04-12 01:20 - 137106754 _____ C:\Users\LaptopSeb\Downloads\BlowMeInPOV.13.06.18.Lea.Queen.Teen.Mouthful.FRENCH.mp4
2016-04-12 01:07 - 2016-04-12 01:19 - 153532522 _____ C:\Users\LaptopSeb\Downloads\BlowMeInPOV.13.01.15.Sunny.Spark.Succulent.Suck.FRENCH.mp4
2016-04-11 13:41 - 2016-04-11 13:41 - 00423239 _____ C:\Users\LaptopSeb\Downloads\poster non-presenting participants.pdf
2016-04-11 05:19 - 2016-04-11 05:19 - 45161313 _____ C:\Users\LaptopSeb\Downloads\Biologie Gesamtzusammenfassung_PDF.pdf
2016-04-11 04:58 - 2016-04-18 04:08 - 00000000 ____D C:\Users\LaptopSeb\Desktop\2tes Semster
2016-04-11 04:58 - 2016-04-11 04:58 - 00109404 _____ C:\Users\LaptopSeb\Downloads\Semesterplan_SoSe_2016_03_07-2-Semester.pdf
2016-04-11 04:57 - 2016-04-11 04:58 - 00000000 ____D C:\Users\LaptopSeb\Desktop\1. sem
2016-04-11 01:59 - 2016-04-11 01:59 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 04:39 - 2015-10-19 20:05 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\NetSpeedMonitor
2016-04-19 04:39 - 2015-10-09 22:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-19 04:22 - 2016-02-03 17:33 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 04:17 - 2016-01-31 23:53 - 00000000 ____D C:\ProgramData\IObit
2016-04-19 04:17 - 2016-01-31 23:52 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\IObit
2016-04-19 04:17 - 2016-01-31 23:52 - 00000000 ____D C:\Program Files\IObit
2016-04-19 04:11 - 2016-02-03 17:32 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 04:01 - 2015-10-10 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-19 03:34 - 2015-10-14 17:00 - 00000000 ____D C:\Users\LaptopSeb\Desktop\BetriebsProgramme
2016-04-19 03:29 - 2016-02-03 22:39 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\vlc
2016-04-19 03:21 - 2016-02-12 16:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-19 03:16 - 2016-01-31 23:53 - 00002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-04-19 03:16 - 2016-01-31 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-04-19 03:15 - 2016-01-31 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-04-19 03:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-19 02:54 - 2009-07-14 06:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-19 02:54 - 2009-07-14 06:34 - 00028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-19 02:01 - 2016-02-07 19:04 - 00000000 ____D C:\Users\LaptopSeb\Downloads\Ant Videos
2016-04-18 17:24 - 2015-10-09 23:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-18 17:24 - 2015-05-16 22:50 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-18 17:24 - 2015-05-16 22:50 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieUserList
2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieSiteList
2016-04-18 17:13 - 2015-10-15 17:42 - 00000000 __SHD C:\Users\LaptopSeb\AppData\Local\EmieBrowserModeList
2016-04-18 10:14 - 2016-02-05 00:15 - 00109640 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2016-04-18 10:14 - 2011-04-12 03:30 - 00699626 _____ C:\Windows\system32\perfh007.dat
2016-04-18 10:14 - 2011-04-12 03:30 - 00149734 _____ C:\Windows\system32\perfc007.dat
2016-04-18 10:14 - 2010-11-20 23:01 - 01620444 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-18 10:06 - 2016-02-01 00:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 10:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-18 08:21 - 2016-02-01 00:16 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-18 08:21 - 2016-02-01 00:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-18 04:25 - 2016-02-03 14:23 - 00000000 ____D C:\Users\LaptopSeb\AppData\Local\Spotify
2016-04-18 04:13 - 2016-02-17 14:23 - 00000000 ____D C:\Users\LaptopSeb\Desktop\musik
2016-04-18 02:55 - 2016-02-03 14:21 - 00000000 ____D C:\Users\LaptopSeb\AppData\Roaming\Spotify
2016-04-17 14:20 - 2016-02-03 15:33 - 00000000 ____D C:\Users\LaptopSeb\Desktop\handypics
2016-04-14 17:41 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-13 02:42 - 2015-10-14 14:24 - 00013405 _____ C:\Windows\BRRBCOM.INI
2016-04-11 04:01 - 2015-10-09 22:58 - 00704416 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2016-04-11 04:01 - 2015-07-09 19:11 - 00155304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2016-04-11 04:01 - 2015-07-09 19:11 - 00076472 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2016-04-11 01:35 - 2016-01-31 23:54 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-04-11 01:34 - 2016-02-03 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-11 01:34 - 2016-02-03 17:32 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-04-11 01:31 - 2015-07-09 19:11 - 00044920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2016-04-11 01:31 - 2015-07-09 19:11 - 00044728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-04-11 01:31 - 2015-07-09 19:11 - 00044408 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2016-04-11 01:27 - 2016-03-04 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-03 22:26 - 2016-02-03 22:26 - 0000017 _____ () C:\Users\LaptopSeb\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\LaptopSeb\AppData\Local\Temp\fdm_videomon_inst2.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-18 05:04

==================== Ende vom FRST.txt ============================
         
6.Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:18-04-2016
durchgeführt von LaptopSeb (2016-04-19 04:39:51)
Gestartet von C:\Users\LaptopSeb\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-05-11 10:22:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3241619114-2459310091-2925659403-500 - Administrator - Disabled)
Gast (S-1-5-21-3241619114-2459310091-2925659403-501 - Limited - Enabled)
LaptopSeb (S-1-5-21-3241619114-2459310091-2925659403-1000 - Administrator - Enabled) => C:\Users\LaptopSeb

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.08 beta (HKLM\...\7-Zip) (Version: 15.08 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
Amazon Kindle (HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Belarc Advisor 8.5c (HKLM\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Brother MFL-Pro Suite MFC-J4420DW (HKLM\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
calibre (HKLM\...\{50179884-9D17-4BC1-A685-3E99E55CE918}) (Version: 2.54.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Driver Booster 3.2 (HKLM\...\Driver Booster_is1) (Version: 3.2 - IObit)
Free Download Manager 3.9.7 (HKLM\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
Kaspersky Internet Security (HKLM\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.2.361 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles)
Nuance PaperPort 12 (HKLM\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF24 Creator 7.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Scansoft PDF Professional (Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Spotify (HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Trojan Remover 6.9.3.2942 (HKLM\...\Trojan Remover_is1) (Version: 6.9.3.2942 - Simply Super Software)
TrojanHunter 6.0 (HKLM\...\TrojanHunter_is1) (Version: 6.0 - Bytelayer AB)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wise Program Uninstaller 1.91 (HKLM\...\Wise Program Uninstaller_is1) (Version: 1.91 - WiseCleaner.com, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {089464E0-2A3D-403A-B352-4BEAB0EBA66A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {143EBF5D-7D0F-4C14-8DB0-78EC929C837E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {1635FB2B-7412-4F15-AADC-539C7A0E3EFC} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-03-15] (IObit)
Task: {78AE8478-5DDC-4F94-990B-96AB9D8CA941} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {79591706-ED6C-4EB9-B253-1D99988D0BE6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {80172715-22E4-42B2-9A27-442E531FA840} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {811432A4-0C5D-4797-ACA8-0FC7E4A4A696} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {9715AE0A-4D22-41C4-A585-25A90E50ADC6} - System32\Tasks\ASC9_SkipUac_LaptopSeb => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-03-18] (IObit)
Task: {C3F4C555-152A-403E-A549-D40530CFBAFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C6ACF88A-667C-4AFE-82F1-166BD336F44B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-18] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2015-12-19 21:51 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-15 22:44 - 2016-01-15 22:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [286]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7871 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\...\1-se.com -> 1-se.com

Da befinden sich 11410 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2016-02-03 17:13 - 00450954 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15470 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3241619114-2459310091-2925659403-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LaptopSeb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2FABB586-B791-41D6-B678-9C5460620D04}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E5831843-44D3-4CA7-BAD9-99218F0BCFA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E55C5D53-8D03-496C-A2A0-1C16FBB69F17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE977500-A9EA-4FAF-A60F-F67B63A09111}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{59855A30-E9B9-419F-BEFA-7A6930FF14FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9C5424FA-0842-4F38-A5F0-4064F4CD7F3A}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{0A466766-478D-48AA-BF2F-CE3CC28E72E6}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{066F7270-ECB7-4C25-8318-DEA039A54F77}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{67DB7E84-6766-4D5D-B80C-8CE77752B086}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{64DD41C9-B613-47DB-B5FD-3851AAC13BAB}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{AD40200A-D6DB-4F7F-BBDE-00E65C28DDEA}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

19-04-2016 04:16:13 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Intel(R) Wireless WiFi Link 4965AGN
Description: Intel(R) Wireless WiFi Link 4965AGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwLv32
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================

Systemfehler:
=============
Error: (04/19/2016 03:54:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-10-14 17:46:21.236
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-14 17:46:21.236
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-14 17:46:21.236
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-14 17:46:18.631
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-14 17:46:18.631
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-14 17:46:18.631
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-09 23:07:34.939
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-09 23:07:34.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-09 23:07:34.933
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-09 23:07:34.930
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3062.43 MB
Verfügbarer physikalischer RAM: 1534.57 MB
Summe virtueller Speicher: 6123.18 MB
Verfügbarer virtueller Speicher: 3984.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:78.49 GB) (Free:14.83 GB) NTFS
Drive d: (Media/data/downloads) (Fixed) (Total:154.3 GB) (Free:3.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 5DB4F36C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.3 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         
__________________


Alt 19.04.2016, 15:57   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Win 7 Laptop, infiziert, gehackt, verlangsamt



moin

Zitat:
Zitat von Hazor1987 Beitrag anzeigen
1)bei meinem Laptop ist Win 7 stark verlangsamt,
Deine CPU ist auch nicht gerade ne Rakete, wurde schon vor fast zehn Jahren auf den Markt gebracht. => Intel® Core?2 Duo Processor T7300 (4M Cache, 2.00 GHz, 800 MHz FSB) Spezifikationen

Aktuelle Software ist nicht wirklich darauf ausgelegt auf uralter Hardware zu laufen.


Zitat:
Zitat von Hazor1987 Beitrag anzeigen
2) Die CPU Auslastung ist viel höher, sodass Surfen mit Firefox in mehreren Tabs oder streamen nicht mehr möglich ist.
Das ist bei Windows 7 leider ziemlich normal... Microsoft hat die Windows Updates kaputtgemacht, Windows 7 sucht sich immer nen Wolf und schluckt die Rechenpower eines CPU-Kerns.


Zitat:
Zitat von Hazor1987 Beitrag anzeigen
3) Ich kann keine Dokumente mehr drucken
Das hat so nix mit Schädlingen zu tun


Zitat:
Zitat von Hazor1987 Beitrag anzeigen
5) Irgendwie hat sich mein Biospasswort geändert, obwohl ich es genauso eintippe wie ich es mir aufgeschrieben habe
Das hat auch nix mit Schädlingen zu tun. Es gibt andere Möglichkeiten die viel wahrscheinlicher sind...aber es wird ja immer gleich an ein Hacker gedacht auch wenn man das Passwort sich vllt falsch notiert haben sollte. Oder man nicht an das amerikanische Tastaturlayout denkt, welches im BIOS aktiv ist. (y/z und andere Vertauschungen)


Zitat:
Zitat von Hazor1987 Beitrag anzeigen
6) Kaspersky Internet Security findet nichts
MBAR und TDSSkiller auch nicht. Trotzdem schreibst du als Betreff für diesen Thread "Laptop infiziert gehackt" - warum?

Außerdem:

Microsoft Office Professional Plus 2010
Microsoft Windows 7 Ultimate Service Pack 1


Ist das ein gewerblich genutztes System?
__________________
__________________

Alt 19.04.2016, 18:03   #4
Hazor1987
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Danke für die schnelle Antwort cosinus



Jup. Ist lange Zeit mein Arbeitslaptop gewesen und hab ihn durchs Geschäft bekommen.

Ich vermute das ich wahrscheinlich schon vor einiger Zeit gehackt worden bin, denn es gab mal eine Phase ,da haben sich ständig willkürlich Windowsfenster ohne mein zutun blitzschnell geöffnet und auch wieder geschlossen. Prozesse haben sich Grundlos geöffnet oder geschlossen z.b sind die Securityprogramme ständig ausgegangen oder die Firewall stellte sich ab,ständig musste ich manuell die Ports in der Firewall nachstellen, da sie sich wie von Geisterhand öffneten. Außerdem wurden öfters seltsamerweise Benutzerrechte von Programmen und Ordnern verändert. Solange bis es mir zu blöd wurde und ich ihn ratlos in die Ecke pfefferte .
Ich habe dann für eine halbes Jahr einen anderen Laptop benutz.
Vor ungefähr einem Monat habe ich ihn reaktiviert und stellte fest das mit den neuen Updates das Phänomen aufgehört hat, vielleicht hat er auch gemerkt das bei mir nichts zu holen ist und deswegen das Interesse verloren. Ich weiß es nicht...DA sich jetzt aber wieder das System schlagartig, viel verschlechtert hat(was ich nun dank Dir weiß, vermutlich die schlechten neuen Updates und Treiber sind) und das Problem mit Drucker und Bios auftauchten, hatte ich Paranoia das ich wieder unter Fremdeinfluss stehen könnte und wollte auf Nummer sicher gehen und diesmal einen Profi fragen.

Das mit den Updates ist wirklich Schade, weil so ist er nicht mehr richtig benutzbar. Denn ich würde den Laptop gerne meinen Neffen für die Schulaufgaben und Filme gucken schenken.

Ich hab die Idee, das der Laptop vielleicht wieder als Arbeitsmaschine funktionieren könnte, wenn ich das neue Linux Mint draufmache(das ja sehr benutzerfreundlich, ressurcensparend und im vergleich zu XP up-to-date ist). Zusätzlich hätte es einen größeren Lernfaktor! Was hälst du von der Idee?

Kannst du mir bitte einen einfachen Tipp geben wie ich wieder an den Bios rankomme oder an wen ich mich da wenden muss?

Alt 19.04.2016, 20:09   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Win 7 Laptop, infiziert, gehackt, verlangsamt



Bei normalen Desktop-PCs kann man das BIOS und damit auch ein Passwort, das es absichert, durch einen CMOS Reset oder ganz einfach durch Entfernen der CR2032 Knopfzelle zurücksetzen. Wie das beim Notebook ist keine Ahnung. Das musst du hier mal im Hardwarebereich erfragen.

Linux auf diese betagte Hardware einzusetzen ist deutlich sinnvoller als es mit einem moppeligen Windows zu versuchen. Ich empfehle aber kein Linux Mint, das Updatewirrwarr sollte man sich als Anfänger nicht antun. Nimm besser Ubuntu MATE, Xubuntu oder für ältere System Lubuntu.


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.04.2016, 05:13   #6
Hazor1987
 
Win 7 Laptop, infiziert, gehackt, verlangsamt - Standard

Win 7 Laptop, infiziert, gehackt, verlangsamt



vielen Dank

Antwort

Themen zu Win 7 Laptop, infiziert, gehackt, verlangsamt
.com, administrator, auslastung, autorun, avp, browser, computer, cpu, defender, desktop, driver booster, dxgkrnl, explorer, firefox, gehackt, help, helper, hilfe, infiziert, kaspersky, monitor, object, problem, rootkit, scan, security, server, starten, tunnel, verlangsamt, windows



Ähnliche Themen: Win 7 Laptop, infiziert, gehackt, verlangsamt


  1. .src Datei geöffnet- Skype gehackt- Windows 7 verlangsamt
    Plagegeister aller Art und deren Bekämpfung - 02.12.2015 (23)
  2. Laptop infiziert?
    Plagegeister aller Art und deren Bekämpfung - 17.10.2015 (20)
  3. Windows 7: Laptop wirkt verlangsamt und allgemeiner Check
    Log-Analyse und Auswertung - 27.05.2015 (17)
  4. Passwort von Mail Account gehackt - Email mit Virenlink an Kontakte = PC infiziert?
    Überwachung, Datenschutz und Spam - 19.02.2015 (6)
  5. Laptop gehackt?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (5)
  6. Laptop gehackt!
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (47)
  7. Hotmail gehackt - PC infiziert?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2013 (7)
  8. Habe mich mit Maleware (Malware.Packer.as), die mein Internet verlangsamt, infiziert bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (19)
  9. Laptop gehackt oder nicht ? Auswertung von Logfiles
    Log-Analyse und Auswertung - 08.05.2013 (1)
  10. Amazon-Konto gehackt! Ist mein PC infiziert?
    Log-Analyse und Auswertung - 10.04.2013 (1)
  11. Problem mit "Öffnen mit..." - Verlangsamt den ganzen Laptop
    Plagegeister aller Art und deren Bekämpfung - 08.02.2013 (0)
  12. system komplett gehackt und infiziert
    Log-Analyse und Auswertung - 23.11.2011 (4)
  13. Battle.net Account Gehackt-> Pc infiziert?
    Log-Analyse und Auswertung - 01.07.2011 (4)
  14. Laptop Gehackt?
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (13)
  15. Laptop infiziert?
    Log-Analyse und Auswertung - 26.01.2010 (4)
  16. Virus (?) verlangsamt Laptop und behindert Google
    Plagegeister aller Art und deren Bekämpfung - 15.07.2008 (1)
  17. Laptop infiziert
    Plagegeister aller Art und deren Bekämpfung - 19.04.2008 (6)

Zum Thema Win 7 Laptop, infiziert, gehackt, verlangsamt - Hallo liebes Trojaner-board! In meinem aller ersten Post suche ich direkt eure Hilfe auf Folgendes Problem: 1)bei meinem Laptop ist Win 7 stark verlangsamt, 2) Die CPU Auslastung ist viel - Win 7 Laptop, infiziert, gehackt, verlangsamt...
Archiv
Du betrachtest: Win 7 Laptop, infiziert, gehackt, verlangsamt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.