Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit Windows 7 64 bit Professional PC

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.10.2016, 20:19   #1
lfcasrafcfcb
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Hallo Board!

Ich habe seit gestern massive Probleme mit meinem PC.

Es begann damit, dass ich einen Virenscan mit der Desinfec´t-DVD machte, mit Avira, Eset und Kaspersky.

Avira zeigte mit an, dass 3 verdächtige Dateien dabei waren (unter infected waren aber 0 angegeben).

2 davon wurden beim Gegencheck bei virustotal als unverdächtig gemeldet, die dritte allerdings konnte ich nicht hochladen (ich machte unzählige Versuche, der PC fror entweder ein oder die Hochlade-Maske von virustotal blieb ewig unverändert stehen, andere Dateien - auch solche aus dem gleichen Ordner und mit der gleichen Endung - liessen sich problemlos hochladen und untersuchen).

Darüber hinaus habe ich auch mit der Trend Micro Maximum Security ein Problem. Sie hängt sich bei einem Vollscan bei 13% und etwa 175.000 gescannten Dateien auf und nichts geht mehr...ich muss den PC mit dem Ein /Aus-Schalter ausschalten.

Jetzt habe ich die Security deinstalliert und eine neuere installiert - das Problem ist geblieben...ebenfalls bei 13% und diesmal ca. 192.000 Dateien friert der PC ein.

Ein Scan mit Malwarebytes hat nichts ergeben. Mit SUPERAntiSpyware auch nichts.

Ich habe einen Screenshot beigefügt, auf dem die betroffen Datei markiert ist und man oben den Pfad sieht.

MfG Hans
Miniaturansicht angehängter Grafiken
Probleme mit Windows 7 64 bit Professional PC-virus-2016-10-05.jpg  

Geändert von lfcasrafcfcb (05.10.2016 um 20:50 Uhr)

Alt 06.10.2016, 10:28   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 06.10.2016, 10:51   #3
lfcasrafcfcb
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Johann Mezgolits (Administrator) auf JOHANNMEZGOLITS (06-10-2016 11:48:03)
Gestartet von C:\Users\Livia\Desktop
Geladene Profile: Johann Mezgolits & Livia (Verfügbare Profile: Johann Mezgolits & Livia)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-24] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-07-24] (Trend Micro Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-07-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom)
HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\MountPoints2: {5530f7cc-7c18-11e5-b1b0-806e6f6e6963} - E:\Bin\ASSETUP.exe
HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-08-31] (SUPERAntiSpyware)
HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom)
HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\MountPoints2: {3bb304c3-808d-11e5-9fe7-08606e6c9f2a} - "K:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\MountPoints2: {6b8448fb-1751-11e6-b166-08606e6c9f2a} - F:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [  FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-24] (Trend Micro Inc.)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4CC3AEA0-ADE5-4F3F-84BA-4EDDECA59605}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-208931692-847211715-3222408101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKU\S-1-5-21-208931692-847211715-3222408101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-208931692-847211715-3222408101-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
BHO: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
BHO-x32: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
BHO-x32: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-24] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.)

FireFox:
========
FF DefaultProfile: yerfn62e.default
FF ProfilePath: C:\Users\Johann Mezgolits\AppData\Roaming\Mozilla\Firefox\Profiles\yerfn62e.default [2016-10-05]
FF Homepage: Mozilla\Firefox\Profiles\yerfn62e.default -> about:blank
FF Extension: (FxIF) - C:\Users\Johann Mezgolits\AppData\Roaming\Mozilla\Firefox\Profiles\yerfn62e.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2015-11-01]
FF Extension: (WOT) - C:\Users\Johann Mezgolits\AppData\Roaming\Mozilla\Firefox\Profiles\yerfn62e.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-10-05]
FF Extension: (Video DownloadHelper) - C:\Users\Johann Mezgolits\AppData\Roaming\Mozilla\Firefox\Profiles\yerfn62e.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-19]
FF Extension: (Adblock Plus) - C:\Users\Johann Mezgolits\AppData\Roaming\Mozilla\Firefox\Profiles\yerfn62e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-19]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-10-05]
FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-10-05]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-10-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-10-27] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-27] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-24] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [142552 2016-08-07] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [435416 2016-08-07] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.)
R2 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [117984 2016-08-07] (Trend Micro Inc.)
R2 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
S1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [104672 2016-08-07] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.)
U2 TMAgent; kein ImagePath
S2 VBoxDRV; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\VBoxDrv\VBoxDrv.sys [X]
S2 VBoxUSBMon; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\USB\filter\VBoxUSBMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 11:48 - 2016-10-06 11:48 - 00016017 _____ C:\Users\Livia\Desktop\FRST.txt
2016-10-06 11:47 - 2016-10-06 11:48 - 00000000 ____D C:\FRST
2016-10-06 11:46 - 2016-10-06 11:46 - 02405376 _____ (Farbar) C:\Users\Livia\Desktop\FRST64.exe
2016-10-06 09:03 - 2016-10-06 09:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-06 09:02 - 2016-10-06 09:02 - 00000000 ____D C:\Users\Livia\Desktop\mbar
2016-10-06 08:57 - 2016-10-06 09:36 - 00000000 ____D C:\Users\Johann Mezgolits\Desktop\mbar
2016-10-06 08:56 - 2016-10-06 08:56 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Livia\Desktop\mbar-1.09.3.1001.exe
2016-10-05 20:31 - 2016-10-05 20:31 - 00000000 __SHD C:\found.001
2016-10-05 20:08 - 2016-10-05 20:08 - 00000000 ___HD C:\TMRescueDisk
2016-10-05 20:04 - 2016-10-05 20:04 - 00001427 _____ C:\Users\Livia\Desktop\Trend Micro Maximum Security.lnk
2016-10-05 20:04 - 2016-10-05 20:04 - 00000000 ____D C:\Users\Livia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2016-10-05 20:03 - 2016-10-06 09:47 - 00000000 ____D C:\ProgramData\Trend Micro
2016-10-05 20:03 - 2016-10-05 20:03 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2016-10-05 20:03 - 2016-10-05 20:03 - 00000000 ____D C:\Windows\SysWOW64\tmumh
2016-10-05 20:03 - 2016-10-05 20:03 - 00000000 ____D C:\Windows\system32\tmumh
2016-10-05 20:03 - 2016-10-05 20:03 - 00000000 ____D C:\Program Files\Trend Micro
2016-10-05 20:03 - 2016-08-07 19:48 - 00104672 ____N (Trend Micro Inc.) C:\Windows\system32\Drivers\tmumh.sys
2016-10-05 20:03 - 2016-08-07 19:27 - 00435416 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2016-10-05 20:03 - 2016-08-07 19:27 - 00142552 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2016-10-05 20:03 - 2016-08-07 19:27 - 00117984 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2016-10-05 20:03 - 2016-06-24 08:58 - 00561952 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2016-10-05 20:03 - 2016-06-21 05:23 - 00143648 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2016-10-05 20:03 - 2016-05-16 09:35 - 00132888 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2016-10-05 20:03 - 2016-01-05 05:35 - 00072504 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2016-10-05 19:59 - 2016-10-05 19:59 - 216149128 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2016-10-05 19:50 - 2016-10-05 19:50 - 06950952 _____ (Trend Micro Inc.) C:\Users\Livia\Downloads\Trend_Micro_Maximum_Security_2017.exe
2016-10-05 14:20 - 2016-10-05 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-05 14:19 - 2016-10-05 14:19 - 08244656 _____ (Piriform Ltd) C:\Users\Johann Mezgolits\Downloads\ccsetup522.exe
2016-10-05 14:12 - 2016-10-05 14:12 - 00000000 __SHD C:\found.000
2016-09-26 09:37 - 2016-09-26 09:37 - 00013929 _____ C:\Users\Livia\Documents\nn.odt
2016-09-25 15:49 - 2016-09-26 09:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 14:39 - 2016-09-23 14:39 - 00000997 _____ C:\Users\Livia\Desktop\ShiftN 4.0.lnk
2016-09-23 14:28 - 2016-09-23 15:00 - 00001158 _____ C:\Users\Livia\AppData\Roaming\ShiftN.ini
2016-09-23 14:27 - 2016-09-23 14:27 - 06267882 _____ (Marcus Hebel ) C:\Users\Livia\Downloads\ShiftN_Setup.exe
2016-09-23 14:27 - 2016-09-23 14:27 - 00000979 _____ C:\Users\Johann Mezgolits\Desktop\ShiftN.lnk
2016-09-23 14:27 - 2016-09-23 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShiftN
2016-09-23 14:27 - 2016-09-23 14:27 - 00000000 ____D C:\Program Files (x86)\ShiftN
2016-09-22 14:21 - 2016-09-22 14:21 - 00187799 _____ C:\Users\Livia\Documents\Lichen sclerosus.pdf
2016-09-20 19:19 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-20 19:19 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-19 22:38 - 2016-09-19 22:48 - 00000720 _____ C:\Users\Livia\AppData\Roaming\burnaware.ini
2016-09-19 22:38 - 2016-09-19 22:38 - 09879440 _____ (Burnaware ) C:\Users\Livia\Downloads\burnaware_free_9.4.exe
2016-09-19 22:08 - 2016-09-19 22:23 - 1697906688 _____ C:\Users\Livia\Downloads\linuxmint-18-cinnamon-64bit.iso
2016-09-18 16:36 - 2016-09-18 16:36 - 00011672 _____ C:\Users\Livia\Documents\Tarkus Titel.ods
2016-09-17 20:03 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-17 20:03 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-17 20:03 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-17 20:03 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-17 20:03 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-17 20:03 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-17 20:03 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-17 20:03 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-17 20:03 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-17 20:03 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-17 20:03 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-17 20:03 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-17 20:03 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-17 20:03 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-17 20:03 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-17 20:03 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-17 20:03 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-17 20:03 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-17 20:03 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-17 20:03 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-17 20:03 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-17 20:03 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-17 20:03 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-17 20:03 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-17 20:03 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-17 20:03 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-17 20:03 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-17 20:03 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-17 20:03 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-17 20:03 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-17 20:03 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-17 20:03 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-17 20:03 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-17 20:03 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-17 20:03 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-17 20:03 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-17 20:03 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-17 20:03 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-17 20:03 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-17 20:03 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-17 20:03 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-17 20:03 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-17 20:03 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-17 20:03 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-17 20:03 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-17 20:03 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-17 20:03 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-17 20:03 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-17 20:03 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-17 20:03 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-17 20:03 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-17 20:03 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-17 20:03 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-17 20:03 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-17 20:03 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-17 20:03 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-17 20:03 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-17 20:03 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-17 20:03 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-17 20:03 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-17 20:03 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-17 20:03 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-17 20:03 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-17 20:03 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-17 20:03 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-17 20:03 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-17 20:03 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-17 20:03 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-17 20:03 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-17 20:03 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-17 20:03 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-17 20:03 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-17 20:03 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-17 20:03 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-17 20:03 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-17 20:03 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-17 20:03 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-17 20:03 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-17 20:03 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-17 20:03 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-17 20:03 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-17 20:03 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-17 20:03 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-17 20:03 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-17 20:03 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-17 20:03 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-17 20:03 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-17 20:03 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-17 20:03 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-17 20:03 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-17 20:03 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-17 20:03 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-17 20:03 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-17 20:03 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-17 20:03 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-17 20:03 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-17 20:03 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-17 20:03 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-17 20:03 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-17 20:03 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-17 20:03 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-17 20:03 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-17 20:03 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-17 20:03 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-17 20:03 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-17 20:03 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-17 20:03 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-17 20:03 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-17 20:03 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-17 20:03 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-17 20:03 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-17 20:03 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-17 20:03 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-17 20:03 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-17 20:03 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-17 20:03 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-17 20:03 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-17 20:03 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-09-17 20:03 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-09-17 20:03 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-09-17 20:03 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-09-17 20:03 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-17 20:03 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-09-17 20:03 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-09-17 20:03 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-17 20:03 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-17 20:03 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-09-17 20:03 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-09-17 20:03 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-09-17 20:03 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-09-17 20:03 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-09-17 20:03 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-09-17 20:03 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-09-17 20:03 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-09-17 20:03 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-17 20:03 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-09-17 20:03 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-09-17 20:03 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-09-17 20:03 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-09-17 20:03 - 2016-05-04 19:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-09-17 20:03 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-09-17 20:03 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-09-17 20:03 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-09-16 11:21 - 2016-09-16 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-09-16 11:20 - 2016-09-16 11:20 - 00000000 ____D C:\Users\Livia\AppData\Local\Downloaded Installations
2016-09-13 21:19 - 2016-09-13 21:19 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-09-13 21:19 - 2016-09-13 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-09-13 21:19 - 2016-09-13 21:19 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-09-13 21:08 - 2016-09-13 21:09 - 221679616 _____ C:\Users\Livia\Downloads\LibreOffice_5.1.5_Win_x86.msi

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 11:42 - 2016-03-24 23:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 11:42 - 2015-10-28 23:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 10:34 - 2016-03-24 23:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-06 09:09 - 2009-07-14 06:45 - 00025904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-06 09:09 - 2009-07-14 06:45 - 00025904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-06 09:03 - 2015-10-27 20:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-06 08:57 - 2015-10-27 20:24 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-06 08:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-05 20:04 - 2015-10-27 20:06 - 00000000 ____D C:\ProgramData\Trend Micro Installer
2016-10-05 19:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-05 19:53 - 2015-10-26 22:23 - 00000000 ____D C:\Users\Johann Mezgolits\AppData\Local\Trend Micro
2016-10-05 19:52 - 2015-10-27 20:15 - 00000000 ____D C:\ProgramData\TMDP_Log
2016-10-05 19:51 - 2016-07-28 08:29 - 00000000 ____D C:\Users\Livia\AppData\Local\DP_Tower_3.7
2016-10-05 19:51 - 2015-10-29 10:00 - 00000000 ____D C:\Users\Johann Mezgolits\AppData\Roaming\Trend Micro
2016-10-05 14:42 - 2015-10-27 12:51 - 00000000 ____D C:\Users\Livia\AppData\Roaming\XnView
2016-10-05 14:39 - 2015-10-27 06:31 - 00684550 _____ C:\Windows\system32\perfh007.dat
2016-10-05 14:39 - 2015-10-27 06:31 - 00144714 _____ C:\Windows\system32\perfc007.dat
2016-10-05 14:20 - 2015-10-27 10:27 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-05 14:19 - 2015-10-27 08:15 - 00002940 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Johann_Mezgolits
2016-10-05 12:11 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 23:18 - 2015-10-26 21:39 - 00000000 ____D C:\Users\Johann Mezgolits
2016-10-04 21:35 - 2016-05-29 10:15 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 21:35 - 2016-05-29 10:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-04 13:20 - 2016-08-04 16:48 - 00000000 ____D C:\Users\Livia\Desktop\temporärer Ordner für scans
2016-10-04 13:20 - 2015-10-27 08:15 - 00000000 ____D C:\ProgramData\ProductData
2016-09-26 09:29 - 2015-10-26 22:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-25 00:10 - 2015-10-27 10:21 - 00000000 ____D C:\Users\Livia\AppData\Roaming\vlc
2016-09-22 14:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-19 22:39 - 2016-03-16 17:28 - 00001054 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2016-09-19 22:39 - 2016-03-16 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2016-09-19 22:39 - 2016-03-16 17:28 - 00000000 ____D C:\Program Files (x86)\BurnAware Free
2016-09-19 21:13 - 2015-10-26 22:06 - 00073640 _____ C:\Users\Johann Mezgolits\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-18 12:20 - 2009-07-14 06:45 - 00327680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-17 23:16 - 2015-10-28 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-17 23:15 - 2015-10-28 23:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-17 23:15 - 2015-10-28 23:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-17 23:15 - 2015-10-27 01:18 - 00000000 ____D C:\Windows\system32\MRT
2016-09-17 23:12 - 2015-10-27 01:18 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-16 11:21 - 2015-11-22 14:40 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2016-09-15 18:14 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-14 15:47 - 2015-10-27 09:56 - 00073640 _____ C:\Users\Livia\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-13 10:34 - 2009-07-14 04:34 - 00000540 _____ C:\Windows\win.ini
2016-09-13 10:26 - 2015-10-28 23:57 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 10:26 - 2015-10-28 23:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 10:26 - 2015-10-28 23:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 10:26 - 2015-10-28 23:57 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-13 10:26 - 2015-10-28 23:57 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-24 23:18 - 2016-03-24 23:18 - 6000640 _____ () C:\Program Files (x86)\GUTF790.tmp
2016-03-16 17:29 - 2016-03-16 17:29 - 0000370 _____ () C:\Users\Johann Mezgolits\AppData\Roaming\burnaware.ini
2015-10-26 22:21 - 2015-10-26 22:21 - 0000036 _____ () C:\Users\Johann Mezgolits\AppData\Local\housecall.guid.cache
2015-11-01 20:16 - 2015-11-01 20:16 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-06 10:09

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-10-2016
durchgeführt von Johann Mezgolits (06-10-2016 11:48:38)
Gestartet von C:\Users\Livia\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-26 19:39:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-208931692-847211715-3222408101-500 - Administrator - Disabled)
Gast (S-1-5-21-208931692-847211715-3222408101-501 - Limited - Disabled)
Johann Mezgolits (S-1-5-21-208931692-847211715-3222408101-1000 - Administrator - Enabled) => C:\Users\Johann Mezgolits
Livia (S-1-5-21-208931692-847211715-3222408101-1002 - Limited - Enabled) => C:\Users\Livia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Trend Micro Maximum Security (Enabled - Up to date) {6458A697-CD62-2062-F924-44AA7F87C1E7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Maximum Security (Enabled - Up to date) {DF394773-EB58-2FEC-C394-7FD804008B5A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AllDup 3.3.12 (HKLM-x32\...\AllDup_is1) (Version: 3.3.12 - Michael Thummerer Software Design)
AMD Catalyst Install Manager (HKLM\...\{47084ADB-4402-B381-8D10-F27205D3CF7C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
BenVista PhotoZoom Pro 4.1.4 (HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\PhotoZoom Pro 4) (Version: 4.1.4 - BenVista Ltd.)
BurnAware Free 9.4 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Müller Fotóvilág (HKLM-x32\...\Müller Fotóvilág) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ShiftN 4.0 (HKLM-x32\...\ShiftN_is1) (Version: 4.0.0.1 - Marcus Hebel)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
TomTom HOME (HKLM-x32\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 11.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 11.0 - Trend Micro Inc.) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00E73CB6-A73B-4C2C-9AAB-2D59C97C9645} - System32\Tasks\Uninstaller_SkipUac_Johann_Mezgolits => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {299BF414-7452-4752-A245-D4A56DB39185} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.)
Task: {4AF45A1D-0EEC-420C-A495-F3FDAB50040E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {524C958E-846B-4FBA-AD47-123364D42110} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {7F61524C-264B-4810-9B4C-08384FF56083} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24] (Google Inc.)
Task: {A72EF308-C1F5-4D4B-BF9F-351C8EFDB776} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-05 20:03 - 2016-07-24 19:40 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2016-10-05 20:03 - 2016-07-24 19:40 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2016-10-05 20:03 - 2016-07-24 19:40 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2016-10-05 20:03 - 2016-07-24 19:40 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-07-27 23:02 - 2012-07-27 23:02 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-07-27 22:44 - 2012-07-27 22:44 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-10-05 20:03 - 2015-03-31 13:08 - 00026408 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll
2016-10-05 20:03 - 2015-03-31 13:08 - 00058320 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll
2016-10-05 20:03 - 2015-03-31 13:09 - 00686608 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2016-10-05 20:03 - 2015-03-31 13:08 - 00110320 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll
2016-10-05 20:03 - 2015-03-31 13:08 - 00036160 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll
2016-10-05 20:03 - 2015-03-31 13:09 - 01314920 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2016-10-05 20:02 - 2016-07-24 19:40 - 00178416 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2016-10-05 20:02 - 2016-07-24 19:40 - 00077072 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-208931692-847211715-3222408101-1000\...\trendmicro.com -> hxxps://pwm.trendmicro.com
IE trusted site: HKU\S-1-5-21-208931692-847211715-3222408101-1002\...\trendmicro.com -> hxxps://pwm.trendmicro.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-208931692-847211715-3222408101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johann Mezgolits\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-208931692-847211715-3222408101-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Livia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E56E2CB2-64AE-49E1-BE79-AA911533D3E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9FA1A6C-9510-4007-AED0-F9045CB11ACE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{902F7C48-31DB-451E-B1B5-DC19D99AC90A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB60939D-5A03-4288-934F-7050483D321F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{467E6A09-0CBE-4CC0-B1AE-01B4783FA6DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-10-2016 10:16:35 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PortableVBoxDRV
Description: PortableVBoxDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: PortableVBoxUSBMon
Description: PortableVBoxUSBMon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxUSBMon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: TMUMH
Description: TMUMH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tmumh
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/06/2016 09:13:46 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.ci" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Microsoft Windows Search-Indexerstellung wurde wegen dieses Fehlers geschlossen.

Programm: Microsoft Windows Search-Indexerstellung
Datei: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.ci

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3

Error: (10/06/2016 09:13:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.7601.17610, Zeitstempel: 0x4dc0d019
Name des fehlerhaften Moduls: TQUERY.DLL, Version: 7.0.7601.17610, Zeitstempel: 0x4dc0e17a
Ausnahmecode: 0xc0000006
Fehleroffset: 0x0000000000034a88
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0x01d21f9e82d6acab
Pfad der fehlerhaften Anwendung: C:\Windows\system32\SearchIndexer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\TQUERY.DLL
Berichtskennung: 6b78bc49-8b94-11e6-9535-08606e6c9f2a

Error: (10/06/2016 09:00:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "ꮫ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (10/06/2016 08:56:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 09:13:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "ꮫ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (10/05/2016 09:10:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 08:42:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "ꮫ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (10/05/2016 08:38:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 08:34:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 08:32:47 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


Systemfehler:
=============
Error: (10/06/2016 09:47:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmumh" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (10/06/2016 09:47:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmumh" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (10/06/2016 09:47:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Trend Micro Solution Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/06/2016 09:47:17 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:47:13 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:47:13 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:47:13 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:47:13 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:39:08 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (10/06/2016 09:14:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5800K APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 15822.46 MB
Verfügbarer physikalischer RAM: 13565.9 MB
Summe virtueller Speicher: 31643.1 MB
Verfügbarer virtueller Speicher: 28581.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:31.77 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:15.44 GB) NTFS
Drive f: (Lokaler Datenträger) (Fixed) (Total:1863.01 GB) (Free:1064.42 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: BED7B18E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 880EC9D5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BED7B1B1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 06.10.2016, 10:57   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.10.2016, 11:07   #5
lfcasrafcfcb
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Code:
ATTFilter
12:05:03.0583 0x176c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
12:05:07.0483 0x176c  ============================================================
12:05:07.0483 0x176c  Current date / time: 2016/10/06 12:05:07.0483
12:05:07.0483 0x176c  SystemInfo:
12:05:07.0483 0x176c  
12:05:07.0483 0x176c  OS Version: 6.1.7601 ServicePack: 1.0
12:05:07.0483 0x176c  Product type: Workstation
12:05:07.0483 0x176c  ComputerName: JOHANNMEZGOLITS
12:05:07.0483 0x176c  UserName: Johann Mezgolits
12:05:07.0483 0x176c  Windows directory: C:\Windows
12:05:07.0483 0x176c  System windows directory: C:\Windows
12:05:07.0483 0x176c  Running under WOW64
12:05:07.0483 0x176c  Processor architecture: Intel x64
12:05:07.0483 0x176c  Number of processors: 4
12:05:07.0483 0x176c  Page size: 0x1000
12:05:07.0483 0x176c  Boot type: Normal boot
12:05:07.0483 0x176c  CodeIntegrityOptions = 0x00000001
12:05:07.0483 0x176c  ============================================================
12:05:07.0779 0x176c  KLMD registered as C:\Windows\system32\drivers\35038895.sys
12:05:07.0779 0x176c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23539, osProperties = 0x1
12:05:07.0951 0x176c  System UUID: {9F48F077-9A3A-E054-0384-420B54ED44B7}
12:05:08.0388 0x176c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:08.0388 0x176c  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:08.0388 0x176c  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:08.0434 0x176c  ============================================================
12:05:08.0434 0x176c  \Device\Harddisk0\DR0:
12:05:08.0434 0x176c  MBR partitions:
12:05:08.0434 0x176c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:05:08.0434 0x176c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE80800
12:05:08.0434 0x176c  \Device\Harddisk2\DR2:
12:05:08.0434 0x176c  MBR partitions:
12:05:08.0434 0x176c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:05:08.0434 0x176c  \Device\Harddisk1\DR1:
12:05:08.0434 0x176c  MBR partitions:
12:05:08.0434 0x176c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
12:05:08.0434 0x176c  ============================================================
12:05:08.0434 0x176c  C: <-> \Device\Harddisk0\DR0\Partition2
12:05:08.0434 0x176c  D: <-> \Device\Harddisk2\DR2\Partition1
12:05:08.0434 0x176c  F: <-> \Device\Harddisk1\DR1\Partition1
12:05:08.0450 0x176c  ============================================================
12:05:08.0450 0x176c  Initialize success
12:05:08.0450 0x176c  ============================================================
12:05:32.0271 0x1018  ============================================================
12:05:32.0271 0x1018  Scan started
12:05:32.0271 0x1018  Mode: Manual; SigCheck; TDLFS; 
12:05:32.0271 0x1018  ============================================================
12:05:32.0271 0x1018  KSN ping started
12:05:32.0396 0x1018  KSN ping finished: true
12:05:34.0221 0x1018  ================ Scan system memory ========================
12:05:34.0221 0x1018  System memory - ok
12:05:34.0221 0x1018  ================ Scan services =============================
12:05:34.0237 0x1018  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:05:34.0284 0x1018  !SASCORE - ok
12:05:34.0346 0x1018  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:05:34.0377 0x1018  1394ohci - ok
12:05:34.0377 0x1018  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:05:34.0408 0x1018  ACPI - ok
12:05:34.0408 0x1018  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:05:34.0440 0x1018  AcpiPmi - ok
12:05:34.0455 0x1018  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:34.0486 0x1018  AdobeFlashPlayerUpdateSvc - ok
12:05:34.0502 0x1018  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:05:34.0533 0x1018  adp94xx - ok
12:05:34.0533 0x1018  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:05:34.0564 0x1018  adpahci - ok
12:05:34.0564 0x1018  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:05:34.0596 0x1018  adpu320 - ok
12:05:34.0596 0x1018  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:05:34.0627 0x1018  AeLookupSvc - ok
12:05:34.0642 0x1018  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
12:05:34.0674 0x1018  AFD - ok
12:05:34.0674 0x1018  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:05:34.0689 0x1018  agp440 - ok
12:05:34.0705 0x1018  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:05:34.0720 0x1018  ALG - ok
12:05:34.0720 0x1018  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:05:34.0752 0x1018  aliide - ok
12:05:34.0752 0x1018  [ B3B263B419FC9E7B1D41E61FDAE45BD9, AB4BA2472BB56B4BEB8B18D95B9F44BBF0B7FBF3C3914F5549CD24C5E4428664 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:05:34.0783 0x1018  AMD External Events Utility - ok
12:05:34.0783 0x1018  AMD FUEL Service - ok
12:05:34.0798 0x1018  [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193, E59E79AF44878AAC09DF5DE8CEDB9088800711553C7C7E358328274C116B46F9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
12:05:34.0814 0x1018  amdhub30 - ok
12:05:34.0830 0x1018  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:05:34.0845 0x1018  amdide - ok
12:05:34.0845 0x1018  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
12:05:34.0861 0x1018  amdiox64 - ok
12:05:34.0876 0x1018  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:05:34.0892 0x1018  AmdK8 - ok
12:05:35.0142 0x1018  [ 9A6E9363F7A5E5A06629D9DDC76EE6B5, F97553FF6D79CDA5A1B445E4A8F8799D9F5EE8BF31B11869DE0294C562845F7E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:35.0360 0x1018  amdkmdag - ok
12:05:35.0376 0x1018  [ 957A4C13E1981B1701E600EF1E823C68, F8760C09F09F347D607FBE8A4F67E8B35CB82B5168954B04E8EB10B73412A609 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:05:35.0407 0x1018  amdkmdap - ok
12:05:35.0422 0x1018  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:05:35.0438 0x1018  AmdPPM - ok
12:05:35.0438 0x1018  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:05:35.0469 0x1018  amdsata - ok
12:05:35.0469 0x1018  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:05:35.0500 0x1018  amdsbs - ok
12:05:35.0500 0x1018  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:05:35.0516 0x1018  amdxata - ok
12:05:35.0532 0x1018  [ 541A6C49C792ED71FB3EFF8C815CFE60, BC8D740C980CA60C06364CB75BDA323A1604C4CFAF753FD8C44D2FF312C6C7E1 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
12:05:35.0547 0x1018  amdxhc - ok
12:05:35.0563 0x1018  [ A7AD1BC31A94C00B5710B3F6F648611C, 321C9489BB53E7DB3D0044C627103F298A37A8BEADC9D3A73C9A679F889B9B30 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:05:35.0594 0x1018  Amsp - ok
12:05:35.0594 0x1018  [ 52F8C264D3BF90D2726FDE6642A381D4, 3780CCB0E4B89CAD818C887D65677EAB30F5ACC91FC1E6D0818F792A8D731137 ] AppID           C:\Windows\system32\drivers\appid.sys
12:05:35.0625 0x1018  AppID - ok
12:05:35.0625 0x1018  [ 2C49C5C911D1BE2A815BC183C0B2FED1, DDF299E05626E40417C135571F7ED78FB8BC4DD78907980316A6A277D0096074 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:05:35.0641 0x1018  AppIDSvc - ok
12:05:35.0656 0x1018  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
12:05:35.0672 0x1018  Appinfo - ok
12:05:35.0688 0x1018  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:05:35.0703 0x1018  AppMgmt - ok
12:05:35.0719 0x1018  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
12:05:35.0734 0x1018  APXACC - ok
12:05:35.0750 0x1018  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:05:35.0766 0x1018  arc - ok
12:05:35.0766 0x1018  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:05:35.0797 0x1018  arcsas - ok
12:05:35.0812 0x1018  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:05:35.0828 0x1018  aspnet_state - ok
12:05:35.0828 0x1018  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:35.0875 0x1018  AsyncMac - ok
12:05:35.0875 0x1018  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:05:35.0890 0x1018  atapi - ok
12:05:35.0906 0x1018  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:05:35.0922 0x1018  AtiHDAudioService - ok
12:05:35.0937 0x1018  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:05:35.0968 0x1018  AudioEndpointBuilder - ok
12:05:35.0984 0x1018  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:05:36.0015 0x1018  AudioSrv - ok
12:05:36.0031 0x1018  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:05:36.0062 0x1018  AxInstSV - ok
12:05:36.0062 0x1018  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:05:36.0093 0x1018  b06bdrv - ok
12:05:36.0109 0x1018  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:05:36.0140 0x1018  b57nd60a - ok
12:05:36.0140 0x1018  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:05:36.0171 0x1018  BDESVC - ok
12:05:36.0171 0x1018  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:05:36.0202 0x1018  Beep - ok
12:05:36.0218 0x1018  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:05:36.0265 0x1018  BFE - ok
12:05:36.0280 0x1018  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:05:36.0343 0x1018  BITS - ok
12:05:36.0343 0x1018  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:05:36.0374 0x1018  blbdrive - ok
12:05:36.0374 0x1018  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:05:36.0390 0x1018  bowser - ok
12:05:36.0405 0x1018  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:05:36.0421 0x1018  BrFiltLo - ok
12:05:36.0421 0x1018  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:05:36.0452 0x1018  BrFiltUp - ok
12:05:36.0452 0x1018  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:05:36.0483 0x1018  Browser - ok
12:05:36.0499 0x1018  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:05:36.0530 0x1018  Brserid - ok
12:05:36.0530 0x1018  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:05:36.0546 0x1018  BrSerWdm - ok
12:05:36.0561 0x1018  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:05:36.0577 0x1018  BrUsbMdm - ok
12:05:36.0577 0x1018  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:05:36.0608 0x1018  BrUsbSer - ok
12:05:36.0608 0x1018  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:05:36.0639 0x1018  BTHMODEM - ok
12:05:36.0639 0x1018  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:05:36.0686 0x1018  bthserv - ok
12:05:36.0686 0x1018  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:05:36.0733 0x1018  cdfs - ok
12:05:36.0733 0x1018  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:05:36.0764 0x1018  cdrom - ok
12:05:36.0764 0x1018  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:05:36.0795 0x1018  CertPropSvc - ok
12:05:36.0811 0x1018  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:05:36.0826 0x1018  circlass - ok
12:05:36.0842 0x1018  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
12:05:36.0858 0x1018  CLFS - ok
12:05:36.0873 0x1018  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:36.0889 0x1018  clr_optimization_v2.0.50727_32 - ok
12:05:36.0904 0x1018  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:05:36.0920 0x1018  clr_optimization_v2.0.50727_64 - ok
12:05:36.0936 0x1018  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:36.0951 0x1018  clr_optimization_v4.0.30319_32 - ok
12:05:36.0967 0x1018  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:05:36.0982 0x1018  clr_optimization_v4.0.30319_64 - ok
12:05:36.0982 0x1018  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:05:37.0014 0x1018  CmBatt - ok
12:05:37.0014 0x1018  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:05:37.0029 0x1018  cmdide - ok
12:05:37.0045 0x1018  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:05:37.0076 0x1018  CNG - ok
12:05:37.0076 0x1018  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:05:37.0107 0x1018  Compbatt - ok
12:05:37.0107 0x1018  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:05:37.0123 0x1018  CompositeBus - ok
12:05:37.0138 0x1018  COMSysApp - ok
12:05:37.0138 0x1018  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:05:37.0154 0x1018  crcdisk - ok
12:05:37.0170 0x1018  [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:05:37.0185 0x1018  CryptSvc - ok
12:05:37.0201 0x1018  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:05:37.0232 0x1018  CSC - ok
12:05:37.0248 0x1018  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:05:37.0294 0x1018  CscService - ok
12:05:37.0310 0x1018  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:05:37.0341 0x1018  DcomLaunch - ok
12:05:37.0341 0x1018  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:05:37.0388 0x1018  defragsvc - ok
12:05:37.0388 0x1018  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:05:37.0435 0x1018  DfsC - ok
12:05:37.0435 0x1018  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:05:37.0466 0x1018  Dhcp - ok
12:05:37.0497 0x1018  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:05:37.0544 0x1018  DiagTrack - ok
12:05:37.0560 0x1018  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:05:37.0591 0x1018  discache - ok
12:05:37.0591 0x1018  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
12:05:37.0622 0x1018  Disk - ok
12:05:37.0622 0x1018  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:05:37.0653 0x1018  dmvsc - ok
12:05:37.0653 0x1018  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:05:37.0684 0x1018  Dnscache - ok
12:05:37.0684 0x1018  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:05:37.0731 0x1018  dot3svc - ok
12:05:37.0731 0x1018  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:05:37.0778 0x1018  DPS - ok
12:05:37.0778 0x1018  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:05:37.0794 0x1018  drmkaud - ok
12:05:37.0825 0x1018  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:05:37.0856 0x1018  DXGKrnl - ok
12:05:37.0872 0x1018  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:05:37.0903 0x1018  EapHost - ok
12:05:37.0981 0x1018  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:05:38.0059 0x1018  ebdrv - ok
12:05:38.0074 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] EFS             C:\Windows\System32\lsass.exe
12:05:38.0090 0x1018  EFS - ok
12:05:38.0106 0x1018  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:05:38.0137 0x1018  ehRecvr - ok
12:05:38.0152 0x1018  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:05:38.0168 0x1018  ehSched - ok
12:05:38.0184 0x1018  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:05:38.0215 0x1018  elxstor - ok
12:05:38.0215 0x1018  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:05:38.0246 0x1018  ErrDev - ok
12:05:38.0262 0x1018  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:05:38.0308 0x1018  EventSystem - ok
12:05:38.0308 0x1018  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:05:38.0355 0x1018  exfat - ok
12:05:38.0355 0x1018  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:05:38.0402 0x1018  fastfat - ok
12:05:38.0418 0x1018  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:05:38.0449 0x1018  Fax - ok
12:05:38.0449 0x1018  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:05:38.0480 0x1018  fdc - ok
12:05:38.0480 0x1018  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:05:38.0527 0x1018  fdPHost - ok
12:05:38.0527 0x1018  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:05:38.0558 0x1018  FDResPub - ok
12:05:38.0558 0x1018  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:05:38.0589 0x1018  FileInfo - ok
12:05:38.0589 0x1018  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:05:38.0620 0x1018  Filetrace - ok
12:05:38.0636 0x1018  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:05:38.0652 0x1018  flpydisk - ok
12:05:38.0667 0x1018  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:05:38.0683 0x1018  FltMgr - ok
12:05:38.0714 0x1018  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
12:05:38.0761 0x1018  FontCache - ok
12:05:38.0761 0x1018  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:38.0776 0x1018  FontCache3.0.0.0 - ok
12:05:38.0792 0x1018  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:05:38.0808 0x1018  FsDepends - ok
12:05:38.0808 0x1018  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:05:38.0823 0x1018  Fs_Rec - ok
12:05:38.0839 0x1018  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:05:38.0870 0x1018  fvevol - ok
12:05:38.0870 0x1018  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:05:38.0886 0x1018  gagp30kx - ok
12:05:38.0901 0x1018  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
12:05:38.0948 0x1018  gpsvc - ok
12:05:38.0948 0x1018  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:38.0979 0x1018  gupdate - ok
12:05:38.0979 0x1018  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:38.0995 0x1018  gupdatem - ok
12:05:39.0026 0x1018  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:05:39.0042 0x1018  hcw85cir - ok
12:05:39.0057 0x1018  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:05:39.0088 0x1018  HdAudAddService - ok
12:05:39.0088 0x1018  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:05:39.0120 0x1018  HDAudBus - ok
12:05:39.0120 0x1018  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:05:39.0151 0x1018  HidBatt - ok
12:05:39.0151 0x1018  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:05:39.0182 0x1018  HidBth - ok
12:05:39.0182 0x1018  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:05:39.0213 0x1018  HidIr - ok
12:05:39.0213 0x1018  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:05:39.0244 0x1018  hidserv - ok
12:05:39.0244 0x1018  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:05:39.0276 0x1018  HidUsb - ok
12:05:39.0276 0x1018  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:05:39.0322 0x1018  hkmsvc - ok
12:05:39.0322 0x1018  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:05:39.0354 0x1018  HomeGroupListener - ok
12:05:39.0354 0x1018  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:05:39.0385 0x1018  HomeGroupProvider - ok
12:05:39.0385 0x1018  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:05:39.0416 0x1018  HpSAMD - ok
12:05:39.0432 0x1018  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:05:39.0463 0x1018  HTTP - ok
12:05:39.0463 0x1018  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:05:39.0494 0x1018  hwpolicy - ok
12:05:39.0494 0x1018  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:05:39.0525 0x1018  i8042prt - ok
12:05:39.0525 0x1018  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:05:39.0556 0x1018  iaStorV - ok
12:05:39.0556 0x1018  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:05:39.0588 0x1018  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:05:39.0712 0x1018  Detect skipped due to KSN trusted
12:05:39.0728 0x1018  IDriverT - ok
12:05:39.0759 0x1018  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:05:39.0790 0x1018  idsvc - ok
12:05:39.0806 0x1018  IEEtwCollectorService - ok
12:05:39.0806 0x1018  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:05:39.0822 0x1018  iirsp - ok
12:05:39.0853 0x1018  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:05:39.0884 0x1018  IKEEXT - ok
12:05:39.0978 0x1018  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:05:40.0056 0x1018  IntcAzAudAddService - ok
12:05:40.0071 0x1018  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:05:40.0087 0x1018  intelide - ok
12:05:40.0087 0x1018  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:05:40.0118 0x1018  intelppm - ok
12:05:40.0134 0x1018  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:05:40.0165 0x1018  IPBusEnum - ok
12:05:40.0180 0x1018  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:40.0212 0x1018  IpFilterDriver - ok
12:05:40.0227 0x1018  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:05:40.0258 0x1018  iphlpsvc - ok
12:05:40.0258 0x1018  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:05:40.0290 0x1018  IPMIDRV - ok
12:05:40.0290 0x1018  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:05:40.0336 0x1018  IPNAT - ok
12:05:40.0336 0x1018  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:05:40.0368 0x1018  IRENUM - ok
12:05:40.0368 0x1018  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:05:40.0383 0x1018  isapnp - ok
12:05:40.0399 0x1018  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:05:40.0414 0x1018  iScsiPrt - ok
12:05:40.0414 0x1018  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:40.0446 0x1018  kbdclass - ok
12:05:40.0446 0x1018  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:05:40.0461 0x1018  kbdhid - ok
12:05:40.0477 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] KeyIso          C:\Windows\system32\lsass.exe
12:05:40.0492 0x1018  KeyIso - ok
12:05:40.0492 0x1018  [ EB7BB4F58971F4FE099B3CE127346563, 6CE7BF43B5775ABF954508B4B02E441C169990FDFDF35FFE3137C85C1231695B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:05:40.0524 0x1018  KSecDD - ok
12:05:40.0524 0x1018  [ 6EBBA531A455E8F1092FD530A8682A97, 658F9ACADD422A2F1D48120FB4FCBB2E8F0CF245C07D439A2611878E82C61A01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:05:40.0555 0x1018  KSecPkg - ok
12:05:40.0555 0x1018  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:05:40.0586 0x1018  ksthunk - ok
12:05:40.0602 0x1018  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:05:40.0648 0x1018  KtmRm - ok
12:05:40.0648 0x1018  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:05:40.0695 0x1018  LanmanServer - ok
12:05:40.0695 0x1018  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:05:40.0742 0x1018  LanmanWorkstation - ok
12:05:40.0804 0x1018  [ 2D2DE301547146A79F6412075A66D731, 3F9F6F3D150C607DBDC16E6053E1DCF6D26E0141987DD6E4D826FA2A259113C2 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
12:05:40.0882 0x1018  LiveUpdateSvc - ok
12:05:40.0882 0x1018  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:05:40.0929 0x1018  lltdio - ok
12:05:40.0929 0x1018  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:05:40.0976 0x1018  lltdsvc - ok
12:05:40.0976 0x1018  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:05:41.0023 0x1018  lmhosts - ok
12:05:41.0023 0x1018  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:05:41.0054 0x1018  LSI_FC - ok
12:05:41.0054 0x1018  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:05:41.0070 0x1018  LSI_SAS - ok
12:05:41.0085 0x1018  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:05:41.0101 0x1018  LSI_SAS2 - ok
12:05:41.0101 0x1018  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:05:41.0132 0x1018  LSI_SCSI - ok
12:05:41.0132 0x1018  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:05:41.0163 0x1018  luafv - ok
12:05:41.0179 0x1018  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:05:41.0194 0x1018  Mcx2Svc - ok
12:05:41.0210 0x1018  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:05:41.0226 0x1018  megasas - ok
12:05:41.0226 0x1018  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:05:41.0257 0x1018  MegaSR - ok
12:05:41.0257 0x1018  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:05:41.0304 0x1018  MMCSS - ok
12:05:41.0304 0x1018  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:05:41.0335 0x1018  Modem - ok
12:05:41.0350 0x1018  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:05:41.0366 0x1018  monitor - ok
12:05:41.0366 0x1018  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:05:41.0397 0x1018  mouclass - ok
12:05:41.0397 0x1018  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:05:41.0413 0x1018  mouhid - ok
12:05:41.0428 0x1018  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:05:41.0444 0x1018  mountmgr - ok
12:05:41.0444 0x1018  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:05:41.0475 0x1018  MozillaMaintenance - ok
12:05:41.0475 0x1018  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:05:41.0506 0x1018  mpio - ok
12:05:41.0506 0x1018  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:05:41.0538 0x1018  mpsdrv - ok
12:05:41.0569 0x1018  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:05:41.0616 0x1018  MpsSvc - ok
12:05:41.0631 0x1018  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:05:41.0647 0x1018  MRxDAV - ok
12:05:41.0662 0x1018  [ 341C65D6D4E9AB705258AC83511F7ADD, EE3F0874DA79C95DE5E5CEC94B1545C049DE21D8F05F63184F9F5DE9553C96A0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:41.0678 0x1018  mrxsmb - ok
12:05:41.0694 0x1018  [ F93EDDF0B69760456C6E0D73405AC078, 9EE64BAA6449A053C152783AD102DE88C3DBC79F8BEF25E5914DC736D495E9F3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:41.0709 0x1018  mrxsmb10 - ok
12:05:41.0725 0x1018  [ A558D659B722FE5FB8C6E1BF288F7316, 3E57FF595E9EA9D53881955E7652793888A4E55743190D653A9239FF07653D7B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:41.0740 0x1018  mrxsmb20 - ok
12:05:41.0756 0x1018  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:05:41.0772 0x1018  msahci - ok
12:05:41.0772 0x1018  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:05:41.0803 0x1018  msdsm - ok
12:05:41.0803 0x1018  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:05:41.0834 0x1018  MSDTC - ok
12:05:41.0834 0x1018  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:05:41.0881 0x1018  Msfs - ok
12:05:41.0881 0x1018  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:05:41.0912 0x1018  mshidkmdf - ok
12:05:41.0912 0x1018  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:05:41.0943 0x1018  msisadrv - ok
12:05:41.0943 0x1018  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:05:41.0990 0x1018  MSiSCSI - ok
12:05:41.0990 0x1018  msiserver - ok
12:05:41.0990 0x1018  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:05:42.0021 0x1018  MSKSSRV - ok
12:05:42.0037 0x1018  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:42.0068 0x1018  MSPCLOCK - ok
12:05:42.0068 0x1018  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:05:42.0115 0x1018  MSPQM - ok
12:05:42.0115 0x1018  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:05:42.0146 0x1018  MsRPC - ok
12:05:42.0146 0x1018  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:05:42.0162 0x1018  mssmbios - ok
12:05:42.0177 0x1018  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:05:42.0208 0x1018  MSTEE - ok
12:05:42.0208 0x1018  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:05:42.0240 0x1018  MTConfig - ok
12:05:42.0240 0x1018  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:05:42.0255 0x1018  Mup - ok
12:05:42.0271 0x1018  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:05:42.0318 0x1018  napagent - ok
12:05:42.0333 0x1018  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:05:42.0364 0x1018  NativeWifiP - ok
12:05:42.0380 0x1018  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:05:42.0411 0x1018  NDIS - ok
12:05:42.0427 0x1018  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:05:42.0458 0x1018  NdisCap - ok
12:05:42.0458 0x1018  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:42.0505 0x1018  NdisTapi - ok
12:05:42.0505 0x1018  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:42.0552 0x1018  Ndisuio - ok
12:05:42.0552 0x1018  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:42.0583 0x1018  NdisWan - ok
12:05:42.0598 0x1018  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:05:42.0630 0x1018  NDProxy - ok
12:05:42.0630 0x1018  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:05:42.0676 0x1018  NetBIOS - ok
12:05:42.0676 0x1018  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:05:42.0708 0x1018  NetBT - ok
12:05:42.0708 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] Netlogon        C:\Windows\system32\lsass.exe
12:05:42.0739 0x1018  Netlogon - ok
12:05:42.0739 0x1018  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:05:42.0786 0x1018  Netman - ok
12:05:42.0801 0x1018  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:42.0817 0x1018  NetMsmqActivator - ok
12:05:42.0817 0x1018  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:42.0848 0x1018  NetPipeActivator - ok
12:05:42.0864 0x1018  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:05:42.0910 0x1018  netprofm - ok
12:05:42.0910 0x1018  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:42.0926 0x1018  NetTcpActivator - ok
12:05:42.0942 0x1018  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:42.0957 0x1018  NetTcpPortSharing - ok
12:05:42.0957 0x1018  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:05:42.0988 0x1018  nfrd960 - ok
12:05:42.0988 0x1018  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:05:43.0020 0x1018  NlaSvc - ok
12:05:43.0020 0x1018  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:05:43.0066 0x1018  Npfs - ok
12:05:43.0066 0x1018  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:05:43.0113 0x1018  nsi - ok
12:05:43.0113 0x1018  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:05:43.0144 0x1018  nsiproxy - ok
12:05:43.0191 0x1018  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:05:43.0238 0x1018  Ntfs - ok
12:05:43.0238 0x1018  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:05:43.0285 0x1018  Null - ok
12:05:43.0285 0x1018  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
12:05:43.0300 0x1018  nusb3hub - ok
12:05:43.0316 0x1018  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
12:05:43.0332 0x1018  nusb3xhc - ok
12:05:43.0347 0x1018  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:05:43.0363 0x1018  nvraid - ok
12:05:43.0378 0x1018  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:05:43.0394 0x1018  nvstor - ok
12:05:43.0410 0x1018  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:05:43.0425 0x1018  nv_agp - ok
12:05:43.0425 0x1018  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:05:43.0456 0x1018  ohci1394 - ok
12:05:43.0472 0x1018  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:05:43.0488 0x1018  p2pimsvc - ok
12:05:43.0503 0x1018  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:05:43.0534 0x1018  p2psvc - ok
12:05:43.0550 0x1018  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:05:43.0566 0x1018  Parport - ok
12:05:43.0566 0x1018  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:05:43.0597 0x1018  partmgr - ok
12:05:43.0597 0x1018  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:05:43.0628 0x1018  PcaSvc - ok
12:05:43.0628 0x1018  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:05:43.0659 0x1018  pci - ok
12:05:43.0659 0x1018  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:05:43.0675 0x1018  pciide - ok
12:05:43.0690 0x1018  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:05:43.0706 0x1018  pcmcia - ok
12:05:43.0706 0x1018  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:05:43.0737 0x1018  pcw - ok
12:05:43.0753 0x1018  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:05:43.0784 0x1018  PEAUTH - ok
12:05:43.0815 0x1018  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:05:43.0862 0x1018  PeerDistSvc - ok
12:05:43.0893 0x1018  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:05:43.0909 0x1018  PerfHost - ok
12:05:43.0940 0x1018  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:05:44.0002 0x1018  pla - ok
12:05:44.0034 0x1018  [ 36089BBA8C1B1C55E1540D6BEDD59745, A7043EAA0C3B0701FA7DF96A09B1AA3EC8B1FD836D30CA583A7BDCF67C002CAD ] Platinum Host Service C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
12:05:44.0080 0x1018  Platinum Host Service - ok
12:05:44.0096 0x1018  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:05:44.0127 0x1018  PlugPlay - ok
12:05:44.0127 0x1018  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:05:44.0158 0x1018  PNRPAutoReg - ok
12:05:44.0158 0x1018  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:05:44.0190 0x1018  PNRPsvc - ok
12:05:44.0205 0x1018  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:05:44.0236 0x1018  PolicyAgent - ok
12:05:44.0252 0x1018  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:05:44.0283 0x1018  Power - ok
12:05:44.0283 0x1018  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:05:44.0330 0x1018  PptpMiniport - ok
12:05:44.0330 0x1018  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:05:44.0361 0x1018  Processor - ok
12:05:44.0361 0x1018  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:05:44.0392 0x1018  ProfSvc - ok
12:05:44.0392 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:05:44.0424 0x1018  ProtectedStorage - ok
12:05:44.0424 0x1018  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:05:44.0470 0x1018  Psched - ok
12:05:44.0502 0x1018  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:05:44.0548 0x1018  ql2300 - ok
12:05:44.0548 0x1018  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:05:44.0580 0x1018  ql40xx - ok
12:05:44.0580 0x1018  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:05:44.0611 0x1018  QWAVE - ok
12:05:44.0611 0x1018  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:05:44.0642 0x1018  QWAVEdrv - ok
12:05:44.0642 0x1018  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:05:44.0689 0x1018  RasAcd - ok
12:05:44.0689 0x1018  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:05:44.0720 0x1018  RasAgileVpn - ok
12:05:44.0736 0x1018  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:05:44.0767 0x1018  RasAuto - ok
12:05:44.0782 0x1018  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:44.0814 0x1018  Rasl2tp - ok
12:05:44.0829 0x1018  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:05:44.0876 0x1018  RasMan - ok
12:05:44.0876 0x1018  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:44.0907 0x1018  RasPppoe - ok
12:05:44.0923 0x1018  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:05:44.0954 0x1018  RasSstp - ok
12:05:44.0970 0x1018  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:05:45.0001 0x1018  rdbss - ok
12:05:45.0016 0x1018  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:05:45.0032 0x1018  rdpbus - ok
12:05:45.0032 0x1018  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:45.0079 0x1018  RDPCDD - ok
12:05:45.0079 0x1018  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:05:45.0110 0x1018  RDPDR - ok
12:05:45.0110 0x1018  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:05:45.0157 0x1018  RDPENCDD - ok
12:05:45.0157 0x1018  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:05:45.0188 0x1018  RDPREFMP - ok
12:05:45.0204 0x1018  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:05:45.0235 0x1018  RDPWD - ok
12:05:45.0235 0x1018  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:05:45.0266 0x1018  rdyboost - ok
12:05:45.0297 0x1018  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:05:45.0375 0x1018  RemoteAccess - ok
12:05:45.0375 0x1018  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:05:45.0422 0x1018  RemoteRegistry - ok
12:05:45.0422 0x1018  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:05:45.0453 0x1018  RpcEptMapper - ok
12:05:45.0469 0x1018  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:05:45.0484 0x1018  RpcLocator - ok
12:05:45.0500 0x1018  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
12:05:45.0531 0x1018  RpcSs - ok
12:05:45.0531 0x1018  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:05:45.0578 0x1018  rspndr - ok
12:05:45.0594 0x1018  [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:05:45.0625 0x1018  RTL8167 - ok
12:05:45.0625 0x1018  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:05:45.0656 0x1018  s3cap - ok
12:05:45.0656 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] SamSs           C:\Windows\system32\lsass.exe
12:05:45.0672 0x1018  SamSs - ok
12:05:45.0687 0x1018  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:05:45.0703 0x1018  SASDIFSV - ok
12:05:45.0703 0x1018  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:05:45.0718 0x1018  SASKUTIL - ok
12:05:45.0734 0x1018  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:05:45.0750 0x1018  sbp2port - ok
12:05:45.0750 0x1018  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:05:45.0796 0x1018  SCardSvr - ok
12:05:45.0796 0x1018  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:05:45.0843 0x1018  scfilter - ok
12:05:45.0859 0x1018  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
12:05:45.0906 0x1018  Schedule - ok
12:05:45.0906 0x1018  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:05:45.0952 0x1018  SCPolicySvc - ok
12:05:45.0952 0x1018  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:05:45.0984 0x1018  SDRSVC - ok
12:05:45.0984 0x1018  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:05:46.0015 0x1018  secdrv - ok
12:05:46.0015 0x1018  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
12:05:46.0030 0x1018  seclogon - ok
12:05:46.0046 0x1018  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:05:46.0077 0x1018  SENS - ok
12:05:46.0077 0x1018  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:05:46.0108 0x1018  SensrSvc - ok
12:05:46.0108 0x1018  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:05:46.0140 0x1018  Serenum - ok
12:05:46.0140 0x1018  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:05:46.0171 0x1018  Serial - ok
12:05:46.0171 0x1018  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:05:46.0186 0x1018  sermouse - ok
12:05:46.0202 0x1018  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:05:46.0249 0x1018  SessionEnv - ok
12:05:46.0249 0x1018  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:05:46.0264 0x1018  sffdisk - ok
12:05:46.0264 0x1018  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:05:46.0296 0x1018  sffp_mmc - ok
12:05:46.0296 0x1018  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:05:46.0327 0x1018  sffp_sd - ok
12:05:46.0327 0x1018  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:05:46.0358 0x1018  sfloppy - ok
12:05:46.0358 0x1018  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:05:46.0405 0x1018  SharedAccess - ok
12:05:46.0420 0x1018  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:05:46.0452 0x1018  ShellHWDetection - ok
12:05:46.0467 0x1018  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:05:46.0483 0x1018  SiSRaid2 - ok
12:05:46.0483 0x1018  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:05:46.0514 0x1018  SiSRaid4 - ok
12:05:46.0514 0x1018  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:05:46.0561 0x1018  Smb - ok
12:05:46.0561 0x1018  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:05:46.0592 0x1018  SNMPTRAP - ok
12:05:46.0592 0x1018  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:05:46.0608 0x1018  spldr - ok
12:05:46.0623 0x1018  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:05:46.0654 0x1018  Spooler - ok
12:05:46.0748 0x1018  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:05:46.0842 0x1018  sppsvc - ok
12:05:46.0857 0x1018  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:05:46.0888 0x1018  sppuinotify - ok
12:05:46.0904 0x1018  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:05:46.0935 0x1018  srv - ok
12:05:46.0951 0x1018  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:05:46.0966 0x1018  srv2 - ok
12:05:46.0982 0x1018  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:05:46.0998 0x1018  srvnet - ok
12:05:47.0013 0x1018  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:05:47.0060 0x1018  SSDPSRV - ok
12:05:47.0060 0x1018  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:05:47.0091 0x1018  SstpSvc - ok
12:05:47.0107 0x1018  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:05:47.0122 0x1018  stexstor - ok
12:05:47.0138 0x1018  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:05:47.0169 0x1018  stisvc - ok
12:05:47.0185 0x1018  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:05:47.0200 0x1018  storflt - ok
12:05:47.0200 0x1018  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:05:47.0232 0x1018  StorSvc - ok
12:05:47.0232 0x1018  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:05:47.0247 0x1018  storvsc - ok
12:05:47.0247 0x1018  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:05:47.0278 0x1018  swenum - ok
12:05:47.0278 0x1018  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:05:47.0325 0x1018  swprv - ok
12:05:47.0372 0x1018  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
12:05:47.0419 0x1018  SysMain - ok
12:05:47.0434 0x1018  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:05:47.0466 0x1018  TabletInputService - ok
12:05:47.0466 0x1018  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:05:47.0512 0x1018  TapiSrv - ok
12:05:47.0559 0x1018  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:05:47.0606 0x1018  Tcpip - ok
12:05:47.0653 0x1018  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:05:47.0700 0x1018  TCPIP6 - ok
12:05:47.0715 0x1018  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:05:47.0731 0x1018  tcpipreg - ok
12:05:47.0746 0x1018  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:05:47.0762 0x1018  TDPIPE - ok
12:05:47.0762 0x1018  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:05:47.0793 0x1018  TDTCP - ok
12:05:47.0793 0x1018  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:05:47.0824 0x1018  tdx - ok
12:05:47.0824 0x1018  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:05:47.0840 0x1018  TermDD - ok
12:05:47.0871 0x1018  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:05:47.0902 0x1018  TermService - ok
12:05:47.0902 0x1018  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:05:47.0934 0x1018  Themes - ok
12:05:47.0934 0x1018  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:05:47.0980 0x1018  THREADORDER - ok
12:05:47.0980 0x1018  [ 59BC9AAB0E3225BA77F372F3E6DF45F9, D0CB5F2BCA11305B3EB0D73B373752FB6DD5285CDEDC9547D9870C8FE840F719 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
12:05:48.0012 0x1018  tmactmon - ok
12:05:48.0012 0x1018  [ D6B259B2DFE80BDF4D026063ACCD752C, EE3FF12943CED401E2B6DF9E66E8A0BE8E449FA9326CAB241F471B2D8FFEFDD7 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
12:05:48.0043 0x1018  tmcomm - ok
12:05:48.0058 0x1018  [ C445009328AD59F242B39A39780DC3E1, 8548A55B15562472374BDE78F5306AF0CA31FC5043E2D340D0DBDD2F43D1CEFA ] TMEBC           C:\Windows\system32\DRIVERS\TMEBC64.sys
12:05:48.0074 0x1018  TMEBC - ok
12:05:48.0074 0x1018  [ 766D95B1BE5A8F824D838E380FC67D86, 604EE46FA0C553800E79CF1B239377EC60BE521D0DF548EB3F9F66D8CB126E6D ] tmeevw          C:\Windows\system32\DRIVERS\tmeevw.sys
12:05:48.0105 0x1018  tmeevw - ok
12:05:48.0105 0x1018  [ 3373598C452068CCBC7A997CD1B77323, 11E80B166CE97FB25974341B94C49D9299CF91FBF3835785968B135F4F716BCC ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
12:05:48.0136 0x1018  tmevtmgr - ok
12:05:48.0152 0x1018  [ 5D177735BEA6969896D307F3DE849509, D0D51A7A2C40A909E618F453C5B79047883B9562710D4BA8343AE3A0D7955F3E ] tmnciesc        C:\Windows\system32\DRIVERS\tmnciesc.sys
12:05:48.0183 0x1018  tmnciesc - ok
12:05:48.0183 0x1018  [ ECD0144A1689E8D9D8FB47C880095E2C, CDB3DAD77BF0DE7315F82255BF885BC6E1869DE71AD573A6819F3769F02E6868 ] tmumh           C:\Windows\system32\DRIVERS\TMUMH.sys
12:05:48.0214 0x1018  tmumh - ok
12:05:48.0214 0x1018  [ D15B4F04BE326F5C979FF1B555E1C309, E5DE7391C1D40AB8CFE518FCED2BD359A06ACE8064959BC53964A41326D4BBD6 ] tmusa           C:\Windows\system32\DRIVERS\tmusa.sys
12:05:48.0246 0x1018  tmusa - ok
12:05:48.0246 0x1018  [ A4DDEE4BB810FBAC4798D1BF4FCCF2DD, 45F3EA7C50D183C8CA226D0E92CD48C34EC529894BB619DB9FE07E3C152E31A9 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:05:48.0261 0x1018  TomTomHOMEService - ok
12:05:48.0277 0x1018  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:05:48.0308 0x1018  TrkWks - ok
12:05:48.0324 0x1018  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:05:48.0370 0x1018  TrustedInstaller - ok
12:05:48.0386 0x1018  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:48.0402 0x1018  tssecsrv - ok
12:05:48.0417 0x1018  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:05:48.0433 0x1018  TsUsbFlt - ok
12:05:48.0433 0x1018  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:05:48.0464 0x1018  TsUsbGD - ok
12:05:48.0464 0x1018  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:05:48.0511 0x1018  tunnel - ok
12:05:48.0511 0x1018  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:05:48.0526 0x1018  uagp35 - ok
12:05:48.0542 0x1018  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:05:48.0589 0x1018  udfs - ok
12:05:48.0589 0x1018  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:05:48.0620 0x1018  UI0Detect - ok
12:05:48.0620 0x1018  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:05:48.0636 0x1018  uliagpkx - ok
12:05:48.0651 0x1018  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:05:48.0667 0x1018  umbus - ok
12:05:48.0667 0x1018  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:05:48.0698 0x1018  UmPass - ok
12:05:48.0698 0x1018  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:05:48.0729 0x1018  UmRdpService - ok
12:05:48.0745 0x1018  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:05:48.0792 0x1018  upnphost - ok
12:05:48.0792 0x1018  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:05:48.0823 0x1018  usbccgp - ok
12:05:48.0823 0x1018  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:05:48.0854 0x1018  usbcir - ok
12:05:48.0854 0x1018  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:05:48.0870 0x1018  usbehci - ok
12:05:48.0885 0x1018  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:05:48.0916 0x1018  usbhub - ok
12:05:48.0916 0x1018  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:05:48.0948 0x1018  usbohci - ok
12:05:48.0948 0x1018  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:05:48.0963 0x1018  usbprint - ok
12:05:48.0979 0x1018  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
12:05:48.0994 0x1018  usbscan - ok
12:05:49.0010 0x1018  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:05:49.0026 0x1018  USBSTOR - ok
12:05:49.0026 0x1018  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:05:49.0057 0x1018  usbuhci - ok
12:05:49.0057 0x1018  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:05:49.0104 0x1018  UxSms - ok
12:05:49.0104 0x1018  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] VaultSvc        C:\Windows\system32\lsass.exe
12:05:49.0119 0x1018  VaultSvc - ok
12:05:49.0119 0x1018  VBoxDRV - ok
12:05:49.0135 0x1018  VBoxUSBMon - ok
12:05:49.0135 0x1018  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:05:49.0150 0x1018  vdrvroot - ok
12:05:49.0166 0x1018  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:05:49.0213 0x1018  vds - ok
12:05:49.0213 0x1018  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:05:49.0244 0x1018  vga - ok
12:05:49.0244 0x1018  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:05:49.0291 0x1018  VgaSave - ok
12:05:49.0291 0x1018  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:05:49.0322 0x1018  vhdmp - ok
12:05:49.0322 0x1018  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:05:49.0338 0x1018  viaide - ok
12:05:49.0353 0x1018  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:05:49.0369 0x1018  vmbus - ok
12:05:49.0369 0x1018  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:05:49.0400 0x1018  VMBusHID - ok
12:05:49.0400 0x1018  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:05:49.0416 0x1018  volmgr - ok
12:05:49.0431 0x1018  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:05:49.0462 0x1018  volmgrx - ok
12:05:49.0462 0x1018  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:05:49.0494 0x1018  volsnap - ok
12:05:49.0494 0x1018  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:05:49.0525 0x1018  vsmraid - ok
12:05:49.0556 0x1018  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:05:49.0619 0x1018  VSS - ok
12:05:49.0634 0x1018  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:05:49.0650 0x1018  vwifibus - ok
12:05:49.0665 0x1018  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:05:49.0712 0x1018  W32Time - ok
12:05:49.0712 0x1018  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:05:49.0743 0x1018  WacomPen - ok
12:05:49.0743 0x1018  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:05:49.0775 0x1018  WANARP - ok
12:05:49.0790 0x1018  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:05:49.0821 0x1018  Wanarpv6 - ok
12:05:49.0853 0x1018  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:05:49.0899 0x1018  WatAdminSvc - ok
12:05:49.0931 0x1018  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:05:49.0977 0x1018  wbengine - ok
12:05:49.0993 0x1018  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:05:50.0024 0x1018  WbioSrvc - ok
12:05:50.0040 0x1018  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:05:50.0071 0x1018  wcncsvc - ok
12:05:50.0071 0x1018  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:05:50.0102 0x1018  WcsPlugInService - ok
12:05:50.0102 0x1018  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:05:50.0118 0x1018  Wd - ok
12:05:50.0118 0x1018  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
12:05:50.0149 0x1018  WDC_SAM - ok
12:05:50.0165 0x1018  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:05:50.0196 0x1018  Wdf01000 - ok
12:05:50.0211 0x1018  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:05:50.0227 0x1018  WdiServiceHost - ok
12:05:50.0243 0x1018  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:05:50.0258 0x1018  WdiSystemHost - ok
12:05:50.0274 0x1018  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
12:05:50.0305 0x1018  WebClient - ok
12:05:50.0352 0x1018  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:05:50.0414 0x1018  Wecsvc - ok
12:05:50.0414 0x1018  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:05:50.0461 0x1018  wercplsupport - ok
12:05:50.0461 0x1018  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:05:50.0508 0x1018  WerSvc - ok
12:05:50.0508 0x1018  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:05:50.0539 0x1018  WfpLwf - ok
12:05:50.0555 0x1018  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:05:50.0570 0x1018  WIMMount - ok
12:05:50.0570 0x1018  WinDefend - ok
12:05:50.0570 0x1018  WinHttpAutoProxySvc - ok
12:05:50.0586 0x1018  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:05:50.0633 0x1018  Winmgmt - ok
12:05:50.0679 0x1018  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
12:05:50.0726 0x1018  WinRM - ok
12:05:50.0742 0x1018  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:05:50.0773 0x1018  WinUsb - ok
12:05:50.0789 0x1018  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:05:50.0835 0x1018  Wlansvc - ok
12:05:50.0835 0x1018  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:05:50.0867 0x1018  WmiAcpi - ok
12:05:50.0867 0x1018  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:05:50.0898 0x1018  wmiApSrv - ok
12:05:50.0898 0x1018  WMPNetworkSvc - ok
12:05:50.0898 0x1018  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:05:50.0929 0x1018  WPCSvc - ok
12:05:50.0929 0x1018  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:05:50.0960 0x1018  WPDBusEnum - ok
12:05:50.0960 0x1018  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:05:51.0007 0x1018  ws2ifsl - ok
12:05:51.0007 0x1018  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:05:51.0038 0x1018  wscsvc - ok
12:05:51.0038 0x1018  WSearch - ok
12:05:51.0101 0x1018  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:05:51.0163 0x1018  wuauserv - ok
12:05:51.0179 0x1018  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:05:51.0194 0x1018  WudfPf - ok
12:05:51.0210 0x1018  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:05:51.0225 0x1018  WUDFRd - ok
12:05:51.0241 0x1018  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:05:51.0257 0x1018  wudfsvc - ok
12:05:51.0272 0x1018  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:05:51.0303 0x1018  WwanSvc - ok
12:05:51.0303 0x1018  ================ Scan global ===============================
12:05:51.0303 0x1018  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:05:51.0319 0x1018  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
12:05:51.0319 0x1018  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
12:05:51.0335 0x1018  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:05:51.0335 0x1018  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:05:51.0350 0x1018  [ Global ] - ok
12:05:51.0350 0x1018  ================ Scan MBR ==================================
12:05:51.0350 0x1018  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:05:51.0459 0x1018  \Device\Harddisk0\DR0 - ok
12:05:51.0459 0x1018  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:05:52.0068 0x1018  \Device\Harddisk2\DR2 - ok
12:05:52.0068 0x1018  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:05:52.0115 0x1018  \Device\Harddisk1\DR1 - ok
12:05:52.0115 0x1018  ================ Scan VBR ==================================
12:05:52.0115 0x1018  [ 2FED0A3A19E8879F19257F6A87B113E7 ] \Device\Harddisk0\DR0\Partition1
12:05:52.0130 0x1018  \Device\Harddisk0\DR0\Partition1 - ok
12:05:52.0130 0x1018  [ 3156F4C530F8996D4052505EDDCE9976 ] \Device\Harddisk0\DR0\Partition2
12:05:52.0130 0x1018  \Device\Harddisk0\DR0\Partition2 - ok
12:05:52.0130 0x1018  [ 94FFCDE64E872622C8D3A08F71739831 ] \Device\Harddisk2\DR2\Partition1
12:05:52.0130 0x1018  \Device\Harddisk2\DR2\Partition1 - ok
12:05:52.0146 0x1018  [ 372F3785502E208940D4876B9D02AD1D ] \Device\Harddisk1\DR1\Partition1
12:05:52.0146 0x1018  \Device\Harddisk1\DR1\Partition1 - ok
12:05:52.0146 0x1018  ================ Scan generic autorun ======================
12:05:52.0146 0x1018  [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
12:05:52.0177 0x1018  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
12:05:52.0333 0x1018  Detect skipped due to KSN trusted
12:05:52.0333 0x1018  NUSB3MON - ok
12:05:52.0505 0x1018  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:05:52.0629 0x1018  RTHDVCPL - ok
12:05:52.0645 0x1018  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:05:52.0676 0x1018  Logitech Download Assistant - ok
12:05:52.0676 0x1018  [ CDCE0317838846B36761BB6107F67C4F, 33781554EC68420DF5BCDA9A1DAB5E675F1473F5A3A2069ACD70EA5F943CB529 ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
12:05:52.0707 0x1018  Trend Micro Client Framework - ok
12:05:52.0723 0x1018  [ 5C9F3B7E4AA7DB085CFB94F26DCF0D08, 7D157D5690A3AFC78F8C3082F50428FD1BF4E1E6EE6E6E95B7E83C7D5217ADD9 ] C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
12:05:52.0770 0x1018  Platinum - ok
12:05:52.0770 0x1018  AMD AVT - ok
12:05:52.0785 0x1018  [ EBD7C2AF2FB517C6E4E7E8F8F547CDE9, 2A1DE5A8C45A2B3A9A14B385E67206D15789F33AB854A824DDF851DEE3C2AAA5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:05:52.0817 0x1018  StartCCC - ok
12:05:52.0848 0x1018  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:05:52.0895 0x1018  Sidebar - ok
12:05:52.0895 0x1018  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:05:52.0926 0x1018  mctadmin - ok
12:05:52.0957 0x1018  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:05:52.0988 0x1018  Sidebar - ok
12:05:53.0004 0x1018  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:05:53.0035 0x1018  mctadmin - ok
12:05:53.0051 0x1018  [ F4BBAAC708FA033EEA88BA070E43DF51, C0A99216B05790B83BBCF10732F5F8E907ABB732FA7F90C2F7B5E0AA2D8B7920 ] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
12:05:53.0082 0x1018  AppEx Accelerator UI - ok
12:05:53.0300 0x1018  [ 8AA4A3119B2DF4FFAAD39A98F4764E47, 412192A2261ED0BD82EE2418DF94A8B3BC41D2D40F5AB8DA0F99FB9F0525910E ] C:\Program Files\CCleaner\CCleaner64.exe
12:05:53.0472 0x1018  CCleaner Monitoring - ok
12:05:53.0487 0x1018  [ ABD18F12F8905B86856250C0ADFCCDD7, A670EF7CD8BB98A15F176CE98F28E8EC4AC8289F9F2230300F9AAA6CEBCB0628 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
12:05:53.0503 0x1018  TomTomHOME.exe - ok
12:05:53.0659 0x1018  [ ECF8562D921B5A9975ED82F514366875, 29EAF0E51D0F50C757BC07899DF457A2EB33E2F13E3E1C23261901129DA39B34 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:05:53.0815 0x1018  SUPERAntiSpyware - ok
12:05:54.0033 0x1018  [ 8AA4A3119B2DF4FFAAD39A98F4764E47, 412192A2261ED0BD82EE2418DF94A8B3BC41D2D40F5AB8DA0F99FB9F0525910E ] C:\Program Files\CCleaner\CCleaner64.exe
12:05:54.0205 0x1018  CCleaner Monitoring - ok
12:05:54.0221 0x1018  [ ABD18F12F8905B86856250C0ADFCCDD7, A670EF7CD8BB98A15F176CE98F28E8EC4AC8289F9F2230300F9AAA6CEBCB0628 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
12:05:54.0236 0x1018  TomTomHOME.exe - ok
12:05:54.0267 0x1018  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:05:54.0314 0x1018  Sidebar - ok
12:05:54.0330 0x1018  Waiting for KSN requests completion. In queue: 91
12:05:55.0375 0x1018  AV detected via SS2: Trend Micro Maximum Security, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 11.0.0.1158 ), 0x41000 ( enabled : updated )
12:05:55.0375 0x1018  Win FW state via NFP2: enabled ( trusted )
12:05:55.0469 0x1018  ============================================================
12:05:55.0469 0x1018  Scan finished
12:05:55.0469 0x1018  ============================================================
12:05:55.0484 0x05a4  Detected object count: 0
12:05:55.0484 0x05a4  Actual detected object count: 0
         


Alt 06.10.2016, 17:34   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Zitat:
Es begann damit, dass ich einen Virenscan mit der Desinfec´t-DVD machte, mit Avira, Eset und Kaspersky.
Warum? Das ist totaler Unsinn.

Für mich sehen die Logs sauber aus.
Und das Problem mit Trend Micro Maximum Security ist nicht meine Aufgabe. Wir entfernen aktive Malware und Adware und machen keinen Produktsupport.
Die haben einen eigenen Kundensupport...hoffentlich.
__________________
--> Probleme mit Windows 7 64 bit Professional PC

Alt 06.10.2016, 18:04   #7
lfcasrafcfcb
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Zitat:
Zitat von deeprybka Beitrag anzeigen
Warum? Das ist totaler Unsinn.

Für mich sehen die Logs sauber aus.
Und das Problem mit Trend Micro Maximum Security ist nicht meine Aufgabe. Wir entfernen aktive Malware und Adware und machen keinen Produktsupport.
Die haben einen eigenen Kundensupport...hoffentlich.

Danke erstmal für Deine Hilfe, Jürgen.

Könntest Du mir eventuell erläutern, warum der Virenscan mit Desinfect Unsinn ist?

Das mit Trendmicro habe ich deshalb erwähnt, weil ich als Laie gedacht habe, ein Virus oder eine sonstige Schadsoftware könnte die Ursache dafür sein. Ich weiß ja nicht, ob so etwas durch Schadsoftware verursacht werden kann, ebenso wie das mit der Nicht-Hochladbarkeit der erwähnten Datei auf virustotal.

Und noch etwas ist mir aufgefallen: wenn ich beim Booten DEL drücke und dann F8 um ins Bootmenü zu kommen, ist - ohne das ich dort irgendetwas gemacht hätte - die Bootreihenfolge verändert. Was könnte das verursacht haben?

MfG Hans

PS: soll ich das FRST und TDSS Killer wieder vom PC entfernen oder drauf lassen?

Geändert von lfcasrafcfcb (06.10.2016 um 18:17 Uhr)

Alt 06.10.2016, 18:33   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Probleme mit Windows 7 64 bit Professional PC - Standard

Probleme mit Windows 7 64 bit Professional PC



Zitat:
Zitat von lfcasrafcfcb Beitrag anzeigen
Könntest Du mir eventuell erläutern, warum der Virenscan mit Desinfect Unsinn ist?
Security Snapshots: Why I don't recommend Linux rescue CDs

Um nur ein Beispiel zu nennen: Es wird u.a. ClamAV verwendet. Schon mal nach der Häufigkeit seiner Falschmeldungen gesucht?

FRST und TDSS-Killer kannst Du entfernen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Probleme mit Windows 7 64 bit Professional PC
avira, check, dateien, eset, friert, hängt, infected, micro, nichts, ordner, probleme, problemlos, professional, scan, screenshot, security, trend, verdächtige, versuche, verändert, virenscan, virus, virustotal, windows, windows 7




Ähnliche Themen: Probleme mit Windows 7 64 bit Professional PC


  1. Windows 7 Professional gesperrt, 50€ Zahlungsanforderung
    Log-Analyse und Auswertung - 08.09.2016 (6)
  2. Windows 7 Professional startet nicht!
    Log-Analyse und Auswertung - 14.12.2014 (7)
  3. Befall von Malware (zym.tollbahsuburban.com) auf Windows 8 Professional PC
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (15)
  4. Windows 7 Professional Ordner plötzlich Schreibgeschützt
    Log-Analyse und Auswertung - 20.12.2013 (5)
  5. Windows XP Professional Neuinstallation Product Key Ungültig
    Log-Analyse und Auswertung - 30.06.2013 (7)
  6. GVU Trojaner Windows XP Professional
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (4)
  7. GVU/BKA Trojaner eingefangen auf Windows 7 64 Professional
    Log-Analyse und Auswertung - 25.02.2013 (1)
  8. SUISA Virus Windows XP Professional eingefahren
    Log-Analyse und Auswertung - 24.06.2012 (1)
  9. Windows-EasyTransfer ist nicht auf Windows 7 (Professional) vorhanden!
    Alles rund um Windows - 15.01.2012 (3)
  10. Windows 7 Professional Temporäres Profil
    Alles rund um Windows - 19.07.2011 (8)
  11. Windows XP Professional: Internet spinnt komplett
    Alles rund um Windows - 24.08.2010 (24)
  12. Problem bei Installation von Windows XP Professional
    Alles rund um Windows - 21.04.2010 (3)
  13. Fehler bei Neuinstallation von Windows XP Professional
    Alles rund um Windows - 02.04.2010 (4)
  14. Anleitung: Windows 7 Professional - Installation von Sprachpaketen
    Alles rund um Windows - 14.10.2009 (1)
  15. Windows Xp Professional 64 Bit En.
    Mülltonne - 09.01.2008 (0)
  16. AW: Windows XP Professional - Rießen Problem
    Mülltonne - 25.03.2007 (0)
  17. Windows XP Professional - Rießen Problem
    Alles rund um Windows - 12.03.2006 (5)

Zum Thema Probleme mit Windows 7 64 bit Professional PC - Hallo Board! Ich habe seit gestern massive Probleme mit meinem PC. Es begann damit, dass ich einen Virenscan mit der Desinfec´t-DVD machte, mit Avira, Eset und Kaspersky. Avira zeigte mit - Probleme mit Windows 7 64 bit Professional PC...
Archiv
Du betrachtest: Probleme mit Windows 7 64 bit Professional PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.