Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WIN 7: Zip Datei von online24 Pay AG geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.12.2016, 21:02   #1
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Hallo,
habe dummerweise die Zip-Datei einer phishing mail der online24 Pay AG geöffnet.
Die Viren/Malware Programme Anitvirus, Trojanhunter und Malwarebytes haben keine Schädlinge auf meinem Betriebssystem WIN 7 erkannt.
Könntet Ihr ein Blick auf die angehängten Log Files werfen, da ich mir nicht sicher bin ob sich ein Trojaner auf meinem Rechner eingenistet hat.

Besten Dank im voraus.
spuelmeister
Angehängte Dateien
Dateityp: txt Addition.txt (27,1 KB, 154x aufgerufen)
Dateityp: txt FRST.txt (63,4 KB, 82x aufgerufen)
Dateityp: txt anti-malware-logfile.txt (1,2 KB, 50x aufgerufen)

Alt 02.12.2016, 09:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.12.2016, 12:54   #3
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Logfiles Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von spülmeisterw (01-12-2016 19:18:32)
Gestartet von C:\Users\spülmeisterw\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-22 09:36:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3282142634-361615843-1521448422-500 - Administrator - Disabled)
Gast (S-1-5-21-3282142634-361615843-1521448422-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3282142634-361615843-1521448422-1002 - Limited - Enabled)
schwester_s (S-1-5-21-3282142634-361615843-1521448422-1003 - Limited - Enabled) => C:\Users\schwester_s
spülmeisterw (S-1-5-21-3282142634-361615843-1521448422-1000 - Administrator - Enabled) => C:\Users\spülmeisterw

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.5. - ORWO_Net)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{e7f56494-d786-472e-aba2-1b93089e06cd}) (Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.13 - CSR Plc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version:  - G DATA Software AG)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lernwerkstatt 9 (HKLM-x32\...\InstallShield_{4AA318E7-344F-4A0C-A63D-82A30B1A8F74}) (Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 9 (x32 Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Nero 2015 (HKLM-x32\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{57DE722C-BBE9-4BB8-AF66-1ED9A4BB2209}) (Version: 12.0.03100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero Prerequisite Installer 4.0 (HKLM-x32\...\{8441D319-8C7A-4398-B630-6BC3941A12C9}) (Version: 16.0.00600 - Nero AG)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}) (Version: 3.00.0006 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
OZ711 SCR Driver (x64) (HKLM-x32\...\InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}) (Version: 3.0.1.6D - O2Micro)
OZ711 SCR Driver (x64) (Version: 3.0.1.6D - O2Micro) Hidden
PDF to BMP JPG TIFF Converter 2.32 (HKLM-x32\...\PDF To BMP JPG TIFF Converter_is1) (Version: 2.32 - Blue Label Soft)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows-Treiberpaket - Google Corporation (androidusb) USB  (04/20/2015 1.0.0018.00000) (HKLM\...\5BAEDAE1FDD50B7653C3BF0764CF27189A23603B) (Version: 04/20/2015 1.0.0018.00000 - Google Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (11/28/2013 2.0.0018.00000) (HKLM\...\724A5661585DAD3C707B84BACF43F64B5E070CE5) (Version: 11/28/2013 2.0.0018.00000 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (WinUSB) AndroidUsbDeviceClass  (06/10/2014 2.11.10.0) (HKLM\...\19CBC797AE23190CD0F3C85E76495B645F0154C4) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.23 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {002E82D2-A8C8-4738-AB78-BCA603B55A3F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {00A64CE7-484D-4D56-B9EC-4CC44968AC3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {043FC396-42B0-463E-99A2-F88B2711EDF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {4894B77E-9A62-4D70-8DA8-37EE3C63865A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {51D7B727-4B84-496C-8414-75EE011A545E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {8667911B-9984-431A-8983-9E5F55F06E95} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D3717A0A-FAF1-44A0-8CB9-CBBAD5DBBED3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {ED0B5209-B636-4776-B5F1-FD3513B87D86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FF86116F-97D6-44A5-AFB1-3D8A4FE78DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00269824 _____ () C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
2015-03-22 14:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-22 14:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-22 14:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-22 14:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-22 14:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00398848 _____ () C:\Program Files (x86)\Syncios_01\DuiLib.dll
2015-12-25 20:20 - 2015-12-18 16:51 - 00073728 _____ () C:\Program Files (x86)\Syncios_01\generalFunc_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00176128 _____ () C:\Program Files (x86)\Syncios_01\driverMgr4Transfer_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00966144 _____ () C:\Program Files (x86)\Syncios_01\androidSyncCore_pdm.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3282142634-361615843-1521448422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\spülmeisterw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DC924973-1040-4AD9-85CA-2C39532FDE24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6785B36E-F829-413F-B721-BFD64F9800DC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{391B0ECC-CC46-44C9-95CE-74D6B3193CF8}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{145050AD-EF58-400D-95A0-14F95ADC6E28}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5282A05-1F8C-4042-B943-79925EF80511}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01859D47-7734-499D-8CE3-76F88F540719}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4E2640-9DA8-4216-AA96-D6FE14C27D31}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{992A8B55-E740-482A-A542-7CFF18064B81}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2072A6DE-F933-45F7-AA46-03C4A3335CA9}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7EAC02C4-C10F-4B3A-9A72-62584070D50B}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{335B119A-4ADE-40C8-9902-B664F930C5AB}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{8774F648-CF0A-4EBC-93C3-A9E9D226BE77}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{CDCA7323-C6E8-4F81-8F41-C0EF9431ED06}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7738B03B-7100-4068-9925-A3E93CCA9E97}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35C3F991-16DE-4477-A79E-E3026C5B114E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F6B2E0B9-AC5C-4F79-8D66-5CF0E8812053}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4113D355-2F77-4E61-803C-E7BCB4954C70}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E42778F-E203-4F61-BE67-D8EE289FA4FC}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{39C544D5-7637-4C23-B80B-A70DBB8C0722}] => C:\Program Files (x86)\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

01-12-2016 19:03:09 Prüfpunkt von HitmanPro
01-12-2016 19:03:32 Prüfpunkt von HitmanPro
01-12-2016 19:03:48 Prüfpunkt von HitmanPro

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2016 07:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/01/2016 07:07:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.4.40.94, Zeitstempel: 0x53ad3eee
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2f948
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x78
Startzeit der fehlerhaften Anwendung: 0x01d24bfdb73b6179
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: f585072c-b7f0-11e6-b3af-002326fc1638

Error: (12/01/2016 07:06:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = chip 1-click download service wurde entfernt.; Fehler = 0x80070005).

Error: (12/01/2016 07:06:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = chip 1-click download service wurde entfernt.; Fehler = 0x80070005).

Error: (12/01/2016 07:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.4.40.94, Zeitstempel: 0x53ad3eee
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2f948
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xb90
Startzeit der fehlerhaften Anwendung: 0x01d24bfd5ad5a052
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 99db52ba-b7f0-11e6-b3af-002326fc1638

Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000288,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000018FEAF0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.

Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000314,(null),0,REG_BINARY,000000000166E060.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {14153ffd-14e0-44ee-adaf-0c4b61a1d962}

Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009a8,(null),0,REG_BINARY,000000000742E360.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {e53773df-9c5e-473f-abb0-a442945dd2bc}

Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000008b4,(null),0,REG_BINARY,000000000710E210.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {252678c9-c583-482f-bc5b-33bfc92c1eec}

Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001c4,(null),0,REG_BINARY,0000000002A2EED0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Generatorname: COM+ REGDB Writer
   Generatorinstanz-ID: {fad7af87-7bce-4056-8dc8-59ee2fee0991}


Systemfehler:
=============
Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/01/2016 07:06:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/01/2016 04:33:08 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 7987.42 MB
Verfügbarer physikalischer RAM: 5044.03 MB
Summe virtueller Speicher: 15973.02 MB
Verfügbarer virtueller Speicher: 12911.95 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:119.61 GB) (Free:50.12 GB) NTFS
Drive d: () (Removable) (Total:1.84 GB) (Free:1.83 GB) FAT
Drive z: () (Fixed) (Total:342.37 GB) (Free:268.84 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EC431FA8)
Partition 1: (Active) - (Size=3.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=119.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Logfiles FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
durchgeführt von spülmeisterw (Administrator) auf SKLAVE15 (01-12-2016 19:17:24)
Gestartet von C:\Users\spülmeisterw\Downloads
Geladene Profile: spülmeisterw (Verfügbare Profile: spülmeisterw & schwester_s)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535392 2009-10-12] (CSR, plc)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431456 2009-10-12] (CSR, plc)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [916072 2016-10-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [367424 2016-05-11] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{3056EF62-96A2-4CD4-A930-916C257CD488}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C3A5A36B-F94D-44A3-9F9F-EED4D05401A8}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

FireFox:
========
FF DefaultProfile: k15ix6ww.default
FF ProfilePath: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default [2016-12-01]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\k15ix6ww.default -> AVG Secure Search
FF Homepage: Mozilla\Firefox\Profiles\k15ix6ww.default -> hxxps://www.google.de/?gws_rd=ssl
FF Extension: (Avira Browser Safety) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\abs@avira.com.xpi [2016-11-24]
FF Extension: (Firefox Hotfix) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Avira SafeSearch) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\safesearch@avira.com.xpi [2016-06-06]
FF Extension: (Adblock Plus) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\searchplugins\avira-safesearch.xml [2015-03-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3282142634-361615843-1521448422-1000: @protectdisc.com/NPMPDRM -> C:\Users\spülmeisterw\AppData\Local\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089088 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1488240 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349512 2016-11-15] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\smdadb.sys [39624 2015-04-24] (Google Inc)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 BthAvrcp; C:\Windows\system32\drivers\BthAvrcp.sys [34656 2009-10-12] (CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [59152 2016-05-11] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [151936 2009-10-26] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-11-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-01 19:17 - 2016-12-01 19:18 - 00012917 _____ C:\Users\spülmeisterw\Downloads\FRST.txt
2016-12-01 19:16 - 2016-12-01 19:17 - 00000000 ____D C:\FRST
2016-12-01 19:16 - 2016-12-01 19:16 - 02411520 _____ (Farbar) C:\Users\spülmeisterw\Downloads\FRST64.exe
2016-12-01 19:06 - 2016-12-01 19:06 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 19:04 - 2016-12-01 19:04 - 00000000 ____D C:\Users\spülmeisterw\Desktop\Trojan Hunter
2016-12-01 19:03 - 2016-12-01 19:03 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-12-01 18:58 - 2016-12-01 19:04 - 00000000 ____D C:\Users\spülmeisterw\Desktop\HitmanPro.EU Cleaner
2016-12-01 18:51 - 2016-12-01 18:55 - 00000000 ____D C:\Users\spülmeisterw\Desktop\Log file Malwarebytes
2016-11-30 23:55 - 2016-12-01 18:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-30 21:17 - 2016-11-30 21:17 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-11-30 21:17 - 2016-11-30 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-11-30 21:17 - 2016-11-30 21:17 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-11-30 21:17 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-30 21:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-30 21:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-30 21:16 - 2016-12-01 19:05 - 00000000 ____D C:\Program Files (x86)\TrojanHunter
2016-11-30 21:15 - 2016-11-30 21:15 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Downloaded Installations
2016-11-30 18:25 - 2016-11-30 18:25 - 00217527 _____ C:\Users\spülmeisterw\Desktop\Online24 PayAG.pdf
2016-11-30 18:23 - 2016-11-30 18:23 - 00001912 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-11-30 18:23 - 2016-11-30 18:23 - 00000000 ____D C:\Program Files\HitmanPro
2016-11-30 18:22 - 2016-12-01 19:03 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-30 18:22 - 2016-11-30 18:23 - 11581544 _____ (SurfRight B.V.) C:\Users\spülmeisterw\Downloads\hitmanpro_x64.exe
2016-11-29 21:50 - 2016-11-29 21:50 - 00000000 ____D C:\Users\schwester_s\Documents\Nero
2016-11-27 18:02 - 2016-11-27 18:02 - 00000856 _____ C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
2016-11-25 14:30 - 2016-11-25 14:30 - 309541681 _____ C:\Users\spülmeisterw\Downloads\Beginner - Advanced Chemistry [Ganzes Album].mp4
2016-11-24 06:43 - 2016-12-01 19:10 - 00000000 ____D C:\Users\spülmeisterw\AppData\LocalLow\Mozilla
2016-11-23 17:40 - 2016-11-23 17:40 - 00001143 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-11-20 10:41 - 2016-12-01 16:33 - 00000000 ____D C:\Users\schwester_s\AppData\LocalLow\Mozilla
2016-11-19 21:54 - 2016-12-01 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 17:37 - 2016-11-18 17:37 - 00002151 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-18 17:37 - 2016-11-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-14 16:32 - 2016-11-14 16:32 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(2).pdf
2016-11-14 16:29 - 2016-11-14 16:30 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(1).pdf
2016-11-13 16:20 - 2016-11-13 16:20 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF.pdf
2016-11-05 23:33 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-05 23:33 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-05 23:33 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-05 23:33 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-05 23:33 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-05 23:33 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-05 23:33 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-05 23:33 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-05 23:33 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-05 23:33 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-05 23:33 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-05 23:33 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-05 23:33 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-05 23:33 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-05 23:33 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-05 23:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-05 23:33 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-05 23:33 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-05 23:32 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-05 23:32 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-05 23:32 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-05 23:32 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-05 23:32 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-05 23:32 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-05 23:32 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-05 23:32 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-05 23:32 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-05 23:32 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-05 23:32 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-05 23:32 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-05 23:32 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-05 23:32 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-05 23:32 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-05 23:32 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-05 23:32 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-05 23:32 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-05 23:32 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-05 23:32 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-05 23:32 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-05 23:32 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-05 23:32 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-05 23:32 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-05 23:32 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-05 23:32 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-05 23:32 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-05 23:32 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-05 23:32 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-05 23:32 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-05 23:32 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-05 23:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-05 23:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-05 23:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-05 23:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-05 23:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-05 23:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-05 20:32 - 2016-11-05 20:32 - 00160804 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_Rechnung.pdf
2016-11-05 20:31 - 2016-11-05 20:31 - 00445036 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_RT.pdf
2016-11-05 20:30 - 2016-11-05 20:30 - 00445041 _____ C:\Users\spülmeisterw\Desktop\A8B0E514.pdf
2016-11-04 21:32 - 2016-11-04 21:58 - 00018453 _____ C:\Users\spülmeisterw\Desktop\Vadder.odt
2016-11-01 18:59 - 2016-11-01 19:06 - 00000000 ____D C:\Users\schwester_s\Desktop\Freispiel_01.11.2016

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-01 19:10 - 2015-12-25 20:21 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\SynciOS Data Transfer
2016-12-01 19:10 - 2015-04-03 20:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-01 19:09 - 2015-03-22 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-01 19:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-01 18:54 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-01 18:54 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-01 18:48 - 2015-03-22 11:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-01 18:36 - 2015-04-03 20:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-01 16:33 - 2016-03-04 09:55 - 00000000 ____D C:\Users\schwester_s\AppData\Roaming\SynciOS Data Transfer
2016-11-28 20:51 - 2015-03-24 23:44 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Nero
2016-11-28 19:12 - 2011-04-12 08:43 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-11-28 19:12 - 2011-04-12 08:43 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-11-28 19:12 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-28 19:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-27 18:02 - 2016-05-22 18:00 - 01292796 _____ C:\Users\spülmeisterw\Desktop\Jakobs Bagger.xcf
2016-11-27 18:02 - 2016-03-06 22:22 - 00000000 ____D C:\Users\spülmeisterw\.gimp-2.8
2016-11-23 17:40 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-23 17:40 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-11-18 17:37 - 2015-04-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-08 18:48 - 2015-03-22 11:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 18:48 - 2015-03-22 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 18:48 - 2015-03-22 11:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 18:48 - 2015-03-22 11:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 18:48 - 2015-03-22 10:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 16:00 - 2015-03-24 22:05 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 19:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-06 10:30 - 2009-07-14 05:45 - 00351328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-05 18:07 - 2015-03-22 12:31 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-11-05 07:55 - 2016-02-23 18:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 19:03 - 2016-08-29 21:36 - 00056128 _____ C:\Users\schwester_s\Desktop\fertige aufgaben 1-3.odt
2016-11-01 18:40 - 2016-10-30 08:40 - 00028570 _____ C:\Users\schwester_s\Desktop\Freispiel.odt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-18 06:03 - 2015-12-18 06:03 - 0124133 _____ () C:\Program Files (x86)\Acknowledgements.rtf
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018112 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022720 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0027840 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0026816 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0070848 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0023232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3370128 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_dsp.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2199696 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_manager.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0870544 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_musicid.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0325776 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_submit.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0569664 _____ (GEAR-Software) C:\Program Files (x86)\gwlangen.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 18175808 _____ (GEAR-Software) C:\Program Files (x86)\gwrks64.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3088696 _____ (Apple Inc.) C:\Program Files (x86)\iPodUpdaterExt.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2980152 _____ (Apple Inc.) C:\Program Files (x86)\iTunes.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0471864 _____ (Apple Inc.) C:\Program Files (x86)\iTunesAdmin.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 36243768 _____ (Apple Inc.) C:\Program Files (x86)\iTunesCore.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0212280 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0176440 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0162616 _____ (Apple Inc.) C:\Program Files (x86)\iTunesMiniPlayer.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0992960 _____ (Microsoft Corporation) C:\Program Files (x86)\ucrtbase.dll
2015-06-23 19:17 - 2016-01-31 16:59 - 0000040 _____ () C:\Users\spülmeisterw\AppData\Roaming\cdr.ini
2015-07-07 19:47 - 2015-08-13 21:03 - 0108299 _____ () C:\Users\spülmeisterw\AppData\Roaming\Zulu.dmp
2016-11-27 18:02 - 2016-11-27 18:02 - 0000856 _____ () C:\Users\spülmeisterw\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\schwester_s\AppData\Local\Temp\avgnt.exe
C:\Users\schwester_s\AppData\Local\Temp\kernel32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-06 13:52

==================== Ende von FRST.txt ============================
         
Logfiles anti-malware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.11.2016
Suchlaufzeit: 23:55
Protokolldatei: anti-malware-logfile.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.11.30.11
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: spülmeisterw

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 364066
Abgelaufene Zeit: 16 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
__________________

Alt 02.12.2016, 13:20   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Spybot deinstallieren, das Teil bringt nix.

Bitte auch Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.12.2016, 20:46   #5
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Abend,

habe spybot und Avira deinstalliert.
Warte auf neue Anweisungen.


Alt 02.12.2016, 22:03   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet





1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> WIN 7: Zip Datei von online24 Pay AG geöffnet

Alt 03.12.2016, 09:59   #7
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Morgen,

zuerst habe ich MBAR ausführen lassen und es wurde nichts gefunden.
Bei der darauffolgende Ausführung von TDSS-Killer wurde während des Scanvorgangs ein blue screen angezeigt und ich musste den Rechner neustarten.
Was soll ich nun tun?
Anbei der Logfile von MBAR sowie der "unfertige" Logfile von TDSS.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.12.03.04
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18499
spülmeisterw :: SKLAVE15 [administrator]

03.12.2016 08:41:04
mbar-log-2016-12-03 (08-41-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 363445
Time elapsed: 22 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
08:42:10.0024 0x0f58  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
08:42:13.0927 0x0f58  ============================================================
08:42:13.0927 0x0f58  Current date / time: 2016/12/03 08:42:13.0927
08:42:13.0927 0x0f58  SystemInfo:
08:42:13.0927 0x0f58  
08:42:13.0927 0x0f58  OS Version: 6.1.7601 ServicePack: 1.0
08:42:13.0927 0x0f58  Product type: Workstation
08:42:13.0927 0x0f58  ComputerName: SKLAVE15
08:42:13.0928 0x0f58  UserName: spülmeisterw
08:42:13.0928 0x0f58  Windows directory: C:\Windows
08:42:13.0928 0x0f58  System windows directory: C:\Windows
08:42:13.0928 0x0f58  Running under WOW64
08:42:13.0928 0x0f58  Processor architecture: Intel x64
08:42:13.0928 0x0f58  Number of processors: 4
08:42:13.0928 0x0f58  Page size: 0x1000
08:42:13.0928 0x0f58  Boot type: Normal boot
08:42:13.0928 0x0f58  CodeIntegrityOptions = 0x00000001
08:42:13.0928 0x0f58  ============================================================
08:42:18.0810 0x0f58  KLMD registered as C:\Windows\system32\drivers\08958103.sys
08:42:18.0810 0x0f58  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
08:42:18.0983 0x0f58  System UUID: {C29C9170-82EF-887C-2D72-9D562C3FF378}
08:42:19.0640 0x0f58  Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
08:42:19.0641 0x0f58  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:42:19.0745 0x0f58  Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:42:19.0747 0x0f58  ============================================================
08:42:19.0747 0x0f58  \Device\Harddisk1\DR1:
08:42:19.0748 0x0f58  MBR partitions:
08:42:19.0748 0x0f58  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
08:42:19.0748 0x0f58  \Device\Harddisk0\DR0:
08:42:19.0748 0x0f58  MBR partitions:
08:42:19.0748 0x0f58  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x790800, BlocksNum 0xEF36000
08:42:19.0748 0x0f58  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF6C7000, BlocksNum 0x2ACBE800
08:42:19.0748 0x0f58  \Device\Harddisk1\DR1:
08:42:19.0749 0x0f58  MBR partitions:
08:42:19.0749 0x0f58  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
08:42:19.0749 0x0f58  ============================================================
08:42:19.0763 0x0f58  C: <-> \Device\Harddisk0\DR0\Partition1
08:42:19.0765 0x0f58  Z: <-> \Device\Harddisk0\DR0\Partition2
08:42:19.0765 0x0f58  ============================================================
08:42:19.0765 0x0f58  Initialize success
08:42:19.0765 0x0f58  ============================================================
09:06:00.0202 0x0848  ============================================================
09:06:00.0202 0x0848  Scan started
09:06:00.0202 0x0848  Mode: Manual; 
09:06:00.0202 0x0848  ============================================================
09:06:00.0202 0x0848  KSN ping started
09:06:11.0431 0x0848  KSN ping finished: true
09:06:12.0941 0x0848  ================ Scan system memory ========================
09:06:12.0941 0x0848  System memory - ok
09:06:12.0941 0x0848  ================ Scan services =============================
09:06:13.0051 0x0848  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
09:06:13.0061 0x0848  1394ohci - ok
09:06:13.0201 0x0848  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:06:13.0211 0x0848  ACPI - ok
09:06:13.0221 0x0848  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:06:13.0221 0x0848  AcpiPmi - ok
09:06:13.0251 0x0848  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:06:13.0251 0x0848  AdobeARMservice - ok
09:06:13.0331 0x0848  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:06:13.0341 0x0848  AdobeFlashPlayerUpdateSvc - ok
09:06:13.0391 0x0848  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:06:13.0411 0x0848  adp94xx - ok
09:06:13.0431 0x0848  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:06:13.0441 0x0848  adpahci - ok
09:06:13.0451 0x0848  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:06:13.0461 0x0848  adpu320 - ok
09:06:13.0471 0x0848  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:06:13.0471 0x0848  AeLookupSvc - ok
09:06:13.0501 0x0848  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
09:06:13.0521 0x0848  AFD - ok
09:06:13.0571 0x0848  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
09:06:13.0611 0x0848  AgereSoftModem - ok
09:06:13.0621 0x0848  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:06:13.0621 0x0848  agp440 - ok
09:06:13.0621 0x0848  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:06:13.0621 0x0848  ALG - ok
09:06:13.0632 0x0848  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:06:13.0632 0x0848  aliide - ok
09:06:13.0632 0x0848  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:06:13.0632 0x0848  amdide - ok
09:06:13.0642 0x0848  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:06:13.0642 0x0848  AmdK8 - ok
09:06:13.0642 0x0848  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:06:13.0642 0x0848  AmdPPM - ok
09:06:13.0652 0x0848  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:06:13.0652 0x0848  amdsata - ok
09:06:13.0672 0x0848  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:06:13.0682 0x0848  amdsbs - ok
09:06:13.0682 0x0848  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:06:13.0682 0x0848  amdxata - ok
09:06:13.0702 0x0848  [ 7ECE1575A7258906C2DEF7E219002B50, D5E989138BE5F46130F9786D09DF874B34CA52FB5C8D2AF41175405DB28FE5E2 ] androidusb      C:\Windows\system32\Drivers\smdadb.sys
09:06:13.0702 0x0848  androidusb - ok
09:06:13.0702 0x0848  [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID           C:\Windows\system32\drivers\appid.sys
09:06:13.0702 0x0848  AppID - ok
09:06:13.0712 0x0848  [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:06:13.0712 0x0848  AppIDSvc - ok
09:06:13.0722 0x0848  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
09:06:13.0722 0x0848  Appinfo - ok
09:06:13.0742 0x0848  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:06:13.0742 0x0848  Apple Mobile Device Service - ok
09:06:13.0762 0x0848  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:06:13.0772 0x0848  AppMgmt - ok
09:06:13.0782 0x0848  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
09:06:13.0782 0x0848  arc - ok
09:06:13.0792 0x0848  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:06:13.0802 0x0848  arcsas - ok
09:06:13.0832 0x0848  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:06:13.0842 0x0848  aspnet_state - ok
09:06:13.0842 0x0848  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:06:13.0842 0x0848  AsyncMac - ok
09:06:13.0842 0x0848  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:06:13.0842 0x0848  atapi - ok
09:06:13.0922 0x0848  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
09:06:13.0992 0x0848  athr - ok
09:06:14.0022 0x0848  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:06:14.0042 0x0848  AudioEndpointBuilder - ok
09:06:14.0062 0x0848  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:06:14.0082 0x0848  AudioSrv - ok
09:06:14.0092 0x0848  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:06:14.0092 0x0848  AxInstSV - ok
09:06:14.0122 0x0848  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:06:14.0132 0x0848  b06bdrv - ok
09:06:14.0152 0x0848  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:06:14.0162 0x0848  b57nd60a - ok
09:06:14.0172 0x0848  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:06:14.0182 0x0848  BDESVC - ok
09:06:14.0182 0x0848  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:06:14.0182 0x0848  Beep - ok
09:06:14.0222 0x0848  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:06:14.0242 0x0848  BFE - ok
09:06:14.0272 0x0848  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:06:14.0332 0x0848  BITS - ok
09:06:14.0332 0x0848  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:06:14.0332 0x0848  blbdrive - ok
09:06:14.0362 0x0848  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:06:14.0372 0x0848  Bonjour Service - ok
09:06:14.0382 0x0848  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:06:14.0382 0x0848  bowser - ok
09:06:14.0382 0x0848  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:06:14.0392 0x0848  BrFiltLo - ok
09:06:14.0392 0x0848  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:06:14.0392 0x0848  BrFiltUp - ok
09:06:14.0402 0x0848  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:06:14.0412 0x0848  Browser - ok
09:06:14.0422 0x0848  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:06:14.0432 0x0848  Brserid - ok
09:06:14.0432 0x0848  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:06:14.0442 0x0848  BrSerWdm - ok
09:06:14.0442 0x0848  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:06:14.0442 0x0848  BrUsbMdm - ok
09:06:14.0442 0x0848  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:06:14.0442 0x0848  BrUsbSer - ok
09:06:14.0462 0x0848  [ 7649BE609E29B31188C3B04D2B95948F, 7377C3441B7EACE58C84ACFBC14AB77393544949045B8594B7813EDB6EA9C653 ] BthAvrcp        C:\Windows\system32\drivers\BthAvrcp.sys
09:06:14.0462 0x0848  BthAvrcp - ok
09:06:14.0472 0x0848  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:06:14.0472 0x0848  BTHMODEM - ok
09:06:14.0482 0x0848  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:06:14.0482 0x0848  bthserv - ok
09:06:14.0492 0x0848  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:06:14.0492 0x0848  cdfs - ok
09:06:14.0502 0x0848  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:06:14.0512 0x0848  cdrom - ok
09:06:14.0512 0x0848  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:06:14.0522 0x0848  CertPropSvc - ok
09:06:14.0532 0x0848  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:06:14.0532 0x0848  circlass - ok
09:06:14.0552 0x0848  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
09:06:14.0562 0x0848  CLFS - ok
09:06:14.0582 0x0848  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:06:14.0582 0x0848  clr_optimization_v2.0.50727_32 - ok
09:06:14.0592 0x0848  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:06:14.0592 0x0848  clr_optimization_v2.0.50727_64 - ok
09:06:14.0622 0x0848  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:06:14.0632 0x0848  clr_optimization_v4.0.30319_32 - ok
09:06:14.0632 0x0848  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:06:14.0642 0x0848  clr_optimization_v4.0.30319_64 - ok
09:06:14.0642 0x0848  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:06:14.0652 0x0848  CmBatt - ok
09:06:14.0652 0x0848  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:06:14.0652 0x0848  cmdide - ok
09:06:14.0672 0x0848  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:06:14.0682 0x0848  CNG - ok
09:06:14.0702 0x0848  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:06:14.0702 0x0848  Compbatt - ok
09:06:14.0702 0x0848  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:06:14.0702 0x0848  CompositeBus - ok
09:06:14.0712 0x0848  COMSysApp - ok
09:06:14.0712 0x0848  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:06:14.0712 0x0848  crcdisk - ok
09:06:14.0722 0x0848  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:06:14.0732 0x0848  CryptSvc - ok
09:06:14.0752 0x0848  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
09:06:14.0762 0x0848  CSC - ok
09:06:14.0802 0x0848  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
09:06:14.0842 0x0848  CscService - ok
09:06:14.0872 0x0848  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:06:14.0882 0x0848  DcomLaunch - ok
09:06:14.0912 0x0848  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:06:14.0922 0x0848  defragsvc - ok
09:06:14.0932 0x0848  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:06:14.0932 0x0848  DfsC - ok
09:06:14.0952 0x0848  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:06:14.0962 0x0848  dg_ssudbus - ok
09:06:14.0972 0x0848  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:06:14.0982 0x0848  Dhcp - ok
09:06:15.0062 0x0848  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:06:15.0122 0x0848  DiagTrack - ok
09:06:15.0132 0x0848  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:06:15.0132 0x0848  discache - ok
09:06:15.0152 0x0848  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
09:06:15.0152 0x0848  Disk - ok
09:06:15.0162 0x0848  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:06:15.0162 0x0848  dmvsc - ok
09:06:15.0172 0x0848  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:06:15.0172 0x0848  Dnscache - ok
09:06:15.0192 0x0848  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:06:15.0192 0x0848  dot3svc - ok
09:06:15.0212 0x0848  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:06:15.0222 0x0848  DPS - ok
09:06:15.0232 0x0848  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:06:15.0232 0x0848  drmkaud - ok
09:06:15.0272 0x0848  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:06:15.0312 0x0848  DXGKrnl - ok
09:06:15.0332 0x0848  [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
09:06:15.0342 0x0848  e1kexpress - ok
09:06:15.0352 0x0848  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:06:15.0352 0x0848  EapHost - ok
09:06:15.0472 0x0848  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:06:15.0592 0x0848  ebdrv - ok
09:06:15.0612 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS             C:\Windows\System32\lsass.exe
09:06:15.0612 0x0848  EFS - ok
09:06:15.0662 0x0848  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:06:15.0672 0x0848  ehRecvr - ok
09:06:15.0682 0x0848  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:06:15.0682 0x0848  ehSched - ok
09:06:15.0732 0x0848  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:06:15.0742 0x0848  elxstor - ok
09:06:15.0742 0x0848  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:06:15.0752 0x0848  ErrDev - ok
09:06:15.0762 0x0848  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:06:15.0782 0x0848  EventSystem - ok
09:06:15.0792 0x0848  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:06:15.0802 0x0848  exfat - ok
09:06:15.0812 0x0848  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:06:15.0812 0x0848  fastfat - ok
09:06:15.0852 0x0848  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:06:15.0862 0x0848  Fax - ok
09:06:15.0872 0x0848  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
09:06:15.0882 0x0848  fdc - ok
09:06:15.0882 0x0848  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:06:15.0882 0x0848  fdPHost - ok
09:06:15.0892 0x0848  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:06:15.0892 0x0848  FDResPub - ok
09:06:15.0892 0x0848  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:06:15.0902 0x0848  FileInfo - ok
09:06:15.0902 0x0848  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:06:15.0902 0x0848  Filetrace - ok
09:06:15.0912 0x0848  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:06:15.0912 0x0848  flpydisk - ok
09:06:15.0932 0x0848  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:06:15.0942 0x0848  FltMgr - ok
09:06:16.0002 0x0848  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
09:06:16.0032 0x0848  FontCache - ok
09:06:16.0072 0x0848  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:06:16.0072 0x0848  FontCache3.0.0.0 - ok
09:06:16.0072 0x0848  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:06:16.0072 0x0848  FsDepends - ok
09:06:16.0082 0x0848  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:06:16.0082 0x0848  Fs_Rec - ok
09:06:16.0112 0x0848  [ D104388C79C88E250027B3536A5CD2A9, F8511AEF1E994BD5E96A56F99F99FBE0801C92691E7FB23A2A7CF7E3A6BE32AB ] FUJ02B1         C:\Windows\system32\DRIVERS\FUJ02B1.sys
09:06:16.0112 0x0848  FUJ02B1 - ok
09:06:16.0112 0x0848  [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3         C:\Windows\system32\drivers\FUJ02E3.sys
09:06:16.0112 0x0848  FUJ02E3 - ok
09:06:16.0142 0x0848  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:06:16.0142 0x0848  fvevol - ok
09:06:16.0152 0x0848  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:06:16.0152 0x0848  gagp30kx - ok
09:06:16.0152 0x0848  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:06:16.0152 0x0848  GEARAspiWDM - ok
09:06:16.0182 0x0848  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
09:06:16.0222 0x0848  gpsvc - ok
09:06:16.0232 0x0848  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:06:16.0232 0x0848  gupdate - ok
09:06:16.0252 0x0848  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:06:16.0252 0x0848  gupdatem - ok
09:06:16.0262 0x0848  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:06:16.0262 0x0848  hcw85cir - ok
09:06:16.0282 0x0848  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:06:16.0292 0x0848  HdAudAddService - ok
09:06:16.0302 0x0848  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:06:16.0302 0x0848  HDAudBus - ok
09:06:16.0302 0x0848  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\drivers\HECIx64.sys
09:06:16.0312 0x0848  HECIx64 - ok
09:06:16.0312 0x0848  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:06:16.0312 0x0848  HidBatt - ok
09:06:16.0322 0x0848  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:06:16.0322 0x0848  HidBth - ok
09:06:16.0322 0x0848  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:06:16.0322 0x0848  HidIr - ok
09:06:16.0332 0x0848  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:06:16.0332 0x0848  hidserv - ok
09:06:16.0332 0x0848  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:06:16.0342 0x0848  HidUsb - ok
09:06:16.0342 0x0848  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:06:16.0342 0x0848  hkmsvc - ok
09:06:16.0362 0x0848  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:06:16.0362 0x0848  HomeGroupListener - ok
09:06:16.0372 0x0848  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:06:16.0382 0x0848  HomeGroupProvider - ok
09:06:16.0382 0x0848  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:06:16.0392 0x0848  HpSAMD - ok
09:06:16.0432 0x0848  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:06:16.0462 0x0848  HTTP - ok
09:06:16.0472 0x0848  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:06:16.0472 0x0848  hwpolicy - ok
09:06:16.0482 0x0848  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:06:16.0482 0x0848  i8042prt - ok
09:06:16.0502 0x0848  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:06:16.0512 0x0848  iaStorV - ok
09:06:16.0572 0x0848  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:06:16.0602 0x0848  idsvc - ok
09:06:16.0612 0x0848  IEEtwCollectorService - ok
09:06:17.0032 0x0848  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:06:17.0472 0x0848  igfx - ok
09:06:17.0492 0x0848  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:06:17.0492 0x0848  iirsp - ok
09:06:17.0552 0x0848  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:06:17.0572 0x0848  IKEEXT - ok
09:06:17.0592 0x0848  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
09:06:17.0592 0x0848  Impcd - ok
09:06:17.0682 0x0848  [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:06:17.0762 0x0848  IntcAzAudAddService - ok
09:06:17.0782 0x0848  [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:06:17.0792 0x0848  IntcDAud - ok
09:06:17.0792 0x0848  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:06:17.0802 0x0848  intelide - ok
09:06:17.0802 0x0848  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
09:06:17.0802 0x0848  intelppm - ok
09:06:17.0812 0x0848  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:06:17.0812 0x0848  IPBusEnum - ok
09:06:17.0822 0x0848  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:06:17.0822 0x0848  IpFilterDriver - ok
09:06:17.0852 0x0848  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:06:17.0872 0x0848  iphlpsvc - ok
09:06:17.0872 0x0848  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:06:17.0872 0x0848  IPMIDRV - ok
09:06:17.0882 0x0848  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:06:17.0882 0x0848  IPNAT - ok
09:06:17.0942 0x0848  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:06:17.0952 0x0848  iPod Service - ok
09:06:17.0972 0x0848  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:06:17.0972 0x0848  IRENUM - ok
09:06:17.0972 0x0848  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:06:17.0972 0x0848  isapnp - ok
09:06:18.0002 0x0848  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:06:18.0002 0x0848  iScsiPrt - ok
09:06:18.0012 0x0848  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:06:18.0012 0x0848  kbdclass - ok
09:06:18.0012 0x0848  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:06:18.0012 0x0848  kbdhid - ok
09:06:18.0022 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso          C:\Windows\system32\lsass.exe
09:06:18.0022 0x0848  KeyIso - ok
09:06:18.0022 0x0848  [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:06:18.0032 0x0848  KSecDD - ok
09:06:18.0032 0x0848  [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:06:18.0042 0x0848  KSecPkg - ok
09:06:18.0042 0x0848  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:06:18.0042 0x0848  ksthunk - ok
09:06:18.0062 0x0848  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:06:18.0072 0x0848  KtmRm - ok
09:06:18.0112 0x0848  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:06:18.0112 0x0848  LanmanServer - ok
09:06:18.0122 0x0848  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:06:18.0122 0x0848  LanmanWorkstation - ok
09:06:18.0132 0x0848  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:06:18.0132 0x0848  lltdio - ok
09:06:18.0152 0x0848  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:06:18.0162 0x0848  lltdsvc - ok
09:06:18.0182 0x0848  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:06:18.0182 0x0848  lmhosts - ok
09:06:18.0212 0x0848  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:06:18.0212 0x0848  LMS - ok
09:06:18.0232 0x0848  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:06:18.0232 0x0848  LSI_FC - ok
09:06:18.0242 0x0848  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:06:18.0242 0x0848  LSI_SAS - ok
09:06:18.0252 0x0848  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:06:18.0252 0x0848  LSI_SAS2 - ok
09:06:18.0262 0x0848  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:06:18.0262 0x0848  LSI_SCSI - ok
09:06:18.0272 0x0848  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:06:18.0272 0x0848  luafv - ok
09:06:18.0282 0x0848  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:06:18.0282 0x0848  Mcx2Svc - ok
09:06:18.0282 0x0848  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:06:18.0282 0x0848  megasas - ok
09:06:18.0302 0x0848  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:06:18.0312 0x0848  MegaSR - ok
09:06:18.0322 0x0848  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:06:18.0332 0x0848  MMCSS - ok
09:06:18.0332 0x0848  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:06:18.0332 0x0848  Modem - ok
09:06:18.0342 0x0848  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:06:18.0342 0x0848  monitor - ok
09:06:18.0342 0x0848  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:06:18.0342 0x0848  mouclass - ok
09:06:18.0352 0x0848  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
09:06:18.0352 0x0848  mouhid - ok
09:06:18.0362 0x0848  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:06:18.0362 0x0848  mountmgr - ok
09:06:18.0392 0x0848  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:06:18.0402 0x0848  MozillaMaintenance - ok
09:06:18.0412 0x0848  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:06:18.0412 0x0848  mpio - ok
09:06:18.0422 0x0848  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:06:18.0422 0x0848  mpsdrv - ok
09:06:18.0462 0x0848  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:06:18.0492 0x0848  MpsSvc - ok
09:06:18.0502 0x0848  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:06:18.0502 0x0848  MRxDAV - ok
09:06:18.0512 0x0848  [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:06:18.0512 0x0848  mrxsmb - ok
09:06:18.0532 0x0848  [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:06:18.0542 0x0848  mrxsmb10 - ok
09:06:18.0542 0x0848  [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:06:18.0552 0x0848  mrxsmb20 - ok
09:06:18.0552 0x0848  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:06:18.0552 0x0848  msahci - ok
09:06:18.0562 0x0848  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:06:18.0572 0x0848  msdsm - ok
09:06:18.0582 0x0848  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:06:18.0582 0x0848  MSDTC - ok
09:06:18.0582 0x0848  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:06:18.0592 0x0848  Msfs - ok
09:06:18.0602 0x0848  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:06:18.0602 0x0848  mshidkmdf - ok
09:06:18.0602 0x0848  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:06:18.0602 0x0848  msisadrv - ok
09:06:18.0612 0x0848  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:06:18.0622 0x0848  MSiSCSI - ok
09:06:18.0622 0x0848  msiserver - ok
09:06:18.0632 0x0848  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:06:18.0632 0x0848  MSKSSRV - ok
09:06:18.0642 0x0848  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:06:18.0642 0x0848  MSPCLOCK - ok
09:06:18.0642 0x0848  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:06:18.0642 0x0848  MSPQM - ok
09:06:18.0663 0x0848  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:06:18.0673 0x0848  MsRPC - ok
09:06:18.0683 0x0848  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:06:18.0683 0x0848  mssmbios - ok
09:06:18.0683 0x0848  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:06:18.0683 0x0848  MSTEE - ok
09:06:18.0683 0x0848  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:06:18.0683 0x0848  MTConfig - ok
09:06:18.0693 0x0848  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:06:18.0693 0x0848  Mup - ok
09:06:18.0713 0x0848  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:06:18.0733 0x0848  napagent - ok
09:06:18.0743 0x0848  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:06:18.0753 0x0848  NativeWifiP - ok
09:06:18.0803 0x0848  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
09:06:18.0823 0x0848  NAUpdate - ok
09:06:18.0863 0x0848  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:06:18.0883 0x0848  NDIS - ok
09:06:18.0893 0x0848  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:06:18.0893 0x0848  NdisCap - ok
09:06:18.0953 0x0848  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:06:18.0963 0x0848  NdisTapi - ok
09:06:18.0963 0x0848  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:06:18.0963 0x0848  Ndisuio - ok
09:06:18.0973 0x0848  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:06:18.0983 0x0848  NdisWan - ok
09:06:18.0983 0x0848  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:06:18.0983 0x0848  NDProxy - ok
09:06:19.0013 0x0848  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
09:06:19.0023 0x0848  Netaapl - ok
09:06:19.0023 0x0848  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:06:19.0023 0x0848  NetBIOS - ok
09:06:19.0053 0x0848  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:06:19.0063 0x0848  NetBT - ok
09:06:19.0063 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon        C:\Windows\system32\lsass.exe
09:06:19.0063 0x0848  Netlogon - ok
09:06:19.0083 0x0848  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:06:19.0093 0x0848  Netman - ok
09:06:19.0123 0x0848  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0123 0x0848  NetMsmqActivator - ok
09:06:19.0133 0x0848  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0133 0x0848  NetPipeActivator - ok
09:06:19.0163 0x0848  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:06:19.0173 0x0848  netprofm - ok
09:06:19.0183 0x0848  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0183 0x0848  NetTcpActivator - ok
09:06:19.0183 0x0848  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0193 0x0848  NetTcpPortSharing - ok
09:06:19.0193 0x0848  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:06:19.0193 0x0848  nfrd960 - ok
09:06:19.0213 0x0848  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:06:19.0223 0x0848  NlaSvc - ok
09:06:19.0223 0x0848  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:06:19.0223 0x0848  Npfs - ok
09:06:19.0233 0x0848  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:06:19.0233 0x0848  nsi - ok
09:06:19.0233 0x0848  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:06:19.0233 0x0848  nsiproxy - ok
09:06:19.0293 0x0848  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:06:19.0363 0x0848  Ntfs - ok
09:06:19.0373 0x0848  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:06:19.0373 0x0848  Null - ok
09:06:19.0383 0x0848  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:06:19.0383 0x0848  nvraid - ok
09:06:19.0393 0x0848  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:06:19.0393 0x0848  nvstor - ok
09:06:19.0403 0x0848  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:06:19.0403 0x0848  nv_agp - ok
09:06:19.0453 0x0848  [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2Flash         C:\Windows\SysWOW64\o2flash.exe
09:06:19.0463 0x0848  O2Flash - ok
09:06:19.0463 0x0848  [ AECFF27D5C70F295B09B85EFE3292ED1, 10EE366E4551EE0994B309AC30F5F619B6A4A0A9C8B55943D9FB5FA79A187568 ] O2MDRDR         C:\Windows\system32\DRIVERS\o2mdx64.sys
09:06:19.0463 0x0848  O2MDRDR - ok
09:06:19.0483 0x0848  [ 3B179A7EFF9EDCC045F5570510C812F6, A4E939E38C27BD4C54A62618688360C06F9E853C43EC5EC038686F5FA31DC9EC ] O2SCBUS         C:\Windows\system32\DRIVERS\ozscrx64.sys
09:06:19.0483 0x0848  O2SCBUS - ok
09:06:19.0483 0x0848  [ DF014C48015B637790BE3EDDD1384728, 3414A45709F33684945D61191E65163766A18B37CBC9D12CC56968A2A5F06467 ] O2SDRDR         C:\Windows\system32\DRIVERS\o2sdx64.sys
09:06:19.0493 0x0848  O2SDRDR - ok
09:06:19.0493 0x0848  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:06:19.0493 0x0848  ohci1394 - ok
09:06:19.0523 0x0848  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:06:19.0533 0x0848  p2pimsvc - ok
09:06:19.0553 0x0848  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:06:19.0563 0x0848  p2psvc - ok
09:06:19.0563 0x0848  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:06:19.0573 0x0848  Parport - ok
09:06:19.0573 0x0848  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:06:19.0583 0x0848  partmgr - ok
09:06:19.0593 0x0848  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:06:19.0593 0x0848  PcaSvc - ok
09:06:19.0603 0x0848  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:06:19.0613 0x0848  pci - ok
09:06:19.0613 0x0848  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:06:19.0613 0x0848  pciide - ok
09:06:19.0623 0x0848  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:06:19.0633 0x0848  pcmcia - ok
09:06:19.0633 0x0848  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:06:19.0643 0x0848  pcw - ok
09:06:19.0673 0x0848  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:06:19.0693 0x0848  PEAUTH - ok
09:06:19.0753 0x0848  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:06:19.0813 0x0848  PeerDistSvc - ok
09:06:19.0813 0x0848  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:06:19.0823 0x0848  PerfHost - ok
09:06:19.0873 0x0848  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:06:19.0953 0x0848  pla - ok
09:06:20.0043 0x0848  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:06:20.0083 0x0848  PlugPlay - ok
09:06:20.0083 0x0848  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:06:20.0083 0x0848  PNRPAutoReg - ok
09:06:20.0103 0x0848  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:06:20.0113 0x0848  PNRPsvc - ok
09:06:20.0153 0x0848  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:06:20.0183 0x0848  PolicyAgent - ok
09:06:20.0213 0x0848  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:06:20.0223 0x0848  Power - ok
09:06:20.0243 0x0848  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:06:20.0243 0x0848  PptpMiniport - ok
09:06:20.0253 0x0848  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
09:06:20.0253 0x0848  Processor - ok
09:06:20.0263 0x0848  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:06:20.0273 0x0848  ProfSvc - ok
09:06:20.0273 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:06:20.0283 0x0848  ProtectedStorage - ok
09:06:20.0283 0x0848  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:06:20.0293 0x0848  Psched - ok
09:06:20.0303 0x0848  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
09:06:20.0303 0x0848  pwdrvio - ok
09:06:20.0323 0x0848  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
09:06:20.0333 0x0848  pwdspio - ok
09:06:20.0393 0x0848  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:06:20.0443 0x0848  ql2300 - ok
09:06:20.0453 0x0848  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:06:20.0463 0x0848  ql40xx - ok
09:06:20.0473 0x0848  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:06:20.0483 0x0848  QWAVE - ok
09:06:20.0483 0x0848  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:06:20.0483 0x0848  QWAVEdrv - ok
09:06:20.0493 0x0848  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:06:20.0493 0x0848  RasAcd - ok
09:06:20.0493 0x0848  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:06:20.0493 0x0848  RasAgileVpn - ok
09:06:20.0503 0x0848  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:06:20.0503 0x0848  RasAuto - ok
09:06:20.0513 0x0848  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:06:20.0523 0x0848  Rasl2tp - ok
09:06:20.0533 0x0848  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:06:20.0543 0x0848  RasMan - ok
09:06:20.0553 0x0848  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:06:20.0553 0x0848  RasPppoe - ok
09:06:20.0563 0x0848  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:06:20.0573 0x0848  RasSstp - ok
09:06:20.0583 0x0848  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:06:20.0593 0x0848  rdbss - ok
09:06:20.0593 0x0848  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:06:20.0593 0x0848  rdpbus - ok
09:06:20.0603 0x0848  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:06:20.0603 0x0848  RDPCDD - ok
09:06:20.0613 0x0848  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:06:20.0613 0x0848  RDPDR - ok
09:06:20.0623 0x0848  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:06:20.0623 0x0848  RDPENCDD - ok
09:06:20.0633 0x0848  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:06:20.0633 0x0848  RDPREFMP - ok
09:06:20.0643 0x0848  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:06:20.0653 0x0848  RDPWD - ok
09:06:20.0663 0x0848  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:06:20.0663 0x0848  rdyboost - ok
09:06:20.0673 0x0848  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:06:20.0673 0x0848  RemoteAccess - ok
09:06:20.0683 0x0848  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:06:20.0693 0x0848  RemoteRegistry - ok
09:06:20.0703 0x0848  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:06:20.0703 0x0848  RpcEptMapper - ok
09:06:20.0703 0x0848  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:06:20.0703 0x0848  RpcLocator - ok
09:06:20.0733 0x0848  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:06:20.0743 0x0848  RpcSs - ok
09:06:20.0753 0x0848  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:06:20.0753 0x0848  rspndr - ok
09:06:20.0753 0x0848  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:06:20.0753 0x0848  s3cap - ok
09:06:20.0763 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs           C:\Windows\system32\lsass.exe
09:06:20.0763 0x0848  SamSs - ok
09:06:20.0763 0x0848  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:06:20.0773 0x0848  sbp2port - ok
09:06:20.0783 0x0848  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:06:20.0783 0x0848  SCardSvr - ok
09:06:20.0793 0x0848  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:06:20.0793 0x0848  scfilter - ok
09:06:20.0833 0x0848  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
09:06:20.0873 0x0848  Schedule - ok
09:06:20.0883 0x0848  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:06:20.0883 0x0848  SCPolicySvc - ok
09:06:20.0893 0x0848  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:06:20.0893 0x0848  sdbus - ok
09:06:20.0913 0x0848  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:06:20.0923 0x0848  SDRSVC - ok
09:06:20.0933 0x0848  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:06:20.0933 0x0848  secdrv - ok
09:06:20.0933 0x0848  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
09:06:20.0933 0x0848  seclogon - ok
09:06:20.0953 0x0848  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:06:20.0953 0x0848  SENS - ok
09:06:20.0963 0x0848  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:06:20.0963 0x0848  SensrSvc - ok
09:06:20.0963 0x0848  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:06:20.0963 0x0848  Serenum - ok
09:06:20.0973 0x0848  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
09:06:20.0973 0x0848  Serial - ok
09:06:20.0973 0x0848  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:06:20.0973 0x0848  sermouse - ok
09:06:20.0983 0x0848  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:06:20.0993 0x0848  SessionEnv - ok
09:06:20.0993 0x0848  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:06:20.0993 0x0848  sffdisk - ok
09:06:21.0003 0x0848  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:06:21.0003 0x0848  sffp_mmc - ok
09:06:21.0013 0x0848  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:06:21.0013 0x0848  sffp_sd - ok
09:06:21.0013 0x0848  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:06:21.0013 0x0848  sfloppy - ok
09:06:21.0043 0x0848  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:06:21.0053 0x0848  SharedAccess - ok
09:06:21.0083 0x0848  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:06:21.0093 0x0848  ShellHWDetection - ok
09:06:21.0103 0x0848  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:06:21.0103 0x0848  SiSRaid2 - ok
09:06:21.0103 0x0848  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:06:21.0113 0x0848  SiSRaid4 - ok
09:06:21.0113 0x0848  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:06:21.0113 0x0848  Smb - ok
09:06:21.0123 0x0848  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:06:21.0123 0x0848  SNMPTRAP - ok
09:06:21.0123 0x0848  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:06:21.0133 0x0848  spldr - ok
09:06:21.0153 0x0848  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:06:21.0173 0x0848  Spooler - ok
09:06:21.0313 0x0848  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:06:21.0443 0x0848  sppsvc - ok
09:06:21.0453 0x0848  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:06:21.0463 0x0848  sppuinotify - ok
09:06:21.0489 0x0848  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:06:21.0507 0x0848  srv - ok
09:06:21.0529 0x0848  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:06:21.0542 0x0848  srv2 - ok
09:06:21.0553 0x0848  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:06:21.0559 0x0848  srvnet - ok
09:06:21.0572 0x0848  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:06:21.0581 0x0848  SSDPSRV - ok
09:06:21.0595 0x0848  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:06:21.0600 0x0848  SstpSvc - ok
09:06:21.0612 0x0848  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:06:21.0619 0x0848  ssudmdm - ok
09:06:21.0638 0x0848  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:06:21.0640 0x0848  stexstor - ok
09:06:21.0679 0x0848  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:06:21.0702 0x0848  stisvc - ok
09:06:21.0731 0x0848  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:06:21.0733 0x0848  storflt - ok
09:06:21.0740 0x0848  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
09:06:21.0743 0x0848  StorSvc - ok
09:06:21.0749 0x0848  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:06:21.0751 0x0848  storvsc - ok
09:06:21.0755 0x0848  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:06:21.0756 0x0848  swenum - ok
09:06:21.0782 0x0848  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:06:21.0802 0x0848  swprv - ok
09:06:21.0884 0x0848  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
09:06:21.0945 0x0848  SysMain - ok
09:06:21.0957 0x0848  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:06:21.0963 0x0848  TabletInputService - ok
09:06:22.0038 0x0848  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:06:22.0094 0x0848  TapiSrv - ok
09:06:22.0101 0x0848  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:06:22.0106 0x0848  TBS - ok
09:06:22.0234 0x0848  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:06:22.0329 0x0848  Tcpip - ok
09:06:22.0407 0x0848  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:06:22.0465 0x0848  TCPIP6 - ok
09:06:22.0477 0x0848  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:06:22.0479 0x0848  tcpipreg - ok
09:06:22.0537 0x0848  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:06:22.0538 0x0848  TDPIPE - ok
09:06:22.0543 0x0848  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:06:22.0545 0x0848  TDTCP - ok
09:06:22.0555 0x0848  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:06:22.0559 0x0848  tdx - ok
09:06:22.0567 0x0848  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:06:22.0570 0x0848  TermDD - ok
09:06:22.0621 0x0848  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:06:22.0646 0x0848  TermService - ok
09:06:22.0653 0x0848  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:06:22.0658 0x0848  Themes - ok
09:06:22.0673 0x0848  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:06:22.0677 0x0848  THREADORDER - ok
09:06:22.0684 0x0848  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:06:22.0688 0x0848  TPM - ok
09:06:22.0724 0x0848  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:06:22.0730 0x0848  TrkWks - ok
09:06:22.0746 0x0848  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:06:22.0751 0x0848  TrustedInstaller - ok
09:06:22.0768 0x0848  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:06:22.0770 0x0848  tssecsrv - ok
09:06:22.0776 0x0848  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:06:22.0779 0x0848  TsUsbFlt - ok
09:06:22.0784 0x0848  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:06:22.0786 0x0848  TsUsbGD - ok
09:06:22.0796 0x0848  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:06:22.0801 0x0848  tunnel - ok
09:06:22.0807 0x0848  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:06:22.0809 0x0848  uagp35 - ok
09:06:22.0835 0x0848  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:06:22.0848 0x0848  udfs - ok
09:06:22.0858 0x0848  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:06:22.0862 0x0848  UI0Detect - ok
09:06:22.0870 0x0848  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:06:22.0873 0x0848  uliagpkx - ok
09:06:22.0880 0x0848  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:06:22.0882 0x0848  umbus - ok
09:06:22.0885 0x0848  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:06:22.0886 0x0848  UmPass - ok
09:06:22.0896 0x0848  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:06:22.0903 0x0848  UmRdpService - ok
09:06:23.0034 0x0848  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:06:23.0116 0x0848  UNS - ok
09:06:23.0144 0x0848  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:06:23.0158 0x0848  upnphost - ok
09:06:23.0167 0x0848  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:06:23.0170 0x0848  USBAAPL64 - ok
09:06:23.0180 0x0848  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:06:23.0184 0x0848  usbccgp - ok
09:06:23.0194 0x0848  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:06:23.0199 0x0848  usbcir - ok
09:06:23.0205 0x0848  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:06:23.0208 0x0848  usbehci - ok
09:06:23.0231 0x0848  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:06:23.0246 0x0848  usbhub - ok
09:06:23.0252 0x0848  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:06:23.0253 0x0848  usbohci - ok
09:06:23.0257 0x0848  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:06:23.0259 0x0848  usbprint - ok
09:06:23.0273 0x0848  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:06:23.0276 0x0848  USBSTOR - ok
09:06:23.0280 0x0848  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:06:23.0282 0x0848  usbuhci - ok
09:06:23.0286 0x0848  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:06:23.0289 0x0848  UxSms - ok
09:06:23.0293 0x0848  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc        C:\Windows\system32\lsass.exe
09:06:23.0295 0x0848  VaultSvc - ok
09:06:23.0300 0x0848  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:06:23.0302 0x0848  vdrvroot - ok
09:06:23.0333 0x0848  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:06:23.0367 0x0848  vds - ok
09:06:23.0382 0x0848  [ 85256DA6FDBD6B16C526C858F2DA8BF0, A275B61917EAE7C5410078EFDC31371DBAED8EC11F3C7BD18568FEE9A78E2F77 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
09:06:23.0386 0x0848  VFPRadioSupportService - ok
09:06:23.0390 0x0848  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:06:23.0391 0x0848  vga - ok
09:06:23.0396 0x0848  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:06:23.0397 0x0848  VgaSave - ok
09:06:23.0410 0x0848  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:06:23.0418 0x0848  vhdmp - ok
09:06:23.0422 0x0848  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:06:23.0424 0x0848  viaide - ok
09:06:23.0435 0x0848  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:06:23.0441 0x0848  vmbus - ok
09:06:23.0446 0x0848  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:06:23.0447 0x0848  VMBusHID - ok
09:06:23.0454 0x0848  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:06:23.0457 0x0848  volmgr - ok
09:06:23.0478 0x0848  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:06:23.0490 0x0848  volmgrx - ok
09:06:23.0510 0x0848  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:06:23.0520 0x0848  volsnap - ok
09:06:23.0531 0x0848  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:06:23.0537 0x0848  vsmraid - ok
09:06:23.0615 0x0848  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:06:23.0722 0x0848  VSS - ok
09:06:23.0730 0x0848  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:06:23.0731 0x0848  vwifibus - ok
09:06:23.0766 0x0848  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:06:23.0768 0x0848  vwififlt - ok
09:06:23.0783 0x0848  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:06:23.0784 0x0848  vwifimp - ok
09:06:23.0811 0x0848  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:06:23.0825 0x0848  W32Time - ok
09:06:23.0830 0x0848  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:06:23.0831 0x0848  WacomPen - ok
09:06:23.0838 0x0848  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:06:23.0841 0x0848  WANARP - ok
09:06:23.0845 0x0848  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:06:23.0848 0x0848  Wanarpv6 - ok
09:06:23.0923 0x0848  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:06:23.0987 0x0848  wbengine - ok
09:06:24.0053 0x0848  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:06:24.0060 0x0848  WbioSrvc - ok
09:06:24.0085 0x0848  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:06:24.0119 0x0848  wcncsvc - ok
09:06:24.0124 0x0848  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:06:24.0128 0x0848  WcsPlugInService - ok
09:06:24.0133 0x0848  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:06:24.0135 0x0848  Wd - ok
09:06:24.0175 0x0848  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:06:24.0209 0x0848  Wdf01000 - ok
09:06:24.0217 0x0848  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:06:24.0221 0x0848  WdiServiceHost - ok
09:06:24.0228 0x0848  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:06:24.0232 0x0848  WdiSystemHost - ok
09:06:24.0257 0x0848  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
09:06:24.0265 0x0848  WebClient - ok
09:06:24.0290 0x0848  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:06:24.0301 0x0848  Wecsvc - ok
09:06:24.0308 0x0848  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:06:24.0314 0x0848  wercplsupport - ok
09:06:24.0321 0x0848  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:06:24.0327 0x0848  WerSvc - ok
09:06:24.0331 0x0848  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:06:24.0332 0x0848  WfpLwf - ok
09:06:24.0336 0x0848  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:06:24.0338 0x0848  WIMMount - ok
09:06:24.0341 0x0848  WinDefend - ok
09:06:24.0345 0x0848  WinHttpAutoProxySvc - ok
09:06:24.0366 0x0848  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:06:24.0376 0x0848  Winmgmt - ok
09:06:24.0451 0x0848  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:06:24.0557 0x0848  WinRM - ok
09:06:24.0591 0x0848  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:06:24.0594 0x0848  WinUsb - ok
09:06:24.0639 0x0848  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:06:24.0690 0x0848  Wlansvc - ok
09:06:24.0700 0x0848  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:06:24.0701 0x0848  WmiAcpi - ok
09:06:24.0716 0x0848  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:06:24.0724 0x0848  wmiApSrv - ok
09:06:24.0733 0x0848  WMPNetworkSvc - ok
09:06:24.0737 0x0848  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:06:24.0740 0x0848  WPCSvc - ok
09:06:24.0749 0x0848  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:06:24.0755 0x0848  WPDBusEnum - ok
09:06:24.0760 0x0848  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:06:24.0761 0x0848  ws2ifsl - ok
09:06:24.0770 0x0848  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:06:24.0775 0x0848  wscsvc - ok
09:06:24.0777 0x0848  WSearch - ok
09:06:24.0879 0x0848  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:06:24.0996 0x0848  wuauserv - ok
09:06:25.0005 0x0848  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:06:25.0008 0x0848  WudfPf - ok
09:06:25.0030 0x0848  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:06:25.0052 0x0848  WUDFRd - ok
09:06:25.0072 0x0848  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:06:25.0091 0x0848  wudfsvc - ok
09:06:25.0117 0x0848  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:06:25.0127 0x0848  WwanSvc - ok
09:06:25.0142 0x0848  ================ Scan global ===============================
09:06:25.0146 0x0848  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:06:25.0158 0x0848  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
09:06:25.0171 0x0848  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
09:06:25.0180 0x0848  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:06:25.0196 0x0848  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:06:25.0208 0x0848  [ Global ] - ok
09:06:25.0209 0x0848  ================ Scan MBR ==================================
         

Alt 03.12.2016, 17:53   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Zitat:
09:06:00.0202 0x0848 Scan started
09:06:00.0202 0x0848 Mode: Manual;
Anleitung bitte richtig lesen; der tdsskiller war falsch eingestellt und das Log sieht zudem auch unvollständig aus
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.12.2016, 20:27   #9
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Sorry,
anbei der Logfile von TDSS richtig eingestellt:

Code:
ATTFilter
20:24:04.0582 0x0300  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
20:24:08.0202 0x0300  ============================================================
20:24:08.0202 0x0300  Current date / time: 2016/12/03 20:24:08.0202
20:24:08.0202 0x0300  SystemInfo:
20:24:08.0202 0x0300  
20:24:08.0202 0x0300  OS Version: 6.1.7601 ServicePack: 1.0
20:24:08.0202 0x0300  Product type: Workstation
20:24:08.0202 0x0300  ComputerName: SKLAVE15
20:24:08.0202 0x0300  UserName: spülmeisterw
20:24:08.0202 0x0300  Windows directory: C:\Windows
20:24:08.0202 0x0300  System windows directory: C:\Windows
20:24:08.0202 0x0300  Running under WOW64
20:24:08.0202 0x0300  Processor architecture: Intel x64
20:24:08.0202 0x0300  Number of processors: 4
20:24:08.0202 0x0300  Page size: 0x1000
20:24:08.0202 0x0300  Boot type: Normal boot
20:24:08.0202 0x0300  CodeIntegrityOptions = 0x00000001
20:24:08.0202 0x0300  ============================================================
20:24:14.0068 0x0300  KLMD registered as C:\Windows\system32\drivers\87839443.sys
20:24:14.0068 0x0300  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
20:24:14.0240 0x0300  System UUID: {C29C9170-82EF-887C-2D72-9D562C3FF378}
20:24:14.0817 0x0300  Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:24:14.0817 0x0300  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:14.0926 0x0300  Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:24:14.0926 0x0300  ============================================================
20:24:14.0926 0x0300  \Device\Harddisk1\DR1:
20:24:14.0926 0x0300  MBR partitions:
20:24:14.0926 0x0300  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
20:24:14.0926 0x0300  \Device\Harddisk0\DR0:
20:24:14.0926 0x0300  MBR partitions:
20:24:14.0926 0x0300  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x790800, BlocksNum 0xEF36000
20:24:14.0926 0x0300  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF6C7000, BlocksNum 0x2ACBE800
20:24:14.0926 0x0300  \Device\Harddisk1\DR1:
20:24:14.0926 0x0300  MBR partitions:
20:24:14.0926 0x0300  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
20:24:14.0926 0x0300  ============================================================
20:24:14.0926 0x0300  C: <-> \Device\Harddisk0\DR0\Partition1
20:24:14.0926 0x0300  Z: <-> \Device\Harddisk0\DR0\Partition2
20:24:14.0926 0x0300  ============================================================
20:24:14.0926 0x0300  Initialize success
20:24:14.0926 0x0300  ============================================================
20:24:23.0958 0x0b30  ============================================================
20:24:23.0958 0x0b30  Scan started
20:24:23.0958 0x0b30  Mode: Manual; SigCheck; TDLFS; 
20:24:23.0958 0x0b30  ============================================================
20:24:23.0958 0x0b30  KSN ping started
20:24:26.0252 0x0b30  KSN ping finished: true
20:24:27.0906 0x0b30  ================ Scan system memory ========================
20:24:27.0906 0x0b30  System memory - ok
20:24:27.0906 0x0b30  ================ Scan services =============================
20:24:28.0062 0x0b30  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
20:24:28.0125 0x0b30  1394ohci - ok
20:24:28.0156 0x0b30  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:24:28.0171 0x0b30  ACPI - ok
20:24:28.0187 0x0b30  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:24:28.0218 0x0b30  AcpiPmi - ok
20:24:28.0249 0x0b30  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:28.0265 0x0b30  AdobeARMservice - ok
20:24:28.0452 0x0b30  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:28.0483 0x0b30  AdobeFlashPlayerUpdateSvc - ok
20:24:28.0515 0x0b30  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:24:28.0546 0x0b30  adp94xx - ok
20:24:28.0577 0x0b30  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:24:28.0593 0x0b30  adpahci - ok
20:24:28.0608 0x0b30  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:24:28.0624 0x0b30  adpu320 - ok
20:24:28.0624 0x0b30  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:24:28.0639 0x0b30  AeLookupSvc - ok
20:24:28.0702 0x0b30  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
20:24:28.0733 0x0b30  AFD - ok
20:24:28.0795 0x0b30  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
20:24:28.0858 0x0b30  AgereSoftModem - ok
20:24:28.0858 0x0b30  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:24:28.0873 0x0b30  agp440 - ok
20:24:28.0873 0x0b30  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:24:28.0905 0x0b30  ALG - ok
20:24:28.0936 0x0b30  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:24:28.0951 0x0b30  aliide - ok
20:24:28.0951 0x0b30  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:24:28.0967 0x0b30  amdide - ok
20:24:28.0983 0x0b30  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:24:28.0998 0x0b30  AmdK8 - ok
20:24:28.0998 0x0b30  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:24:29.0014 0x0b30  AmdPPM - ok
20:24:29.0029 0x0b30  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:24:29.0045 0x0b30  amdsata - ok
20:24:29.0092 0x0b30  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:24:29.0107 0x0b30  amdsbs - ok
20:24:29.0107 0x0b30  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:24:29.0123 0x0b30  amdxata - ok
20:24:29.0154 0x0b30  [ 7ECE1575A7258906C2DEF7E219002B50, D5E989138BE5F46130F9786D09DF874B34CA52FB5C8D2AF41175405DB28FE5E2 ] androidusb      C:\Windows\system32\Drivers\smdadb.sys
20:24:29.0185 0x0b30  androidusb - ok
20:24:29.0201 0x0b30  [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID           C:\Windows\system32\drivers\appid.sys
20:24:29.0217 0x0b30  AppID - ok
20:24:29.0232 0x0b30  [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:24:29.0248 0x0b30  AppIDSvc - ok
20:24:29.0248 0x0b30  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
20:24:29.0279 0x0b30  Appinfo - ok
20:24:29.0310 0x0b30  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:29.0310 0x0b30  Apple Mobile Device Service - ok
20:24:29.0341 0x0b30  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:24:29.0388 0x0b30  AppMgmt - ok
20:24:29.0404 0x0b30  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:24:29.0419 0x0b30  arc - ok
20:24:29.0419 0x0b30  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:24:29.0435 0x0b30  arcsas - ok
20:24:29.0466 0x0b30  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:24:29.0482 0x0b30  aspnet_state - ok
20:24:29.0482 0x0b30  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:29.0591 0x0b30  AsyncMac - ok
20:24:29.0607 0x0b30  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:24:29.0607 0x0b30  atapi - ok
20:24:29.0669 0x0b30  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:24:29.0778 0x0b30  athr - ok
20:24:29.0809 0x0b30  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:29.0856 0x0b30  AudioEndpointBuilder - ok
20:24:29.0887 0x0b30  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:24:29.0903 0x0b30  AudioSrv - ok
20:24:29.0919 0x0b30  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:24:30.0012 0x0b30  AxInstSV - ok
20:24:30.0059 0x0b30  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:24:30.0075 0x0b30  b06bdrv - ok
20:24:30.0106 0x0b30  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:30.0153 0x0b30  b57nd60a - ok
20:24:30.0168 0x0b30  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:24:30.0184 0x0b30  BDESVC - ok
20:24:30.0184 0x0b30  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:24:30.0246 0x0b30  Beep - ok
20:24:30.0324 0x0b30  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:24:30.0355 0x0b30  BFE - ok
20:24:30.0402 0x0b30  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:24:30.0683 0x0b30  BITS - ok
20:24:30.0699 0x0b30  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:24:30.0714 0x0b30  blbdrive - ok
20:24:30.0730 0x0b30  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:30.0761 0x0b30  Bonjour Service - ok
20:24:30.0777 0x0b30  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:24:30.0792 0x0b30  bowser - ok
20:24:30.0792 0x0b30  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:24:30.0808 0x0b30  BrFiltLo - ok
20:24:30.0823 0x0b30  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:24:30.0839 0x0b30  BrFiltUp - ok
20:24:30.0855 0x0b30  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:24:30.0870 0x0b30  Browser - ok
20:24:30.0886 0x0b30  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:24:30.0901 0x0b30  Brserid - ok
20:24:30.0917 0x0b30  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:30.0933 0x0b30  BrSerWdm - ok
20:24:30.0933 0x0b30  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:30.0948 0x0b30  BrUsbMdm - ok
20:24:30.0964 0x0b30  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:30.0979 0x0b30  BrUsbSer - ok
20:24:30.0979 0x0b30  [ 7649BE609E29B31188C3B04D2B95948F, 7377C3441B7EACE58C84ACFBC14AB77393544949045B8594B7813EDB6EA9C653 ] BthAvrcp        C:\Windows\system32\drivers\BthAvrcp.sys
20:24:30.0995 0x0b30  BthAvrcp - ok
20:24:30.0995 0x0b30  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:24:31.0026 0x0b30  BTHMODEM - ok
20:24:31.0042 0x0b30  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:24:31.0073 0x0b30  bthserv - ok
20:24:31.0089 0x0b30  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:24:31.0135 0x0b30  cdfs - ok
20:24:31.0151 0x0b30  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:24:31.0167 0x0b30  cdrom - ok
20:24:31.0182 0x0b30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:24:31.0213 0x0b30  CertPropSvc - ok
20:24:31.0213 0x0b30  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:24:31.0245 0x0b30  circlass - ok
20:24:31.0276 0x0b30  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:24:31.0291 0x0b30  CLFS - ok
20:24:31.0307 0x0b30  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:31.0323 0x0b30  clr_optimization_v2.0.50727_32 - ok
20:24:31.0338 0x0b30  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:31.0354 0x0b30  clr_optimization_v2.0.50727_64 - ok
20:24:31.0385 0x0b30  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:31.0432 0x0b30  clr_optimization_v4.0.30319_32 - ok
20:24:31.0447 0x0b30  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:31.0479 0x0b30  clr_optimization_v4.0.30319_64 - ok
20:24:31.0479 0x0b30  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:24:31.0494 0x0b30  CmBatt - ok
20:24:31.0510 0x0b30  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:24:31.0510 0x0b30  cmdide - ok
20:24:31.0588 0x0b30  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:24:31.0635 0x0b30  CNG - ok
20:24:31.0635 0x0b30  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:24:31.0650 0x0b30  Compbatt - ok
20:24:31.0650 0x0b30  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:24:31.0666 0x0b30  CompositeBus - ok
20:24:31.0666 0x0b30  COMSysApp - ok
20:24:31.0681 0x0b30  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:24:31.0697 0x0b30  crcdisk - ok
20:24:31.0713 0x0b30  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:24:31.0744 0x0b30  CryptSvc - ok
20:24:31.0822 0x0b30  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
20:24:31.0853 0x0b30  CSC - ok
20:24:31.0962 0x0b30  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
20:24:32.0025 0x0b30  CscService - ok
20:24:32.0071 0x0b30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:24:32.0118 0x0b30  DcomLaunch - ok
20:24:32.0181 0x0b30  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:24:32.0260 0x0b30  defragsvc - ok
20:24:32.0275 0x0b30  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:24:32.0291 0x0b30  DfsC - ok
20:24:32.0306 0x0b30  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:24:32.0322 0x0b30  dg_ssudbus - ok
20:24:32.0338 0x0b30  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:24:32.0353 0x0b30  Dhcp - ok
20:24:32.0431 0x0b30  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:24:32.0478 0x0b30  DiagTrack - ok
20:24:32.0494 0x0b30  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:24:32.0525 0x0b30  discache - ok
20:24:32.0540 0x0b30  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
20:24:32.0540 0x0b30  Disk - ok
20:24:32.0556 0x0b30  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
20:24:32.0556 0x0b30  dmvsc - ok
20:24:32.0572 0x0b30  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:24:32.0587 0x0b30  Dnscache - ok
20:24:32.0603 0x0b30  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:24:32.0650 0x0b30  dot3svc - ok
20:24:32.0665 0x0b30  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:24:32.0696 0x0b30  DPS - ok
20:24:32.0712 0x0b30  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:24:32.0728 0x0b30  drmkaud - ok
20:24:32.0774 0x0b30  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:24:32.0821 0x0b30  DXGKrnl - ok
20:24:32.0837 0x0b30  [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
20:24:32.0852 0x0b30  e1kexpress - ok
20:24:32.0868 0x0b30  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:24:32.0915 0x0b30  EapHost - ok
20:24:33.0040 0x0b30  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:24:33.0180 0x0b30  ebdrv - ok
20:24:33.0180 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS             C:\Windows\System32\lsass.exe
20:24:33.0196 0x0b30  EFS - ok
20:24:33.0242 0x0b30  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:24:33.0274 0x0b30  ehRecvr - ok
20:24:33.0289 0x0b30  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:24:33.0305 0x0b30  ehSched - ok
20:24:33.0398 0x0b30  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:24:33.0430 0x0b30  elxstor - ok
20:24:33.0430 0x0b30  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:24:33.0445 0x0b30  ErrDev - ok
20:24:33.0476 0x0b30  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:24:33.0554 0x0b30  EventSystem - ok
20:24:33.0570 0x0b30  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:24:33.0617 0x0b30  exfat - ok
20:24:33.0617 0x0b30  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:24:33.0664 0x0b30  fastfat - ok
20:24:33.0804 0x0b30  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:24:33.0835 0x0b30  Fax - ok
20:24:33.0835 0x0b30  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:24:33.0851 0x0b30  fdc - ok
20:24:33.0866 0x0b30  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:24:33.0913 0x0b30  fdPHost - ok
20:24:33.0929 0x0b30  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:24:33.0960 0x0b30  FDResPub - ok
20:24:33.0976 0x0b30  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:24:33.0991 0x0b30  FileInfo - ok
20:24:33.0991 0x0b30  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:24:34.0038 0x0b30  Filetrace - ok
20:24:34.0038 0x0b30  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:24:34.0054 0x0b30  flpydisk - ok
20:24:34.0069 0x0b30  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:24:34.0085 0x0b30  FltMgr - ok
20:24:34.0147 0x0b30  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
20:24:34.0194 0x0b30  FontCache - ok
20:24:34.0210 0x0b30  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:34.0225 0x0b30  FontCache3.0.0.0 - ok
20:24:34.0225 0x0b30  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:24:34.0241 0x0b30  FsDepends - ok
20:24:34.0256 0x0b30  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:24:34.0256 0x0b30  Fs_Rec - ok
20:24:34.0272 0x0b30  [ D104388C79C88E250027B3536A5CD2A9, F8511AEF1E994BD5E96A56F99F99FBE0801C92691E7FB23A2A7CF7E3A6BE32AB ] FUJ02B1         C:\Windows\system32\DRIVERS\FUJ02B1.sys
20:24:34.0288 0x0b30  FUJ02B1 - ok
20:24:34.0303 0x0b30  [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3         C:\Windows\system32\drivers\FUJ02E3.sys
20:24:34.0303 0x0b30  FUJ02E3 - ok
20:24:34.0319 0x0b30  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:24:34.0334 0x0b30  fvevol - ok
20:24:34.0350 0x0b30  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:24:34.0366 0x0b30  gagp30kx - ok
20:24:34.0366 0x0b30  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:24:34.0381 0x0b30  GEARAspiWDM - ok
20:24:34.0412 0x0b30  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
20:24:34.0444 0x0b30  gpsvc - ok
20:24:34.0475 0x0b30  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:34.0490 0x0b30  gupdate - ok
20:24:34.0506 0x0b30  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:34.0506 0x0b30  gupdatem - ok
20:24:34.0522 0x0b30  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:24:34.0537 0x0b30  hcw85cir - ok
20:24:34.0553 0x0b30  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:34.0584 0x0b30  HdAudAddService - ok
20:24:34.0584 0x0b30  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:24:34.0600 0x0b30  HDAudBus - ok
20:24:34.0615 0x0b30  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\drivers\HECIx64.sys
20:24:34.0615 0x0b30  HECIx64 - ok
20:24:34.0631 0x0b30  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:24:34.0646 0x0b30  HidBatt - ok
20:24:34.0646 0x0b30  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:24:34.0678 0x0b30  HidBth - ok
20:24:34.0693 0x0b30  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:24:34.0709 0x0b30  HidIr - ok
20:24:34.0724 0x0b30  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:24:34.0756 0x0b30  hidserv - ok
20:24:34.0756 0x0b30  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
20:24:34.0771 0x0b30  HidUsb - ok
20:24:34.0787 0x0b30  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:24:34.0834 0x0b30  hkmsvc - ok
20:24:34.0849 0x0b30  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:34.0865 0x0b30  HomeGroupListener - ok
20:24:34.0880 0x0b30  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:34.0896 0x0b30  HomeGroupProvider - ok
20:24:34.0896 0x0b30  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:24:34.0912 0x0b30  HpSAMD - ok
20:24:34.0958 0x0b30  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:24:34.0990 0x0b30  HTTP - ok
20:24:34.0990 0x0b30  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:24:35.0005 0x0b30  hwpolicy - ok
20:24:35.0021 0x0b30  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:24:35.0036 0x0b30  i8042prt - ok
20:24:35.0099 0x0b30  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:24:35.0130 0x0b30  iaStorV - ok
20:24:35.0224 0x0b30  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:35.0270 0x0b30  idsvc - ok
20:24:35.0270 0x0b30  IEEtwCollectorService - ok
20:24:36.0082 0x0b30  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:36.0643 0x0b30  igfx - ok
20:24:36.0659 0x0b30  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:24:36.0674 0x0b30  iirsp - ok
20:24:36.0721 0x0b30  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:24:36.0752 0x0b30  IKEEXT - ok
20:24:36.0768 0x0b30  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
20:24:36.0784 0x0b30  Impcd - detected UnsignedFile.Multi.Generic ( 1 )
20:24:37.0002 0x0b30  Detect skipped due to KSN trusted
20:24:37.0002 0x0b30  Impcd - ok
20:24:37.0158 0x0b30  [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:37.0220 0x0b30  IntcAzAudAddService - ok
20:24:37.0236 0x0b30  [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:37.0236 0x0b30  IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )
20:24:37.0470 0x0b30  Detect skipped due to KSN trusted
20:24:37.0470 0x0b30  IntcDAud - ok
20:24:37.0470 0x0b30  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:24:37.0501 0x0b30  intelide - ok
20:24:37.0501 0x0b30  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
20:24:37.0532 0x0b30  intelppm - ok
20:24:37.0532 0x0b30  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:24:37.0579 0x0b30  IPBusEnum - ok
20:24:37.0595 0x0b30  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:37.0626 0x0b30  IpFilterDriver - ok
20:24:37.0657 0x0b30  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:24:37.0688 0x0b30  iphlpsvc - ok
20:24:37.0704 0x0b30  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:24:37.0720 0x0b30  IPMIDRV - ok
20:24:37.0735 0x0b30  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:24:37.0782 0x0b30  IPNAT - ok
20:24:37.0813 0x0b30  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:24:37.0860 0x0b30  iPod Service - ok
20:24:37.0860 0x0b30  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:24:37.0876 0x0b30  IRENUM - ok
20:24:37.0891 0x0b30  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:24:37.0907 0x0b30  isapnp - ok
20:24:37.0922 0x0b30  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:24:37.0938 0x0b30  iScsiPrt - ok
20:24:37.0954 0x0b30  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:37.0969 0x0b30  kbdclass - ok
20:24:37.0969 0x0b30  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:24:38.0000 0x0b30  kbdhid - ok
20:24:38.0000 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso          C:\Windows\system32\lsass.exe
20:24:38.0016 0x0b30  KeyIso - ok
20:24:38.0032 0x0b30  [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:24:38.0047 0x0b30  KSecDD - ok
20:24:38.0063 0x0b30  [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:24:38.0078 0x0b30  KSecPkg - ok
20:24:38.0078 0x0b30  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:24:38.0125 0x0b30  ksthunk - ok
20:24:38.0141 0x0b30  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:24:38.0188 0x0b30  KtmRm - ok
20:24:38.0219 0x0b30  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:24:38.0297 0x0b30  LanmanServer - ok
20:24:38.0297 0x0b30  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:38.0359 0x0b30  LanmanWorkstation - ok
20:24:38.0359 0x0b30  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:24:38.0406 0x0b30  lltdio - ok
20:24:38.0437 0x0b30  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:24:38.0484 0x0b30  lltdsvc - ok
20:24:38.0484 0x0b30  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:24:38.0546 0x0b30  lmhosts - ok
20:24:38.0562 0x0b30  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:24:38.0578 0x0b30  LMS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:38.0796 0x0b30  Detect skipped due to KSN trusted
20:24:38.0796 0x0b30  LMS - ok
20:24:38.0796 0x0b30  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:24:38.0812 0x0b30  LSI_FC - ok
20:24:38.0827 0x0b30  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:24:38.0827 0x0b30  LSI_SAS - ok
20:24:38.0843 0x0b30  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:24:38.0858 0x0b30  LSI_SAS2 - ok
20:24:38.0874 0x0b30  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:24:38.0874 0x0b30  LSI_SCSI - ok
20:24:38.0890 0x0b30  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:24:38.0936 0x0b30  luafv - ok
20:24:38.0936 0x0b30  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:24:38.0952 0x0b30  Mcx2Svc - ok
20:24:38.0968 0x0b30  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:24:38.0968 0x0b30  megasas - ok
20:24:39.0014 0x0b30  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:24:39.0030 0x0b30  MegaSR - ok
20:24:39.0046 0x0b30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:24:39.0077 0x0b30  MMCSS - ok
20:24:39.0092 0x0b30  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:24:39.0124 0x0b30  Modem - ok
20:24:39.0139 0x0b30  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:24:39.0155 0x0b30  monitor - ok
20:24:39.0155 0x0b30  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:24:39.0170 0x0b30  mouclass - ok
20:24:39.0170 0x0b30  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
20:24:39.0186 0x0b30  mouhid - ok
20:24:39.0202 0x0b30  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:24:39.0202 0x0b30  mountmgr - ok
20:24:39.0217 0x0b30  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:39.0233 0x0b30  MozillaMaintenance - ok
20:24:39.0248 0x0b30  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:24:39.0264 0x0b30  mpio - ok
20:24:39.0264 0x0b30  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:24:39.0311 0x0b30  mpsdrv - ok
20:24:39.0342 0x0b30  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:24:39.0404 0x0b30  MpsSvc - ok
20:24:39.0420 0x0b30  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:24:39.0436 0x0b30  MRxDAV - ok
20:24:39.0451 0x0b30  [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:39.0467 0x0b30  mrxsmb - ok
20:24:39.0482 0x0b30  [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:39.0514 0x0b30  mrxsmb10 - ok
20:24:39.0529 0x0b30  [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:39.0545 0x0b30  mrxsmb20 - ok
20:24:39.0560 0x0b30  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:24:39.0560 0x0b30  msahci - ok
20:24:39.0576 0x0b30  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:24:39.0592 0x0b30  msdsm - ok
20:24:39.0607 0x0b30  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:24:39.0623 0x0b30  MSDTC - ok
20:24:39.0638 0x0b30  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:24:39.0701 0x0b30  Msfs - ok
20:24:39.0701 0x0b30  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:24:39.0748 0x0b30  mshidkmdf - ok
20:24:39.0748 0x0b30  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:24:39.0763 0x0b30  msisadrv - ok
20:24:39.0763 0x0b30  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:24:39.0826 0x0b30  MSiSCSI - ok
20:24:39.0826 0x0b30  msiserver - ok
20:24:39.0826 0x0b30  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:24:39.0888 0x0b30  MSKSSRV - ok
20:24:39.0888 0x0b30  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:39.0935 0x0b30  MSPCLOCK - ok
20:24:39.0966 0x0b30  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:24:40.0013 0x0b30  MSPQM - ok
20:24:40.0060 0x0b30  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:24:40.0075 0x0b30  MsRPC - ok
20:24:40.0091 0x0b30  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:24:40.0091 0x0b30  mssmbios - ok
20:24:40.0106 0x0b30  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:24:40.0138 0x0b30  MSTEE - ok
20:24:40.0153 0x0b30  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:24:40.0184 0x0b30  MTConfig - ok
20:24:40.0184 0x0b30  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:24:40.0200 0x0b30  Mup - ok
20:24:40.0231 0x0b30  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:24:40.0294 0x0b30  napagent - ok
20:24:40.0309 0x0b30  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:24:40.0340 0x0b30  NativeWifiP - ok
20:24:40.0372 0x0b30  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
20:24:40.0418 0x0b30  NAUpdate - ok
20:24:40.0465 0x0b30  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:24:40.0496 0x0b30  NDIS - ok
20:24:40.0512 0x0b30  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:40.0559 0x0b30  NdisCap - ok
20:24:40.0574 0x0b30  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:40.0621 0x0b30  NdisTapi - ok
20:24:40.0621 0x0b30  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:40.0684 0x0b30  Ndisuio - ok
20:24:40.0699 0x0b30  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:40.0746 0x0b30  NdisWan - ok
20:24:40.0746 0x0b30  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:24:40.0793 0x0b30  NDProxy - ok
20:24:40.0840 0x0b30  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
20:24:40.0840 0x0b30  Netaapl - ok
20:24:40.0855 0x0b30  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:24:40.0902 0x0b30  NetBIOS - ok
20:24:40.0918 0x0b30  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:24:40.0933 0x0b30  NetBT - ok
20:24:40.0933 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon        C:\Windows\system32\lsass.exe
20:24:40.0949 0x0b30  Netlogon - ok
20:24:40.0964 0x0b30  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:24:41.0011 0x0b30  Netman - ok
20:24:41.0027 0x0b30  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0042 0x0b30  NetMsmqActivator - ok
20:24:41.0058 0x0b30  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0074 0x0b30  NetPipeActivator - ok
20:24:41.0089 0x0b30  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:24:41.0152 0x0b30  netprofm - ok
20:24:41.0167 0x0b30  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0183 0x0b30  NetTcpActivator - ok
20:24:41.0183 0x0b30  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0214 0x0b30  NetTcpPortSharing - ok
20:24:41.0214 0x0b30  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:24:41.0230 0x0b30  nfrd960 - ok
20:24:41.0245 0x0b30  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:24:41.0261 0x0b30  NlaSvc - ok
20:24:41.0276 0x0b30  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:24:41.0308 0x0b30  Npfs - ok
20:24:41.0323 0x0b30  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:24:41.0354 0x0b30  nsi - ok
20:24:41.0370 0x0b30  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:24:41.0401 0x0b30  nsiproxy - ok
20:24:41.0479 0x0b30  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:24:41.0542 0x0b30  Ntfs - ok
20:24:41.0557 0x0b30  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:24:41.0604 0x0b30  Null - ok
20:24:41.0620 0x0b30  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:24:41.0635 0x0b30  nvraid - ok
20:24:41.0651 0x0b30  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:24:41.0666 0x0b30  nvstor - ok
20:24:41.0666 0x0b30  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:24:41.0682 0x0b30  nv_agp - ok
20:24:41.0744 0x0b30  [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2Flash         C:\Windows\SysWOW64\o2flash.exe
20:24:41.0760 0x0b30  O2Flash - detected UnsignedFile.Multi.Generic ( 1 )
20:24:42.0010 0x0b30  Detect skipped due to KSN trusted
20:24:42.0010 0x0b30  O2Flash - ok
20:24:42.0025 0x0b30  [ AECFF27D5C70F295B09B85EFE3292ED1, 10EE366E4551EE0994B309AC30F5F619B6A4A0A9C8B55943D9FB5FA79A187568 ] O2MDRDR         C:\Windows\system32\DRIVERS\o2mdx64.sys
20:24:42.0041 0x0b30  O2MDRDR - ok
20:24:42.0056 0x0b30  [ 3B179A7EFF9EDCC045F5570510C812F6, A4E939E38C27BD4C54A62618688360C06F9E853C43EC5EC038686F5FA31DC9EC ] O2SCBUS         C:\Windows\system32\DRIVERS\ozscrx64.sys
20:24:42.0072 0x0b30  O2SCBUS - ok
20:24:42.0072 0x0b30  [ DF014C48015B637790BE3EDDD1384728, 3414A45709F33684945D61191E65163766A18B37CBC9D12CC56968A2A5F06467 ] O2SDRDR         C:\Windows\system32\DRIVERS\o2sdx64.sys
20:24:42.0088 0x0b30  O2SDRDR - ok
20:24:42.0088 0x0b30  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:24:42.0103 0x0b30  ohci1394 - ok
20:24:42.0181 0x0b30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:24:42.0212 0x0b30  p2pimsvc - ok
20:24:42.0228 0x0b30  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:24:42.0244 0x0b30  p2psvc - ok
20:24:42.0259 0x0b30  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:24:42.0275 0x0b30  Parport - ok
20:24:42.0290 0x0b30  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:24:42.0290 0x0b30  partmgr - ok
20:24:42.0306 0x0b30  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:24:42.0337 0x0b30  PcaSvc - ok
20:24:42.0353 0x0b30  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:24:42.0353 0x0b30  pci - ok
20:24:42.0368 0x0b30  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:24:42.0384 0x0b30  pciide - ok
20:24:42.0400 0x0b30  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:24:42.0415 0x0b30  pcmcia - ok
20:24:42.0415 0x0b30  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:24:42.0431 0x0b30  pcw - ok
20:24:42.0524 0x0b30  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:24:42.0556 0x0b30  PEAUTH - ok
20:24:42.0665 0x0b30  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:24:42.0712 0x0b30  PeerDistSvc - ok
20:24:42.0727 0x0b30  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:24:42.0743 0x0b30  PerfHost - ok
20:24:42.0868 0x0b30  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:24:42.0946 0x0b30  pla - ok
20:24:42.0977 0x0b30  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:24:43.0008 0x0b30  PlugPlay - ok
20:24:43.0008 0x0b30  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:24:43.0039 0x0b30  PNRPAutoReg - ok
20:24:43.0055 0x0b30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:24:43.0070 0x0b30  PNRPsvc - ok
20:24:43.0133 0x0b30  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:24:43.0164 0x0b30  PolicyAgent - ok
20:24:43.0180 0x0b30  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:24:43.0226 0x0b30  Power - ok
20:24:43.0242 0x0b30  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:24:43.0289 0x0b30  PptpMiniport - ok
20:24:43.0289 0x0b30  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:24:43.0304 0x0b30  Processor - ok
20:24:43.0320 0x0b30  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:24:43.0336 0x0b30  ProfSvc - ok
20:24:43.0336 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:24:43.0351 0x0b30  ProtectedStorage - ok
20:24:43.0351 0x0b30  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:24:43.0398 0x0b30  Psched - ok
20:24:43.0414 0x0b30  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
20:24:43.0429 0x0b30  pwdrvio - ok
20:24:43.0429 0x0b30  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
20:24:43.0445 0x0b30  pwdspio - ok
20:24:43.0507 0x0b30  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:24:43.0616 0x0b30  ql2300 - ok
20:24:43.0616 0x0b30  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:24:43.0632 0x0b30  ql40xx - ok
20:24:43.0648 0x0b30  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:24:43.0679 0x0b30  QWAVE - ok
20:24:43.0694 0x0b30  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:24:43.0710 0x0b30  QWAVEdrv - ok
20:24:43.0710 0x0b30  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:24:43.0757 0x0b30  RasAcd - ok
20:24:43.0772 0x0b30  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:24:43.0804 0x0b30  RasAgileVpn - ok
20:24:43.0804 0x0b30  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:24:43.0850 0x0b30  RasAuto - ok
20:24:43.0866 0x0b30  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:43.0897 0x0b30  Rasl2tp - ok
20:24:43.0913 0x0b30  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:24:43.0975 0x0b30  RasMan - ok
20:24:43.0975 0x0b30  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:44.0022 0x0b30  RasPppoe - ok
20:24:44.0022 0x0b30  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:24:44.0069 0x0b30  RasSstp - ok
20:24:44.0100 0x0b30  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:24:44.0162 0x0b30  rdbss - ok
20:24:44.0162 0x0b30  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:24:44.0209 0x0b30  rdpbus - ok
20:24:44.0209 0x0b30  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:44.0256 0x0b30  RDPCDD - ok
20:24:44.0256 0x0b30  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:24:44.0287 0x0b30  RDPDR - ok
20:24:44.0287 0x0b30  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:24:44.0334 0x0b30  RDPENCDD - ok
20:24:44.0334 0x0b30  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:24:44.0381 0x0b30  RDPREFMP - ok
20:24:44.0396 0x0b30  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:24:44.0428 0x0b30  RDPWD - ok
20:24:44.0443 0x0b30  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:24:44.0459 0x0b30  rdyboost - ok
20:24:44.0459 0x0b30  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:24:44.0506 0x0b30  RemoteAccess - ok
20:24:44.0521 0x0b30  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:24:44.0568 0x0b30  RemoteRegistry - ok
20:24:44.0568 0x0b30  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:24:44.0615 0x0b30  RpcEptMapper - ok
20:24:44.0630 0x0b30  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:24:44.0646 0x0b30  RpcLocator - ok
20:24:44.0677 0x0b30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:24:44.0740 0x0b30  RpcSs - ok
20:24:44.0740 0x0b30  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:24:44.0786 0x0b30  rspndr - ok
20:24:44.0786 0x0b30  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:24:44.0802 0x0b30  s3cap - ok
20:24:44.0802 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs           C:\Windows\system32\lsass.exe
20:24:44.0818 0x0b30  SamSs - ok
20:24:44.0818 0x0b30  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:24:44.0833 0x0b30  sbp2port - ok
20:24:44.0849 0x0b30  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:24:44.0896 0x0b30  SCardSvr - ok
20:24:44.0896 0x0b30  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:24:44.0942 0x0b30  scfilter - ok
20:24:45.0052 0x0b30  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
20:24:45.0130 0x0b30  Schedule - ok
20:24:45.0145 0x0b30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:24:45.0176 0x0b30  SCPolicySvc - ok
20:24:45.0192 0x0b30  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:24:45.0208 0x0b30  sdbus - ok
20:24:45.0223 0x0b30  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:24:45.0254 0x0b30  SDRSVC - ok
20:24:45.0254 0x0b30  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:24:45.0270 0x0b30  secdrv - ok
20:24:45.0286 0x0b30  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
20:24:45.0301 0x0b30  seclogon - ok
20:24:45.0301 0x0b30  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:24:45.0332 0x0b30  SENS - ok
20:24:45.0348 0x0b30  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:24:45.0364 0x0b30  SensrSvc - ok
20:24:45.0379 0x0b30  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:24:45.0395 0x0b30  Serenum - ok
20:24:45.0410 0x0b30  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:24:45.0426 0x0b30  Serial - ok
20:24:45.0426 0x0b30  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:24:45.0457 0x0b30  sermouse - ok
20:24:45.0457 0x0b30  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:24:45.0504 0x0b30  SessionEnv - ok
20:24:45.0520 0x0b30  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:24:45.0535 0x0b30  sffdisk - ok
20:24:45.0535 0x0b30  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:24:45.0551 0x0b30  sffp_mmc - ok
20:24:45.0566 0x0b30  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:24:45.0582 0x0b30  sffp_sd - ok
20:24:45.0582 0x0b30  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:24:45.0598 0x0b30  sfloppy - ok
20:24:45.0629 0x0b30  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:24:45.0676 0x0b30  SharedAccess - ok
20:24:45.0707 0x0b30  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:24:45.0769 0x0b30  ShellHWDetection - ok
20:24:45.0769 0x0b30  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:24:45.0785 0x0b30  SiSRaid2 - ok
20:24:45.0785 0x0b30  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:24:45.0800 0x0b30  SiSRaid4 - ok
20:24:45.0800 0x0b30  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:24:45.0847 0x0b30  Smb - ok
20:24:45.0847 0x0b30  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:24:45.0863 0x0b30  SNMPTRAP - ok
20:24:45.0863 0x0b30  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:24:45.0878 0x0b30  spldr - ok
20:24:45.0910 0x0b30  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:24:45.0925 0x0b30  Spooler - ok
20:24:46.0128 0x0b30  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:24:46.0253 0x0b30  sppsvc - ok
20:24:46.0268 0x0b30  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:24:46.0300 0x0b30  sppuinotify - ok
20:24:46.0331 0x0b30  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:24:46.0362 0x0b30  srv - ok
20:24:46.0378 0x0b30  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:24:46.0409 0x0b30  srv2 - ok
20:24:46.0424 0x0b30  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:24:46.0440 0x0b30  srvnet - ok
20:24:46.0440 0x0b30  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:24:46.0487 0x0b30  SSDPSRV - ok
20:24:46.0502 0x0b30  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:24:46.0549 0x0b30  SstpSvc - ok
20:24:46.0565 0x0b30  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:24:46.0580 0x0b30  ssudmdm - ok
20:24:46.0596 0x0b30  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:24:46.0596 0x0b30  stexstor - ok
20:24:46.0627 0x0b30  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:24:46.0658 0x0b30  stisvc - ok
20:24:46.0658 0x0b30  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:24:46.0674 0x0b30  storflt - ok
20:24:46.0674 0x0b30  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
20:24:46.0690 0x0b30  StorSvc - ok
20:24:46.0690 0x0b30  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:24:46.0705 0x0b30  storvsc - ok
20:24:46.0705 0x0b30  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:24:46.0721 0x0b30  swenum - ok
20:24:46.0752 0x0b30  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:24:46.0799 0x0b30  swprv - ok
20:24:46.0955 0x0b30  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
20:24:47.0048 0x0b30  SysMain - ok
20:24:47.0064 0x0b30  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:47.0080 0x0b30  TabletInputService - ok
20:24:47.0126 0x0b30  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:24:47.0220 0x0b30  TapiSrv - ok
20:24:47.0220 0x0b30  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:24:47.0251 0x0b30  TBS - ok
20:24:47.0345 0x0b30  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:24:47.0438 0x0b30  Tcpip - ok
20:24:47.0579 0x0b30  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:24:47.0657 0x0b30  TCPIP6 - ok
20:24:47.0657 0x0b30  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:24:47.0672 0x0b30  tcpipreg - ok
20:24:47.0688 0x0b30  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:24:47.0688 0x0b30  TDPIPE - ok
20:24:47.0704 0x0b30  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:24:47.0719 0x0b30  TDTCP - ok
20:24:47.0719 0x0b30  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:24:47.0750 0x0b30  tdx - ok
20:24:47.0750 0x0b30  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:24:47.0766 0x0b30  TermDD - ok
20:24:47.0828 0x0b30  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:24:47.0860 0x0b30  TermService - ok
20:24:47.0875 0x0b30  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:24:47.0891 0x0b30  Themes - ok
20:24:47.0891 0x0b30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:24:47.0938 0x0b30  THREADORDER - ok
20:24:47.0938 0x0b30  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
20:24:47.0953 0x0b30  TPM - ok
20:24:47.0969 0x0b30  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:24:48.0000 0x0b30  TrkWks - ok
20:24:48.0016 0x0b30  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:48.0062 0x0b30  TrustedInstaller - ok
20:24:48.0078 0x0b30  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:48.0078 0x0b30  tssecsrv - ok
20:24:48.0094 0x0b30  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:24:48.0109 0x0b30  TsUsbFlt - ok
20:24:48.0109 0x0b30  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:24:48.0125 0x0b30  TsUsbGD - ok
20:24:48.0140 0x0b30  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:24:48.0187 0x0b30  tunnel - ok
20:24:48.0187 0x0b30  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:24:48.0203 0x0b30  uagp35 - ok
20:24:48.0250 0x0b30  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:24:48.0312 0x0b30  udfs - ok
20:24:48.0312 0x0b30  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:24:48.0359 0x0b30  UI0Detect - ok
20:24:48.0359 0x0b30  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:24:48.0374 0x0b30  uliagpkx - ok
20:24:48.0374 0x0b30  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:24:48.0390 0x0b30  umbus - ok
20:24:48.0406 0x0b30  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:24:48.0406 0x0b30  UmPass - ok
20:24:48.0421 0x0b30  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:24:48.0437 0x0b30  UmRdpService - ok
20:24:48.0530 0x0b30  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:48.0624 0x0b30  UNS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:48.0874 0x0b30  Detect skipped due to KSN trusted
20:24:48.0874 0x0b30  UNS - ok
20:24:48.0889 0x0b30  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:24:48.0952 0x0b30  upnphost - ok
20:24:48.0967 0x0b30  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:24:48.0983 0x0b30  USBAAPL64 - ok
20:24:48.0983 0x0b30  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:48.0998 0x0b30  usbccgp - ok
20:24:49.0014 0x0b30  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:24:49.0030 0x0b30  usbcir - ok
20:24:49.0030 0x0b30  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:24:49.0045 0x0b30  usbehci - ok
20:24:49.0076 0x0b30  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:24:49.0092 0x0b30  usbhub - ok
20:24:49.0092 0x0b30  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:24:49.0108 0x0b30  usbohci - ok
20:24:49.0108 0x0b30  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:24:49.0139 0x0b30  usbprint - ok
20:24:49.0139 0x0b30  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:49.0154 0x0b30  USBSTOR - ok
20:24:49.0170 0x0b30  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:24:49.0170 0x0b30  usbuhci - ok
20:24:49.0186 0x0b30  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:24:49.0217 0x0b30  UxSms - ok
20:24:49.0217 0x0b30  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc        C:\Windows\system32\lsass.exe
20:24:49.0232 0x0b30  VaultSvc - ok
20:24:49.0248 0x0b30  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:24:49.0248 0x0b30  vdrvroot - ok
20:24:49.0279 0x0b30  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:24:49.0357 0x0b30  vds - ok
20:24:49.0373 0x0b30  [ 85256DA6FDBD6B16C526C858F2DA8BF0, A275B61917EAE7C5410078EFDC31371DBAED8EC11F3C7BD18568FEE9A78E2F77 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
20:24:49.0388 0x0b30  VFPRadioSupportService - ok
20:24:49.0388 0x0b30  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:49.0404 0x0b30  vga - ok
20:24:49.0420 0x0b30  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:24:49.0466 0x0b30  VgaSave - ok
20:24:49.0466 0x0b30  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:24:49.0498 0x0b30  vhdmp - ok
20:24:49.0513 0x0b30  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:24:49.0529 0x0b30  viaide - ok
20:24:49.0529 0x0b30  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:24:49.0544 0x0b30  vmbus - ok
20:24:49.0576 0x0b30  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:24:49.0591 0x0b30  VMBusHID - ok
20:24:49.0591 0x0b30  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:24:49.0607 0x0b30  volmgr - ok
20:24:49.0638 0x0b30  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:24:49.0654 0x0b30  volmgrx - ok
20:24:49.0669 0x0b30  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:24:49.0700 0x0b30  volsnap - ok
20:24:49.0700 0x0b30  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:24:49.0716 0x0b30  vsmraid - ok
20:24:49.0841 0x0b30  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:24:49.0934 0x0b30  VSS - ok
20:24:49.0950 0x0b30  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:24:49.0966 0x0b30  vwifibus - ok
20:24:49.0966 0x0b30  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:24:49.0997 0x0b30  vwififlt - ok
20:24:49.0997 0x0b30  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:24:50.0013 0x0b30  vwifimp - ok
20:24:50.0044 0x0b30  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:24:50.0106 0x0b30  W32Time - ok
20:24:50.0122 0x0b30  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:24:50.0137 0x0b30  WacomPen - ok
20:24:50.0153 0x0b30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:24:50.0200 0x0b30  WANARP - ok
20:24:50.0200 0x0b30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:24:50.0247 0x0b30  Wanarpv6 - ok
20:24:50.0356 0x0b30  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:24:50.0418 0x0b30  wbengine - ok
20:24:50.0449 0x0b30  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:24:50.0465 0x0b30  WbioSrvc - ok
20:24:50.0543 0x0b30  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:24:50.0590 0x0b30  wcncsvc - ok
20:24:50.0590 0x0b30  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:24:50.0605 0x0b30  WcsPlugInService - ok
20:24:50.0621 0x0b30  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:24:50.0637 0x0b30  Wd - ok
20:24:50.0683 0x0b30  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:24:50.0746 0x0b30  Wdf01000 - ok
20:24:50.0746 0x0b30  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:24:50.0761 0x0b30  WdiServiceHost - ok
20:24:50.0761 0x0b30  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:24:50.0777 0x0b30  WdiSystemHost - ok
20:24:50.0824 0x0b30  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
20:24:50.0839 0x0b30  WebClient - ok
20:24:50.0855 0x0b30  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:24:50.0902 0x0b30  Wecsvc - ok
20:24:50.0917 0x0b30  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:24:50.0949 0x0b30  wercplsupport - ok
20:24:50.0964 0x0b30  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:24:51.0011 0x0b30  WerSvc - ok
20:24:51.0011 0x0b30  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:24:51.0058 0x0b30  WfpLwf - ok
20:24:51.0058 0x0b30  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:24:51.0073 0x0b30  WIMMount - ok
20:24:51.0073 0x0b30  WinDefend - ok
20:24:51.0073 0x0b30  WinHttpAutoProxySvc - ok
20:24:51.0089 0x0b30  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:24:51.0167 0x0b30  Winmgmt - ok
20:24:51.0354 0x0b30  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:24:51.0448 0x0b30  WinRM - ok
20:24:51.0463 0x0b30  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:24:51.0479 0x0b30  WinUsb - ok
20:24:51.0526 0x0b30  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:24:51.0573 0x0b30  Wlansvc - ok
20:24:51.0588 0x0b30  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:24:51.0604 0x0b30  WmiAcpi - ok
20:24:51.0619 0x0b30  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:24:51.0635 0x0b30  wmiApSrv - ok
20:24:51.0635 0x0b30  WMPNetworkSvc - ok
20:24:51.0651 0x0b30  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:24:51.0666 0x0b30  WPCSvc - ok
20:24:51.0682 0x0b30  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:24:51.0697 0x0b30  WPDBusEnum - ok
20:24:51.0697 0x0b30  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:24:51.0744 0x0b30  ws2ifsl - ok
20:24:51.0744 0x0b30  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:24:51.0775 0x0b30  wscsvc - ok
20:24:51.0775 0x0b30  WSearch - ok
20:24:51.0916 0x0b30  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:24:52.0072 0x0b30  wuauserv - ok
20:24:52.0087 0x0b30  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:24:52.0103 0x0b30  WudfPf - ok
20:24:52.0103 0x0b30  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:52.0119 0x0b30  WUDFRd - ok
20:24:52.0134 0x0b30  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:24:52.0150 0x0b30  wudfsvc - ok
20:24:52.0165 0x0b30  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:24:52.0181 0x0b30  WwanSvc - ok
20:24:52.0197 0x0b30  ================ Scan global ===============================
20:24:52.0212 0x0b30  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:24:52.0228 0x0b30  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
20:24:52.0243 0x0b30  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
20:24:52.0259 0x0b30  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:24:52.0275 0x0b30  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:24:52.0275 0x0b30  [ Global ] - ok
20:24:52.0275 0x0b30  ================ Scan MBR ==================================
20:24:52.0290 0x0b30  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:24:52.0477 0x0b30  \Device\Harddisk1\DR1 - ok
20:24:52.0477 0x0b30  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:24:52.0758 0x0b30  \Device\Harddisk0\DR0 - ok
20:24:52.0774 0x0b30  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:24:52.0945 0x0b30  \Device\Harddisk1\DR1 - ok
20:24:52.0945 0x0b30  ================ Scan VBR ==================================
20:24:52.0961 0x0b30  [ 0C8FDEDF99108652A16AE68D29080DBD ] \Device\Harddisk1\DR1\Partition1
20:24:52.0961 0x0b30  \Device\Harddisk1\DR1\Partition1 - ok
20:24:52.0961 0x0b30  [ 548F7F6F11B5FAE985716C0F23631C41 ] \Device\Harddisk0\DR0\Partition1
20:24:52.0961 0x0b30  \Device\Harddisk0\DR0\Partition1 - ok
20:24:52.0977 0x0b30  [ 1EE2D46B6786FA04DBADB40A803C4BBF ] \Device\Harddisk0\DR0\Partition2
20:24:52.0977 0x0b30  \Device\Harddisk0\DR0\Partition2 - ok
20:24:52.0977 0x0b30  [ 0C8FDEDF99108652A16AE68D29080DBD ] \Device\Harddisk1\DR1\Partition1
20:24:52.0977 0x0b30  \Device\Harddisk1\DR1\Partition1 - ok
20:24:52.0977 0x0b30  ================ Scan generic autorun ======================
20:24:53.0008 0x0b30  [ 7503751126EE9F04996CE4AF38376018, 59BFC1602CDCCE522EEE55698C9F42BCD5326DCD772A6E17667FBAA44CDA7783 ] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
20:24:53.0039 0x0b30  ConMgr - ok
20:24:53.0101 0x0b30  [ 7072C9F5FF9AD41B8C50FF78F3AE5C0E, B1C37466451DA7E87A92265193D217920442D11BD6F6CFF7F5564E33DE98E9F8 ] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
20:24:53.0133 0x0b30  CSRSkype - ok
20:24:53.0569 0x0b30  [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:24:53.0866 0x0b30  RtHDVCpl - ok
20:24:53.0897 0x0b30  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:24:53.0897 0x0b30  IgfxTray - ok
20:24:53.0913 0x0b30  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:24:53.0944 0x0b30  HotKeysCmds - ok
20:24:53.0959 0x0b30  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:24:53.0975 0x0b30  Persistence - ok
20:24:53.0991 0x0b30  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files (x86)\iTunesHelper.exe
20:24:54.0006 0x0b30  iTunesHelper - ok
20:24:54.0006 0x0b30  [ 95323F2CFBB9ACFDC31224090AA6ED3E, B29B7F274E8A89E99C01345D5447F09FE5D901D922FC444784B0044FAB8648D7 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
20:24:54.0022 0x0b30  IMSS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:54.0240 0x0b30  Detect skipped due to KSN trusted
20:24:54.0240 0x0b30  IMSS - ok
20:24:54.0240 0x0b30  [ 30DBD9CB0156FBC5EE9D76E32FCE769D, 861C38DB1F685DDA8F8CC28B0C97F147B2C89599147857A441122DCDC5104AE6 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
20:24:54.0240 0x0b30  IndicatorUtility - ok
20:24:54.0256 0x0b30  [ 06E19A109543DDF347762108F08FCFA6, BFAC3DB4276E803C12311585AB01C3792E52EAC3FBA60A24CBDD738D97C3D59A ] C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
20:24:54.0271 0x0b30  Syncios device service - detected UnsignedFile.Multi.Generic ( 1 )
20:24:54.0505 0x0b30  Detect skipped due to KSN trusted
20:24:54.0505 0x0b30  Syncios device service - ok
20:24:54.0521 0x0b30  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
20:24:54.0552 0x0b30  PDFPrint - ok
20:24:54.0568 0x0b30  [ 941FFFA97FB402AE896AB77CA6A6C69B, 1424B7B7E9BC3486FF2AB9BD166E5FB5D1F718654122543E478738C5E32EDC5F ] C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe
20:24:54.0599 0x0b30  FUJ02B1_Apps - ok
20:24:54.0724 0x0b30  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:54.0786 0x0b30  Sidebar - ok
20:24:54.0802 0x0b30  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:54.0817 0x0b30  mctadmin - ok
20:24:54.0849 0x0b30  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:54.0895 0x0b30  Sidebar - ok
20:24:54.0895 0x0b30  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:54.0911 0x0b30  mctadmin - ok
20:24:55.0005 0x0b30  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
20:24:55.0036 0x0b30  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
20:24:55.0270 0x0b30  Detect skipped due to KSN trusted
20:24:55.0270 0x0b30  SpybotPostWindows10UpgradeReInstall - ok
20:24:55.0270 0x0b30  Waiting for KSN requests completion. In queue: 90
20:24:56.0299 0x0b30  Win FW state via NFP2: enabled ( trusted )
20:24:56.0471 0x0b30  ============================================================
20:24:56.0471 0x0b30  Scan finished
20:24:56.0471 0x0b30  ============================================================
20:24:56.0471 0x0a28  Detected object count: 0
20:24:56.0471 0x0a28  Actual detected object count: 0
20:25:22.0024 0x0828  Deinitialize success
         

Alt 03.12.2016, 20:52   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.12.2016, 22:10   #11
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Abend,
anbei die entsprechenden Logfiles:

Code:
ATTFilter
# AdwCleaner v6.040 - Bericht erstellt am 03/12/2016 um 21:57:38
# Aktualisiert am 02/12/2016 von Malwarebytes
# Datenbank : 2016-12-03.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : spülmeisterw - SKLAVE15
# Gestartet von : C:\Users\spülmeisterw\Downloads\adwcleaner_6.040.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\spülmeisterw\AppData\Roaming\RHEng
[-] Ordner gelöscht: C:\Users\schwester_s\AppData\LocalLow\avg web tuneup
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Security Toolbar
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\searchplugins\avira-safesearch.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "AVG Secure Search"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1680 Bytes] - [03/12/2016 21:57:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [1944 Bytes] - [03/12/2016 21:56:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1826 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x64 
Ran by splmeisterw (Administrator) on 03.12.2016 at 22:04:09,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 29 

Successfully deleted: C:\Users\splmeisterw\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Roaming\getrighttogo (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E86HW14 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LG71UCB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XCLPIWY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\509NYRUF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY1YFZ2H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I7MFVZW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXSHDUX4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PS0QJ9D9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAOJNG4R (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E86HW14 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LG71UCB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XCLPIWY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\509NYRUF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY1YFZ2H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I7MFVZW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXSHDUX4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PS0QJ9D9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAOJNG4R (Temporary Internet Files Folder) 

Deleted the following from C:\Users\splmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\prefs.js
user_pref(avira.safe_search.installed, [\safesearch\]);
user_pref(avira.safe_search.search_was_active, false);
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\privatebrowsing-button\,\save-page-button\,\abp-to
user_pref(browser.urlbar.suggest.searches, true);
user_pref(extensions.safesearch.MP_DISTINCT_ID, \14c4dc1f7361fc-0b24d801eb3efd-45574136-0-14c4dc1f73715f\);
user_pref(extensions.safesearch.SAUTH_expires_at, 1430162320);
user_pref(extensions.safesearch.SAUTH_rndsnr, \875adb3046a4279b85aacbff2386ac2889c1bfd0\);
user_pref(extensions.safesearch.SAUTH_userid, 5957301478);
user_pref(extensions.safesearch.SAUTH_utoken, \d6728e302915aff8102d1b8d5e02ffc3056b0d5a\);
user_pref(extensions.safesearch.install, 1427233699647);
user_pref(extensions.safesearch.search_offer_disabled, true);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\spülmeisterw\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k15ix6ww



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2016 at 22:05:26,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 05.12.2016, 09:34   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.12.2016, 18:31   #13
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Abend,
ganz frische FRST Logfiles..
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2016
durchgeführt von spülmeisterw (Administrator) auf SKLAVE15 (05-12-2016 18:27:16)
Gestartet von C:\Users\spülmeisterw\Downloads
Geladene Profile: spülmeisterw (Verfügbare Profile: spülmeisterw & schwester_s)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
() C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535392 2009-10-12] (CSR, plc)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431456 2009-10-12] (CSR, plc)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [367424 2016-05-11] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{3056EF62-96A2-4CD4-A930-916C257CD488}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C3A5A36B-F94D-44A3-9F9F-EED4D05401A8}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

FireFox:
========
FF DefaultProfile: k15ix6ww.default
FF ProfilePath: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default [2016-12-05]
FF Homepage: Mozilla\Firefox\Profiles\k15ix6ww.default -> hxxps://www.google.de/?gws_rd=ssl
FF Extension: (Avira Browser Safety) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\abs@avira.com.xpi [2016-11-24]
FF Extension: (Firefox Hotfix) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Avira SafeSearch) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\safesearch@avira.com.xpi [2016-06-06]
FF Extension: (Adblock Plus) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3282142634-361615843-1521448422-1000: @protectdisc.com/NPMPDRM -> C:\Users\spülmeisterw\AppData\Local\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International) [Datei ist nicht signiert]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\smdadb.sys [39624 2015-04-24] (Google Inc)
S3 BthAvrcp; C:\Windows\system32\drivers\BthAvrcp.sys [34656 2009-10-12] (CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [59152 2016-05-11] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [151936 2009-10-26] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-11-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-05 18:26 - 2016-12-05 18:26 - 00000000 ____D C:\Users\spülmeisterw\Downloads\FRST-OlderVersion
2016-12-03 22:03 - 2016-12-03 22:03 - 01631928 _____ (Malwarebytes) C:\Users\spülmeisterw\Downloads\JRT.exe
2016-12-03 21:52 - 2016-12-03 21:52 - 03968464 _____ C:\Users\spülmeisterw\Downloads\adwcleaner_6.040.exe
2016-12-03 21:45 - 2016-12-03 21:57 - 00000000 ____D C:\AdwCleaner
2016-12-03 20:24 - 2016-12-03 20:25 - 00205510 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.24.04_log.txt
2016-12-03 20:03 - 2016-12-03 20:20 - 00404748 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.03.13_log.txt
2016-12-03 20:00 - 2016-12-03 20:00 - 00000492 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.00.36_log.txt
2016-12-03 09:41 - 2016-12-03 09:41 - 00766776 _____ C:\Windows\Minidump\120316-16146-01.dmp
2016-12-03 09:41 - 2016-12-03 09:41 - 00000000 ____D C:\Windows\Minidump
2016-12-03 09:40 - 2016-12-03 09:40 - 604159073 _____ C:\Windows\MEMORY.DMP
2016-12-03 08:42 - 2016-12-03 09:06 - 00192588 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_08.42.10_log.txt
2016-12-03 08:42 - 2016-12-03 08:42 - 04747704 _____ (AO Kaspersky Lab) C:\Users\spülmeisterw\Downloads\tdsskiller.exe
2016-12-03 08:40 - 2016-12-03 09:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-03 08:38 - 2016-12-03 08:38 - 16563352 _____ (Malwarebytes Corp.) C:\Users\spülmeisterw\Downloads\mbar-1.09.3.1001.exe
2016-12-01 19:18 - 2016-12-01 19:18 - 00027723 _____ C:\Users\spülmeisterw\Downloads\Addition.txt
2016-12-01 19:17 - 2016-12-05 18:27 - 00009729 _____ C:\Users\spülmeisterw\Downloads\FRST.txt
2016-12-01 19:16 - 2016-12-05 18:27 - 00000000 ____D C:\FRST
2016-12-01 19:16 - 2016-12-05 18:26 - 02419200 _____ (Farbar) C:\Users\spülmeisterw\Downloads\FRST64.exe
2016-12-01 19:06 - 2016-12-01 19:06 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 19:03 - 2016-12-01 19:03 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-11-30 21:15 - 2016-11-30 21:15 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Downloaded Installations
2016-11-30 18:22 - 2016-12-01 19:03 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-30 18:22 - 2016-11-30 18:23 - 11581544 _____ (SurfRight B.V.) C:\Users\spülmeisterw\Downloads\hitmanpro_x64.exe
2016-11-29 21:50 - 2016-11-29 21:50 - 00000000 ____D C:\Users\schwester_s\Documents\Nero
2016-11-27 18:02 - 2016-11-27 18:02 - 00000856 _____ C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
2016-11-25 14:30 - 2016-11-25 14:30 - 309541681 _____ C:\Users\spülmeisterw\Downloads\Beginner - Advanced Chemistry [Ganzes Album].mp4
2016-11-24 06:43 - 2016-12-05 18:24 - 00000000 ____D C:\Users\spülmeisterw\AppData\LocalLow\Mozilla
2016-11-20 10:41 - 2016-12-02 20:35 - 00000000 ____D C:\Users\schwester_s\AppData\LocalLow\Mozilla
2016-11-19 21:54 - 2016-12-01 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 17:37 - 2016-11-18 17:37 - 00002151 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-18 17:37 - 2016-11-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-14 16:32 - 2016-11-14 16:32 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(2).pdf
2016-11-14 16:29 - 2016-11-14 16:30 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(1).pdf
2016-11-13 16:20 - 2016-11-13 16:20 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF.pdf
2016-11-05 23:33 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-05 23:33 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-05 23:33 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-05 23:33 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-05 23:33 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-05 23:33 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-05 23:33 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-05 23:33 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-05 23:33 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-05 23:33 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-05 23:33 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-05 23:33 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-05 23:33 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-05 23:33 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-05 23:33 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-05 23:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-05 23:33 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-05 23:33 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-05 23:32 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-05 23:32 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-05 23:32 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-05 23:32 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-05 23:32 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-05 23:32 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-05 23:32 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-05 23:32 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-05 23:32 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-05 23:32 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-05 23:32 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-05 23:32 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-05 23:32 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-05 23:32 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-05 23:32 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-05 23:32 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-05 23:32 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-05 23:32 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-05 23:32 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-05 23:32 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-05 23:32 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-05 23:32 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-05 23:32 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-05 23:32 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-05 23:32 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-05 23:32 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-05 23:32 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-05 23:32 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-05 23:32 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-05 23:32 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-05 23:32 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-05 23:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-05 23:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-05 23:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-05 23:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-05 23:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-05 23:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-05 20:32 - 2016-11-05 20:32 - 00160804 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_Rechnung.pdf
2016-11-05 20:31 - 2016-11-05 20:31 - 00445036 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_RT.pdf
2016-11-05 20:30 - 2016-11-05 20:30 - 00445041 _____ C:\Users\spülmeisterw\Desktop\A8B0E514.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-05 18:24 - 2015-12-25 20:21 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\SynciOS Data Transfer
2016-12-05 18:24 - 2015-04-03 20:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-05 18:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-04 12:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-04 12:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-03 22:48 - 2015-03-22 11:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-03 22:36 - 2015-04-03 20:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-03 14:02 - 2011-04-12 08:43 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-12-03 14:02 - 2011-04-12 08:43 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-12-03 14:02 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-03 14:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-02 20:41 - 2015-03-24 22:45 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-02 20:41 - 2015-03-22 14:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-02 20:40 - 2015-03-22 14:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-02 20:38 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-02 20:38 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Avira
2016-12-02 20:37 - 2015-03-24 22:48 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\Avira
2016-12-02 11:01 - 2016-03-04 09:55 - 00000000 ____D C:\Users\schwester_s\AppData\Roaming\SynciOS Data Transfer
2016-12-01 20:34 - 2015-03-24 23:44 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Nero
2016-12-01 19:09 - 2015-03-22 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-27 18:02 - 2016-05-22 18:00 - 01292796 _____ C:\Users\spülmeisterw\Desktop\Jakobs Bagger.xcf
2016-11-27 18:02 - 2016-03-06 22:22 - 00000000 ____D C:\Users\spülmeisterw\.gimp-2.8
2016-11-18 17:37 - 2015-04-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-08 18:48 - 2015-03-22 11:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 18:48 - 2015-03-22 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 18:48 - 2015-03-22 11:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 18:48 - 2015-03-22 11:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 18:48 - 2015-03-22 10:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 16:00 - 2015-03-24 22:05 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 19:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-06 10:30 - 2009-07-14 05:45 - 00351328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-05 18:07 - 2015-03-22 12:31 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-11-05 07:55 - 2016-02-23 18:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-18 06:03 - 2015-12-18 06:03 - 0124133 _____ () C:\Program Files (x86)\Acknowledgements.rtf
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018112 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022720 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0027840 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0026816 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0070848 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0023232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3370128 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_dsp.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2199696 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_manager.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0870544 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_musicid.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0325776 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_submit.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0569664 _____ (GEAR-Software) C:\Program Files (x86)\gwlangen.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 18175808 _____ (GEAR-Software) C:\Program Files (x86)\gwrks64.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3088696 _____ (Apple Inc.) C:\Program Files (x86)\iPodUpdaterExt.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2980152 _____ (Apple Inc.) C:\Program Files (x86)\iTunes.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0471864 _____ (Apple Inc.) C:\Program Files (x86)\iTunesAdmin.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 36243768 _____ (Apple Inc.) C:\Program Files (x86)\iTunesCore.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0212280 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0176440 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0162616 _____ (Apple Inc.) C:\Program Files (x86)\iTunesMiniPlayer.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0992960 _____ (Microsoft Corporation) C:\Program Files (x86)\ucrtbase.dll
2015-06-23 19:17 - 2016-01-31 16:59 - 0000040 _____ () C:\Users\spülmeisterw\AppData\Roaming\cdr.ini
2015-07-07 19:47 - 2015-08-13 21:03 - 0108299 _____ () C:\Users\spülmeisterw\AppData\Roaming\Zulu.dmp
2016-11-27 18:02 - 2016-11-27 18:02 - 0000856 _____ () C:\Users\spülmeisterw\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\schwester_s\AppData\Local\Temp\avgnt.exe
C:\Users\schwester_s\AppData\Local\Temp\kernel32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\avgnt.exe
C:\Users\spülmeisterw\AppData\Local\Temp\HitmanPro.exe
C:\Users\spülmeisterw\AppData\Local\Temp\libeay32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\msvcr120.dll
C:\Users\spülmeisterw\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-06 13:52
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-12-2016
durchgeführt von spülmeisterw (05-12-2016 18:28:04)
Gestartet von C:\Users\spülmeisterw\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-22 09:36:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3282142634-361615843-1521448422-500 - Administrator - Disabled)
Gast (S-1-5-21-3282142634-361615843-1521448422-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3282142634-361615843-1521448422-1002 - Limited - Enabled)
schwester_s (S-1-5-21-3282142634-361615843-1521448422-1003 - Limited - Enabled) => C:\Users\schwester_s
spülmeisterw (S-1-5-21-3282142634-361615843-1521448422-1000 - Administrator - Enabled) => C:\Users\spülmeisterw

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.5. - ORWO_Net)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.13 - CSR Plc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version:  - G DATA Software AG)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lernwerkstatt 9 (HKLM-x32\...\InstallShield_{4AA318E7-344F-4A0C-A63D-82A30B1A8F74}) (Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 9 (x32 Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Nero 2015 (HKLM-x32\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{57DE722C-BBE9-4BB8-AF66-1ED9A4BB2209}) (Version: 12.0.03100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero Prerequisite Installer 4.0 (HKLM-x32\...\{8441D319-8C7A-4398-B630-6BC3941A12C9}) (Version: 16.0.00600 - Nero AG)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}) (Version: 3.00.0006 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
OZ711 SCR Driver (x64) (HKLM-x32\...\InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}) (Version: 3.0.1.6D - O2Micro)
OZ711 SCR Driver (x64) (Version: 3.0.1.6D - O2Micro) Hidden
PDF to BMP JPG TIFF Converter 2.32 (HKLM-x32\...\PDF To BMP JPG TIFF Converter_is1) (Version: 2.32 - Blue Label Soft)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows-Treiberpaket - Google Corporation (androidusb) USB  (04/20/2015 1.0.0018.00000) (HKLM\...\5BAEDAE1FDD50B7653C3BF0764CF27189A23603B) (Version: 04/20/2015 1.0.0018.00000 - Google Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (11/28/2013 2.0.0018.00000) (HKLM\...\724A5661585DAD3C707B84BACF43F64B5E070CE5) (Version: 11/28/2013 2.0.0018.00000 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd.  (WinUSB) AndroidUsbDeviceClass  (06/10/2014 2.11.10.0) (HKLM\...\19CBC797AE23190CD0F3C85E76495B645F0154C4) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.23 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {002E82D2-A8C8-4738-AB78-BCA603B55A3F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {00A64CE7-484D-4D56-B9EC-4CC44968AC3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {043FC396-42B0-463E-99A2-F88B2711EDF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {D3717A0A-FAF1-44A0-8CB9-CBBAD5DBBED3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {ED0B5209-B636-4776-B5F1-FD3513B87D86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FF86116F-97D6-44A5-AFB1-3D8A4FE78DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00269824 _____ () C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
2015-12-25 20:20 - 2015-12-21 11:16 - 00398848 _____ () C:\Program Files (x86)\Syncios_01\DuiLib.dll
2015-12-25 20:20 - 2015-12-18 16:51 - 00073728 _____ () C:\Program Files (x86)\Syncios_01\generalFunc_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00176128 _____ () C:\Program Files (x86)\Syncios_01\driverMgr4Transfer_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00966144 _____ () C:\Program Files (x86)\Syncios_01\androidSyncCore_pdm.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3282142634-361615843-1521448422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\spülmeisterw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DC924973-1040-4AD9-85CA-2C39532FDE24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6785B36E-F829-413F-B721-BFD64F9800DC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{391B0ECC-CC46-44C9-95CE-74D6B3193CF8}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{145050AD-EF58-400D-95A0-14F95ADC6E28}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5282A05-1F8C-4042-B943-79925EF80511}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01859D47-7734-499D-8CE3-76F88F540719}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4E2640-9DA8-4216-AA96-D6FE14C27D31}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{992A8B55-E740-482A-A542-7CFF18064B81}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2072A6DE-F933-45F7-AA46-03C4A3335CA9}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7EAC02C4-C10F-4B3A-9A72-62584070D50B}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{335B119A-4ADE-40C8-9902-B664F930C5AB}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{8774F648-CF0A-4EBC-93C3-A9E9D226BE77}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{CDCA7323-C6E8-4F81-8F41-C0EF9431ED06}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7738B03B-7100-4068-9925-A3E93CCA9E97}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35C3F991-16DE-4477-A79E-E3026C5B114E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F6B2E0B9-AC5C-4F79-8D66-5CF0E8812053}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4113D355-2F77-4E61-803C-E7BCB4954C70}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E42778F-E203-4F61-BE67-D8EE289FA4FC}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{39C544D5-7637-4C23-B80B-A70DBB8C0722}] => C:\Program Files (x86)\iTunes.exe

==================== Wiederherstellungspunkte =========================

01-12-2016 19:03:09 Prüfpunkt von HitmanPro
01-12-2016 19:03:32 Prüfpunkt von HitmanPro
01-12-2016 19:03:48 Prüfpunkt von HitmanPro
03-12-2016 22:04:11 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/05/2016 06:26:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/04/2016 12:54:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 10:00:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 09:51:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 08:23:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 07:59:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 09:42:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/03/2016 08:35:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/02/2016 08:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/02/2016 11:02:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.

Error: (12/03/2016 10:01:12 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.

Error: (12/03/2016 10:01:12 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 7987.42 MB
Verfügbarer physikalischer RAM: 5312.94 MB
Summe virtueller Speicher: 15973.02 MB
Verfügbarer virtueller Speicher: 13362.12 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:119.61 GB) (Free:50.24 GB) NTFS
Drive d: () (Removable) (Total:1.84 GB) (Free:1.83 GB) FAT
Drive z: () (Fixed) (Total:342.37 GB) (Free:268.77 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EC431FA8)
Partition 1: (Active) - (Size=3.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=119.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 05.12.2016, 23:01   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.12.2016, 01:12   #15
spuelmeister
 
WIN 7: Zip Datei von online24 Pay AG geöffnet - Standard

WIN 7: Zip Datei von online24 Pay AG geöffnet



Anbei,
die geforderten Logs:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.12.2016
Suchlaufzeit: 23:31
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.12.05.14
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: spülmeisterw

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363338
Abgelaufene Zeit: 9 Min., 29 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# end=init
# utc_time=2016-12-05 10:48:08
# local_time=2016-12-05 11:48:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# end=updated
# utc_time=2016-12-05 10:52:10
# local_time=2016-12-05 11:52:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# engine=31635
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-06 12:01:48
# local_time=2016-12-06 01:01:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 53489603 232612358 0 0
# scanned=365310
# found=2
# cleaned=0
# scan_time=4177
sh=44F8738C805596610698F38415A5647CF5722881 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\spülmeisterw\AppData\Local\Mozilla\Firefox\Profiles\k15ix6ww.default\cache2\entries\7BF28B74AA85C6F27A03119C67FCBD1C3E3137B2"
sh=90F41A0FC24DF472704C2943372759B35AC4F833 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\spülmeisterw\AppData\Local\Mozilla\Firefox\Profiles\k15ix6ww.default\cache2\entries\A3F16C8AFEDC4B394F817B28FC926EF41EE76187"
         
Code:
ATTFilter
Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 23.0.0.207  
 Mozilla Firefox (50.0.2) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Antwort

Themen zu WIN 7: Zip Datei von online24 Pay AG geöffnet
betriebssystem, blick, datei, files, hunter, log, log files, mail, malwarebytes, nicht sicher, online, phishing, phishing mail, programme, rechner, schädlinge, troja, trojaner, trojanhunter, virus, werfen, win, win 7, zip datei, zip-datei



Ähnliche Themen: WIN 7: Zip Datei von online24 Pay AG geöffnet


  1. zip-datei mit virus geöffnet
    Log-Analyse und Auswertung - 18.11.2016 (4)
  2. Virus ? Doc.js Datei geöffnet!
    Alles rund um Mac OSX & Linux - 13.06.2016 (6)
  3. Online24 pay AG Zip Datei
    Smartphone, Tablet & Handy Security - 12.06.2016 (1)
  4. gefährliche .zip Datei auf mac geöffnet
    Alles rund um Mac OSX & Linux - 07.06.2016 (13)
  5. Zip datei von pay online24.de geöffnet
    Smartphone, Tablet & Handy Security - 28.10.2015 (1)
  6. Email Online24 Pay geöffnet - Zip runtergeladen
    Plagegeister aller Art und deren Bekämpfung - 18.10.2015 (13)
  7. Wahrscheinlichinfizierte PDF Datei geöffnet
    Überwachung, Datenschutz und Spam - 23.07.2015 (1)
  8. DHL Fake Link geöffnet, ZIP extrahiert und .exe Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (10)
  9. zip Datei auf Mac geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.04.2015 (3)
  10. Mail mit .rft-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.10.2014 (2)
  11. Falsche paypal Mahnung geöffnet, Zip Datei mit Trojaner geöffnet, Avira hat Trojaner gefunden, Ist dann alles sauber?
    Log-Analyse und Auswertung - 18.09.2014 (13)
  12. Zip Datei Inkassounternehmen geöffnet
    Plagegeister aller Art und deren Bekämpfung - 06.08.2014 (6)
  13. Zip-Datei von Rechnungsemail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.05.2014 (13)
  14. email zip datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.05.2014 (9)
  15. Win 7 A1 Rechnung rtf.datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (10)
  16. ms-dos datei geöffnet, pc säubern
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (12)
  17. Mahnung von www.wahlbusch.de zip-Datei und darin enthaltene Datei geöffnet
    Log-Analyse und Auswertung - 18.04.2013 (7)

Zum Thema WIN 7: Zip Datei von online24 Pay AG geöffnet - Hallo, habe dummerweise die Zip-Datei einer phishing mail der online24 Pay AG geöffnet. Die Viren/Malware Programme Anitvirus, Trojanhunter und Malwarebytes haben keine Schädlinge auf meinem Betriebssystem WIN 7 erkannt. Könntet - WIN 7: Zip Datei von online24 Pay AG geöffnet...
Archiv
Du betrachtest: WIN 7: Zip Datei von online24 Pay AG geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.