| |
| |||||||
Log-Analyse und Auswertung: Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APCWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.09.2017, 20:34
| #1 |
| |  Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC Hallo, schön das es ein solchen Forum gibt! (sucht und findet meistens erst wenn man Probleme hat :-) ) Ich habe das Problem das mein Laptop sehr langsam läuft, darauf habe ich den ESET Online Scanner laufen lassen. Könnt Ihr mir bitte helfen die Viren / Schadsoftware zu entfernen? Merci ESET Online Scanner Code:
ATTFilter C:\Users\ich\Documents\Musik\Sprache_lernen_CD1.iso Variante von Win32/HackTool.Patcher.T potenziell unsichere Anwendung
C:\Users\ich\Pictures\Sicherung Festplatte 500GB\OP-Com & Autosoftware\Autosoftware\Actia.multi.diagnose.2013.aus.china\Actia Multi Diag 2013 von China\base\CutePDFWriter\CuteWriter.exe Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Users\ich\Pictures\Sicherung Festplatte 500GB\privat\Sicherung SD-Karte\diverses\wirelesskeyview.zip Variante von Win32/WirelessKeyView.A potenziell unsichere Anwendung
C:\Users\ich\Pictures\Sicherung Festplatte 500GB\System Volume Information\_restore{36D4436D-5CE6-4538-B129-E6B2DD4854E6}\RP21\A0006696.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
durchgeführt von ich (Administrator) auf ICH-PC (02-09-2017 16:34:37)
Gestartet von C:\Users\ich\Desktop
Geladene Profile: ich (Verfügbare Profile: ich)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(TransAction Software, D 81737 Munich) C:\Program Files\cosids\bin\tbmux32.exe
(Transaction Software, D 81829 Munich) C:\Program Files\GlobalTIS\transbase\tbmux32.exe
(Apache Software Foundation) C:\Program Files\GlobalTIS\tomcat\bin\tomcat6.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Apache Software Foundation) C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
(Transaction Software, D 81829 Munich) C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
() C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe
() C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe
(Sun Microsystems, Inc.) C:\Program Files\cosids\JRE\bin\java.exe
(Transaction Software, D 81829 Munich) C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Transaction Software, D 81829 Munich) C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
(Transaction Software, D 81829 Munich) C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ESET spol. s r.o.) C:\Users\ich\Downloads\ESETOnlineScanner_DEU.exe
(AO Kaspersky Lab) C:\Users\ich\Desktop\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\ich\AppData\Local\Temp\{223B6A56-7A02-422F-BCA1-AAD7D18D9FB4}\{9EAA0EB5-6508-4A34-B883-11C9ECD60F97}.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [919032 2017-08-16] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [{7990b9d3-2da3-4eef-bf20-73a05086fd12}] => C:\ProgramData\Package Cache\{7990b9d3-2da3-4eef-bf20-73a05086fd12}\Avira.OE.Setup.Bundle.exe [978792 2017-08-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1122685630-353937943-1975555891-1001\...\MountPoints2: {5164c87a-2907-11e7-8b0f-0024be78e86b} - E:\setup.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Internet Explorer:
==================
HKU\S-1-5-21-1122685630-353937943-1975555891-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ich-pc:351/PQMace/launcher.html
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: br2osjx1.default
FF ProfilePath: C:\Users\ich\AppData\Roaming\Mozilla\Firefox\Profiles\br2osjx1.default [2017-09-02]
FF Extension: (Avira Browser Safety) - C:\Users\ich\AppData\Roaming\Mozilla\Firefox\Profiles\br2osjx1.default\Extensions\abs@avira.com.xpi [2017-07-22]
FF Extension: (Tails Download and Verify) - C:\Users\ich\AppData\Roaming\Mozilla\Firefox\Profiles\br2osjx1.default\Extensions\dave@tails.boum.org.xpi [2017-07-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-17] ()
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1128432 2017-08-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [490968 2017-08-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [490968 2017-08-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1525240 2017-08-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
R2 COSIDS_TB; C:\Program Files\cosids\bin\tbmux32.exe [165376 2001-11-20] (TransAction Software, D 81737 Munich) [Datei ist nicht signiert]
R2 GLOBALTISTB; C:\Program Files\GlobalTIS\transbase\tbmux32.exe [316928 2010-08-11] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert]
R2 GlobalTISTC6; C:\Program Files\GlobalTIS\tomcat\BIN\tomcat6.exe [61440 2010-03-10] (Apache Software Foundation) [Datei ist nicht signiert]
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [217736 2017-04-19] (Geek Software GmbH)
R2 SBS_GM_TOMCAT6; C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe [57344 2008-07-21] (Apache Software Foundation) [Datei ist nicht signiert]
R2 SBS_GM_TRANSBASE; C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe [417792 2009-09-03] (Transaction Software, D 81829 Munich) [Datei ist nicht signiert]
R2 TIS 2000 Apache Web Server; C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe [4096 1999-03-23] () [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [110296 2014-01-09] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [336600 2014-01-09] (ASMedia Technology Inc)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-24] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [136696 2017-08-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153144 2017-08-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-04-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-04-10] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [23304 2017-06-24] (Avira Operations GmbH & Co. KG)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG)
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron)
S2 NSHE; C:\Windows\system32\Drivers\NSHE.SYS [98816 2016-03-06] (T0r0 2008) [Datei ist nicht signiert]
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [73216 2001-04-06] () [Datei ist nicht signiert]
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [113432 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [177368 2017-04-28] (Oracle Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-02 16:13 - 2017-09-02 16:14 - 000000399 _____ C:\Users\ich\Desktop\Addition.txt
2017-09-02 16:11 - 2017-09-02 16:35 - 000009137 _____ C:\Users\ich\Desktop\FRST.txt
2017-09-02 16:11 - 2017-09-02 16:14 - 000006336 _____ C:\TDSSKiller.3.1.0.15_02.09.2017_16.11.26_log.txt
2017-09-02 16:09 - 2017-09-02 16:11 - 000000000 ____D C:\FRST
2017-09-02 16:07 - 2017-09-02 16:08 - 004922400 _____ (AO Kaspersky Lab) C:\Users\ich\Desktop\tdsskiller.exe
2017-09-02 16:05 - 2017-09-02 16:05 - 001792512 _____ (Farbar) C:\Users\ich\Desktop\FRST.exe
2017-09-02 14:28 - 2017-09-02 14:28 - 000000000 ____D C:\Users\ich\AppData\Local\ESET
2017-09-02 14:17 - 2017-09-02 14:28 - 006760064 _____ (ESET spol. s r.o.) C:\Users\ich\Downloads\ESETOnlineScanner_DEU.exe
2017-09-02 14:10 - 2017-09-02 14:10 - 000007667 _____ C:\Users\ich\AppData\Local\Resmon.ResmonCfg
2017-09-02 14:02 - 2017-09-02 14:02 - 002870984 _____ (ESET) C:\Users\ich\Downloads\esetsmartinstaller_deu.exe
2017-09-02 14:02 - 2017-09-02 14:02 - 000000000 ____D C:\Program Files\ESET
2017-09-02 10:42 - 2017-09-02 10:42 - 000001994 _____ C:\Users\ich\Desktop\Free Antivirus Profil Vollständige Prüfung.LNK
2017-08-30 10:14 - 2017-09-02 10:36 - 000000000 ____D C:\Users\ich\Documents\Wpro24 Shop
2017-08-27 10:01 - 2017-08-27 10:01 - 000000000 ____D C:\Users\ich\Documents\vw t4
2017-08-27 09:42 - 2017-08-27 09:42 - 000029053 _____ C:\Users\ich\Documents\Fehlerbericht 27.08.2017.pdf
2017-08-21 00:39 - 2017-07-08 09:31 - 000373621 _____ C:\Users\ich\Documents\Speisekarte GGT kleine Veranstalltung.odt
2017-08-21 00:39 - 2016-12-09 08:41 - 000374165 _____ C:\Users\ich\Documents\Speisekarte Metzingen 10.12.odt
2017-08-21 00:39 - 2016-12-07 20:27 - 000368889 _____ C:\Users\ich\Documents\speisekarte_inline_word-vorlage.odt
2017-08-21 00:12 - 2017-07-10 19:35 - 2147483648 _____ C:\Users\ich\Documents\Sicherung
2017-08-20 23:19 - 2017-07-13 01:35 - 2147483648 _____ C:\Users\ich\Documents\private Daten
2017-08-20 23:19 - 2016-12-27 02:10 - 000290399 _____ C:\Users\ich\Documents\Add-ons-Verwaltung - Mozilla Firefox.pdf
2017-08-20 23:19 - 2016-12-27 02:09 - 000335401 _____ C:\Users\ich\Documents\Passworte - Mozilla Firefox.pdf
2017-08-20 18:55 - 2017-08-20 23:19 - 000000000 ____D C:\Users\ich\Documents\Video
2017-08-20 18:54 - 2017-08-20 18:55 - 000000000 ____D C:\Users\ich\Documents\Unterlagen Sicherung
2017-08-20 18:51 - 2017-08-31 22:37 - 000000000 ____D C:\Users\ich\Documents\Unbenannter Ordner
2017-08-20 15:55 - 2017-08-20 18:51 - 000000000 ____D C:\Users\ich\Documents\Musik
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-02 13:26 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-02 13:25 - 2017-06-24 20:41 - 000000000 ____D C:\Program Files\VideoLAN
2017-09-02 12:07 - 2017-04-23 16:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-02 12:03 - 2017-04-23 16:39 - 000000000 ____D C:\Users\ich\AppData\LocalLow\Mozilla
2017-09-02 10:14 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-08-29 22:03 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
2017-08-29 11:41 - 2017-05-21 08:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-29 11:40 - 2017-05-21 08:28 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-29 11:08 - 2017-05-18 22:27 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2017-08-29 11:08 - 2017-04-24 18:33 - 000000000 ____D C:\Windows\hsperfdata_SYSTEM
2017-08-29 11:08 - 2017-04-23 16:38 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-29 11:08 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-27 13:32 - 2017-04-23 16:50 - 000000000 ____D C:\Users\ich\AppData\Roaming\MPP-Engineering
2017-08-20 15:53 - 2017-05-13 08:50 - 000000000 ____D C:\Users\ich\.VirtualBox
2017-08-20 15:48 - 2011-04-12 03:30 - 000709394 _____ C:\Windows\system32\perfh007.dat
2017-08-20 15:48 - 2011-04-12 03:30 - 000153798 _____ C:\Windows\system32\perfc007.dat
2017-08-20 15:48 - 2010-11-20 23:01 - 001647128 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-17 08:06 - 2017-06-24 19:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-08-17 08:06 - 2017-06-24 19:52 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-08-17 08:06 - 2017-06-24 19:52 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-17 08:06 - 2017-05-19 07:37 - 000000000 ____D C:\Users\ich\AppData\Local\Adobe
2017-08-16 17:25 - 2017-05-21 08:33 - 000153144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-08-16 17:25 - 2017-05-21 08:33 - 000136696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-04-26 17:55 - 2017-04-26 17:55 - 000000091 _____ () C:\Users\ich\AppData\Local\fusioncache.dat
2017-05-28 10:01 - 2017-05-28 10:01 - 000000600 _____ () C:\Users\ich\AppData\Local\PUTTY.RND
2017-09-02 14:10 - 2017-09-02 14:10 - 000007667 _____ () C:\Users\ich\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-02 14:50
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 20-08-2017
durchgeführt von ich (02-09-2017 16:35:41)
Gestartet von C:\Users\ich\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2017-04-23 12:17:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1122685630-353937943-1975555891-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1122685630-353937943-1975555891-1004 - Limited - Enabled)
Gast (S-1-5-21-1122685630-353937943-1975555891-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1122685630-353937943-1975555891-1002 - Limited - Enabled)
ich (S-1-5-21-1122685630-353937943-1975555891-1001 - Administrator - Enabled) => C:\Users\ich
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 17.00 beta (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Reader 9.3 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{7990b9d3-2da3-4eef-bf20-73a05086fd12}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{E972AE5C-71B3-4D35-8193-BC4CC2F1FA20}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG) Hidden
GlobalTIS (HKLM\...\GlobalTIS) (Version: 1.0.0.0 - )
GM Global Infrastructure (HKLM\...\{8503B5A1-87C4-4F13-A212-78567B0852C3}) (Version: 1.02.6530 - Snap-on Business Solutions, Inc.)
GM Global Local Database (HKLM\...\{B5BE96DA-5F44-4736-92E3-DFE63CD68868}) (Version: 1.0.7060 - Snap-on Business Solutions, Inc.)
Image Plugin (HKLM\...\{FDC8065B-80DE-4466-B90B-2581F6D77DFF}) (Version: 3.05.0001 - Snap-on Business Solutions)
Java Servlet Development Kit 2.0 (HKLM\...\JSDK2.0) (Version: - )
Lexmark CS310 Series Deinstallationsprogamm (HKLM\...\Lexmark CS310 Series) (Version: - Lexmark International, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 52.3.0 (x86 de)) (Version: 52.3.0 - Mozilla)
Opel Vauxhall EPC (HKLM\...\{648D7554-CA87-418F-9F29-5CF430E202D5}) (Version: 1.00.6600 - Snap-on Business Solutions, Inc.)
Opel Vauxhall EPC Database (HKLM\...\{34D1BDC4-7FF7-4E5E-9D67-1560FB08DB37}) (Version: 1.00.6590 - Snap-on Business Solutions, Inc.)
OpenOffice 4.1.3 (HKLM\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.22 (HKLM\...\{BEC6F70F-350E-4073-A4A7-49F17D7FBD0E}) (Version: 5.1.22 - Oracle Corporation)
PuTTY release 0.69 (HKLM\...\{E688B503-623E-4EF5-AA11-854DF1AE97BF}) (Version: 0.69.0.0 - Simon Tatham)
Sentinel System Driver (HKLM\...\Rainbow Sentinel Driver) (Version: - )
Tartarini Sequential Fuel Injection 'C' (HKLM\...\{5FFAC436-A572-4DD5-AFE9-2E2EEC8911BA}) (Version: 5.8.2 - Tartarini Auto spa)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (05/23/2013 2.08.28) (HKLM\...\7179001CFD2B32971C9902F02EA01225C83D6181) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (05/23/2013 2.08.28) (HKLM\...\1D76E4AE71F40C949254202D92503849C8E9BF6E) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-08-16] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-08-16] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {94619DB1-5C3C-4C9A-8052-7338DBA61CA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-17] (Adobe Systems Incorporated)
Task: {9AF57228-5D3F-4B3C-B0D5-C47F787F1551} - System32\Tasks\{9DCF4810-615D-4FED-8CBC-7BDBBE90A205} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {B60FC89F-8A5A-4A77-A78C-D61382CA8FEB} - System32\Tasks\{C470EE50-AEC9-4E4B-B714-1B24DCBA50F6} => C:\Windows\system32\pcalua.exe -a D:\Esi32\Esi_is.exe -d D:\Esi32
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\ich\Documents\ETKA201605_passwd ETKA7.51122334455\ETKA\ETKA7.5.lnk -> D:\ETKA\VWAU\PROG\ETSTARTR.BAT (Keine Datei)
Shortcut: C:\Users\ich\Documents\ETKA201605_passwd ETKA7.51122334455\ETKA\VWAU\PROG\ETKA7.5.lnk -> D:\ETKA\VWAU\PROG\ETSTARTR.BAT (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-24 18:33 - 1999-03-23 20:07 - 000004096 _____ () C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe
2017-04-24 18:33 - 2001-01-15 09:35 - 000269824 _____ () C:\Program Files\cosids\Apache Group\Apache\ApacheCore.dll
2017-04-24 18:33 - 2001-09-06 16:58 - 000119808 _____ () c:\program files\cosids\apache group\apache\modules\T2KApacheModuleJServ.dll
2006-08-14 16:44 - 2006-08-14 16:44 - 000036864 _____ () C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\polycsr.dll
2007-11-26 17:26 - 2007-11-26 17:26 - 000166912 _____ () C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\libmcrypt.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1122685630-353937943-1975555891-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ich\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Diagnostics - Software.lnk => C:\Windows\pss\Diagnostics - Software.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DSA_AutoBackup => C:\BOSCH_PR\DSA_3_31\Runtime\AutoBackup.exe
MSCONFIG\startupreg: DSA_F10TimeoutSetter => C:\BOSCH_PR\DSA_3_31\Runtime\DDB\F10TimeoutSetter.exe
MSCONFIG\startupreg: LMab1err => "C:\Program Files\Lexmark\ErrorApp\LMab1err.exe"
MSCONFIG\startupreg: NetFxUpdate_v1.1.4322 => "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
MSCONFIG\startupreg: PDFPrint => "C:\Program Files\PDF24\pdf24.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{4EBBA5E3-9E53-4AAC-BE03-3CFF6174B71B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{53E552E9-80EC-4F19-9EEE-D7CC3BA848F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2025463F-76A4-420D-AFA1-1D483C80FC94}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FA41B3FF-392C-4C9A-ADBB-EDDE01DE5643}] => (Allow) C:\Program Files\Lexmark\WirelessSetup\LMwpss.exe
FirewallRules: [{C26A52A0-33C6-46B4-8201-DBE499BDD415}] => (Allow) C:\Program Files\Lexmark\WirelessSetup\LMwpss.exe
FirewallRules: [{5D31BBF3-174A-431B-B349-9CE2834B2B83}] => (Allow) C:\Program Files\Lexmark\Status Center\lmsmc.exe
FirewallRules: [{9AC7C29E-02CE-4179-829E-3C1E11FB3BD7}] => (Allow) C:\Program Files\Lexmark\Status Center\lmsmc.exe
FirewallRules: [{00009A7D-CBA1-4249-B770-3322627002F4}] => (Allow) D:\Install\x86\InstallGui.exe
FirewallRules: [{846559FA-2B72-4AC2-92A0-D42272509D0D}] => (Allow) D:\Install\x86\InstallGui.exe
==================== Wiederherstellungspunkte =========================
31-07-2017 10:04:01 Geplanter Prüfpunkt
17-08-2017 12:24:03 Geplanter Prüfpunkt
30-08-2017 10:41:23 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/02/2017 04:13:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST.exe, Version: 20.8.2017.0, Zeitstempel: 0x5998af10
Name des fehlerhaften Moduls: FRST.exe, Version: 20.8.2017.0, Zeitstempel: 0x5998af10
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000211de
ID des fehlerhaften Prozesses: 0x1528
Startzeit der fehlerhaften Anwendung: 0x01d323f5044f45f0
Pfad der fehlerhaften Anwendung: C:\Users\ich\Desktop\FRST.exe
Pfad des fehlerhaften Moduls: C:\Users\ich\Desktop\FRST.exe
Berichtskennung: f4e48614-8fe8-11e7-9178-0024be78e86b
Error: (09/02/2017 09:54:04 AM) (Source: SBS_GM_TRANSBASE) (EventID: 4097) (User: )
Description: Event-ID 4097
Error: (08/29/2017 11:10:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (08/29/2017 11:07:30 AM) (Source: GlobalTIS_TB) (EventID: 4097) (User: )
Description: Event-ID 4097
Error: (08/17/2017 08:01:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (08/17/2017 07:58:38 AM) (Source: GlobalTIS_TB) (EventID: 4097) (User: )
Description: Event-ID 4097
Error: (07/22/2017 01:48:54 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070002.
Error: (07/22/2017 10:14:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (07/22/2017 10:12:27 AM) (Source: GlobalTIS_TB) (EventID: 4097) (User: )
Description: Event-ID 4097
Error: (07/22/2017 10:08:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (09/02/2017 09:53:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Avira.ServiceHost erreicht.
Error: (09/02/2017 03:58:13 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.0.100 mit dem Computer mit der
Netzwerkhardwareadresse 98-E7-F5-97-03-71 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (08/30/2017 08:35:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/29/2017 11:09:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (08/29/2017 11:08:53 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Guardant Emulator Driver" ist von folgendem Dienst abhängig: HARDLOCK. Dieser Dienst ist eventuell nicht installiert.
Error: (08/29/2017 11:08:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann das angegebene Gerät nicht finden.
Error: (08/28/2017 07:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/28/2017 07:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/27/2017 01:27:35 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{19132931-9085-4814-A56A-F470A7EC6F52} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/20/2017 11:08:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SysMain erreicht.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 2911.02 MB
Verfügbarer physikalischer RAM: 926.27 MB
Summe virtueller Speicher: 5820.36 MB
Verfügbarer virtueller Speicher: 2231.42 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:116.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000AEDC2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
02.09.2017, 20:39
| #2 |
| | Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC TDSSKiller
__________________Code:
ATTFilter 20:05:26.0239 0x0ff4 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:05:29.0671 0x0ff4 ============================================================
20:05:29.0671 0x0ff4 Current date / time: 2017/09/02 20:05:29.0671
20:05:29.0671 0x0ff4 SystemInfo:
20:05:29.0671 0x0ff4
20:05:29.0671 0x0ff4 OS Version: 6.1.7601 ServicePack: 1.0
20:05:29.0671 0x0ff4 Product type: Workstation
20:05:29.0671 0x0ff4 ComputerName: ICH-PC
20:05:29.0671 0x0ff4 UserName: ich
20:05:29.0671 0x0ff4 Windows directory: C:\Windows
20:05:29.0671 0x0ff4 System windows directory: C:\Windows
20:05:29.0671 0x0ff4 Processor architecture: Intel x86
20:05:29.0671 0x0ff4 Number of processors: 2
20:05:29.0671 0x0ff4 Page size: 0x1000
20:05:29.0671 0x0ff4 Boot type: Normal boot
20:05:29.0671 0x0ff4 CodeIntegrityOptions = 0x00000000
20:05:29.0671 0x0ff4 ============================================================
20:05:32.0011 0x0ff4 KLMD registered as C:\Windows\system32\drivers\08002147.sys
20:05:32.0011 0x0ff4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23714, osProperties = 0x0
20:05:32.0198 0x0ff4 System UUID: {EF9BF817-60DA-6709-E0FC-7E3375C0242F}
20:05:32.0869 0x0ff4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:05:32.0931 0x0ff4 ============================================================
20:05:32.0931 0x0ff4 \Device\Harddisk0\DR0:
20:05:32.0931 0x0ff4 MBR partitions:
20:05:32.0931 0x0ff4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:05:32.0931 0x0ff4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
20:05:32.0931 0x0ff4 ============================================================
20:05:32.0978 0x0ff4 C: <-> \Device\Harddisk0\DR0\Partition2
20:05:33.0025 0x0ff4 ============================================================
20:05:33.0025 0x0ff4 Initialize success
20:05:33.0025 0x0ff4 ============================================================
20:06:09.0170 0x160c ============================================================
20:06:09.0170 0x160c Scan started
20:06:09.0170 0x160c Mode: Manual; SigCheck; TDLFS;
20:06:09.0170 0x160c ============================================================
20:06:09.0170 0x160c KSN ping started
20:06:40.0963 0x160c KSN ping finished: true
20:06:41.0415 0x160c ================ Scan system memory ========================
20:06:41.0415 0x160c System memory - ok
20:06:41.0415 0x160c ================ Scan services =============================
20:06:41.0696 0x160c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:06:41.0774 0x160c 1394ohci - ok
20:06:41.0821 0x160c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:06:41.0836 0x160c ACPI - ok
20:06:41.0868 0x160c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:06:41.0883 0x160c AcpiPmi - ok
20:06:42.0024 0x160c [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:06:42.0055 0x160c AdobeFlashPlayerUpdateSvc - ok
20:06:42.0086 0x160c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:06:42.0117 0x160c adp94xx - ok
20:06:42.0133 0x160c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:06:42.0164 0x160c adpahci - ok
20:06:42.0180 0x160c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:06:42.0195 0x160c adpu320 - ok
20:06:42.0242 0x160c [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:06:42.0258 0x160c AeLookupSvc - ok
20:06:42.0367 0x160c [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
20:06:42.0414 0x160c AFD - ok
20:06:42.0445 0x160c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:06:42.0460 0x160c agp440 - ok
20:06:42.0476 0x160c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:06:42.0492 0x160c aic78xx - ok
20:06:42.0538 0x160c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:06:42.0570 0x160c ALG - ok
20:06:42.0632 0x160c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
20:06:42.0632 0x160c aliide - ok
20:06:42.0648 0x160c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:06:42.0663 0x160c amdagp - ok
20:06:42.0710 0x160c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
20:06:42.0726 0x160c amdide - ok
20:06:42.0741 0x160c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:06:42.0757 0x160c AmdK8 - ok
20:06:42.0757 0x160c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:06:42.0772 0x160c AmdPPM - ok
20:06:42.0882 0x160c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:06:42.0913 0x160c amdsata - ok
20:06:42.0944 0x160c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:06:42.0960 0x160c amdsbs - ok
20:06:42.0975 0x160c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:06:42.0991 0x160c amdxata - ok
20:06:43.0225 0x160c [ 0ACC38DF0CFF151C63AD6F6F35C55D0C, E77574F3FBF50FA6935D79AB2282971FBA5FC52FD626797CDFEA50889DFEAE2B ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc7.exe
20:06:43.0287 0x160c AntiVirMailService - ok
20:06:43.0365 0x160c [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
20:06:43.0396 0x160c AntiVirSchedulerService - ok
20:06:43.0459 0x160c [ 22B27C504A06096CDF3D5D0D46893EA0, 587B1A8AD24526A300563EACB0157099AA5CC3F2208534C91698758364EBE0AE ] AntiVirService C:\Program Files\Avira\Antivirus\avguard.exe
20:06:43.0490 0x160c AntiVirService - ok
20:06:43.0584 0x160c [ 8D2DD42AA98E1BD156FB59B320C0C613, 8711ECB09D420B3A3CA81F9326B23E9ED38D3D39CBDA332E59770DAA3E8A6CD3 ] AntiVirWebService C:\Program Files\Avira\Antivirus\avwebg7.exe
20:06:43.0646 0x160c AntiVirWebService - ok
20:06:43.0693 0x160c [ 083B44921C176809C1F219C59AE83C75, EE0789304804DF7B08607D92518C5B7F0F83BF996BEF1FA4A647237FB25626F3 ] AppID C:\Windows\system32\drivers\appid.sys
20:06:43.0708 0x160c AppID - ok
20:06:43.0740 0x160c [ FBBBE65118CCB1D2C6FCE6DB678605FD, DB34D63DA1E090F40739D70EAC3847A81FCEF7B8C7EC234E765A4FE2D32B844D ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:06:43.0755 0x160c AppIDSvc - ok
20:06:43.0818 0x160c [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo C:\Windows\System32\appinfo.dll
20:06:43.0833 0x160c Appinfo - ok
20:06:43.0864 0x160c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:06:43.0896 0x160c AppMgmt - ok
20:06:43.0989 0x160c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
20:06:44.0020 0x160c arc - ok
20:06:44.0036 0x160c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:06:44.0067 0x160c arcsas - ok
20:06:44.0098 0x160c [ 8CB5B9FF7426443BC79573C0DE51EA2D, 75FDE1D4933417186B030BF025450BBAF8D6DFA9F0CB92B44E32FB8505EF8E4F ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
20:06:44.0114 0x160c asmthub3 - ok
20:06:44.0130 0x160c [ 455B4D2EB792D91B38A65EF6D177B1EC, 862279B9397F27352F5DFFE9514830E5A00BEDD05DDA9942FB27B5DDB40B9675 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
20:06:44.0145 0x160c asmtxhci - ok
20:06:44.0254 0x160c [ 4DFB39347CE1E8E51AD2D8B124C9D7FA, 172262CD6B5EEFB927EADB3BEF130351994EFD7D660E791A76E64FB6DEA5B561 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:06:44.0270 0x160c aspnet_state - ok
20:06:44.0348 0x160c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:06:44.0395 0x160c AsyncMac - ok
20:06:44.0442 0x160c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
20:06:44.0457 0x160c atapi - ok
20:06:44.0551 0x160c [ B01751CC563AECAC09BBE36AAA21FBEF, 453CAED322CC13155D3BD1F5BF9ABC9FA7F74D9C17E712DAEC63E9518F0E9229 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:06:44.0598 0x160c athr - ok
20:06:44.0660 0x160c [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:06:44.0691 0x160c AudioEndpointBuilder - ok
20:06:44.0722 0x160c [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:06:44.0754 0x160c Audiosrv - ok
20:06:44.0785 0x160c [ 62032B346C9E12CE3C8C51AFB233F91F, 01180AC1D120493C39E2886DA3ED41E328BA0D3F339A18B503208EA3C635F83A ] avdevprot C:\Windows\system32\DRIVERS\avdevprot.sys
20:06:44.0785 0x160c avdevprot - ok
20:06:44.0847 0x160c [ 9692500938A8E44E5EB0968C40B65E83, 1E00ACDB8482064380F083669D41E070955B30D3F7CFB87902895CF28914587C ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:06:44.0863 0x160c avgntflt - ok
20:06:44.0878 0x160c [ 33CDBC9F8D6FC500F237A1329305D9EF, 0490359FC3CA696BE5220162F13445E74530F2944E9DD9B0196C80256BE8458E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:06:44.0894 0x160c avipbb - ok
20:06:45.0019 0x160c [ 6BC202E50D810F0229085407ABF95694, A915359A1D78F9EC94A9B1E5ECD358F4BE56F241493704C5DCEA761B3A35CCE7 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
20:06:45.0066 0x160c Avira.ServiceHost - ok
20:06:45.0081 0x160c [ 185CB049FA670298E2948CA3141D7AC1, DCCD32487E6B227C21CE55DF2136ADC657F138AE672A3C98AA8021C57C36B007 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:06:45.0097 0x160c avkmgr - ok
20:06:45.0112 0x160c [ 0F1A4BF8FFAD6850F2719BFB86C5AD8F, C00A9668DC973717B430706E1E24A5115FEDF79E445E36244E0F8E91B4EAC614 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
20:06:45.0128 0x160c avnetflt - ok
20:06:45.0144 0x160c [ 9200841069CA6EB29E9E08183D2971AF, 71CF620CB174B6928E5F85000456967BF621B6519F936BDAD84C7F40F1B03805 ] avusbflt C:\Windows\system32\Drivers\avusbflt.sys
20:06:45.0144 0x160c avusbflt - ok
20:06:45.0206 0x160c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:06:45.0237 0x160c AxInstSV - ok
20:06:45.0284 0x160c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:06:45.0315 0x160c b06bdrv - ok
20:06:45.0346 0x160c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:06:45.0378 0x160c b57nd60x - ok
20:06:45.0393 0x160c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:06:45.0424 0x160c BDESVC - ok
20:06:45.0440 0x160c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:06:45.0471 0x160c Beep - ok
20:06:45.0502 0x160c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
20:06:45.0549 0x160c BFE - ok
20:06:45.0596 0x160c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
20:06:45.0658 0x160c BITS - ok
20:06:45.0674 0x160c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:06:45.0705 0x160c blbdrive - ok
20:06:45.0752 0x160c [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:06:45.0783 0x160c bowser - ok
20:06:45.0814 0x160c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:06:45.0830 0x160c BrFiltLo - ok
20:06:45.0846 0x160c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:06:45.0861 0x160c BrFiltUp - ok
20:06:45.0908 0x160c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
20:06:45.0939 0x160c Browser - ok
20:06:45.0955 0x160c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:06:45.0986 0x160c Brserid - ok
20:06:45.0986 0x160c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:06:46.0017 0x160c BrSerWdm - ok
20:06:46.0017 0x160c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:06:46.0033 0x160c BrUsbMdm - ok
20:06:46.0048 0x160c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:06:46.0064 0x160c BrUsbSer - ok
20:06:46.0080 0x160c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:06:46.0095 0x160c BTHMODEM - ok
20:06:46.0158 0x160c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:06:46.0189 0x160c bthserv - ok
20:06:46.0204 0x160c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:06:46.0251 0x160c cdfs - ok
20:06:46.0282 0x160c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:06:46.0314 0x160c cdrom - ok
20:06:46.0345 0x160c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
20:06:46.0376 0x160c CertPropSvc - ok
20:06:46.0392 0x160c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
20:06:46.0407 0x160c circlass - ok
20:06:46.0470 0x160c [ 1136E4A71849BCFCB057140AD03AAEE6, 9A9615F33E475039382E452052040C21EFA9C6669FB4E95D466C014FCAEF4D74 ] CLFS C:\Windows\system32\CLFS.sys
20:06:46.0501 0x160c CLFS - ok
20:06:46.0563 0x160c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:06:46.0579 0x160c clr_optimization_v2.0.50727_32 - ok
20:06:46.0641 0x160c [ BD2AE15EFB47E5215B4D0C59EA00C91A, E2A3FB8B606E55E843958B93EE6A5FDCE6FB4AAA6BEFD2F030BAA91ED4B5B013 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:06:46.0672 0x160c clr_optimization_v4.0.30319_32 - ok
20:06:46.0704 0x160c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:06:46.0719 0x160c CmBatt - ok
20:06:46.0766 0x160c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:06:46.0782 0x160c cmdide - ok
20:06:46.0844 0x160c [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG C:\Windows\system32\Drivers\cng.sys
20:06:46.0875 0x160c CNG - ok
20:06:46.0922 0x160c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:06:46.0938 0x160c Compbatt - ok
20:06:46.0969 0x160c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:06:47.0000 0x160c CompositeBus - ok
20:06:47.0016 0x160c COMSysApp - ok
20:06:47.0109 0x160c [ D5A310D8F315E96884EB06CB453B0A3C, CE7C2244A7128C9D24840D7E447AB2C6F4917273C5029E9E84071D57BF6163AE ] COSIDS_TB C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
20:06:47.0125 0x160c COSIDS_TB - detected UnsignedFile.Multi.Generic ( 1 )
20:06:57.0218 0x160c COSIDS_TB ( UnsignedFile.Multi.Generic ) - warning
20:07:17.0280 0x160c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:07:17.0311 0x160c crcdisk - ok
20:07:17.0373 0x160c [ 348B3A4DD922F590EB39DB231F7AEE4D, 62341BBB263E8E72436FE008E2645692712C2143964D67CE38D58F47F5DEA8B1 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:07:17.0405 0x160c CryptSvc - ok
20:07:17.0467 0x160c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
20:07:17.0514 0x160c CSC - ok
20:07:17.0561 0x160c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
20:07:17.0592 0x160c CscService - ok
20:07:17.0639 0x160c [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:07:17.0670 0x160c DcomLaunch - ok
20:07:17.0701 0x160c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:07:17.0748 0x160c defragsvc - ok
20:07:17.0795 0x160c [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:07:17.0810 0x160c DfsC - ok
20:07:17.0841 0x160c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:07:17.0873 0x160c Dhcp - ok
20:07:17.0982 0x160c [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:07:18.0044 0x160c DiagTrack - ok
20:07:18.0075 0x160c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:07:18.0107 0x160c discache - ok
20:07:18.0138 0x160c [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
20:07:18.0153 0x160c Disk - ok
20:07:18.0185 0x160c [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:07:18.0216 0x160c dmvsc - ok
20:07:18.0263 0x160c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:07:18.0294 0x160c Dnscache - ok
20:07:18.0341 0x160c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
20:07:18.0372 0x160c dot3svc - ok
20:07:18.0387 0x160c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
20:07:18.0434 0x160c DPS - ok
20:07:18.0465 0x160c [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:07:18.0497 0x160c drmkaud - ok
20:07:18.0575 0x160c [ C1618B0E6527BA60F0D7CEDA4AE8FE10, 468DD4261CA068D97E9064A4BCACEF10F89779C3B829C96BE5AD4631BF61E098 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:07:18.0621 0x160c DXGKrnl - ok
20:07:18.0653 0x160c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:07:18.0684 0x160c EapHost - ok
20:07:18.0809 0x160c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:07:18.0949 0x160c ebdrv - ok
20:07:18.0996 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] EFS C:\Windows\System32\lsass.exe
20:07:19.0043 0x160c EFS - ok
20:07:19.0152 0x160c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:07:19.0183 0x160c ehRecvr - ok
20:07:19.0199 0x160c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
20:07:19.0230 0x160c ehSched - ok
20:07:19.0292 0x160c [ 72753D5CC94A90F5CFC6C00ECC47163F, 824EEDCB94334912D8C44BC9626723F142DA95E9494C4B7D2F6EC7899CFF1DD2 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:07:19.0308 0x160c ElbyCDIO - ok
20:07:19.0370 0x160c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:07:19.0401 0x160c elxstor - ok
20:07:19.0417 0x160c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:07:19.0433 0x160c ErrDev - ok
20:07:19.0511 0x160c [ 38008FAAA9632C2EF8E98BF1614D0527, 40B1EEF366E7422F98C4FABB8246B5A60DD22C13239E0921121C36FA22CABE19 ] eusk2par C:\Windows\system32\Drivers\eusk2par.sys
20:07:19.0542 0x160c eusk2par - ok
20:07:19.0589 0x160c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:07:19.0620 0x160c EventSystem - ok
20:07:19.0651 0x160c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:07:19.0682 0x160c exfat - ok
20:07:19.0698 0x160c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:07:19.0745 0x160c fastfat - ok
20:07:19.0807 0x160c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
20:07:19.0838 0x160c Fax - ok
20:07:19.0854 0x160c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
20:07:19.0885 0x160c fdc - ok
20:07:19.0885 0x160c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:07:19.0932 0x160c fdPHost - ok
20:07:19.0947 0x160c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:07:19.0979 0x160c FDResPub - ok
20:07:19.0994 0x160c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:07:20.0010 0x160c FileInfo - ok
20:07:20.0025 0x160c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:07:20.0057 0x160c Filetrace - ok
20:07:20.0072 0x160c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:07:20.0088 0x160c flpydisk - ok
20:07:20.0103 0x160c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:07:20.0119 0x160c FltMgr - ok
20:07:20.0213 0x160c [ 46D1195D74B0FBFF6C57916F48F41E38, 4FA734B358F288BB806610A706755C2BF89C276B12932309505486EDBB4F31CD ] FontCache C:\Windows\system32\FntCache.dll
20:07:20.0275 0x160c FontCache - ok
20:07:20.0337 0x160c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:07:20.0353 0x160c FontCache3.0.0.0 - ok
20:07:20.0384 0x160c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:07:20.0400 0x160c FsDepends - ok
20:07:20.0447 0x160c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:07:20.0462 0x160c Fs_Rec - ok
20:07:20.0509 0x160c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:07:20.0525 0x160c fvevol - ok
20:07:20.0556 0x160c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:07:20.0571 0x160c gagp30kx - ok
20:07:20.0712 0x160c [ D0386138F29A147D0A9B4A44867E85D9, 468A81B956086B2A6584E091D97EDD07EA1BA4789C79733CC37494DA5B94A37A ] GLOBALTISTB C:\PROGRA~1\GLOBAL~1\TRANSB~1\tbmux32.exe
20:07:20.0727 0x160c GLOBALTISTB - detected UnsignedFile.Multi.Generic ( 1 )
20:07:30.0743 0x160c GLOBALTISTB ( UnsignedFile.Multi.Generic ) - warning
20:07:42.0068 0x160c [ FAB13554E86325F5CC1041E7537DC8F2, 1BCC8083D35F7BBAB26CA509E34D35FF3B41521EB1D357AFADBE87CD76B4879C ] GlobalTISTC6 C:\Program Files\GlobalTIS\tomcat\BIN\tomcat6.exe
20:07:42.0068 0x160c GlobalTISTC6 - detected UnsignedFile.Multi.Generic ( 1 )
20:07:42.0349 0x160c Detect skipped due to KSN trusted
20:07:42.0349 0x160c GlobalTISTC6 - ok
20:07:42.0411 0x160c [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
20:07:42.0458 0x160c gpsvc - ok
20:07:42.0489 0x160c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:07:42.0505 0x160c hcw85cir - ok
20:07:42.0552 0x160c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:07:42.0583 0x160c HdAudAddService - ok
20:07:42.0614 0x160c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:07:42.0630 0x160c HDAudBus - ok
20:07:42.0645 0x160c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:07:42.0661 0x160c HidBatt - ok
20:07:42.0677 0x160c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:07:42.0708 0x160c HidBth - ok
20:07:42.0723 0x160c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
20:07:42.0739 0x160c HidIr - ok
20:07:42.0770 0x160c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
20:07:42.0801 0x160c hidserv - ok
20:07:42.0833 0x160c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:07:42.0864 0x160c HidUsb - ok
20:07:42.0895 0x160c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
20:07:42.0926 0x160c hkmsvc - ok
20:07:42.0942 0x160c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:07:42.0989 0x160c HomeGroupListener - ok
20:07:43.0020 0x160c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:07:43.0051 0x160c HomeGroupProvider - ok
20:07:43.0082 0x160c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:07:43.0098 0x160c HpSAMD - ok
20:07:43.0160 0x160c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:07:43.0207 0x160c HTTP - ok
20:07:43.0223 0x160c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:07:43.0238 0x160c hwpolicy - ok
20:07:43.0269 0x160c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:07:43.0316 0x160c i8042prt - ok
20:07:43.0394 0x160c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:07:43.0425 0x160c iaStorV - ok
20:07:43.0503 0x160c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:07:43.0550 0x160c idsvc - ok
20:07:43.0550 0x160c IEEtwCollectorService - ok
20:07:43.0893 0x160c [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:07:44.0174 0x160c igfx - ok
20:07:44.0252 0x160c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:07:44.0268 0x160c iirsp - ok
20:07:44.0346 0x160c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
20:07:44.0393 0x160c IKEEXT - ok
20:07:44.0408 0x160c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
20:07:44.0424 0x160c intelide - ok
20:07:44.0455 0x160c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:07:44.0471 0x160c intelppm - ok
20:07:44.0502 0x160c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:07:44.0549 0x160c IPBusEnum - ok
20:07:44.0564 0x160c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:07:44.0595 0x160c IpFilterDriver - ok
20:07:44.0658 0x160c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:07:44.0689 0x160c iphlpsvc - ok
20:07:44.0705 0x160c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:07:44.0720 0x160c IPMIDRV - ok
20:07:44.0736 0x160c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:07:44.0783 0x160c IPNAT - ok
20:07:44.0814 0x160c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:07:44.0829 0x160c IRENUM - ok
20:07:44.0845 0x160c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:07:44.0861 0x160c isapnp - ok
20:07:44.0907 0x160c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:07:44.0923 0x160c iScsiPrt - ok
20:07:44.0954 0x160c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:07:44.0970 0x160c kbdclass - ok
20:07:45.0001 0x160c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:07:45.0017 0x160c kbdhid - ok
20:07:45.0157 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] KeyIso C:\Windows\system32\lsass.exe
20:07:45.0188 0x160c KeyIso - ok
20:07:45.0204 0x160c [ BF8589C56B6C0A863B35FF7C2756297B, 78D81926A81EDB5ADB4711805568538D874F74742D4946410CCA27CDA1E60223 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:07:45.0219 0x160c KSecDD - ok
20:07:45.0266 0x160c [ 2F25ED3988208414CE52494781CAD572, 2DF15DACC9D494F51C70DD8324C38070F14B769392088C6CEFCC87A288E971DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:07:45.0282 0x160c KSecPkg - ok
20:07:45.0344 0x160c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:07:45.0391 0x160c KtmRm - ok
20:07:45.0422 0x160c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:07:45.0453 0x160c LanmanServer - ok
20:07:45.0485 0x160c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:07:45.0531 0x160c LanmanWorkstation - ok
20:07:45.0578 0x160c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:07:45.0609 0x160c lltdio - ok
20:07:45.0656 0x160c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:07:45.0703 0x160c lltdsvc - ok
20:07:45.0719 0x160c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:07:45.0750 0x160c lmhosts - ok
20:07:45.0765 0x160c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:07:45.0797 0x160c LSI_FC - ok
20:07:45.0812 0x160c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:07:45.0828 0x160c LSI_SAS - ok
20:07:45.0906 0x160c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:07:45.0968 0x160c LSI_SAS2 - ok
20:07:46.0062 0x160c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:07:46.0093 0x160c LSI_SCSI - ok
20:07:46.0124 0x160c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:07:46.0155 0x160c luafv - ok
20:07:46.0171 0x160c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:07:46.0202 0x160c Mcx2Svc - ok
20:07:46.0218 0x160c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
20:07:46.0233 0x160c megasas - ok
20:07:46.0265 0x160c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:07:46.0280 0x160c MegaSR - ok
20:07:46.0311 0x160c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:07:46.0343 0x160c MMCSS - ok
20:07:46.0358 0x160c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:07:46.0405 0x160c Modem - ok
20:07:46.0421 0x160c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:07:46.0452 0x160c monitor - ok
20:07:46.0499 0x160c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:07:46.0514 0x160c mouclass - ok
20:07:46.0530 0x160c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:07:46.0545 0x160c mouhid - ok
20:07:46.0608 0x160c [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:07:46.0623 0x160c mountmgr - ok
20:07:46.0670 0x160c [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:07:46.0686 0x160c MozillaMaintenance - ok
20:07:46.0717 0x160c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
20:07:46.0733 0x160c mpio - ok
20:07:46.0764 0x160c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:07:46.0795 0x160c mpsdrv - ok
20:07:46.0826 0x160c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:07:46.0873 0x160c MpsSvc - ok
20:07:46.0920 0x160c [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:07:46.0967 0x160c MRxDAV - ok
20:07:47.0013 0x160c [ DF054C04C065D628B54D19BB7DDC24C1, C58609B32C38318EBEDEB6242146CC85CC250CEEC637628A1DCCCB4004ACA8C3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:07:47.0029 0x160c mrxsmb - ok
20:07:47.0060 0x160c [ 3A40C64637BA66317351FE3E653B6BE0, B92BB1ED6E6DE158C381239BF56110D2AA638178F27D06F79D6C6FACC12E9AA8 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:07:47.0076 0x160c mrxsmb10 - ok
20:07:47.0091 0x160c [ 15D285A71358198EA18BE60A8EB6D9AA, 3519C8A2DD2C5FB6355875B8B03D0D07E4414BBA326F9A02BF249482300113F4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:07:47.0107 0x160c mrxsmb20 - ok
20:07:47.0169 0x160c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
20:07:47.0185 0x160c msahci - ok
20:07:47.0216 0x160c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:07:47.0247 0x160c msdsm - ok
20:07:47.0263 0x160c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:07:47.0294 0x160c MSDTC - ok
20:07:47.0310 0x160c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:07:47.0341 0x160c Msfs - ok
20:07:47.0357 0x160c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:07:47.0388 0x160c mshidkmdf - ok
20:07:47.0403 0x160c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:07:47.0435 0x160c msisadrv - ok
20:07:47.0466 0x160c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:07:47.0497 0x160c MSiSCSI - ok
20:07:47.0513 0x160c msiserver - ok
20:07:47.0528 0x160c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:07:47.0559 0x160c MSKSSRV - ok
20:07:47.0559 0x160c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:07:47.0591 0x160c MSPCLOCK - ok
20:07:47.0606 0x160c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:07:47.0637 0x160c MSPQM - ok
20:07:47.0669 0x160c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:07:47.0684 0x160c MsRPC - ok
20:07:47.0700 0x160c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:07:47.0715 0x160c mssmbios - ok
20:07:47.0731 0x160c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:07:47.0762 0x160c MSTEE - ok
20:07:47.0762 0x160c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:07:47.0793 0x160c MTConfig - ok
20:07:47.0918 0x160c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
20:07:47.0934 0x160c Mup - ok
20:07:47.0965 0x160c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
20:07:48.0012 0x160c napagent - ok
20:07:48.0059 0x160c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:07:48.0105 0x160c NativeWifiP - ok
20:07:48.0183 0x160c [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:07:48.0230 0x160c NDIS - ok
20:07:48.0246 0x160c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:07:48.0277 0x160c NdisCap - ok
20:07:48.0308 0x160c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:07:48.0339 0x160c NdisTapi - ok
20:07:48.0339 0x160c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:07:48.0371 0x160c Ndisuio - ok
20:07:48.0386 0x160c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:07:48.0417 0x160c NdisWan - ok
20:07:48.0433 0x160c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:07:48.0480 0x160c NDProxy - ok
20:07:48.0511 0x160c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:07:48.0542 0x160c NetBIOS - ok
20:07:48.0605 0x160c [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:07:48.0620 0x160c NetBT - ok
20:07:48.0636 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] Netlogon C:\Windows\system32\lsass.exe
20:07:48.0651 0x160c Netlogon - ok
20:07:48.0698 0x160c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
20:07:48.0729 0x160c Netman - ok
20:07:48.0761 0x160c [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:07:48.0792 0x160c NetMsmqActivator - ok
20:07:48.0792 0x160c [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:07:48.0823 0x160c NetPipeActivator - ok
20:07:48.0839 0x160c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
20:07:48.0885 0x160c netprofm - ok
20:07:48.0901 0x160c [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:07:48.0917 0x160c NetTcpActivator - ok
20:07:48.0917 0x160c [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:07:48.0948 0x160c NetTcpPortSharing - ok
20:07:48.0963 0x160c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:07:48.0979 0x160c nfrd960 - ok
20:07:49.0026 0x160c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:07:49.0073 0x160c NlaSvc - ok
20:07:49.0088 0x160c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:07:49.0119 0x160c Npfs - ok
20:07:49.0182 0x160c [ DD88D1BDE6985D86FCE0ECEF55AA0FED, 7D156F0D63766B29874384AD464D3DDD972B3AA3277F70602CBBB5A8AFE7DBB9 ] NSHE C:\Windows\system32\Drivers\NSHE.SYS
20:07:49.0197 0x160c NSHE - detected UnsignedFile.Multi.Generic ( 1 )
20:07:59.0213 0x160c NSHE ( UnsignedFile.Multi.Generic ) - warning
20:08:18.0525 0x160c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
20:08:18.0588 0x160c nsi - ok
20:08:18.0603 0x160c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:08:18.0635 0x160c nsiproxy - ok
20:08:18.0728 0x160c [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:08:18.0791 0x160c Ntfs - ok
20:08:18.0822 0x160c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
20:08:18.0853 0x160c Null - ok
20:08:18.0869 0x160c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:08:18.0884 0x160c nvraid - ok
20:08:18.0947 0x160c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:08:18.0978 0x160c nvstor - ok
20:08:18.0993 0x160c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:08:19.0009 0x160c nv_agp - ok
20:08:19.0025 0x160c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:08:19.0040 0x160c ohci1394 - ok
20:08:19.0087 0x160c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:08:19.0134 0x160c p2pimsvc - ok
20:08:19.0165 0x160c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
20:08:19.0196 0x160c p2psvc - ok
20:08:19.0212 0x160c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
20:08:19.0243 0x160c Parport - ok
20:08:19.0290 0x160c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:08:19.0305 0x160c partmgr - ok
20:08:19.0337 0x160c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:08:19.0352 0x160c Parvdm - ok
20:08:19.0399 0x160c [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:08:19.0430 0x160c PcaSvc - ok
20:08:19.0446 0x160c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
20:08:19.0461 0x160c pci - ok
20:08:19.0508 0x160c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
20:08:19.0539 0x160c pciide - ok
20:08:19.0555 0x160c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:08:19.0571 0x160c pcmcia - ok
20:08:19.0586 0x160c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
20:08:19.0617 0x160c pcw - ok
20:08:19.0727 0x160c [ 1A0E9F4E16BD62779CECA24110804DEB, A18065DF92B8CD34637D3D6D791E07EF053F5BEFEFFCDE00ACA5BD429028E6EF ] PDF24 C:\Program Files\PDF24\pdf24.exe
20:08:19.0758 0x160c PDF24 - ok
20:08:19.0836 0x160c [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:08:19.0883 0x160c PEAUTH - ok
20:08:19.0945 0x160c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:08:20.0007 0x160c PeerDistSvc - ok
20:08:20.0085 0x160c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
20:08:20.0163 0x160c pla - ok
20:08:20.0226 0x160c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:08:20.0257 0x160c PlugPlay - ok
20:08:20.0288 0x160c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:08:20.0319 0x160c PNRPAutoReg - ok
20:08:20.0351 0x160c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:08:20.0366 0x160c PNRPsvc - ok
20:08:20.0413 0x160c [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:08:20.0460 0x160c PolicyAgent - ok
20:08:20.0475 0x160c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
20:08:20.0522 0x160c Power - ok
20:08:20.0553 0x160c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:08:20.0585 0x160c PptpMiniport - ok
20:08:20.0600 0x160c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
20:08:20.0631 0x160c Processor - ok
20:08:20.0663 0x160c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
20:08:20.0694 0x160c ProfSvc - ok
20:08:20.0709 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:08:20.0741 0x160c ProtectedStorage - ok
20:08:20.0756 0x160c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:08:20.0787 0x160c Psched - ok
20:08:20.0850 0x160c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:08:20.0912 0x160c ql2300 - ok
20:08:20.0928 0x160c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:08:20.0959 0x160c ql40xx - ok
20:08:20.0975 0x160c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
20:08:21.0006 0x160c QWAVE - ok
20:08:21.0021 0x160c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:08:21.0053 0x160c QWAVEdrv - ok
20:08:21.0068 0x160c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:08:21.0099 0x160c RasAcd - ok
20:08:21.0131 0x160c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:08:21.0162 0x160c RasAgileVpn - ok
20:08:21.0177 0x160c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
20:08:21.0224 0x160c RasAuto - ok
20:08:21.0255 0x160c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:08:21.0287 0x160c Rasl2tp - ok
20:08:21.0302 0x160c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
20:08:21.0349 0x160c RasMan - ok
20:08:21.0380 0x160c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:08:21.0427 0x160c RasPppoe - ok
20:08:21.0443 0x160c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:08:21.0474 0x160c RasSstp - ok
20:08:21.0505 0x160c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:08:21.0536 0x160c rdbss - ok
20:08:21.0552 0x160c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:08:21.0583 0x160c rdpbus - ok
20:08:21.0599 0x160c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:08:21.0630 0x160c RDPCDD - ok
20:08:21.0645 0x160c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:08:21.0677 0x160c RDPDR - ok
20:08:21.0692 0x160c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:08:21.0723 0x160c RDPENCDD - ok
20:08:21.0739 0x160c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:08:21.0770 0x160c RDPREFMP - ok
20:08:21.0911 0x160c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:08:21.0957 0x160c RdpVideoMiniport - ok
20:08:22.0004 0x160c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:08:22.0051 0x160c RDPWD - ok
20:08:22.0082 0x160c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:08:22.0113 0x160c rdyboost - ok
20:08:22.0160 0x160c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:08:22.0191 0x160c RemoteAccess - ok
20:08:22.0223 0x160c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:08:22.0269 0x160c RemoteRegistry - ok
20:08:22.0269 0x160c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:08:22.0316 0x160c RpcEptMapper - ok
20:08:22.0332 0x160c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
20:08:22.0347 0x160c RpcLocator - ok
20:08:22.0363 0x160c [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
20:08:22.0394 0x160c RpcSs - ok
20:08:22.0441 0x160c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:08:22.0488 0x160c rspndr - ok
20:08:22.0519 0x160c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:08:22.0535 0x160c s3cap - ok
20:08:22.0550 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] SamSs C:\Windows\system32\lsass.exe
20:08:22.0581 0x160c SamSs - ok
20:08:22.0597 0x160c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:08:22.0613 0x160c sbp2port - ok
20:08:22.0722 0x160c [ 8A86E4D4ABF1308595B112E2796FAD24, 9731512554099D50610747DF9129998CB1DDE81A57A1C7D71C99D63C286F19EC ] SBS_GM_TOMCAT6 C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
20:08:22.0737 0x160c SBS_GM_TOMCAT6 - detected UnsignedFile.Multi.Generic ( 1 )
20:08:27.0090 0x160c Detect skipped due to KSN trusted
20:08:27.0090 0x160c SBS_GM_TOMCAT6 - ok
20:08:27.0183 0x160c [ 54B1E201B2CD6C1624AC90FDBAA9BFCC, 16578B77ED4038A11CDDFA9B6267B98F4F7FA045822C52169C8E189B3A4FF2AC ] SBS_GM_TRANSBASE C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
20:08:27.0215 0x160c SBS_GM_TRANSBASE - detected UnsignedFile.Multi.Generic ( 1 )
20:08:32.0784 0x160c Detect skipped due to KSN trusted
20:08:32.0784 0x160c SBS_GM_TRANSBASE - ok
20:08:32.0831 0x160c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:08:32.0862 0x160c SCardSvr - ok
20:08:32.0877 0x160c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:08:32.0909 0x160c scfilter - ok
20:08:32.0987 0x160c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
20:08:33.0049 0x160c Schedule - ok
20:08:33.0065 0x160c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:08:33.0096 0x160c SCPolicySvc - ok
20:08:33.0143 0x160c [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:08:33.0174 0x160c sdbus - ok
20:08:33.0205 0x160c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:08:33.0283 0x160c SDRSVC - ok
20:08:33.0314 0x160c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:08:33.0345 0x160c secdrv - ok
20:08:33.0392 0x160c [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
20:08:33.0439 0x160c seclogon - ok
20:08:33.0455 0x160c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
20:08:33.0501 0x160c SENS - ok
20:08:33.0517 0x160c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:08:33.0548 0x160c SensrSvc - ok
20:08:33.0595 0x160c [ DA17773297995D1135DFD1ACEEF07D58, E529A623AD145FFFA535F18BE171EEB810823A7AC01A66A051B2FB0D4ADA0467 ] Sentinel C:\Windows\System32\Drivers\SENTINEL.SYS
20:08:33.0626 0x160c Sentinel - detected UnsignedFile.Multi.Generic ( 1 )
20:08:36.0138 0x160c Detect skipped due to KSN trusted
20:08:36.0138 0x160c Sentinel - ok
20:08:36.0169 0x160c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:08:36.0200 0x160c Serenum - ok
20:08:36.0216 0x160c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys
20:08:36.0231 0x160c Serial - ok
20:08:36.0263 0x160c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:08:36.0278 0x160c sermouse - ok
20:08:36.0309 0x160c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
20:08:36.0341 0x160c SessionEnv - ok
20:08:36.0372 0x160c [ 8B7C1768D2CDE2E02E09A66563DDFD16, F46278B914A2FD32575CC7F083BEEA039E15D30061D6B39F22E39DAEEA80DB93 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
20:08:36.0403 0x160c SFEP - ok
20:08:36.0434 0x160c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
20:08:36.0450 0x160c sffdisk - ok
20:08:36.0450 0x160c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:08:36.0481 0x160c sffp_mmc - ok
20:08:36.0497 0x160c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
20:08:36.0512 0x160c sffp_sd - ok
20:08:36.0512 0x160c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:08:36.0543 0x160c sfloppy - ok
20:08:36.0575 0x160c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:08:36.0621 0x160c SharedAccess - ok
20:08:36.0668 0x160c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:08:36.0715 0x160c ShellHWDetection - ok
20:08:36.0731 0x160c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:08:36.0746 0x160c sisagp - ok
20:08:36.0762 0x160c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:08:36.0777 0x160c SiSRaid2 - ok
20:08:36.0793 0x160c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:08:36.0824 0x160c SiSRaid4 - ok
20:08:36.0840 0x160c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:08:36.0887 0x160c Smb - ok
20:08:36.0918 0x160c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:08:36.0933 0x160c SNMPTRAP - ok
20:08:36.0949 0x160c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
20:08:36.0965 0x160c spldr - ok
20:08:37.0011 0x160c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
20:08:37.0058 0x160c Spooler - ok
20:08:37.0074 0x160c sppuinotify - ok
20:08:37.0121 0x160c [ 90FBF12A93BB60360993F690CF0ACF45, DEC5A16230670836A577736A8B797BAFAA8C7CD5DDBCB1C481A4108056670180 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:08:37.0152 0x160c srv - ok
20:08:37.0167 0x160c [ 14B6849E81F75ECDCA29261F707686E8, 770F2F36A72BB64DD426AC1E1659A39EF92E0A8E5E751D413452BA8633B92B34 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:08:37.0199 0x160c srv2 - ok
20:08:37.0214 0x160c [ 4589FBE14AB0E789D7BD43B04A0BB618, 35F0A71DBE195453D0E1D6CA822011993B2FABA78DC5543AC71D54ED36E19B27 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:08:37.0230 0x160c srvnet - ok
20:08:37.0261 0x160c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:08:37.0308 0x160c SSDPSRV - ok
20:08:37.0323 0x160c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:08:37.0355 0x160c SstpSvc - ok
20:08:37.0401 0x160c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:08:37.0417 0x160c stexstor - ok
20:08:37.0464 0x160c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
20:08:37.0495 0x160c StiSvc - ok
20:08:37.0526 0x160c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:08:37.0542 0x160c storflt - ok
20:08:37.0573 0x160c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
20:08:37.0589 0x160c StorSvc - ok
20:08:37.0620 0x160c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:08:37.0667 0x160c storvsc - ok
20:08:37.0713 0x160c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:08:37.0760 0x160c swenum - ok
20:08:37.0838 0x160c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
20:08:37.0963 0x160c swprv - ok
20:08:38.0057 0x160c [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
20:08:38.0119 0x160c SysMain - ok
20:08:38.0150 0x160c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:08:38.0166 0x160c TabletInputService - ok
20:08:38.0213 0x160c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
20:08:38.0259 0x160c TapiSrv - ok
20:08:38.0369 0x160c [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:08:38.0415 0x160c Tcpip - ok
20:08:38.0478 0x160c [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:08:38.0525 0x160c TCPIP6 - ok
20:08:38.0540 0x160c [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:08:38.0556 0x160c tcpipreg - ok
20:08:38.0587 0x160c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:08:38.0618 0x160c TDPIPE - ok
20:08:38.0665 0x160c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:08:38.0681 0x160c TDTCP - ok
20:08:38.0727 0x160c [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:08:38.0759 0x160c tdx - ok
20:08:38.0774 0x160c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:08:38.0790 0x160c TermDD - ok
20:08:38.0852 0x160c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
20:08:38.0883 0x160c TermService - ok
20:08:38.0915 0x160c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
20:08:38.0930 0x160c Themes - ok
20:08:38.0946 0x160c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
20:08:38.0993 0x160c THREADORDER - ok
20:08:39.0086 0x160c [ D5697047F9CA5A18BB367CF94DA4B2C4, 466BE3DD86F0945A601ADAA1E521FF5C50F2CD36449D57CDCC891A7AC5698EA3 ] TIS 2000 Apache Web Server C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe
20:08:39.0102 0x160c TIS 2000 Apache Web Server - detected UnsignedFile.Multi.Generic ( 1 )
20:08:39.0383 0x160c TIS 2000 Apache Web Server ( UnsignedFile.Multi.Generic ) - warning
20:08:39.0632 0x160c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
20:08:39.0679 0x160c TrkWks - ok
20:08:39.0741 0x160c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:08:39.0788 0x160c TrustedInstaller - ok
20:08:39.0835 0x160c [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:39.0851 0x160c tssecsrv - ok
20:08:39.0897 0x160c [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:08:39.0929 0x160c TsUsbFlt - ok
20:08:39.0975 0x160c [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:08:40.0007 0x160c TsUsbGD - ok
20:08:40.0038 0x160c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:08:40.0069 0x160c tunnel - ok
20:08:40.0085 0x160c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:08:40.0100 0x160c uagp35 - ok
20:08:40.0116 0x160c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:08:40.0163 0x160c udfs - ok
20:08:40.0194 0x160c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:08:40.0209 0x160c UI0Detect - ok
20:08:40.0241 0x160c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:08:40.0256 0x160c uliagpkx - ok
20:08:40.0272 0x160c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:08:40.0287 0x160c umbus - ok
20:08:40.0303 0x160c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:08:40.0319 0x160c UmPass - ok
20:08:40.0350 0x160c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
20:08:40.0365 0x160c UmRdpService - ok
20:08:40.0397 0x160c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
20:08:40.0428 0x160c upnphost - ok
20:08:40.0475 0x160c [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
20:08:40.0521 0x160c usbccgp - ok
20:08:40.0553 0x160c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:08:40.0584 0x160c usbcir - ok
20:08:40.0599 0x160c [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:08:40.0631 0x160c usbehci - ok
20:08:40.0662 0x160c [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:08:40.0693 0x160c usbhub - ok
20:08:40.0709 0x160c [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:08:40.0724 0x160c usbohci - ok
20:08:40.0755 0x160c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:08:40.0771 0x160c usbprint - ok
20:08:40.0802 0x160c [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:08:40.0833 0x160c usbser - ok
20:08:40.0880 0x160c [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:40.0911 0x160c USBSTOR - ok
20:08:40.0927 0x160c [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:08:40.0958 0x160c usbuhci - ok
20:08:40.0989 0x160c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:08:41.0005 0x160c usbvideo - ok
20:08:41.0052 0x160c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
20:08:41.0083 0x160c UxSms - ok
20:08:41.0099 0x160c [ 99EC6DC301E2EB98DA46EB28AF91ACAC, C26EF19875B9CEE5CCB513E9753E3EBC52DE3DE59A84D6CFE7141EF95CD30774 ] VaultSvc C:\Windows\system32\lsass.exe
20:08:41.0114 0x160c VaultSvc - ok
20:08:41.0223 0x160c [ 915AC4B4BBDE4FD56FD07D9778A44206, 38685846FA4FF601BCDFB1572CFD3EE2AF1EC463FB470A52528301A245E4D2F4 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:08:41.0255 0x160c VBoxDrv - ok
20:08:41.0286 0x160c [ 3ABBF210814CCE4DB26065219E559478, BB57E7F972BBC4F2609AF118D1D3448F9753E0E80F6D3BB3C3967CB4E537E6B9 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
20:08:41.0317 0x160c VBoxNetAdp - ok
20:08:41.0333 0x160c [ C78C5107A2139D2FD86B05D154827F95, 59214E485CB9F64CC09EAD041EA4C1E52F80DEE30C348B0148A15F47EC382ABC ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
20:08:41.0348 0x160c VBoxNetLwf - ok
20:08:41.0364 0x160c [ 9543D099D35EFF05FEDF01D989416F79, 63909DF266014304FF35D9DD70436D27595F9557FA9396004A5944A74A18F6A3 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:08:41.0379 0x160c VBoxUSBMon - ok
20:08:41.0442 0x160c [ C2D1B1671F9C1C66E0DF1B5D2DC87616, 577E0EC66E6D751B6521E7E35D8102CE0EC1A9B006B64BEFB75A5D0A15DC5370 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
20:08:41.0473 0x160c VClone - ok
20:08:41.0520 0x160c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:08:41.0551 0x160c vdrvroot - ok
20:08:41.0582 0x160c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
20:08:41.0629 0x160c vds - ok
20:08:41.0645 0x160c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:41.0660 0x160c vga - ok
20:08:41.0676 0x160c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:08:41.0707 0x160c VgaSave - ok
20:08:41.0723 0x160c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:08:41.0754 0x160c vhdmp - ok
20:08:41.0769 0x160c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:08:41.0785 0x160c viaagp - ok
20:08:41.0801 0x160c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:08:41.0816 0x160c ViaC7 - ok
20:08:41.0863 0x160c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
20:08:41.0879 0x160c viaide - ok
20:08:41.0910 0x160c [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:08:41.0941 0x160c vmbus - ok
20:08:41.0957 0x160c [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:08:41.0972 0x160c VMBusHID - ok
20:08:41.0988 0x160c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:08:42.0019 0x160c volmgr - ok
20:08:42.0035 0x160c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:08:42.0066 0x160c volmgrx - ok
20:08:42.0081 0x160c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:08:42.0097 0x160c volsnap - ok
20:08:42.0128 0x160c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:08:42.0144 0x160c vsmraid - ok
20:08:42.0206 0x160c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
20:08:42.0253 0x160c VSS - ok
20:08:42.0269 0x160c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:08:42.0300 0x160c vwifibus - ok
20:08:42.0315 0x160c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:08:42.0331 0x160c vwififlt - ok
20:08:42.0362 0x160c [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:08:42.0378 0x160c vwifimp - ok
20:08:42.0393 0x160c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
20:08:42.0440 0x160c W32Time - ok
20:08:42.0456 0x160c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:08:42.0471 0x160c WacomPen - ok
20:08:42.0503 0x160c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:08:42.0534 0x160c WANARP - ok
20:08:42.0534 0x160c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:08:42.0565 0x160c Wanarpv6 - ok
20:08:42.0627 0x160c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
20:08:42.0674 0x160c wbengine - ok
20:08:42.0690 0x160c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:08:42.0721 0x160c WbioSrvc - ok
20:08:42.0737 0x160c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:08:42.0768 0x160c wcncsvc - ok
20:08:42.0815 0x160c [ D9DF5C53DFE502D88A726DD6EFB3CCC3, 2804FA28CEF1A15C1E1BAAB440F7546A497C3B894313521750380F789678BC0C ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:08:42.0846 0x160c WcsPlugInService - ok
20:08:42.0877 0x160c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
20:08:42.0893 0x160c Wd - ok
20:08:42.0955 0x160c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:08:43.0017 0x160c Wdf01000 - ok
20:08:43.0080 0x160c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:08:43.0127 0x160c WdiServiceHost - ok
20:08:43.0127 0x160c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:08:43.0158 0x160c WdiSystemHost - ok
20:08:43.0205 0x160c [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
20:08:43.0236 0x160c WebClient - ok
20:08:43.0283 0x160c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:08:43.0314 0x160c Wecsvc - ok
20:08:43.0329 0x160c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:08:43.0361 0x160c wercplsupport - ok
20:08:43.0407 0x160c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
20:08:43.0439 0x160c WerSvc - ok
20:08:43.0454 0x160c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:43.0485 0x160c WfpLwf - ok
20:08:43.0517 0x160c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:08:43.0532 0x160c WIMMount - ok
20:08:43.0610 0x160c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:08:43.0657 0x160c WinDefend - ok
20:08:43.0673 0x160c WinHttpAutoProxySvc - ok
20:08:43.0751 0x160c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:08:43.0797 0x160c Winmgmt - ok
20:08:43.0891 0x160c [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
20:08:43.0953 0x160c WinRM - ok
20:08:44.0016 0x160c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:44.0031 0x160c WinUsb - ok
20:08:44.0078 0x160c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:08:44.0125 0x160c Wlansvc - ok
20:08:44.0141 0x160c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:08:44.0172 0x160c WmiAcpi - ok
20:08:44.0187 0x160c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:08:44.0219 0x160c wmiApSrv - ok
20:08:44.0343 0x160c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:08:44.0390 0x160c WMPNetworkSvc - ok
20:08:44.0421 0x160c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:08:44.0437 0x160c WPCSvc - ok
20:08:44.0453 0x160c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:08:44.0468 0x160c WPDBusEnum - ok
20:08:44.0499 0x160c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:08:44.0531 0x160c ws2ifsl - ok
20:08:44.0562 0x160c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
20:08:44.0577 0x160c wscsvc - ok
20:08:44.0655 0x160c [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:08:44.0687 0x160c WSDPrintDevice - ok
20:08:44.0702 0x160c WSearch - ok
20:08:44.0811 0x160c [ 625F2B712DF9E0F55BC0281012303D45, F22F0FE482B65160FA1913F617B73BBF6A841960FEBBD7EB2798E0785FC6086A ] wuauserv C:\Windows\system32\wuaueng.dll
20:08:44.0889 0x160c wuauserv - ok
20:08:44.0952 0x160c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:08:44.0983 0x160c WudfPf - ok
20:08:45.0030 0x160c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:45.0045 0x160c WUDFRd - ok
20:08:45.0061 0x160c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:08:45.0092 0x160c wudfsvc - ok
20:08:45.0139 0x160c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
20:08:45.0201 0x160c WwanSvc - ok
20:08:45.0233 0x160c [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
20:08:45.0264 0x160c yukonw7 - ok
20:08:45.0311 0x160c ================ Scan global ===============================
20:08:45.0357 0x160c [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
20:08:45.0404 0x160c [ 2B39C09CBF1468E6F88A41978F230009, B2BD4A1CCBA83481130BE5899149286B6DC638D012E2F1DE6CEF45CF2A3A1C83 ] C:\Windows\system32\winsrv.dll
20:08:45.0420 0x160c [ 2B39C09CBF1468E6F88A41978F230009, B2BD4A1CCBA83481130BE5899149286B6DC638D012E2F1DE6CEF45CF2A3A1C83 ] C:\Windows\system32\winsrv.dll
20:08:45.0451 0x160c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:08:45.0513 0x160c [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
20:08:45.0513 0x160c [ Global ] - ok
20:08:45.0513 0x160c ================ Scan MBR ==================================
20:08:45.0529 0x160c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:45.0747 0x160c \Device\Harddisk0\DR0 - ok
20:08:45.0747 0x160c ================ Scan VBR ==================================
20:08:45.0747 0x160c [ DE193D66A66DBADC3914476DE8D2B2D6 ] \Device\Harddisk0\DR0\Partition1
20:08:45.0747 0x160c \Device\Harddisk0\DR0\Partition1 - ok
20:08:45.0763 0x160c [ B4DF0D2BA26A35D60C2762FFE1FD182D ] \Device\Harddisk0\DR0\Partition2
20:08:45.0763 0x160c \Device\Harddisk0\DR0\Partition2 - ok
20:08:45.0763 0x160c ================ Scan generic autorun ======================
20:08:45.0810 0x160c [ 2C1B1E9174D94E9F6EE3CF373ABAB7DD, 729D283DF70F727824EBCA223D5E5B27D16E3E2B5312B1B34CAE1E763192D7B5 ] C:\Windows\system32\igfxtray.exe
20:08:45.0841 0x160c IgfxTray - ok
20:08:45.0857 0x160c [ 89D3DE5E2C77DCD99C56F0E46310AEA0, 02E1B2353E5D5F65D7968698AFE079A4DF11C230F6213C07D128F47147BACA29 ] C:\Windows\system32\igfxpers.exe
20:08:45.0872 0x160c Persistence - ok
20:08:45.0966 0x160c [ F75B70453BFC8045C9D3E25C6C188FB0, 9D4D4EDB03A353DD85ACFE038B11018C780BECF466572C27F52C7A0E291321AE ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:08:46.0013 0x160c Avira SystrayStartTrigger - ok
20:08:46.0137 0x160c [ A3F0187B2B6402168E65BE6688002041, 695A220D95D072F311E68AC9A629A73EBFE9FF922E82CB31A8AA58DF3645E477 ] C:\Program Files\Avira\Antivirus\avgnt.exe
20:08:46.0169 0x160c avgnt - ok
20:08:46.0309 0x160c [ 5B69FAA925DFF91CE49B12E4381CB99D, 99134272C222D9306C779F6CBD42857F8F0EE4B82B02139973F302B7465E55C2 ] C:\ProgramData\Package Cache\{7990b9d3-2da3-4eef-bf20-73a05086fd12}\Avira.OE.Setup.Bundle.exe
20:08:46.0356 0x160c {7990b9d3-2da3-4eef-bf20-73a05086fd12} - ok
20:08:46.0465 0x160c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:08:46.0512 0x160c Sidebar - ok
20:08:46.0559 0x160c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:08:46.0590 0x160c mctadmin - ok
20:08:46.0621 0x160c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:08:46.0668 0x160c Sidebar - ok
20:08:46.0668 0x160c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:08:46.0699 0x160c mctadmin - ok
20:08:46.0699 0x160c Waiting for KSN requests completion. In queue: 147
20:08:47.0713 0x160c Waiting for KSN requests completion. In queue: 147
20:08:48.0727 0x160c Waiting for KSN requests completion. In queue: 147
20:08:49.0741 0x160c Waiting for KSN requests completion. In queue: 147
20:08:50.0755 0x160c Waiting for KSN requests completion. In queue: 147
20:08:51.0769 0x160c Waiting for KSN requests completion. In queue: 147
20:08:52.0783 0x160c Waiting for KSN requests completion. In queue: 147
20:08:53.0797 0x160c Waiting for KSN requests completion. In queue: 147
20:08:54.0811 0x160c Waiting for KSN requests completion. In queue: 147
20:08:55.0825 0x160c Waiting for KSN requests completion. In queue: 147
20:08:56.0839 0x160c Waiting for KSN requests completion. In queue: 147
20:08:57.0853 0x160c Waiting for KSN requests completion. In queue: 147
20:08:58.0867 0x160c Waiting for KSN requests completion. In queue: 147
20:08:59.0881 0x160c Waiting for KSN requests completion. In queue: 147
20:09:00.0895 0x160c Waiting for KSN requests completion. In queue: 147
20:09:02.0767 0x160c Waiting for KSN requests completion. In queue: 147
20:09:03.0781 0x160c Waiting for KSN requests completion. In queue: 147
20:09:04.0795 0x160c Waiting for KSN requests completion. In queue: 147
20:09:05.0809 0x160c Waiting for KSN requests completion. In queue: 147
20:09:06.0823 0x160c Waiting for KSN requests completion. In queue: 147
20:09:07.0853 0x160c AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.29.31 ), 0x42000 ( disabled : updated )
20:09:07.0853 0x160c Win FW state via NFP2: enabled ( trusted )
20:09:08.0274 0x160c ============================================================
20:09:08.0274 0x160c Scan finished
20:09:08.0274 0x160c ============================================================
20:09:08.0290 0x1744 Detected object count: 4
20:09:08.0290 0x1744 Actual detected object count: 4
20:09:30.0956 0x1744 COSIDS_TB ( UnsignedFile.Multi.Generic ) - skipped by user
20:09:30.0956 0x1744 COSIDS_TB ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:09:30.0956 0x1744 GLOBALTISTB ( UnsignedFile.Multi.Generic ) - skipped by user
20:09:30.0956 0x1744 GLOBALTISTB ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:09:30.0956 0x1744 NSHE ( UnsignedFile.Multi.Generic ) - skipped by user
20:09:30.0956 0x1744 NSHE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:09:30.0956 0x1744 TIS 2000 Apache Web Server ( UnsignedFile.Multi.Generic ) - skipped by user
20:09:30.0956 0x1744 TIS 2000 Apache Web Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.09.2017, 15:29
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APCZitat:
Alternative: Windows wegformatieren und sowas wie Lubuntu verwenden siehe https://wiki.ubuntuusers.de/Einsteiger/
__________________ |
|
05.09.2017, 08:25
| #4 |
| | Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC Vielen Dank für die kompetente Antwort. Ich habe vor Tagen nach Hilfe gefagt und bekommen habe ich SO eine Antwort?! Ahm, ist es nicht völlig egal was für ein PC befallen ist? Weist Du! was ich mit dem PC mache? Vielleicht habe ich hier Software drauf laufen die auch 10 Jahre alt ist und nur für einen bestimmten Zweck gebraucht wird. Wozu einen neuen kaufen wenn ich den hier evtl. nur 10 Tage im Jahr benutzte. Der Laptop wird zu Diagnosezwecke mit einer RS232 Schnittstelle genutzt! OK? Für meine Einsatzzwecke reicht dass völlig aus! Ich habe unterdessen einige andere Forenbeiträge mit ähnlichem Problemen gelesen und habe die dort offensichtlich kompetente Antworten befolgt und glaube nun das es sich erlegigt hat. Nun wenn sich einer zwecks einer Kontrolle trotzdem noch melden sollte wäre ich froh. Anderenfalls weis ich jetzt, dass ich mich nur mit einem neuen Rechner an euch wenden darf?! Mfg |
|
05.09.2017, 08:55
| #5 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APCZitat:
 Zitat:
 As said: wer 10 Jahre alten Elektroschrott verwendet, muss sich nicht wundern, wenn Firefox mal etwas langsamer ist. Aktuelle Browser sind auf halbwegs aktuelle Hardware ausgelegt und nicht auf solche von anno dazumal.  Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.09.2017, 13:25
| #6 |
| | Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC Gut, dann habe ich mich wohl falsch ausgedrückt. Der Rechner lief zufriedenstellend (ausreichend schnell) - bis vor 5 Tagen. Da fingen die Probleme an, beim Einschalten brauchte der Rechner ewig bis was ging, am LED der Festplatte kommte ich sehen das gut 10min auf der Platte gewerkelt wird. So lange ging fast nichts, da nach nur noch schleppend, schlecht ..... . Dann habe ich dein Scanner laufen lassen und bekam diesen HEUR/APC und was noch so im Post oben zu sehen. Ich bin mir bewust das dieser Laptop keine Rakete ist aber.... . Ich hatte den Rechner mal zu Diagnosezwecke ausgeliehen, und als der zurück kam habe ich da einiges an Schrott drauf gefunden - hatte aber meines erachten alles entfernen können. In den Logs habe ich so einiges gesehen was in den Laptop nicht hinein gehört - habe gleich das Zeug entsorgt. Nun gut, jetzt geht er wieder so wie gewohnt. Und ja, die anderen Rechner die ich noch daheim stehen habe (übrigens mit Linux) sind Raketen. Nun, Merci nochmals. |
|
05.09.2017, 14:11
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC Zu Diagnosezwecken ausgeliehen, was soll das heißen, wieso verleiht man so ein Ding und wenn, warum setzt man es danach nicht neu auf?  Was ist mit meiner Frage zur Herkunft dieser ISO_Datei?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC |
| antivirus, avdevprot, avdevprot.sys, avira, computer, cpu, entfernen, festplatte, firefox, flash player, helper, internet, kaspersky, langsam, malware, mozilla, musik, problem gelöst, prozesse, registry, scan, server, services.exe, svchost.exe, system, viren, warnung, windows |
Linear-Darstellung
