Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   UPS-Mail anhang geöffnet (https://www.trojaner-board.de/164747-ups-mail-anhang-geoeffnet.html)

nialma 05.03.2015 18:58
UPS-Mail anhang geöffnet
 
Hi,

mein Vater hat, da er von UPS eine Sendung erwartet hatte, eine Mail mit ZIP-Anhang bzw die Zip geöffnet. Nun kommen unzählige Mail Delivery-Mails zurück....

Wie bzw was können wir tun damit sein Win 8-Rechner wieder sauber läuft?

Danke für die Unterstützung

schrauber 05.03.2015 19:04
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


nialma 06.03.2015 06:30
FRST.txt


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Peter Kuttig (administrator) on BUCHLEMMI on 05-03-2015 19:50:20
Running from F:\
Loaded Profiles: Peter Kuttig (Available profiles: Peter Kuttig)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\setup\New\instup.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\SetupInf64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2965816 2012-10-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199800 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405624 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5513424 2015-03-05] (Avast Software s.r.o.)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f566-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f60f-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {9e77f659-c913-11e2-be8a-809b20508748} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {cde90d2d-867f-11e4-bf11-dc0ea1b51b21} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {cde90df3-867f-11e4-bf11-dc0ea1b51b21} - "F:\AutoRun.exe"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MountPoints2: {dad8ed3d-985e-11e3-bed4-dc0ea1b51b21} - "F:\AutoRun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CHR HKU\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-9287429-4187079875-4244921196-1001 -> {54AAEA08-3310-4E4F-8372-61B29FC6CD2A} URL =
SearchScopes: HKU\S-1-5-21-9287429-4187079875-4244921196-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: C:\Users\Peter Kuttig\AppData\Roaming\Mozilla\Firefox\Profiles\cwfql4dl.default
FF Homepage: hxxp://buchlemmi.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Peter Kuttig\AppData\Roaming\Mozilla\Firefox\Profiles\cwfql4dl.default\searchplugins\bing-avast.xml
FF Extension: ELO Archiv-Transfer - C:\Program Files (x86)\Mozilla Firefox\extensions\EloFirefoxAddon.xpi [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-05]

Chrome:
=======
CHR Profile: C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-21]
CHR Extension: (Google Drive) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-21]
CHR Extension: (YouTube) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-21]
CHR Extension: (Google Search) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-21]
CHR Extension: (Google Wallet) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-21]
CHR Extension: (Gmail) - C:\Users\Peter Kuttig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-05] (Avast Software s.r.o.)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-05] (Avast Software s.r.o.)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-08] (Dritek System INC.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-05] ()
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-05] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-05] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-05] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-08] (Dritek System Inc.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 PCDSRVC{0368CD8C-041F8379-06020200}_0; \??\c:\users\peterk~1\appdata\local\temp\zedqb0ldkesd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 19:50 - 2015-03-05 19:50 - 00001954 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-03-05 19:50 - 2015-03-05 19:50 - 00001894 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-03-05 19:50 - 2015-03-05 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-05 19:49 - 2015-03-05 19:49 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-03-05 19:49 - 2015-03-05 19:49 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-03-05 19:49 - 2015-03-05 19:45 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA4AE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA57E.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-05 19:49 - 2015-03-05 19:45 - 00268640 _____ () C:\Windows\system32\Drivers\aswA58E.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA5CE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA4CE.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA53D.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00065736 _____ () C:\Windows\system32\Drivers\aswA55D.tmp
2015-03-05 19:49 - 2015-03-05 19:45 - 00029168 _____ () C:\Windows\system32\Drivers\aswA51D.tmp
2015-03-05 19:46 - 2015-03-05 19:46 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Roaming\AVAST Software
2015-03-05 19:45 - 2015-03-05 19:50 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-05 19:45 - 2015-03-05 19:45 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-05 19:45 - 2015-03-05 19:45 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-05 19:45 - 2015-03-05 19:45 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-05 19:43 - 2015-03-05 19:43 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-05 19:16 - 2015-03-05 19:50 - 00000000 ____D () C:\FRST
2015-03-05 15:29 - 2013-04-12 02:12 - 00173568 _____ (Xerox Corporation) C:\Windows\system32\xrxznzil.dll
2015-03-05 15:12 - 2015-03-05 15:19 - 00000000 ____D () C:\AdwCleaner
2015-03-05 14:28 - 2015-03-05 14:28 - 00000000 _____ () C:\autoexec.bat
2015-03-05 14:27 - 2015-03-05 14:27 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2015-03-05 14:24 - 2015-03-05 19:26 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP
2015-03-03 19:09 - 2008-03-28 13:32 - 00039936 _____ (AVM GmbH) C:\Windows\system32\capi2032.dll
2015-02-28 16:09 - 2015-02-28 16:09 - 00000959 _____ () C:\Users\Public\Desktop\FRITZ!fax.lnk
2015-02-28 16:09 - 2015-02-28 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2015-02-28 16:08 - 2015-02-28 16:09 - 00000000 ____D () C:\Program Files (x86)\FRITZ!
2015-02-28 16:08 - 2015-02-28 16:08 - 00000000 ____D () C:\ProgramData\ISDNWatch
2015-02-28 16:08 - 2015-02-28 16:08 - 00000000 ____D () C:\ProgramData\FRITZ!fax für FRITZ!Box
2015-02-28 16:08 - 2007-09-07 10:05 - 00492848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2015-02-28 16:08 - 2007-09-07 10:05 - 00349488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 01066288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00980272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00970032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2015-02-28 16:08 - 2007-09-07 10:04 - 00070960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-02-28 16:08 - 2007-09-07 10:04 - 00060208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2015-02-25 08:20 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 08:20 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-02-25 08:19 - 2015-01-09 07:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 08:19 - 2015-01-09 06:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-23 11:51 - 2015-01-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-23 11:51 - 2015-01-23 05:27 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-14 10:13 - 2014-04-16 19:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-02-14 10:13 - 2014-04-16 19:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-02-11 15:30 - 2015-03-02 10:44 - 00033508 _____ () C:\Users\Peter Kuttig\Documents\Insulin.xlsx
2015-02-11 08:25 - 2015-01-12 07:48 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 08:24 - 2015-01-29 09:30 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-02-11 08:24 - 2015-01-29 09:30 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-02-11 08:24 - 2015-01-29 09:30 - 00011056 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-02-11 08:24 - 2015-01-29 09:05 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-11 08:24 - 2015-01-29 09:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 08:24 - 2015-01-29 07:19 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-11 08:24 - 2015-01-29 07:19 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-11 08:24 - 2015-01-15 12:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-02-11 08:24 - 2015-01-15 12:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-11 08:24 - 2015-01-15 12:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 08:24 - 2015-01-15 11:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-02-11 08:24 - 2015-01-15 11:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-11 08:24 - 2015-01-15 10:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 08:24 - 2015-01-15 10:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 08:24 - 2015-01-15 05:08 - 00568656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 08:24 - 2015-01-12 07:49 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-02-11 08:24 - 2015-01-12 07:49 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 08:24 - 2015-01-12 07:48 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 15403008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 02655744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 08:24 - 2015-01-12 07:47 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 08:24 - 2015-01-12 07:46 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 08:24 - 2015-01-12 06:07 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 08:24 - 2015-01-12 06:07 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 08:24 - 2015-01-12 06:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 08:24 - 2015-01-12 05:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 08:24 - 2015-01-12 04:46 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-11 08:24 - 2015-01-09 05:33 - 04061696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 08:24 - 2014-12-08 07:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 08:24 - 2014-12-08 06:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 08:23 - 2015-02-04 10:54 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 08:23 - 2015-02-04 10:52 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 08:23 - 2015-02-03 00:18 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 08:23 - 2014-12-18 09:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-02-11 08:23 - 2014-12-18 07:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-11 08:23 - 2014-12-18 07:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-11 08:23 - 2014-12-18 07:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-11 08:23 - 2014-12-18 07:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-11 08:23 - 2014-12-09 00:14 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 08:23 - 2014-11-26 07:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 08:23 - 2014-11-26 05:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 08:21 - 2015-01-15 22:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-09 13:43 - 2015-02-28 16:08 - 00000462 _____ () C:\Windows\setup.log
2015-02-05 11:05 - 2015-02-05 11:05 - 00007706 _____ () C:\Windows\OT_FileVersions.TXT
2015-02-05 11:05 - 2015-02-05 11:05 - 00000000 ____D () C:\Windows\OTBackup
2015-02-05 11:05 - 2000-08-02 15:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdocurs.dll
2015-02-05 11:05 - 1999-02-02 16:56 - 00000421 _____ () C:\Windows\SysWOW64\odbcinst.cnt
2015-02-05 11:05 - 1998-11-30 09:21 - 00041316 _____ () C:\Windows\SysWOW64\odbcinst.hlp
2015-02-05 11:05 - 1998-06-17 18:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-05 11:04 - 2015-02-05 11:05 - 60388865 _____ (LifeScan ) C:\Users\Peter Kuttig\Downloads\onetouchsetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 19:47 - 2012-12-09 05:58 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 19:47 - 2012-12-09 05:58 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 19:47 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 19:43 - 2013-09-25 09:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 19:42 - 2013-10-21 15:40 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 19:42 - 2013-10-21 15:40 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 19:42 - 2013-03-06 14:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-05 19:41 - 2014-10-01 05:56 - 00506066 _____ () C:\Windows\PFRO.log
2015-03-05 19:41 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 18:03 - 2013-08-19 09:31 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\Outlook-Dateien
2015-03-05 18:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-05 17:57 - 2014-10-01 05:14 - 01175639 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 10:49 - 2014-10-01 05:12 - 00000099 _____ () C:\Users\Public\LMDebug.log
2015-03-04 10:49 - 2013-08-21 10:47 - 00025088 _____ () C:\Users\Peter Kuttig\Documents\Büchersendung.zdl
2015-03-03 19:11 - 2013-09-02 11:15 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\FRITZ!
2015-03-03 17:50 - 2013-10-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-03 14:53 - 2014-12-12 09:12 - 00119602 _____ () C:\Users\Peter Kuttig\Documents\VK 2015.xlsx
2015-03-03 14:28 - 2015-01-16 10:34 - 00007680 _____ () C:\Users\Peter Kuttig\Documents\Regalboden.zdl
2015-03-03 08:26 - 2013-10-21 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-03 07:39 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-02 10:29 - 2013-08-21 06:33 - 00014284 _____ () C:\Users\Peter Kuttig\Documents\Medikamente.xlsx
2015-02-28 16:08 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2015-02-27 10:43 - 2014-07-07 06:54 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\Adobe
2015-02-27 10:19 - 2014-06-10 10:49 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\SelfMV
2015-02-27 07:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-25 08:20 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-25 07:58 - 2014-11-11 07:20 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1382366736
2015-02-25 07:58 - 2013-10-21 15:45 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-24 13:33 - 2013-03-06 14:39 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\CrashDumps
2015-02-23 14:03 - 2013-03-09 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-23 14:02 - 2013-03-06 16:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-20 08:44 - 2013-10-21 15:42 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-16 10:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-02-16 07:56 - 2014-10-22 07:11 - 00433944 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-16 07:54 - 2013-03-06 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 10:22 - 2014-12-15 08:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-14 10:22 - 2014-07-14 07:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-14 10:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2015-02-13 08:16 - 2013-08-28 06:30 - 00000000 ____D () C:\ProgramData\Lexware
2015-02-12 14:19 - 2013-03-06 11:45 - 00000000 ____D () C:\Users\Peter Kuttig\AppData\Local\Packages
2015-02-11 14:48 - 2014-06-17 10:13 - 00046906 _____ () C:\Users\Peter Kuttig\Documents\Amazon-Alex.xlsx
2015-02-11 10:24 - 2012-07-26 06:26 - 00000167 _____ () C:\Windows\win.ini
2015-02-11 10:14 - 2013-08-19 09:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 10:03 - 2013-03-06 13:53 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 13:37 - 2013-10-21 15:40 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-09 13:37 - 2013-10-21 15:40 - 00003874 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-09 13:33 - 2013-03-06 14:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-05 11:07 - 2012-12-08 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-05 09:48 - 2015-02-02 15:14 - 00000000 ____D () C:\Users\Peter Kuttig\Documents\Commerzbank
2015-02-05 09:43 - 2013-09-25 09:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:29 - 2014-12-15 08:24 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:29 - 2014-12-15 08:24 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-08-20 07:35 - 2014-10-06 07:49 - 0026778 _____ () C:\Users\Peter Kuttig\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2013-08-22 11:11 - 2013-10-22 06:54 - 0000090 _____ () C:\Users\Peter Kuttig\AppData\Roaming\WB.CFG
2013-09-12 09:11 - 2013-10-22 06:54 - 0000006 _____ () C:\Users\Peter Kuttig\AppData\Roaming\WBPU-TTL.DAT
2013-03-06 14:40 - 2013-03-06 14:40 - 0000017 _____ () C:\Users\Peter Kuttig\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Peter Kuttig\AppData\Local\Temp\Quarantine.exe
C:\Users\Peter Kuttig\AppData\Local\Temp\sqlite3.dll
C:\Users\Peter Kuttig\AppData\Local\Temp\UninstallSer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-02 11:15

==================== End Of Log ============================
--- --- ---

--- --- ---


Additional.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Peter Kuttig at 2015-03-05 19:53:08
Running from F:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{7438DA7D-782C-450F-BCDC-5FC54E6831B8}) (Version: 1.0.0.2 - ZTE Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{1E654AA2-629D-C426-2561-01AAC1371950}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4311.52 - CyberLink Corp.)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Dropbox (HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\Dropbox) (Version: 2.4.2 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HomeBase 3 (HKLM-x32\...\{09359BE4-C819-485F-AEF8-DCD4D1CBBFC5}) (Version: 3.0.308.0 - AbeBooks)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Packard Bell)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.5 - Packard Bell)
Lexware faktura+auftrag 2014 (HKLM-x32\...\{4d54c3b8-5e73-4f9e-a810-07fc42ddb356}) (Version: 18.0.0.78 - Haufe-Lexware GmbH & Co.KG)
Lexware faktura+auftrag 2014 (x32 Version: 18.51.00.0174 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (x32 Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 3.01.00.0011 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM-x32\...\{7F603892-89C9-4EC4-9236-7AD4A798EA41}) (Version: 21.00.00.0039 - Haufe-Lexware GmbH & Co.KG)
Lexware Zeiterfassung (HKLM-x32\...\{41115DDB-A8D9-48D9-B530-4A0252DFAF20}) (Version: 26.00.04.0001 - Haufe-Lexware GmbH & Co.KG)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Packard Bell)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.80 - Heiko Schröder)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.02.511 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Packard Bell)
PDF24 Creator 5.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PicSizer (HKLM-x32\...\PicSizer) (Version:  - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28127 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.10.000 - Samsung Electronics Co., Ltd.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.16 - Stardock Software, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.52 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-9287429-4187079875-4244921196-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter Kuttig\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

14-02-2015 10:11:07 Windows Update
23-02-2015 11:20:01 Geplanter Prüfpunkt
01-03-2015 09:40:59 SpeedMaxPc Backup
04-03-2015 10:04:39 Wiederherstellungsvorgang
05-03-2015 14:25:20 Installed SpyHunter
05-03-2015 17:46:01 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CB22815-5FEA-4D97-8521-21BB42BB63DF} - System32\Tasks\{05D2606B-BD52-48B0-9F99-5468EC7E5CA2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.18.0.106&amp;LastError=12002
Task: {131B36BA-1F07-4A47-9D5F-EA7050CAB521} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {204EF743-9C74-48AB-90D3-319499FB2979} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {339272ED-3FA3-4897-B38F-A02C0984FE54} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {540AA790-213F-40DD-83DF-3BEDB873174D} - System32\Tasks\Opera scheduled Autoupdate 1382366736 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {547B0A66-AA87-46FD-8263-114F68144E88} - System32\Tasks\{FBC5EBD6-3D38-4A07-98A2-42D043B4E3F4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {580918AE-505E-43C6-ADFC-072DF03E40B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21] (Google Inc.)
Task: {6FF92F17-85C9-409D-804A-18063FD0FF97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {809C6080-8653-4C4A-8ED9-BE22F84E250A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {9871F825-673B-42FA-AEA1-2FB8F649F9E0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-05] (Avast Software s.r.o.)
Task: {DEC08BA6-E79D-423E-A13C-CD8A29D3E9C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FA8F14BB-871E-43ED-9830-B683B7B60003} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {FB8582DA-CC5D-48BB-AFAB-23D9A5849241} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21] (Google Inc.)
Task: {FCB98D0B-D119-47A6-8004-EC9D71128FC9} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-08-30] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-02 11:06 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-09-02 11:06 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-04-14 01:41 - 2011-04-14 01:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2015-01-28 10:46 - 2014-04-16 09:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 02917376 _____ () C:\Program Files\AVAST Software\Avast\defs\15030500\algo.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-05 19:45 - 2015-03-05 19:45 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-9287429-4187079875-4244921196-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\PackardBell01.jpg
DNS Servers: 192.168.178.15

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "STO Backup Service"
HKLM\...\StartupApproved\Run32: => "STO Launcher Service"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-9287429-4187079875-4244921196-1001\...\StartupApproved\Run: => ""

==================== Accounts: =============================

Administrator (S-1-5-21-9287429-4187079875-4244921196-500 - Administrator - Disabled)
Gast (S-1-5-21-9287429-4187079875-4244921196-501 - Limited - Disabled)
Peter Kuttig (S-1-5-21-9287429-4187079875-4244921196-1001 - Administrator - Enabled) => C:\Users\Peter Kuttig

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2015 07:02:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002637d
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (03/05/2015 05:52:51 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x81000204.

Error: (03/05/2015 04:10:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/05/2015 03:54:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (03/05/2015 07:22:40 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (03/05/2015 07:22:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎03.‎2015 um 19:00:29 unerwartet heruntergefahren.

Error: (03/05/2015 07:03:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/05/2015 07:03:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Sicherheitscenter" wurde mit folgendem Fehler beendet:
%%16389

Error: (03/05/2015 07:00:12 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (03/05/2015 07:00:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎03.‎2015 um 18:59:18 unerwartet heruntergefahren.

Error: (03/05/2015 05:49:25 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (03/05/2015 05:49:01 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Packard Bell" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x10000000034cf. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (03/05/2015 05:25:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Sicherheitscenter" wurde mit folgendem Fehler beendet:
%%16389

Error: (03/05/2015 05:24:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070


Microsoft Office Sessions:
=========================
Error: (03/05/2015 07:02:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec0000005000000000002637dea401d0576e721241deC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllc0be2a05-c361-11e4-bf1e-809b20508748

Error: (03/05/2015 05:52:51 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x81000204

Error: (03/05/2015 04:10:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (03/05/2015 03:54:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1


==================== Memory info ===========================

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 22%
Total physical RAM: 5706.25 MB
Available physical RAM: 4427.51 MB
Total Pagefile: 6602.25 MB
Available Pagefile: 5272.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:246.75 GB) (Free:145.9 GB) NTFS
Drive d: (Bücher) (Fixed) (Total:200 GB) (Free:198.24 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:58.59 GB) (Free:53.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4B4444A3)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 58.6 GB) (Disk ID: 539E5865)
Partition 1: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Hoffe es hilft den Helfern

Bringt es da was office / Outlook zu deinstallieren und neu zu installieren?

schrauber 06.03.2015 12:15
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

nialma 06.03.2015 15:47
mbar
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.03.06.03
  rootkit: v2015.02.25.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.17228
Peter Kuttig :: BUCHLEMMI [administrator]

06.03.2015 12:27:18
mbar-log-2015-03-06 (12-27-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 353954
Time elapsed: 32 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)


tdsskiller
Code:
15:41:10.0177 0x158c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:41:10.0177 0x158c  UEFI system
15:41:24.0113 0x158c  ============================================================
15:41:24.0113 0x158c  Current date / time: 2015/03/06 15:41:24.0113
15:41:24.0113 0x158c  SystemInfo:
15:41:24.0113 0x158c 
15:41:24.0113 0x158c  OS Version: 6.2.9200 ServicePack: 0.0
15:41:24.0113 0x158c  Product type: Workstation
15:41:24.0113 0x158c  ComputerName: BUCHLEMMI
15:41:24.0113 0x158c  UserName: Peter Kuttig
15:41:24.0113 0x158c  Windows directory: C:\Windows
15:41:24.0113 0x158c  System windows directory: C:\Windows
15:41:24.0113 0x158c  Running under WOW64
15:41:24.0113 0x158c  Processor architecture: Intel x64
15:41:24.0113 0x158c  Number of processors: 2
15:41:24.0113 0x158c  Page size: 0x1000
15:41:24.0113 0x158c  Boot type: Normal boot
15:41:24.0113 0x158c  ============================================================
15:41:25.0189 0x158c  KLMD registered as C:\Windows\system32\drivers\86336867.sys
15:41:25.0782 0x158c  System UUID: {191BEE8A-9914-CEBA-ECEA-215CFFF8CE90}
15:41:26.0983 0x158c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:26.0999 0x158c  Drive \Device\Harddisk1\DR1 - Size: 0xEA6000000 ( 58.59 Gb ), SectorSize: 0x200, Cylinders: 0x1DE0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:41:27.0014 0x158c  ============================================================
15:41:27.0014 0x158c  \Device\Harddisk0\DR0:
15:41:27.0014 0x158c  GPT partitions:
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3B60F638-E95C-44A8-AC16-74263FE01961}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0B2164DA-72FC-44DB-8861-CBDFA8F31085}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {83E186B4-05D3-4818-93D4-703FA2B8E76C}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A64ED29C-BB3A-4C48-8083-7BF165F8C950}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1ED81000
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1D0BD8B2-AA36-480E-B28C-C7FCC790657C}, Name: , StartLBA 0x1EF1F800, BlocksNum 0xE1000
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4BCA1FF8-ABF4-4EB6-B0DA-1BDD9C503B17}, Name: Basic data partition, StartLBA 0x1F000800, BlocksNum 0x18FFF800
15:41:27.0014 0x158c  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2E7398E5-B885-479C-8C83-559884041F97}, Name: Basic data partition, StartLBA 0x38000800, BlocksNum 0x2385800
15:41:27.0014 0x158c  MBR partitions:
15:41:27.0014 0x158c  \Device\Harddisk1\DR1:
15:41:27.0014 0x158c  MBR partitions:
15:41:27.0014 0x158c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x80, BlocksNum 0x752FF80
15:41:27.0014 0x158c  ============================================================
15:41:27.0030 0x158c  C: <-> \Device\Harddisk0\DR0\Partition4
15:41:27.0170 0x158c  D: <-> \Device\Harddisk0\DR0\Partition6
15:41:27.0170 0x158c  F: <-> \Device\Harddisk1\DR1\Partition1
15:41:27.0186 0x158c  ============================================================
15:41:27.0186 0x158c  Initialize success
15:41:27.0186 0x158c  ============================================================
15:41:52.0196 0x11bc  ============================================================
15:41:52.0196 0x11bc  Scan started
15:41:52.0196 0x11bc  Mode: Manual;
15:41:52.0196 0x11bc  ============================================================
15:41:52.0196 0x11bc  KSN ping started
15:41:54.0801 0x11bc  KSN ping finished: true
15:41:57.0001 0x11bc  ================ Scan system memory ========================
15:41:57.0001 0x11bc  System memory - ok
15:41:57.0001 0x11bc  ================ Scan services =============================
15:41:57.0219 0x11bc  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
15:41:57.0235 0x11bc  1394ohci - ok
15:41:57.0297 0x11bc  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware          C:\Windows\system32\drivers\3ware.sys
15:41:57.0313 0x11bc  3ware - ok
15:41:57.0375 0x11bc  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:41:57.0406 0x11bc  ACPI - ok
15:41:57.0422 0x11bc  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
15:41:57.0437 0x11bc  acpiex - ok
15:41:57.0453 0x11bc  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
15:41:57.0453 0x11bc  acpipagr - ok
15:41:57.0469 0x11bc  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi        C:\Windows\System32\drivers\acpipmi.sys
15:41:57.0484 0x11bc  AcpiPmi - ok
15:41:57.0516 0x11bc  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
15:41:57.0516 0x11bc  acpitime - ok
15:41:57.0609 0x11bc  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:41:57.0625 0x11bc  AdobeARMservice - ok
15:41:57.0796 0x11bc  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:57.0812 0x11bc  AdobeFlashPlayerUpdateSvc - ok
15:41:57.0859 0x11bc  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
15:41:57.0890 0x11bc  adp94xx - ok
15:41:57.0937 0x11bc  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci        C:\Windows\system32\drivers\adpahci.sys
15:41:57.0952 0x11bc  adpahci - ok
15:41:57.0983 0x11bc  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
15:41:57.0999 0x11bc  adpu320 - ok
15:41:58.0046 0x11bc  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:41:58.0108 0x11bc  AeLookupSvc - ok
15:41:58.0202 0x11bc  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD            C:\Windows\system32\drivers\afd.sys
15:41:58.0233 0x11bc  AFD - ok
15:41:58.0264 0x11bc  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:41:58.0264 0x11bc  agp440 - ok
15:41:58.0296 0x11bc  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG            C:\Windows\System32\alg.exe
15:41:58.0311 0x11bc  ALG - ok
15:41:58.0358 0x11bc  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
15:41:58.0374 0x11bc  AllUserInstallAgent - ok
15:41:58.0420 0x11bc  [ E14F7B22FD0BD5FAA8C885C64690965D, B50217D1C23AF191389B9A335270A2B6254B8A3035BFCAFE4A5F7DB0FDBD7DF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:41:58.0436 0x11bc  AMD External Events Utility - ok
15:41:58.0467 0x11bc  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8          C:\Windows\System32\drivers\amdk8.sys
15:41:58.0467 0x11bc  AmdK8 - ok
15:41:59.0122 0x11bc  [ F931C2ED6C8294909C10657DCB9A9A4E, 7A9CEA4ADF31C5C93F0FE433A78817FAEE57DB737D8FC4F6A0E53F1D527EA10F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:41:59.0715 0x11bc  amdkmdag - ok
15:41:59.0778 0x11bc  [ 0D481A7FE3A66724DC11AD8A4E417A9A, 85726C7AC933ABD5ADE7A508E7C114BA512795F6BDC53663521AE66C27231527 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:41:59.0793 0x11bc  amdkmdap - ok
15:41:59.0824 0x11bc  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
15:41:59.0840 0x11bc  AmdPPM - ok
15:41:59.0871 0x11bc  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata        C:\Windows\system32\drivers\amdsata.sys
15:41:59.0887 0x11bc  amdsata - ok
15:41:59.0902 0x11bc  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:41:59.0918 0x11bc  amdsbs - ok
15:41:59.0949 0x11bc  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
15:41:59.0949 0x11bc  amdxata - ok
15:41:59.0996 0x11bc  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\Windows\System32\drivers\AMPPAL.sys
15:41:59.0996 0x11bc  AMPPAL - ok
15:42:00.0027 0x11bc  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPALP        C:\Windows\system32\DRIVERS\amppal.sys
15:42:00.0027 0x11bc  AMPPALP - ok
15:42:00.0152 0x11bc  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:42:00.0199 0x11bc  AMPPALR3 - ok
15:42:00.0214 0x11bc  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID          C:\Windows\system32\drivers\appid.sys
15:42:00.0230 0x11bc  AppID - ok
15:42:00.0261 0x11bc  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:42:00.0277 0x11bc  AppIDSvc - ok
15:42:00.0324 0x11bc  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo        C:\Windows\System32\appinfo.dll
15:42:00.0324 0x11bc  Appinfo - ok
15:42:00.0355 0x11bc  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc            C:\Windows\system32\drivers\arc.sys
15:42:00.0355 0x11bc  arc - ok
15:42:00.0386 0x11bc  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:42:00.0386 0x11bc  arcsas - ok
15:42:00.0433 0x11bc  [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
15:42:00.0448 0x11bc  aswHwid - ok
15:42:00.0480 0x11bc  [ 543D8AD4621A685CECBBE44BD5B71FAE, 5E8A20B4848F2AEB7BE56BA8966B961FD135433A87EC36ACAB3B63646A1DDCA8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:42:00.0480 0x11bc  aswKbd - ok
15:42:00.0511 0x11bc  [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
15:42:00.0511 0x11bc  aswMonFlt - ok
15:42:00.0573 0x11bc  [ 95AAB2D70A5B8F4BDB1FF131CD726232, 8C7267BAE92FB2F31BCA7818BAC43F7E542F0E8A7405422B730DF2805CCD7FB4 ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
15:42:00.0604 0x11bc  aswNdisFlt - ok
15:42:00.0636 0x11bc  [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:42:00.0636 0x11bc  aswRdr - ok
15:42:00.0667 0x11bc  [ 713AFFD4E38553AEF04617C985B4030B, A09FBE4D49390024E8CF93352EACEB5AC53BEE5A4E5A76F5BE0341F8A002C4DD ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
15:42:00.0682 0x11bc  aswRvrt - ok
15:42:00.0776 0x11bc  [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:42:00.0838 0x11bc  aswSnx - ok
15:42:00.0901 0x11bc  [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
15:42:00.0932 0x11bc  aswSP - ok
15:42:00.0979 0x11bc  [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:42:00.0994 0x11bc  aswStm - ok
15:42:01.0026 0x11bc  [ 11644D8399F4AC8BB12C2364DCB87CB4, 828C3A03AB9D5F0650C7B90B7479CCAAD586B22BB7AC6DB7C91E8D9D80427DFB ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:42:01.0041 0x11bc  aswVmm - ok
15:42:01.0072 0x11bc  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:01.0072 0x11bc  AsyncMac - ok
15:42:01.0088 0x11bc  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi          C:\Windows\system32\drivers\atapi.sys
15:42:01.0088 0x11bc  atapi - ok
15:42:01.0166 0x11bc  [ 87DAD8D354E312DB16636DC71EB39E5E, 904C874799BF30F06BFC725A59040C6E1B7D176011DA41D1ACBE4CAB20369671 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
15:42:01.0182 0x11bc  AtiHDAudioService - ok
15:42:01.0275 0x11bc  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:42:01.0291 0x11bc  AudioEndpointBuilder - ok
15:42:01.0463 0x11bc  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:42:01.0525 0x11bc  Audiosrv - ok
15:42:01.0603 0x11bc  [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:42:01.0619 0x11bc  avast! Antivirus - ok
15:42:01.0681 0x11bc  [ 9BCCEF665F197A5BBE86C679EFF608D0, 16D818E6642DD23B5915311C909E1131AA27592254ED8A6EAC59674AC80A01A0 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:42:01.0697 0x11bc  avast! Firewall - ok
15:42:01.0743 0x11bc  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:42:01.0759 0x11bc  AxInstSV - ok
15:42:01.0853 0x11bc  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
15:42:01.0884 0x11bc  b06bdrv - ok
15:42:01.0915 0x11bc  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
15:42:01.0931 0x11bc  BasicDisplay - ok
15:42:01.0946 0x11bc  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender    C:\Windows\System32\drivers\BasicRender.sys
15:42:01.0946 0x11bc  BasicRender - ok
15:42:02.0289 0x11bc  [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl63a.sys
15:42:02.0601 0x11bc  BCM43XX - ok
15:42:02.0664 0x11bc  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
15:42:02.0679 0x11bc  BDESVC - ok
15:42:02.0711 0x11bc  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
15:42:02.0711 0x11bc  Beep - ok
15:42:02.0804 0x11bc  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE            C:\Windows\System32\bfe.dll
15:42:02.0851 0x11bc  BFE - ok
15:42:02.0929 0x11bc  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
15:42:03.0023 0x11bc  BITS - ok
15:42:03.0085 0x11bc  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:42:03.0085 0x11bc  bowser - ok
15:42:03.0132 0x11bc  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:42:03.0147 0x11bc  BrokerInfrastructure - ok
15:42:03.0179 0x11bc  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser        C:\Windows\System32\browser.dll
15:42:03.0194 0x11bc  Browser - ok
15:42:03.0225 0x11bc  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
15:42:03.0241 0x11bc  BthAvrcpTg - ok
15:42:03.0272 0x11bc  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum      C:\Windows\System32\drivers\bthhfenum.sys
15:42:03.0272 0x11bc  BthHFEnum - ok
15:42:03.0319 0x11bc  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
15:42:03.0319 0x11bc  bthhfhid - ok
15:42:03.0335 0x11bc  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
15:42:03.0350 0x11bc  BTHMODEM - ok
15:42:03.0382 0x11bc  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv        C:\Windows\system32\bthserv.dll
15:42:03.0397 0x11bc  bthserv - ok
15:42:03.0428 0x11bc  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:42:03.0444 0x11bc  BTHSSecurityMgr - ok
15:42:03.0475 0x11bc  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:42:03.0491 0x11bc  cdfs - ok
15:42:03.0522 0x11bc  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom          C:\Windows\System32\drivers\cdrom.sys
15:42:03.0522 0x11bc  cdrom - ok
15:42:03.0584 0x11bc  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc    C:\Windows\System32\certprop.dll
15:42:03.0600 0x11bc  CertPropSvc - ok
15:42:03.0631 0x11bc  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
15:42:03.0631 0x11bc  circlass - ok
15:42:03.0662 0x11bc  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
15:42:03.0693 0x11bc  CLFS - ok
15:42:03.0725 0x11bc  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
15:42:03.0740 0x11bc  CmBatt - ok
15:42:03.0818 0x11bc  [ 93E49DDA75C10C3AE084C32608C68666, 1F05F40B362AD8A9DA579D03E08C3E7DC0B8996DC7DBAF096B33F92C854EAA43 ] CNG            C:\Windows\system32\Drivers\cng.sys
15:42:03.0849 0x11bc  CNG - ok
15:42:03.0865 0x11bc  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
15:42:03.0881 0x11bc  CompositeBus - ok
15:42:03.0881 0x11bc  COMSysApp - ok
15:42:03.0896 0x11bc  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
15:42:03.0912 0x11bc  condrv - ok
15:42:03.0974 0x11bc  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:42:03.0974 0x11bc  CryptSvc - ok
15:42:04.0021 0x11bc  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam            C:\Windows\system32\drivers\dam.sys
15:42:04.0021 0x11bc  dam - ok
15:42:04.0099 0x11bc  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:42:04.0161 0x11bc  DcomLaunch - ok
15:42:04.0208 0x11bc  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc      C:\Windows\System32\defragsvc.dll
15:42:04.0239 0x11bc  defragsvc - ok
15:42:04.0302 0x11bc  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
15:42:04.0317 0x11bc  DeviceAssociationService - ok
15:42:04.0411 0x11bc  [ 91E80E3783883DA59A065E16AC031C3B, 4889980BE707C3C595F241411BD3E670517A50A33AECECEC471636969AFBA20E ] DeviceFastLaneService C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
15:42:04.0442 0x11bc  DeviceFastLaneService - ok
15:42:04.0489 0x11bc  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall  C:\Windows\system32\umpnpmgr.dll
15:42:04.0505 0x11bc  DeviceInstall - ok
15:42:04.0552 0x11bc  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
15:42:04.0567 0x11bc  Dfsc - ok
15:42:04.0614 0x11bc  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:42:04.0629 0x11bc  dg_ssudbus - ok
15:42:04.0692 0x11bc  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:42:04.0707 0x11bc  Dhcp - ok
15:42:04.0754 0x11bc  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
15:42:04.0770 0x11bc  discache - ok
15:42:04.0817 0x11bc  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
15:42:04.0817 0x11bc  disk - ok
15:42:04.0848 0x11bc  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc          C:\Windows\System32\drivers\dmvsc.sys
15:42:04.0848 0x11bc  dmvsc - ok
15:42:04.0895 0x11bc  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:42:04.0926 0x11bc  Dnscache - ok
15:42:04.0973 0x11bc  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc        C:\Windows\System32\dot3svc.dll
15:42:04.0988 0x11bc  dot3svc - ok
15:42:05.0035 0x11bc  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:42:05.0035 0x11bc  dot4 - ok
15:42:05.0066 0x11bc  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
15:42:05.0082 0x11bc  dot4usb - ok
15:42:05.0113 0x11bc  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS            C:\Windows\system32\dps.dll
15:42:05.0129 0x11bc  DPS - ok
15:42:05.0176 0x11bc  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:42:05.0176 0x11bc  drmkaud - ok
15:42:05.0254 0x11bc  [ AAC635BC81CB07771D944D64757FB1D2, 78DF2DF029D7B72747AECC6274986DD651C1F79EE8A754997A0E7C9D0A45A201 ] DsiWMIService  C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:42:05.0269 0x11bc  DsiWMIService - ok
15:42:05.0316 0x11bc  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
15:42:05.0331 0x11bc  DsmSvc - ok
15:42:05.0456 0x11bc  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:42:05.0534 0x11bc  DXGKrnl - ok
15:42:05.0581 0x11bc  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost        C:\Windows\System32\eapsvc.dll
15:42:05.0597 0x11bc  Eaphost - ok
15:42:05.0831 0x11bc  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv          C:\Windows\system32\drivers\evbda.sys
15:42:06.0049 0x11bc  ebdrv - ok
15:42:06.0112 0x11bc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS            C:\Windows\System32\lsass.exe
15:42:06.0127 0x11bc  EFS - ok
15:42:06.0158 0x11bc  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass    C:\Windows\system32\drivers\EhStorClass.sys
15:42:06.0174 0x11bc  EhStorClass - ok
15:42:06.0190 0x11bc  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:42:06.0205 0x11bc  EhStorTcgDrv - ok
15:42:06.0299 0x11bc  [ 3D897AAAAC4BC8D6F069DA3BB65D136D, 65FAD19C638AE65FB29587EF980FB6EF12B528274469403281A5DCDD1E46C1DB ] ePowerSvc      C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
15:42:06.0330 0x11bc  ePowerSvc - ok
15:42:06.0361 0x11bc  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
15:42:06.0361 0x11bc  ErrDev - ok
15:42:06.0424 0x11bc  esgiguard - ok
15:42:06.0502 0x11bc  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem    C:\Windows\system32\es.dll
15:42:06.0533 0x11bc  EventSystem - ok
15:42:06.0626 0x11bc  [ E67E289FA8AA393223AD7F9AFB738FD6, DBAB42EE5C140024CB4FF669664885B5CB404054A430331B5ABF273598A881C0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:42:06.0658 0x11bc  EvtEng - ok
15:42:06.0704 0x11bc  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat          C:\Windows\system32\drivers\exfat.sys
15:42:06.0704 0x11bc  exfat - ok
15:42:06.0751 0x11bc  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:42:06.0751 0x11bc  fastfat - ok
15:42:06.0829 0x11bc  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax            C:\Windows\system32\fxssvc.exe
15:42:06.0860 0x11bc  Fax - ok
15:42:06.0892 0x11bc  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc            C:\Windows\System32\drivers\fdc.sys
15:42:06.0892 0x11bc  fdc - ok
15:42:06.0923 0x11bc  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost        C:\Windows\system32\fdPHost.dll
15:42:06.0938 0x11bc  fdPHost - ok
15:42:06.0954 0x11bc  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:42:06.0954 0x11bc  FDResPub - ok
15:42:07.0001 0x11bc  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc          C:\Windows\system32\fhsvc.dll
15:42:07.0016 0x11bc  fhsvc - ok
15:42:07.0032 0x11bc  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:42:07.0048 0x11bc  FileInfo - ok
15:42:07.0079 0x11bc  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:42:07.0079 0x11bc  Filetrace - ok
15:42:07.0110 0x11bc  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
15:42:07.0110 0x11bc  flpydisk - ok
15:42:07.0141 0x11bc  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:42:07.0172 0x11bc  FltMgr - ok
15:42:07.0297 0x11bc  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache      C:\Windows\system32\FntCache.dll
15:42:07.0391 0x11bc  FontCache - ok
15:42:07.0485 0x11bc  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:42:07.0500 0x11bc  FontCache3.0.0.0 - ok
15:42:07.0531 0x11bc  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
15:42:07.0531 0x11bc  FsDepends - ok
15:42:07.0562 0x11bc  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:42:07.0562 0x11bc  Fs_Rec - ok
15:42:07.0656 0x11bc  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:42:07.0672 0x11bc  fvevol - ok
15:42:07.0719 0x11bc  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM          C:\Windows\System32\drivers\fxppm.sys
15:42:07.0719 0x11bc  FxPPM - ok
15:42:07.0750 0x11bc  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:42:07.0765 0x11bc  gagp30kx - ok
15:42:07.0796 0x11bc  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
15:42:07.0796 0x11bc  gencounter - ok
15:42:07.0859 0x11bc  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101    C:\Windows\system32\Drivers\msgpioclx.sys
15:42:07.0874 0x11bc  GPIOClx0101 - ok
15:42:07.0984 0x11bc  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc          C:\Windows\System32\gpsvc.dll
15:42:08.0093 0x11bc  gpsvc - ok
15:42:08.0155 0x11bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:08.0155 0x11bc  gupdate - ok
15:42:08.0171 0x11bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:08.0186 0x11bc  gupdatem - ok
15:42:08.0233 0x11bc  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:08.0264 0x11bc  HdAudAddService - ok
15:42:08.0311 0x11bc  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
15:42:08.0311 0x11bc  HDAudBus - ok
15:42:08.0343 0x11bc  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt        C:\Windows\System32\drivers\HidBatt.sys
15:42:08.0358 0x11bc  HidBatt - ok
15:42:08.0389 0x11bc  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
15:42:08.0405 0x11bc  HidBth - ok
15:42:08.0436 0x11bc  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
15:42:08.0436 0x11bc  hidi2c - ok
15:42:08.0467 0x11bc  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr          C:\Windows\System32\drivers\hidir.sys
15:42:08.0467 0x11bc  HidIr - ok
15:42:08.0514 0x11bc  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv        C:\Windows\system32\hidserv.dll
15:42:08.0514 0x11bc  hidserv - ok
15:42:08.0545 0x11bc  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
15:42:08.0545 0x11bc  HidUsb - ok
15:42:08.0592 0x11bc  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:42:08.0592 0x11bc  hkmsvc - ok
15:42:08.0639 0x11bc  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:08.0670 0x11bc  HomeGroupListener - ok
15:42:08.0717 0x11bc  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:08.0748 0x11bc  HomeGroupProvider - ok
15:42:08.0779 0x11bc  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:42:08.0795 0x11bc  HpSAMD - ok
15:42:08.0873 0x11bc  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:42:08.0920 0x11bc  HTTP - ok
15:42:08.0967 0x11bc  [ D96A290F699081AE737390C0FE329D7C, 11D69424AD08AEA58AA546883535E6D8E51E2F3D0B5299549DC0B7A31498E982 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:42:08.0982 0x11bc  hwdatacard - ok
15:42:08.0998 0x11bc  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:42:09.0013 0x11bc  hwpolicy - ok
15:42:09.0029 0x11bc  [ E0C7255498640FC64B19AAE17FD6F965, 10BCE55F36A36F962A7BA774B8B4C0F07081EA1EAB0FD3B8C57AA01FE8CFDF48 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
15:42:09.0044 0x11bc  hwusbdev - ok
15:42:09.0060 0x11bc  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
15:42:09.0076 0x11bc  hyperkbd - ok
15:42:09.0107 0x11bc  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
15:42:09.0107 0x11bc  HyperVideo - ok
15:42:09.0122 0x11bc  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
15:42:09.0138 0x11bc  i8042prt - ok
15:42:09.0185 0x11bc  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
15:42:09.0216 0x11bc  iaStorV - ok
15:42:09.0403 0x11bc  [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:42:09.0528 0x11bc  IconMan_R - ok
15:42:09.0559 0x11bc  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
15:42:09.0559 0x11bc  iirsp - ok
15:42:09.0669 0x11bc  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\Windows\System32\ikeext.dll
15:42:09.0762 0x11bc  IKEEXT - ok
15:42:10.0027 0x11bc  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:42:10.0277 0x11bc  IntcAzAudAddService - ok
15:42:10.0339 0x11bc  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:42:10.0339 0x11bc  intelide - ok
15:42:10.0355 0x11bc  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
15:42:10.0371 0x11bc  intelppm - ok
15:42:10.0402 0x11bc  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:10.0402 0x11bc  IpFilterDriver - ok
15:42:10.0495 0x11bc  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:42:10.0558 0x11bc  iphlpsvc - ok
15:42:10.0605 0x11bc  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV        C:\Windows\System32\drivers\IPMIDrv.sys
15:42:10.0605 0x11bc  IPMIDRV - ok
15:42:10.0636 0x11bc  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
15:42:10.0651 0x11bc  IPNAT - ok
15:42:10.0667 0x11bc  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:42:10.0667 0x11bc  IRENUM - ok
15:42:10.0698 0x11bc  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:42:10.0698 0x11bc  isapnp - ok
15:42:10.0745 0x11bc  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
15:42:10.0776 0x11bc  iScsiPrt - ok
15:42:10.0807 0x11bc  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
15:42:10.0807 0x11bc  kbdclass - ok
15:42:10.0823 0x11bc  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
15:42:10.0823 0x11bc  kbdhid - ok
15:42:10.0839 0x11bc  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic          C:\Windows\system32\DRIVERS\kdnic.sys
15:42:10.0839 0x11bc  kdnic - ok
15:42:10.0870 0x11bc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
15:42:10.0885 0x11bc  KeyIso - ok
15:42:10.0917 0x11bc  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:42:10.0932 0x11bc  KSecDD - ok
15:42:10.0979 0x11bc  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
15:42:10.0995 0x11bc  KSecPkg - ok
15:42:11.0010 0x11bc  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
15:42:11.0010 0x11bc  ksthunk - ok
15:42:11.0057 0x11bc  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:42:11.0088 0x11bc  KtmRm - ok
15:42:11.0135 0x11bc  [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C            C:\Windows\system32\DRIVERS\L1C63x64.sys
15:42:11.0135 0x11bc  L1C - ok
15:42:11.0229 0x11bc  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:42:11.0244 0x11bc  LanmanServer - ok
15:42:11.0307 0x11bc  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:11.0338 0x11bc  LanmanWorkstation - ok
15:42:11.0416 0x11bc  [ E6DA531F2C86A230AF5D73354D161D3C, 96A0A443B16F44DF8BB2EFD0AEA56E5B2AC323E99CDF4BA29EA379B62B8EB039 ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
15:42:11.0416 0x11bc  Lexware_Update_Service - ok
15:42:11.0431 0x11bc  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:42:11.0447 0x11bc  lltdio - ok
15:42:11.0494 0x11bc  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:42:11.0509 0x11bc  lltdsvc - ok
15:42:11.0541 0x11bc  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:42:11.0541 0x11bc  lmhosts - ok
15:42:11.0587 0x11bc  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
15:42:11.0587 0x11bc  LSI_SAS - ok
15:42:11.0619 0x11bc  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:42:11.0619 0x11bc  LSI_SAS2 - ok
15:42:11.0650 0x11bc  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:42:11.0665 0x11bc  LSI_SCSI - ok
15:42:11.0697 0x11bc  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS        C:\Windows\system32\drivers\lsi_sss.sys
15:42:11.0697 0x11bc  LSI_SSS - ok
15:42:11.0806 0x11bc  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM            C:\Windows\System32\lsm.dll
15:42:11.0837 0x11bc  LSM - ok
15:42:11.0884 0x11bc  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv          C:\Windows\system32\drivers\luafv.sys
15:42:11.0899 0x11bc  luafv - ok
15:42:11.0915 0x11bc  massfilter - ok
15:42:11.0931 0x11bc  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas        C:\Windows\system32\drivers\megasas.sys
15:42:11.0946 0x11bc  megasas - ok
15:42:11.0993 0x11bc  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:42:12.0009 0x11bc  MegaSR - ok
15:42:12.0055 0x11bc  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS          C:\Windows\system32\mmcss.dll
15:42:12.0055 0x11bc  MMCSS - ok
15:42:12.0087 0x11bc  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem          C:\Windows\system32\drivers\modem.sys
15:42:12.0087 0x11bc  Modem - ok
15:42:12.0133 0x11bc  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor        C:\Windows\System32\drivers\monitor.sys
15:42:12.0149 0x11bc  monitor - ok
15:42:12.0165 0x11bc  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
15:42:12.0165 0x11bc  mouclass - ok
15:42:12.0212 0x11bc  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
15:42:12.0212 0x11bc  mouhid - ok
15:42:12.0258 0x11bc  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:42:12.0258 0x11bc  mountmgr - ok
15:42:12.0305 0x11bc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:42:12.0321 0x11bc  MozillaMaintenance - ok
15:42:12.0367 0x11bc  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:42:12.0367 0x11bc  mpsdrv - ok
15:42:12.0463 0x11bc  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:42:12.0525 0x11bc  MpsSvc - ok
15:42:12.0572 0x11bc  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:42:12.0588 0x11bc  MRxDAV - ok
15:42:12.0666 0x11bc  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:12.0681 0x11bc  mrxsmb - ok
15:42:12.0728 0x11bc  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:12.0744 0x11bc  mrxsmb10 - ok
15:42:12.0775 0x11bc  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:12.0790 0x11bc  mrxsmb20 - ok
15:42:12.0837 0x11bc  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
15:42:12.0837 0x11bc  MsBridge - ok
15:42:12.0868 0x11bc  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC          C:\Windows\System32\msdtc.exe
15:42:12.0915 0x11bc  MSDTC - ok
15:42:12.0946 0x11bc  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:42:12.0946 0x11bc  Msfs - ok
15:42:12.0993 0x11bc  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32    C:\Windows\System32\drivers\msgpiowin32.sys
15:42:12.0993 0x11bc  msgpiowin32 - ok
15:42:13.0024 0x11bc  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
15:42:13.0024 0x11bc  mshidkmdf - ok
15:42:13.0056 0x11bc  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf      C:\Windows\System32\drivers\mshidumdf.sys
15:42:13.0056 0x11bc  mshidumdf - ok
15:42:13.0071 0x11bc  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:42:13.0071 0x11bc  msisadrv - ok
15:42:13.0118 0x11bc  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:42:13.0134 0x11bc  MSiSCSI - ok
15:42:13.0149 0x11bc  msiserver - ok
15:42:13.0165 0x11bc  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:42:13.0180 0x11bc  MSKSSRV - ok
15:42:13.0196 0x11bc  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
15:42:13.0212 0x11bc  MsLldp - ok
15:42:13.0227 0x11bc  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:13.0243 0x11bc  MSPCLOCK - ok
15:42:13.0258 0x11bc  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:42:13.0258 0x11bc  MSPQM - ok
15:42:13.0305 0x11bc  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:42:13.0321 0x11bc  MsRPC - ok
15:42:13.0336 0x11bc  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
15:42:13.0352 0x11bc  mssmbios - ok
15:42:13.0368 0x11bc  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:42:13.0368 0x11bc  MSTEE - ok
15:42:13.0399 0x11bc  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
15:42:13.0399 0x11bc  MTConfig - ok
15:42:13.0430 0x11bc  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup            C:\Windows\system32\Drivers\mup.sys
15:42:13.0430 0x11bc  Mup - ok
15:42:13.0446 0x11bc  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
15:42:13.0461 0x11bc  mvumis - ok
15:42:13.0492 0x11bc  [ 431F065E2A99FC3C670BD20694117C8B, ADE1D6B5EC0C0F078DB5F24FE4E830AC08FA1EDA1C895E7F4873874BCC1F2154 ] MyWiFiDHCPDNS  C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:42:13.0508 0x11bc  MyWiFiDHCPDNS - ok
15:42:13.0570 0x11bc  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
15:42:13.0602 0x11bc  napagent - ok
15:42:13.0648 0x11bc  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:42:13.0680 0x11bc  NativeWifiP - ok
15:42:13.0773 0x11bc  [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
15:42:13.0804 0x11bc  NAUpdate - ok
15:42:13.0851 0x11bc  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
15:42:13.0882 0x11bc  NcaSvc - ok
15:42:13.0914 0x11bc  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
15:42:13.0929 0x11bc  NcdAutoSetup - ok
15:42:14.0023 0x11bc  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:42:14.0070 0x11bc  NDIS - ok
15:42:14.0117 0x11bc  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:14.0117 0x11bc  NdisCap - ok
15:42:14.0148 0x11bc  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:42:14.0163 0x11bc  NdisImPlatform - ok
15:42:14.0194 0x11bc  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:14.0210 0x11bc  NdisTapi - ok
15:42:14.0241 0x11bc  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:14.0241 0x11bc  Ndisuio - ok
15:42:14.0257 0x11bc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:14.0272 0x11bc  NdisWan - ok
15:42:14.0288 0x11bc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY  C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:14.0304 0x11bc  NDISWANLEGACY - ok
15:42:14.0350 0x11bc  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:42:14.0366 0x11bc  NDProxy - ok
15:42:14.0382 0x11bc  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu            C:\Windows\system32\drivers\Ndu.sys
15:42:14.0382 0x11bc  Ndu - ok
15:42:14.0397 0x11bc  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:42:14.0413 0x11bc  NetBIOS - ok
15:42:14.0444 0x11bc  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
15:42:14.0460 0x11bc  NetBT - ok
15:42:14.0491 0x11bc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
15:42:14.0491 0x11bc  Netlogon - ok
15:42:14.0538 0x11bc  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
15:42:14.0569 0x11bc  Netman - ok
15:42:14.0631 0x11bc  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
15:42:14.0662 0x11bc  netprofm - ok
15:42:14.0725 0x11bc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:14.0740 0x11bc  NetTcpPortSharing - ok
15:42:15.0021 0x11bc  [ A92DECBD3D9624F298A49A2B25EDE3B0, 5CD6914DE33E70B2097BDBB302BDE2AC3654AF54B6F673D98E48881CEA98BD36 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
15:42:15.0302 0x11bc  NETwNe64 - ok
15:42:15.0380 0x11bc  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
15:42:15.0380 0x11bc  nfrd960 - ok
15:42:15.0458 0x11bc  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:42:15.0489 0x11bc  NlaSvc - ok
15:42:15.0505 0x11bc  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:42:15.0505 0x11bc  Npfs - ok
15:42:15.0520 0x11bc  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig      C:\Windows\System32\drivers\npsvctrig.sys
15:42:15.0536 0x11bc  npsvctrig - ok
15:42:15.0567 0x11bc  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi            C:\Windows\system32\nsisvc.dll
15:42:15.0583 0x11bc  nsi - ok
15:42:15.0598 0x11bc  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:42:15.0598 0x11bc  nsiproxy - ok
15:42:15.0786 0x11bc  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:42:15.0910 0x11bc  Ntfs - ok
15:42:15.0973 0x11bc  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
15:42:15.0973 0x11bc  Null - ok
15:42:16.0020 0x11bc  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:42:16.0051 0x11bc  nvraid - ok
15:42:16.0066 0x11bc  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:42:16.0082 0x11bc  nvstor - ok
15:42:16.0113 0x11bc  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:42:16.0129 0x11bc  nv_agp - ok
15:42:16.0207 0x11bc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:16.0222 0x11bc  ose - ok
15:42:16.0581 0x11bc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:42:16.0862 0x11bc  osppsvc - ok
15:42:16.0940 0x11bc  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:42:16.0971 0x11bc  p2pimsvc - ok
15:42:17.0018 0x11bc  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:42:17.0049 0x11bc  p2psvc - ok
15:42:17.0081 0x11bc  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport        C:\Windows\System32\drivers\parport.sys
15:42:17.0081 0x11bc  Parport - ok
15:42:17.0127 0x11bc  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:42:17.0143 0x11bc  partmgr - ok
15:42:17.0221 0x11bc  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:42:17.0252 0x11bc  PcaSvc - ok
15:42:17.0330 0x11bc  PCDSRVC{0368CD8C-041F8379-06020200}_0 - ok
15:42:17.0377 0x11bc  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci            C:\Windows\system32\drivers\pci.sys
15:42:17.0393 0x11bc  pci - ok
15:42:17.0408 0x11bc  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
15:42:17.0424 0x11bc  pciide - ok
15:42:17.0455 0x11bc  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:42:17.0471 0x11bc  pcmcia - ok
15:42:17.0486 0x11bc  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw            C:\Windows\system32\drivers\pcw.sys
15:42:17.0486 0x11bc  pcw - ok
15:42:17.0533 0x11bc  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc            C:\Windows\system32\drivers\pdc.sys
15:42:17.0533 0x11bc  pdc - ok
15:42:17.0627 0x11bc  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:42:17.0673 0x11bc  PEAUTH - ok
15:42:17.0783 0x11bc  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:42:17.0783 0x11bc  PerfHost - ok
15:42:17.0923 0x11bc  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla            C:\Windows\system32\pla.dll
15:42:18.0048 0x11bc  pla - ok
15:42:18.0095 0x11bc  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:42:18.0110 0x11bc  PlugPlay - ok
15:42:18.0142 0x11bc  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
15:42:18.0157 0x11bc  PNRPAutoReg - ok
15:42:18.0188 0x11bc  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
15:42:18.0219 0x11bc  PNRPsvc - ok
15:42:18.0282 0x11bc  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:42:18.0313 0x11bc  PolicyAgent - ok
15:42:18.0360 0x11bc  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power          C:\Windows\system32\umpo.dll
15:42:18.0391 0x11bc  Power - ok
15:42:18.0422 0x11bc  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:42:18.0422 0x11bc  PptpMiniport - ok
15:42:18.0656 0x11bc  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify    C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:42:18.0843 0x11bc  PrintNotify - ok
15:42:18.0890 0x11bc  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor      C:\Windows\System32\drivers\processr.sys
15:42:18.0890 0x11bc  Processor - ok
15:42:18.0937 0x11bc  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:42:18.0968 0x11bc  ProfSvc - ok
15:42:18.0999 0x11bc  [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid      C:\Windows\System32\drivers\aPs2Kb2Hid.sys
15:42:18.0999 0x11bc  Ps2Kb2Hid - ok
15:42:19.0015 0x11bc  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:42:19.0031 0x11bc  Psched - ok
15:42:19.0078 0x11bc  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE          C:\Windows\system32\qwave.dll
15:42:19.0109 0x11bc  QWAVE - ok
15:42:19.0140 0x11bc  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:42:19.0140 0x11bc  QWAVEdrv - ok
15:42:19.0156 0x11bc  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:42:19.0171 0x11bc  RasAcd - ok
15:42:19.0202 0x11bc  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:19.0218 0x11bc  RasAgileVpn - ok
15:42:19.0234 0x11bc  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto        C:\Windows\System32\rasauto.dll
15:42:19.0249 0x11bc  RasAuto - ok
15:42:19.0265 0x11bc  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:19.0280 0x11bc  Rasl2tp - ok
15:42:19.0327 0x11bc  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
15:42:19.0358 0x11bc  RasMan - ok
15:42:19.0374 0x11bc  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:19.0374 0x11bc  RasPppoe - ok
15:42:19.0390 0x11bc  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:42:19.0405 0x11bc  RasSstp - ok
15:42:19.0468 0x11bc  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:42:19.0483 0x11bc  rdbss - ok
15:42:19.0499 0x11bc  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
15:42:19.0514 0x11bc  rdpbus - ok
15:42:19.0577 0x11bc  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
15:42:19.0577 0x11bc  RDPDR - ok
15:42:19.0623 0x11bc  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:42:19.0639 0x11bc  RdpVideoMiniport - ok
15:42:19.0670 0x11bc  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:42:19.0686 0x11bc  RDPWD - ok
15:42:19.0702 0x11bc  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:42:19.0717 0x11bc  rdyboost - ok
15:42:19.0795 0x11bc  [ D4F8266D63800FF9ACFAC838005A974C, 4FF1053A6B5365867F58AE521FDD32565C144686CB399C2B606005A507EC206E ] RegSrvc        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:42:19.0795 0x11bc  RegSrvc - ok
15:42:19.0858 0x11bc  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:42:19.0873 0x11bc  RemoteAccess - ok
15:42:19.0920 0x11bc  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:42:19.0936 0x11bc  RemoteRegistry - ok
15:42:19.0967 0x11bc  [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
15:42:19.0982 0x11bc  RfButtonDriverService - ok
15:42:20.0014 0x11bc  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:42:20.0029 0x11bc  RpcEptMapper - ok
15:42:20.0045 0x11bc  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
15:42:20.0060 0x11bc  RpcLocator - ok
15:42:20.0138 0x11bc  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs          C:\Windows\system32\rpcss.dll
15:42:20.0185 0x11bc  RpcSs - ok
15:42:20.0232 0x11bc  [ 1EE9D150653775BAA064F3FF1A02F267, 8E25A94899056C85FBF93038D47AB0A13FEC97855FB9A9977D807ED06F6C24C9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
15:42:20.0248 0x11bc  RSPCIESTOR - ok
15:42:20.0295 0x11bc  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:42:20.0310 0x11bc  rspndr - ok
15:42:20.0326 0x11bc  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap          C:\Windows\System32\drivers\vms3cap.sys
15:42:20.0341 0x11bc  s3cap - ok
15:42:20.0372 0x11bc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs          C:\Windows\system32\lsass.exe
15:42:20.0372 0x11bc  SamSs - ok
15:42:20.0404 0x11bc  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:42:20.0404 0x11bc  sbp2port - ok
15:42:20.0435 0x11bc  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:42:20.0466 0x11bc  SCardSvr - ok
15:42:20.0482 0x11bc  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:42:20.0497 0x11bc  scfilter - ok
15:42:20.0606 0x11bc  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll
15:42:20.0716 0x11bc  Schedule - ok
15:42:20.0747 0x11bc  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:42:20.0762 0x11bc  SCPolicySvc - ok
15:42:20.0809 0x11bc  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus          C:\Windows\System32\drivers\sdbus.sys
15:42:20.0825 0x11bc  sdbus - ok
15:42:20.0856 0x11bc  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:42:20.0887 0x11bc  SDRSVC - ok
15:42:20.0934 0x11bc  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
15:42:20.0934 0x11bc  sdstor - ok
15:42:20.0965 0x11bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:42:20.0981 0x11bc  secdrv - ok
15:42:20.0996 0x11bc  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
15:42:21.0012 0x11bc  seclogon - ok
15:42:21.0059 0x11bc  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
15:42:21.0074 0x11bc  SENS - ok
15:42:21.0106 0x11bc  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:42:21.0121 0x11bc  SensrSvc - ok
15:42:21.0152 0x11bc  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx          C:\Windows\system32\drivers\SerCx.sys
15:42:21.0152 0x11bc  SerCx - ok
15:42:21.0184 0x11bc  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum        C:\Windows\System32\drivers\serenum.sys
15:42:21.0184 0x11bc  Serenum - ok
15:42:21.0215 0x11bc  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
15:42:21.0215 0x11bc  Serial - ok
15:42:21.0246 0x11bc  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
15:42:21.0246 0x11bc  sermouse - ok
15:42:21.0308 0x11bc  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:42:21.0340 0x11bc  SessionEnv - ok
15:42:21.0355 0x11bc  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy        C:\Windows\System32\drivers\sfloppy.sys
15:42:21.0355 0x11bc  sfloppy - ok
15:42:21.0433 0x11bc  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:42:21.0464 0x11bc  SharedAccess - ok
15:42:21.0511 0x11bc  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:42:21.0558 0x11bc  ShellHWDetection - ok
15:42:21.0574 0x11bc  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:42:21.0589 0x11bc  SiSRaid2 - ok
15:42:21.0620 0x11bc  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:42:21.0620 0x11bc  SiSRaid4 - ok
15:42:21.0698 0x11bc  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
15:42:21.0730 0x11bc  SkypeUpdate - ok
15:42:21.0761 0x11bc  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:42:21.0776 0x11bc  SNMPTRAP - ok
15:42:21.0839 0x11bc  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport      C:\Windows\system32\drivers\spaceport.sys
15:42:21.0854 0x11bc  spaceport - ok
15:42:21.0901 0x11bc  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx          C:\Windows\system32\drivers\SpbCx.sys
15:42:21.0901 0x11bc  SpbCx - ok
15:42:21.0979 0x11bc  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler        C:\Windows\System32\spoolsv.exe
15:42:22.0026 0x11bc  Spooler - ok
15:42:22.0354 0x11bc  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:42:22.0681 0x11bc  sppsvc - ok
15:42:22.0744 0x11bc  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:42:22.0775 0x11bc  srv - ok
15:42:22.0853 0x11bc  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:42:22.0884 0x11bc  srv2 - ok
15:42:22.0947 0x11bc  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:42:22.0978 0x11bc  srvnet - ok
15:42:23.0056 0x11bc  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:42:23.0087 0x11bc  SSDPSRV - ok
15:42:23.0118 0x11bc  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:42:23.0134 0x11bc  SSPORT - ok
15:42:23.0149 0x11bc  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:42:23.0165 0x11bc  SstpSvc - ok
15:42:23.0227 0x11bc  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
15:42:23.0243 0x11bc  ssudmdm - ok
15:42:23.0290 0x11bc  [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd        C:\Windows\system32\DRIVERS\ssudserd.sys
15:42:23.0305 0x11bc  ssudserd - ok
15:42:23.0477 0x11bc  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
15:42:23.0508 0x11bc  ss_conn_service - ok
15:42:23.0571 0x11bc  [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8          C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
15:42:23.0586 0x11bc  Start8 - ok
15:42:23.0617 0x11bc  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:42:23.0617 0x11bc  stexstor - ok
15:42:23.0695 0x11bc  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
15:42:23.0742 0x11bc  stisvc - ok
15:42:23.0789 0x11bc  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
15:42:23.0789 0x11bc  storahci - ok
15:42:23.0820 0x11bc  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt        C:\Windows\system32\DRIVERS\vmstorfl.sys
15:42:23.0820 0x11bc  storflt - ok
15:42:23.0867 0x11bc  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc        C:\Windows\system32\storsvc.dll
15:42:23.0883 0x11bc  StorSvc - ok
15:42:23.0898 0x11bc  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc        C:\Windows\system32\drivers\storvsc.sys
15:42:23.0898 0x11bc  storvsc - ok
15:42:23.0929 0x11bc  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc          C:\Windows\system32\svsvc.dll
15:42:23.0945 0x11bc  svsvc - ok
15:42:23.0961 0x11bc  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
15:42:23.0961 0x11bc  swenum - ok
15:42:24.0023 0x11bc  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv          C:\Windows\System32\swprv.dll
15:42:24.0054 0x11bc  swprv - ok
15:42:24.0117 0x11bc  [ C72663637DBAD69DDE0919DA4A378A2A, 250E49419FB21EC4046D3C38C25B784ADC8A727A54E5AB3835E830B1D49C996A ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
15:42:24.0148 0x11bc  SynTP - ok
15:42:24.0257 0x11bc  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain        C:\Windows\system32\sysmain.dll
15:42:24.0366 0x11bc  SysMain - ok
15:42:24.0429 0x11bc  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:42:24.0460 0x11bc  SystemEventsBroker - ok
15:42:24.0507 0x11bc  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
15:42:24.0522 0x11bc  TabletInputService - ok
15:42:24.0553 0x11bc  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:42:24.0585 0x11bc  TapiSrv - ok
15:42:24.0756 0x11bc  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:42:24.0897 0x11bc  Tcpip - ok
15:42:25.0053 0x11bc  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:42:25.0162 0x11bc  TCPIP6 - ok
15:42:25.0209 0x11bc  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:42:25.0209 0x11bc  tcpipreg - ok
15:42:25.0240 0x11bc  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:42:25.0240 0x11bc  tdx - ok
15:42:25.0599 0x11bc  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9    C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
15:42:25.0833 0x11bc  TeamViewer9 - ok
15:42:25.0895 0x11bc  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
15:42:25.0957 0x11bc  terminpt - ok
15:42:26.0145 0x11bc  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService    C:\Windows\System32\termsrv.dll
15:42:26.0192 0x11bc  TermService - ok
15:42:26.0238 0x11bc  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
15:42:26.0254 0x11bc  Themes - ok
15:42:26.0301 0x11bc  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER    C:\Windows\system32\mmcss.dll
15:42:26.0316 0x11bc  THREADORDER - ok
15:42:26.0363 0x11bc  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
15:42:26.0379 0x11bc  TimeBroker - ok
15:42:26.0426 0x11bc  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM            C:\Windows\system32\drivers\tpm.sys
15:42:26.0441 0x11bc  TPM - ok
15:42:26.0457 0x11bc  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
15:42:26.0488 0x11bc  TrkWks - ok
15:42:26.0550 0x11bc  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:42:26.0566 0x11bc  TrustedInstaller - ok
15:42:26.0613 0x11bc  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:42:26.0613 0x11bc  TsUsbFlt - ok
15:42:26.0628 0x11bc  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD        C:\Windows\System32\drivers\TsUsbGD.sys
15:42:26.0628 0x11bc  TsUsbGD - ok
15:42:26.0660 0x11bc  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:42:26.0675 0x11bc  tunnel - ok
15:42:26.0706 0x11bc  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:42:26.0706 0x11bc  uagp35 - ok
15:42:26.0738 0x11bc  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
15:42:26.0753 0x11bc  UASPStor - ok
15:42:26.0800 0x11bc  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
15:42:26.0816 0x11bc  UCX01000 - ok
15:42:26.0878 0x11bc  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:42:26.0894 0x11bc  udfs - ok
15:42:26.0940 0x11bc  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:42:26.0956 0x11bc  UI0Detect - ok
15:42:26.0971 0x11bc  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:42:26.0971 0x11bc  uliagpkx - ok
15:42:26.0987 0x11bc  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus          C:\Windows\System32\drivers\umbus.sys
15:42:27.0003 0x11bc  umbus - ok
15:42:27.0034 0x11bc  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
15:42:27.0034 0x11bc  UmPass - ok
15:42:27.0081 0x11bc  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:42:27.0112 0x11bc  UmRdpService - ok
15:42:27.0159 0x11bc  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
15:42:27.0206 0x11bc  upnphost - ok
15:42:27.0252 0x11bc  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp        C:\Windows\System32\drivers\usbccgp.sys
15:42:27.0268 0x11bc  usbccgp - ok
15:42:27.0315 0x11bc  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
15:42:27.0315 0x11bc  usbcir - ok
15:42:27.0346 0x11bc  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci        C:\Windows\System32\drivers\usbehci.sys
15:42:27.0362 0x11bc  usbehci - ok
15:42:27.0408 0x11bc  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
15:42:27.0408 0x11bc  usbfilter - ok
15:42:27.0471 0x11bc  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
15:42:27.0502 0x11bc  usbhub - ok
15:42:27.0580 0x11bc  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3        C:\Windows\System32\drivers\UsbHub3.sys
15:42:27.0611 0x11bc  USBHUB3 - ok
15:42:27.0642 0x11bc  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci        C:\Windows\System32\drivers\usbohci.sys
15:42:27.0642 0x11bc  usbohci - ok
15:42:27.0673 0x11bc  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
15:42:27.0673 0x11bc  usbprint - ok
15:42:27.0705 0x11bc  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan        C:\Windows\System32\drivers\usbscan.sys
15:42:27.0720 0x11bc  usbscan - ok
15:42:27.0752 0x11bc  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR        C:\Windows\System32\drivers\USBSTOR.SYS
15:42:27.0752 0x11bc  USBSTOR - ok
15:42:27.0783 0x11bc  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci        C:\Windows\System32\drivers\usbuhci.sys
15:42:27.0783 0x11bc  usbuhci - ok
15:42:27.0830 0x11bc  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:42:27.0845 0x11bc  usbvideo - ok
15:42:27.0876 0x11bc  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI        C:\Windows\System32\drivers\USBXHCI.SYS
15:42:27.0892 0x11bc  USBXHCI - ok
15:42:27.0939 0x11bc  [ 9AD9560606A3049CE492E3A06FB12716, D154976648BC3F6B3E3B8E055ECF18C6BE93359B3F679D9BFC5430E4746CB52E ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:42:27.0939 0x11bc  usb_rndisx - ok
15:42:27.0954 0x11bc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
15:42:27.0970 0x11bc  VaultSvc - ok
15:42:28.0001 0x11bc  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:42:28.0017 0x11bc  vdrvroot - ok
15:42:28.0079 0x11bc  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds            C:\Windows\System32\vds.exe
15:42:28.0126 0x11bc  vds - ok
15:42:28.0157 0x11bc  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt    C:\Windows\system32\drivers\VerifierExt.sys
15:42:28.0157 0x11bc  VerifierExt - ok
15:42:28.0220 0x11bc  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp          C:\Windows\System32\drivers\vhdmp.sys
15:42:28.0251 0x11bc  vhdmp - ok
15:42:28.0282 0x11bc  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:42:28.0282 0x11bc  viaide - ok
15:42:28.0313 0x11bc  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
15:42:28.0329 0x11bc  vmbus - ok
15:42:28.0344 0x11bc  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
15:42:28.0344 0x11bc  VMBusHID - ok
15:42:28.0407 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat  C:\Windows\System32\ICSvc.dll
15:42:28.0438 0x11bc  vmicheartbeat - ok
15:42:28.0469 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:42:28.0485 0x11bc  vmickvpexchange - ok
15:42:28.0516 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv        C:\Windows\System32\ICSvc.dll
15:42:28.0532 0x11bc  vmicrdv - ok
15:42:28.0563 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
15:42:28.0578 0x11bc  vmicshutdown - ok
15:42:28.0610 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
15:42:28.0641 0x11bc  vmictimesync - ok
15:42:28.0656 0x11bc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss        C:\Windows\System32\ICSvc.dll
15:42:28.0688 0x11bc  vmicvss - ok
15:42:28.0703 0x11bc  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:42:28.0703 0x11bc  volmgr - ok
15:42:28.0766 0x11bc  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:42:28.0781 0x11bc  volmgrx - ok
15:42:28.0844 0x11bc  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:42:28.0859 0x11bc  volsnap - ok
15:42:28.0890 0x11bc  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
15:42:28.0890 0x11bc  vpci - ok
15:42:28.0922 0x11bc  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
15:42:28.0937 0x11bc  vsmraid - ok
15:42:29.0093 0x11bc  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS            C:\Windows\system32\vssvc.exe
15:42:29.0202 0x11bc  VSS - ok
15:42:29.0234 0x11bc  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
15:42:29.0265 0x11bc  VSTXRAID - ok
15:42:29.0296 0x11bc  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:42:29.0296 0x11bc  vwifibus - ok
15:42:29.0312 0x11bc  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:29.0312 0x11bc  vwififlt - ok
15:42:29.0327 0x11bc  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
15:42:29.0343 0x11bc  vwifimp - ok
15:42:29.0390 0x11bc  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time        C:\Windows\system32\w32time.dll
15:42:29.0421 0x11bc  W32Time - ok
15:42:29.0436 0x11bc  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
15:42:29.0452 0x11bc  WacomPen - ok
15:42:29.0499 0x11bc  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:42:29.0499 0x11bc  Wanarp - ok
15:42:29.0514 0x11bc  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:42:29.0530 0x11bc  Wanarpv6 - ok
15:42:29.0639 0x11bc  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
15:42:29.0748 0x11bc  wbengine - ok
15:42:29.0795 0x11bc  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:42:29.0826 0x11bc  WbioSrvc - ok
15:42:29.0889 0x11bc  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
15:42:29.0920 0x11bc  Wcmsvc - ok
15:42:29.0982 0x11bc  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:42:30.0014 0x11bc  wcncsvc - ok
15:42:30.0045 0x11bc  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:42:30.0061 0x11bc  WcsPlugInService - ok
15:42:30.0092 0x11bc  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
15:42:30.0092 0x11bc  Wd - ok
15:42:30.0139 0x11bc  [ B7FD627AAE8E95848BFEC437C923A87E, 26188FC7E86AD9B92FB732DD3EC5E8EAB18EB52B21E854B27798EC08C49167D8 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
15:42:30.0154 0x11bc  WdBoot - ok
15:42:30.0232 0x11bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:42:30.0279 0x11bc  Wdf01000 - ok
15:42:30.0326 0x11bc  [ FAC362ED29713A535C6E2EEFFA5B4733, C4AF6C5A74389F9F51668433D4478806016C4913CB241F77513601803D532EC0 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
15:42:30.0341 0x11bc  WdFilter - ok
15:42:30.0419 0x11bc  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:42:30.0450 0x11bc  WdiServiceHost - ok
15:42:30.0466 0x11bc  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:42:30.0497 0x11bc  WdiSystemHost - ok
15:42:30.0560 0x11bc  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient      C:\Windows\System32\webclnt.dll
15:42:30.0575 0x11bc  WebClient - ok
15:42:30.0607 0x11bc  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:42:30.0638 0x11bc  Wecsvc - ok
15:42:30.0669 0x11bc  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:42:30.0685 0x11bc  wercplsupport - ok
15:42:30.0731 0x11bc  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:42:30.0747 0x11bc  WerSvc - ok
15:42:30.0794 0x11bc  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS        C:\Windows\system32\DRIVERS\wfplwfs.sys
15:42:30.0809 0x11bc  WFPLWFS - ok
15:42:30.0840 0x11bc  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
15:42:30.0856 0x11bc  WiaRpc - ok
15:42:30.0872 0x11bc  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:42:30.0887 0x11bc  WIMMount - ok
15:42:30.0903 0x11bc  WinDefend - ok
15:42:31.0012 0x11bc  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:42:31.0059 0x11bc  WinHttpAutoProxySvc - ok
15:42:31.0121 0x11bc  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:42:31.0137 0x11bc  Winmgmt - ok
15:42:31.0340 0x11bc  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM          C:\Windows\system32\WsmSvc.dll
15:42:31.0543 0x11bc  WinRM - ok
15:42:31.0589 0x11bc  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:31.0589 0x11bc  WinUsb - ok
15:42:31.0699 0x11bc  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc        C:\Windows\System32\wlansvc.dll
15:42:31.0823 0x11bc  WlanSvc - ok
15:42:31.0964 0x11bc  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc        C:\Windows\system32\wlidsvc.dll
15:42:32.0120 0x11bc  wlidsvc - ok
15:42:32.0167 0x11bc  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi        C:\Windows\System32\drivers\wmiacpi.sys
15:42:32.0167 0x11bc  WmiAcpi - ok
15:42:32.0214 0x11bc  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:42:32.0229 0x11bc  wmiApSrv - ok
15:42:32.0260 0x11bc  WMPNetworkSvc - ok
15:42:32.0291 0x11bc  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr        C:\Windows\system32\DRIVERS\wpcfltr.sys
15:42:32.0291 0x11bc  wpcfltr - ok
15:42:32.0338 0x11bc  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:42:32.0354 0x11bc  WPCSvc - ok
15:42:32.0401 0x11bc  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:42:32.0416 0x11bc  WPDBusEnum - ok
15:42:32.0432 0x11bc  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr      C:\Windows\system32\drivers\WpdUpFltr.sys
15:42:32.0432 0x11bc  WpdUpFltr - ok
15:42:32.0494 0x11bc  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:42:32.0494 0x11bc  ws2ifsl - ok
15:42:32.0541 0x11bc  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:42:32.0572 0x11bc  wscsvc - ok
15:42:32.0603 0x11bc  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
15:42:32.0619 0x11bc  WSDPrintDevice - ok
15:42:32.0635 0x11bc  WSearch - ok
15:42:32.0806 0x11bc  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService      C:\Windows\System32\WSService.dll
15:42:32.0962 0x11bc  WSService - ok
15:42:33.0227 0x11bc  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:42:33.0446 0x11bc  wuauserv - ok
15:42:33.0493 0x11bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:42:33.0508 0x11bc  WudfPf - ok
15:42:33.0524 0x11bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
15:42:33.0540 0x11bc  WUDFRd - ok
15:42:33.0571 0x11bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:42:33.0602 0x11bc  wudfsvc - ok
15:42:33.0617 0x11bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs      C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:33.0633 0x11bc  WUDFWpdFs - ok
15:42:33.0649 0x11bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:33.0664 0x11bc  WUDFWpdMtp - ok
15:42:33.0727 0x11bc  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:42:33.0758 0x11bc  WwanSvc - ok
15:42:33.0992 0x11bc  [ 97D3DCBBF3915782644DB56F5C191B9F, 3207D951F8042ADA9256283E9D64C3427D145DB98172A87733F868215FF62EF4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:42:34.0117 0x11bc  ZeroConfigService - ok
15:42:34.0132 0x11bc  ZTEusbmdm6k - ok
15:42:34.0148 0x11bc  ZTEusbnmea - ok
15:42:34.0164 0x11bc  ZTEusbser6k - ok
15:42:34.0210 0x11bc  ================ Scan global ===============================
15:42:34.0257 0x11bc  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
15:42:34.0320 0x11bc  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
15:42:34.0366 0x11bc  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
15:42:34.0444 0x11bc  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\Windows\system32\services.exe
15:42:34.0476 0x11bc  [ Global ] - ok
15:42:34.0491 0x11bc  ================ Scan MBR ==================================
15:42:34.0491 0x11bc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:42:34.0507 0x11bc  \Device\Harddisk0\DR0 - ok
15:42:34.0522 0x11bc  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
15:42:34.0522 0x11bc  \Device\Harddisk1\DR1 - ok
15:42:34.0522 0x11bc  ================ Scan VBR ==================================
15:42:34.0569 0x11bc  [ 9813877863508D709DE4F7C6ACC3D0AC ] \Device\Harddisk0\DR0\Partition1
15:42:34.0569 0x11bc  \Device\Harddisk0\DR0\Partition1 - ok
15:42:34.0585 0x11bc  [ 8C289B6D229F43B1E3FB9360C97A1D16 ] \Device\Harddisk0\DR0\Partition2
15:42:34.0600 0x11bc  \Device\Harddisk0\DR0\Partition2 - ok
15:42:34.0616 0x11bc  [ FDD2E7C952566CAFA7B84BE734674D05 ] \Device\Harddisk0\DR0\Partition3
15:42:34.0616 0x11bc  \Device\Harddisk0\DR0\Partition3 - ok
15:42:34.0632 0x11bc  [ 654116B0868014985524E518A86DD709 ] \Device\Harddisk0\DR0\Partition4
15:42:34.0647 0x11bc  \Device\Harddisk0\DR0\Partition4 - ok
15:42:34.0678 0x11bc  [ 7EEB3A168E0F7FDF7AF023AE060A70DD ] \Device\Harddisk0\DR0\Partition5
15:42:34.0694 0x11bc  \Device\Harddisk0\DR0\Partition5 - ok
15:42:34.0710 0x11bc  [ 140AD8802C85F2F42089E0DF8F7C9C80 ] \Device\Harddisk0\DR0\Partition6
15:42:34.0725 0x11bc  \Device\Harddisk0\DR0\Partition6 - ok
15:42:34.0756 0x11bc  [ DF93DD5DF27B95FDC0178B77CDC1AFBD ] \Device\Harddisk0\DR0\Partition7
15:42:34.0756 0x11bc  \Device\Harddisk0\DR0\Partition7 - ok
15:42:34.0772 0x11bc  [ B8131B8C94AC17245F23DAC2228CEDD3 ] \Device\Harddisk1\DR1\Partition1
15:42:34.0772 0x11bc  \Device\Harddisk1\DR1\Partition1 - ok
15:42:34.0772 0x11bc  ================ Scan generic autorun ======================
15:42:35.0583 0x11bc  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:42:36.0129 0x11bc  RTHDVCPL - ok
15:42:36.0176 0x11bc  SynTPEnh - ok
15:42:36.0270 0x11bc  [ 73D5A5EA6209DAF5A324A5D4D40D4B8C, 0A37DFBE4772403CD24F0ECE8EFBA24026CED34652986716DF4451AACFCF6479 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:42:36.0332 0x11bc  StartCCC - ok
15:42:36.0379 0x11bc  [ 482C20F8A1528960BF0C58233E907226, 2DE1F92881A25D93669A9D2A331903B230CAFD51786776E393148448A32BC505 ] C:\Program Files (x86)\PDF24\pdf24.exe
15:42:36.0394 0x11bc  PDFPrint - ok
15:42:36.0535 0x11bc  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:42:36.0597 0x11bc  Adobe ARM - ok
15:42:36.0675 0x11bc  [ 4E942B9318ECF3E3F435AA4BFA3E39A0, 374012FDD59FBEEDCFA6FA0699573DC06DD961E7104A68ABBA198A35602D8059 ] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
15:42:36.0691 0x11bc  STO Backup Service - ok
15:42:36.0753 0x11bc  [ A7354D6552E0F8847F1689A9C3D4C001, 65A664EAD9EE55C99E3BABDBEFA91401CEA236213AC3DBB388BD4E8551D07620 ] C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
15:42:36.0784 0x11bc  STO Launcher Service - ok
15:42:36.0909 0x11bc  [ 53EBC5A93B96B8590BC7F02D7316A9EE, 40E2FF18A57128A197502A2D52808F326C4250B0CE9C310232A92139AF039D89 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
15:42:36.0940 0x11bc  KiesTrayAgent - ok
15:42:37.0050 0x11bc  [ 1CEB6E00AEDDAE46BF52DD4741DD80BA, 60266CBB61F73AF3A143C65F5907897B4522D905AA25C2FBAD40EB6CDEF4E65E ] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
15:42:37.0065 0x11bc  LexwareInfoService - ok
15:42:37.0128 0x11bc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:42:37.0143 0x11bc  SunJavaUpdateSched - ok
15:42:37.0486 0x11bc  [ 4D41E99E1986D54BF7F0DA18AFDB703E, F49741DF7172FFE7E9FD075B095A0CAE581CA2CF32C196A299968886293621E2 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:42:37.0736 0x11bc  AvastUI.exe - ok
15:42:37.0830 0x11bc  [ 7778935A256BBA9267784E3FEDF0B747, 2A5F2903A779DBCCE657EC127FB36B7D947E5E8BD096C75AD67B5EDE14AE4F50 ] C:\Windows\BrowserChoice\browserchoice.exe
15:42:37.0830 0x11bc  BrowserChoice - ok
15:42:37.0970 0x11bc  [ 99C03F5D726A415253DBF09AFDA0A72E, 860DEF308AA90385763AF0F91F9CEFC3AFDB3C7DFB317B4A5C94429FD0F9707E ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
15:42:38.0064 0x11bc  KiesPreload - ok
15:42:38.0079 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:39.0093 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:40.0094 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:41.0108 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:42.0122 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:43.0138 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:44.0152 0x11bc  Waiting for KSN requests completion. In queue: 85
15:42:45.0244 0x11bc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:42:45.0260 0x11bc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41000 ( enabled : updated )
15:42:45.0276 0x11bc  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41010 ( enabled )
15:42:47.0818 0x11bc  ============================================================
15:42:47.0818 0x11bc  Scan finished
15:42:47.0818 0x11bc  ============================================================
15:42:47.0865 0x0668  Detected object count: 0
15:42:47.0865 0x0668  Actual detected object count: 0
15:43:00.0641 0x1538  Deinitialize success

Office inkl. Outlook ist deinstalliert

schrauber 07.03.2015 12:45
Passwort vom Mail Account ändern.

Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.


nialma 09.03.2015 16:40
Code:
Emsisoft Emergency Kit - Version 9.0
Letztes Update: 09.03.2015 13:47:51
Benutzerkonto: Buchlemmi\Peter Kuttig

Scan-Einstellungen:

Scan Methode: Detail-Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\

PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:        09.03.2015 13:48:40
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR        gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        gefunden: Setting.DisableRegistryTools (A)
C:\Windows\Re-Aktivierung\trz8390.tmp        gefunden: Application.Hacktool.GA (B)
D:\Avast Internet Security 7.0.1474\Patch 2050.exe        gefunden: Riskware.Win32.Cracktool (A)
D:\IM.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\Patch for Win7\incredimail.plus.v6.xx.xxxx.win7-patch.exe        gefunden: Gen:Variant.Graftor.14826 (B)
D:\WinZipPro-17.0.10283g-64\WinZipPro-17.0.10283g-64\keymaker-tmg-wz17.exe        gefunden: Trojan.Generic.9998826 (B)

Gescannt        307975
Gefunden        7

Scan-Ende:        09.03.2015 16:28:02
Scan-Zeit:        2:39:22

D:\WinZipPro-17.0.10283g-64\WinZipPro-17.0.10283g-64\keymaker-tmg-wz17.exe        Quarantäne Trojan.Generic.9998826 (B)
D:\StSt8_1.11\StSt8_1.11\stardock.start8-patch.painter.exe        Quarantäne Riskware.Win32.Keygen (A)
D:\IM.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\IncrediMail.XE.2.v6.2.9.5163.DEUTSCH\Patch for Win7\incredimail.plus.v6.xx.xxxx.win7-patch.exe        Quarantäne Gen:Variant.Graftor.14826 (B)
D:\Avast Internet Security 7.0.1474\Patch 2050.exe        Quarantäne Riskware.Win32.Cracktool (A)
C:\Windows\Re-Aktivierung\trz8390.tmp        Quarantäne Application.Hacktool.GA (B)

Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-9287429-4187079875-4244921196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR        Quarantäne Setting.DisableTaskMgr (A)

Quarantäne        7

schrauber 10.03.2015 09:29
und damit wäre der Support dann beendet.....
Wieviele Cracks sind denn da im Einsatz?

nialma 10.03.2015 12:56
eigentlich keiner soweit ich weiss

Die Teile sind auf D: und haben keine Bewandnis da weder Incredimail noch start8 installiert sind

Aber ich werd den Rechner platt machen

schrauber 10.03.2015 20:00
Zitat:
C:\Windows\Re-Aktivierung\trz8390.tmp
Ich würd ja komplett mit Cracks aufhören. Bringen gar nix, sind zu 100% immer verseucht.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:03 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58