| |
| |||||||
Log-Analyse und Auswertung: aswMBR Locked Files, TDSS Killer und MBR Master keine FundeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.03.2014, 17:51
| #1 |
  |  aswMBR Locked Files, TDSS Killer und MBR Master keine Funde Hallo, habe die Tage einen Scan mit aswMBR gemacht und gescannt. Gefunden wurden 5 Locked Files und ein Unknown MBR. Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-23 19:27:30
-----------------------------
19:27:30.635 OS Version: Windows x64 6.1.7601 Service Pack 1
19:27:30.635 Number of processors: 4 586 0x2A07
19:27:30.637 ComputerName: MIEZMAU71-PC UserName: miezmau71
19:27:33.307 Initialize success
19:27:43.442 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:27:43.444 Disk 0 Vendor: ST950032 0011 Size: 476940MB BusType: 3
19:27:43.875 Disk 0 MBR read successfully
19:27:43.880 Disk 0 MBR scan
19:27:43.886 Disk 0 unknown MBR code
19:27:43.901 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:27:43.914 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 424612 MB offset 206848
19:27:43.945 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 869812224
19:27:44.144 Disk 0 Partition 4 00 12 Compaq diag NTFS 1026 MB offset 974669824
19:27:44.509 Disk 0 scanning C:\Windows\system32\drivers
19:28:00.954 Service scanning
19:28:13.629 Service kl1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
19:28:13.740 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
19:28:13.802 Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
19:28:13.867 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
19:28:13.928 Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
19:28:13.963 Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5
19:28:25.306 Modules scanning
19:28:25.322 Disk 0 trace - called modules:
19:28:25.342 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:28:25.355 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077dc790]
19:28:25.367 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> [0xfffffa80076ff950]
19:28:25.379 5 ACPI.sys[fffff88000d677a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80077df050]
19:28:25.386 Scan finished successfully
19:29:13.451 Disk 0 MBR has been saved successfully to "C:\Users\miezmau71\Desktop\MBR.dat"
19:29:13.456 The log file has been saved successfully to "C:\Users\miezmau71\Desktop\aswMBR.txt"
Code:
ATTFilter Detected Windows version: 6.1 Build 7601 Service Pack 1
Installing direct disk access driver ...
Driver connection handle: 0x00000110
1 valid drive(s) found.
Details for Disk 0 - ST950032 5AS Rev 0011:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 60801/255/63
Boot loader reputation : Unknown
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : A1D8436B9D28AE5947F8CFF23FE54B1DC1738268
MD5 : 4624822E540EC83CD0819525C65846BA
TDSS Killer - Virenscanner habe ich angelassen - Kaspersky wird ja wohl kaum seinen Kollegen als Virus darstellen  :Code:
ATTFilter 17:48:19.0936 0x02c4 TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
17:48:22.0721 0x02c4 ============================================================
17:48:22.0721 0x02c4 Current date / time: 2014/03/27 17:48:22.0721
17:48:22.0721 0x02c4 SystemInfo:
17:48:22.0721 0x02c4
17:48:22.0722 0x02c4 OS Version: 6.1.7601 ServicePack: 1.0
17:48:22.0722 0x02c4 Product type: Workstation
17:48:22.0722 0x02c4 ComputerName: MIEZMAU71-PC
17:48:22.0722 0x02c4 UserName: miezmau71
17:48:22.0722 0x02c4 Windows directory: C:\Windows
17:48:22.0722 0x02c4 System windows directory: C:\Windows
17:48:22.0722 0x02c4 Running under WOW64
17:48:22.0722 0x02c4 Processor architecture: Intel x64
17:48:22.0722 0x02c4 Number of processors: 4
17:48:22.0722 0x02c4 Page size: 0x1000
17:48:22.0722 0x02c4 Boot type: Normal boot
17:48:22.0722 0x02c4 ============================================================
17:48:23.0463 0x02c4 KLMD registered as C:\Windows\system32\drivers\82182199.sys
17:48:23.0676 0x02c4 System UUID: {97EF0848-4ED7-5455-F214-E3D93C6EA4DE}
17:48:24.0321 0x02c4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:24.0329 0x02c4 ============================================================
17:48:24.0329 0x02c4 \Device\Harddisk0\DR0:
17:48:24.0330 0x02c4 MBR partitions:
17:48:24.0330 0x02c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:48:24.0330 0x02c4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x33D52000
17:48:24.0330 0x02c4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x33D84800, BlocksNum 0x6400000
17:48:24.0330 0x02c4 ============================================================
17:48:24.0365 0x02c4 C: <-> \Device\Harddisk0\DR0\Partition2
17:48:24.0421 0x02c4 D: <-> \Device\Harddisk0\DR0\Partition3
17:48:24.0421 0x02c4 ============================================================
17:48:24.0421 0x02c4 Initialize success
17:48:24.0422 0x02c4 ============================================================
17:48:50.0397 0x0a54 ============================================================
17:48:50.0397 0x0a54 Scan started
17:48:50.0397 0x0a54 Mode: Manual;
17:48:50.0397 0x0a54 ============================================================
17:48:50.0397 0x0a54 KSN ping started
17:48:52.0815 0x0a54 KSN ping finished: true
17:48:53.0381 0x0a54 ================ Scan system memory ========================
17:48:53.0381 0x0a54 System memory - ok
17:48:53.0382 0x0a54 ================ Scan services =============================
17:48:53.0510 0x0a54 [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:48:53.0520 0x0a54 !SASCORE - ok
17:48:53.0725 0x0a54 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:48:53.0739 0x0a54 1394ohci - ok
17:48:53.0776 0x0a54 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:48:53.0786 0x0a54 ACPI - ok
17:48:53.0816 0x0a54 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:48:53.0817 0x0a54 AcpiPmi - ok
17:48:53.0911 0x0a54 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:48:53.0915 0x0a54 AdobeARMservice - ok
17:48:54.0057 0x0a54 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:48:54.0073 0x0a54 AdobeFlashPlayerUpdateSvc - ok
17:48:54.0151 0x0a54 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:48:54.0174 0x0a54 adp94xx - ok
17:48:54.0255 0x0a54 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:48:54.0275 0x0a54 adpahci - ok
17:48:54.0293 0x0a54 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:48:54.0298 0x0a54 adpu320 - ok
17:48:54.0340 0x0a54 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:48:54.0342 0x0a54 AeLookupSvc - ok
17:48:54.0414 0x0a54 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
17:48:54.0431 0x0a54 AFD - ok
17:48:54.0488 0x0a54 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:48:54.0493 0x0a54 agp440 - ok
17:48:54.0587 0x0a54 [ 7067AC22EB74C2E3D4C950050CBB1AC0, 2CC18B36FE0059CD0C4745BA698DB322006BED182623D85655A389077DB52A03 ] ALDITALKVerbindungsassistent_Service C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
17:48:54.0608 0x0a54 ALDITALKVerbindungsassistent_Service - ok
17:48:54.0644 0x0a54 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:48:54.0646 0x0a54 ALG - ok
17:48:54.0682 0x0a54 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:48:54.0683 0x0a54 aliide - ok
17:48:54.0711 0x0a54 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:48:54.0712 0x0a54 amdide - ok
17:48:54.0743 0x0a54 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:48:54.0745 0x0a54 AmdK8 - ok
17:48:54.0765 0x0a54 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:48:54.0767 0x0a54 AmdPPM - ok
17:48:54.0808 0x0a54 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:48:54.0815 0x0a54 amdsata - ok
17:48:54.0847 0x0a54 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:48:54.0853 0x0a54 amdsbs - ok
17:48:54.0868 0x0a54 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:48:54.0869 0x0a54 amdxata - ok
17:48:54.0914 0x0a54 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
17:48:54.0920 0x0a54 AMPPAL - ok
17:48:54.0944 0x0a54 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
17:48:54.0950 0x0a54 AMPPALP - ok
17:48:55.0051 0x0a54 [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:48:55.0078 0x0a54 AMPPALR3 - ok
17:48:55.0113 0x0a54 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:48:55.0115 0x0a54 AppID - ok
17:48:55.0135 0x0a54 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:48:55.0137 0x0a54 AppIDSvc - ok
17:48:55.0173 0x0a54 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:48:55.0175 0x0a54 Appinfo - ok
17:48:55.0246 0x0a54 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:48:55.0251 0x0a54 arc - ok
17:48:55.0278 0x0a54 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:48:55.0282 0x0a54 arcsas - ok
17:48:55.0311 0x0a54 [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
17:48:55.0314 0x0a54 ASLDRService - ok
17:48:55.0416 0x0a54 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:48:55.0420 0x0a54 aspnet_state - ok
17:48:55.0453 0x0a54 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:55.0454 0x0a54 AsyncMac - ok
17:48:55.0487 0x0a54 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:48:55.0489 0x0a54 atapi - ok
17:48:55.0564 0x0a54 [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:48:55.0570 0x0a54 atksgt - ok
17:48:55.0652 0x0a54 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:48:55.0674 0x0a54 AudioEndpointBuilder - ok
17:48:55.0722 0x0a54 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:48:55.0737 0x0a54 AudioSrv - ok
17:48:55.0823 0x0a54 [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
17:48:55.0838 0x0a54 AVP - ok
17:48:55.0911 0x0a54 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:48:55.0918 0x0a54 AxInstSV - ok
17:48:55.0981 0x0a54 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:48:56.0002 0x0a54 b06bdrv - ok
17:48:56.0063 0x0a54 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:48:56.0079 0x0a54 b57nd60a - ok
17:48:56.0122 0x0a54 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:48:56.0126 0x0a54 BDESVC - ok
17:48:56.0140 0x0a54 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:48:56.0141 0x0a54 Beep - ok
17:48:56.0221 0x0a54 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:48:56.0244 0x0a54 BFE - ok
17:48:56.0306 0x0a54 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:48:56.0327 0x0a54 BITS - ok
17:48:56.0361 0x0a54 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:48:56.0364 0x0a54 blbdrive - ok
17:48:56.0504 0x0a54 [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:48:56.0528 0x0a54 Bluetooth Device Monitor - ok
17:48:56.0628 0x0a54 [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:48:56.0656 0x0a54 Bluetooth Media Service - ok
17:48:56.0737 0x0a54 [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:48:56.0766 0x0a54 Bluetooth OBEX Service - ok
17:48:56.0800 0x0a54 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:48:56.0802 0x0a54 bowser - ok
17:48:56.0842 0x0a54 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:48:56.0844 0x0a54 BrFiltLo - ok
17:48:56.0866 0x0a54 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:48:56.0868 0x0a54 BrFiltUp - ok
17:48:56.0914 0x0a54 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:48:56.0918 0x0a54 BridgeMP - ok
17:48:56.0952 0x0a54 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:48:56.0957 0x0a54 Browser - ok
17:48:56.0997 0x0a54 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:48:57.0006 0x0a54 Brserid - ok
17:48:57.0031 0x0a54 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:57.0032 0x0a54 BrSerWdm - ok
17:48:57.0062 0x0a54 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:57.0063 0x0a54 BrUsbMdm - ok
17:48:57.0083 0x0a54 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:57.0084 0x0a54 BrUsbSer - ok
17:48:57.0136 0x0a54 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:48:57.0137 0x0a54 BthEnum - ok
17:48:57.0171 0x0a54 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:48:57.0174 0x0a54 BTHMODEM - ok
17:48:57.0204 0x0a54 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:48:57.0208 0x0a54 BthPan - ok
17:48:57.0261 0x0a54 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:48:57.0277 0x0a54 BTHPORT - ok
17:48:57.0311 0x0a54 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:48:57.0314 0x0a54 bthserv - ok
17:48:57.0337 0x0a54 [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:48:57.0342 0x0a54 BTHSSecurityMgr - ok
17:48:57.0379 0x0a54 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:48:57.0384 0x0a54 BTHUSB - ok
17:48:57.0413 0x0a54 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:48:57.0420 0x0a54 btmaux - ok
17:48:57.0484 0x0a54 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:48:57.0505 0x0a54 btmhsf - ok
17:48:57.0553 0x0a54 catchme - ok
17:48:57.0583 0x0a54 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:48:57.0585 0x0a54 cdfs - ok
17:48:57.0611 0x0a54 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:48:57.0615 0x0a54 cdrom - ok
17:48:57.0654 0x0a54 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:48:57.0662 0x0a54 CertPropSvc - ok
17:48:57.0689 0x0a54 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:48:57.0691 0x0a54 circlass - ok
17:48:57.0717 0x0a54 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:48:57.0726 0x0a54 CLFS - ok
17:48:57.0777 0x0a54 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:48:57.0782 0x0a54 clr_optimization_v2.0.50727_32 - ok
17:48:57.0827 0x0a54 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:48:57.0831 0x0a54 clr_optimization_v2.0.50727_64 - ok
17:48:57.0922 0x0a54 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:48:57.0927 0x0a54 clr_optimization_v4.0.30319_32 - ok
17:48:57.0949 0x0a54 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:48:57.0955 0x0a54 clr_optimization_v4.0.30319_64 - ok
17:48:58.0002 0x0a54 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:48:58.0004 0x0a54 clwvd - ok
17:48:58.0031 0x0a54 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:48:58.0033 0x0a54 CmBatt - ok
17:48:58.0066 0x0a54 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:48:58.0068 0x0a54 cmdide - ok
17:48:58.0136 0x0a54 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
17:48:58.0152 0x0a54 CNG - ok
17:48:58.0198 0x0a54 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:48:58.0201 0x0a54 Compbatt - ok
17:48:58.0224 0x0a54 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:48:58.0227 0x0a54 CompositeBus - ok
17:48:58.0239 0x0a54 COMSysApp - ok
17:48:58.0337 0x0a54 [ 4F19119C392210244FC0108E76939DC5, 95613A562C020BAEB2A011C2603900DC9AE718D869B4ED9E6070D40F2E2D0ACE ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:48:58.0352 0x0a54 cphs - ok
17:48:58.0403 0x0a54 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:48:58.0405 0x0a54 crcdisk - ok
17:48:58.0462 0x0a54 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:48:58.0471 0x0a54 CryptSvc - ok
17:48:58.0609 0x0a54 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:48:58.0632 0x0a54 cvhsvc - ok
17:48:58.0715 0x0a54 [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
17:48:58.0718 0x0a54 CyberLink PowerDVD 10 MS Monitor Service - ok
17:48:58.0754 0x0a54 [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
17:48:58.0764 0x0a54 CyberLink PowerDVD 10 MS Service - ok
17:48:58.0813 0x0a54 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:48:58.0827 0x0a54 DcomLaunch - ok
17:48:58.0869 0x0a54 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:48:58.0891 0x0a54 defragsvc - ok
17:48:58.0927 0x0a54 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:48:58.0932 0x0a54 DfsC - ok
17:48:58.0972 0x0a54 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:48:58.0980 0x0a54 Dhcp - ok
17:48:58.0995 0x0a54 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:48:58.0998 0x0a54 discache - ok
17:48:59.0035 0x0a54 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:48:59.0042 0x0a54 Disk - ok
17:48:59.0071 0x0a54 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:48:59.0077 0x0a54 Dnscache - ok
17:48:59.0114 0x0a54 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:48:59.0137 0x0a54 dot3svc - ok
17:48:59.0167 0x0a54 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:48:59.0177 0x0a54 DPS - ok
17:48:59.0217 0x0a54 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:48:59.0219 0x0a54 drmkaud - ok
17:48:59.0271 0x0a54 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:48:59.0340 0x0a54 DXGKrnl - ok
17:48:59.0385 0x0a54 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:48:59.0390 0x0a54 EapHost - ok
17:48:59.0547 0x0a54 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:48:59.0700 0x0a54 ebdrv - ok
17:48:59.0805 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
17:48:59.0810 0x0a54 EFS - ok
17:48:59.0906 0x0a54 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:48:59.0959 0x0a54 ehRecvr - ok
17:48:59.0974 0x0a54 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:48:59.0980 0x0a54 ehSched - ok
17:49:00.0053 0x0a54 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:49:00.0111 0x0a54 elxstor - ok
17:49:00.0150 0x0a54 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:49:00.0152 0x0a54 ErrDev - ok
17:49:00.0211 0x0a54 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:49:00.0239 0x0a54 EventSystem - ok
17:49:00.0392 0x0a54 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:49:00.0455 0x0a54 EvtEng - ok
17:49:00.0491 0x0a54 [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
17:49:00.0497 0x0a54 ewusbnet - ok
17:49:00.0524 0x0a54 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:49:00.0528 0x0a54 ew_hwusbdev - ok
17:49:00.0575 0x0a54 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:49:00.0596 0x0a54 exfat - ok
17:49:00.0629 0x0a54 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:49:00.0650 0x0a54 fastfat - ok
17:49:00.0715 0x0a54 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:49:00.0749 0x0a54 Fax - ok
17:49:00.0780 0x0a54 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:49:00.0782 0x0a54 fdc - ok
17:49:00.0825 0x0a54 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:49:00.0829 0x0a54 fdPHost - ok
17:49:00.0843 0x0a54 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:49:00.0849 0x0a54 FDResPub - ok
17:49:00.0873 0x0a54 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:49:00.0880 0x0a54 FileInfo - ok
17:49:00.0905 0x0a54 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:49:00.0909 0x0a54 Filetrace - ok
17:49:00.0931 0x0a54 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:49:00.0935 0x0a54 flpydisk - ok
17:49:00.0971 0x0a54 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:49:01.0005 0x0a54 FltMgr - ok
17:49:01.0110 0x0a54 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:49:01.0175 0x0a54 FontCache - ok
17:49:01.0234 0x0a54 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:49:01.0239 0x0a54 FontCache3.0.0.0 - ok
17:49:01.0261 0x0a54 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:49:01.0267 0x0a54 FsDepends - ok
17:49:01.0290 0x0a54 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:49:01.0292 0x0a54 Fs_Rec - ok
17:49:01.0354 0x0a54 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:49:01.0373 0x0a54 fvevol - ok
17:49:01.0409 0x0a54 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:49:01.0413 0x0a54 gagp30kx - ok
17:49:01.0449 0x0a54 [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
17:49:01.0456 0x0a54 GFNEXSrv - ok
17:49:01.0508 0x0a54 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:49:01.0553 0x0a54 gpsvc - ok
17:49:01.0630 0x0a54 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:01.0651 0x0a54 gupdate - ok
17:49:01.0685 0x0a54 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:01.0694 0x0a54 gupdatem - ok
17:49:01.0725 0x0a54 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:49:01.0730 0x0a54 hamachi - ok
17:49:01.0772 0x0a54 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:49:01.0776 0x0a54 hcw85cir - ok
17:49:01.0832 0x0a54 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:49:01.0866 0x0a54 HdAudAddService - ok
17:49:01.0919 0x0a54 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:49:01.0924 0x0a54 HDAudBus - ok
17:49:01.0959 0x0a54 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:49:01.0962 0x0a54 HidBatt - ok
17:49:01.0980 0x0a54 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:49:01.0986 0x0a54 HidBth - ok
17:49:02.0021 0x0a54 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:49:02.0025 0x0a54 HidIr - ok
17:49:02.0050 0x0a54 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:49:02.0054 0x0a54 hidserv - ok
17:49:02.0095 0x0a54 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:49:02.0100 0x0a54 HidUsb - ok
17:49:02.0144 0x0a54 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:49:02.0151 0x0a54 hkmsvc - ok
17:49:02.0182 0x0a54 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:49:02.0204 0x0a54 HomeGroupListener - ok
17:49:02.0235 0x0a54 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:49:02.0244 0x0a54 HomeGroupProvider - ok
17:49:02.0272 0x0a54 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:49:02.0276 0x0a54 HpSAMD - ok
17:49:02.0329 0x0a54 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:49:02.0360 0x0a54 HTTP - ok
17:49:02.0395 0x0a54 [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:49:02.0400 0x0a54 hwdatacard - ok
17:49:02.0415 0x0a54 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:49:02.0418 0x0a54 hwpolicy - ok
17:49:02.0470 0x0a54 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:49:02.0480 0x0a54 i8042prt - ok
17:49:02.0545 0x0a54 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:49:02.0570 0x0a54 iaStor - ok
17:49:02.0630 0x0a54 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:49:02.0632 0x0a54 IAStorDataMgrSvc - ok
17:49:02.0686 0x0a54 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:49:02.0715 0x0a54 iaStorV - ok
17:49:02.0749 0x0a54 [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:49:02.0754 0x0a54 ibtfltcoex - ok
17:49:02.0799 0x0a54 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:49:02.0821 0x0a54 ICCS - ok
17:49:02.0908 0x0a54 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:49:02.0958 0x0a54 idsvc - ok
17:49:02.0995 0x0a54 IEEtwCollectorService - ok
17:49:03.0236 0x0a54 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:49:03.0480 0x0a54 igfx - ok
17:49:03.0522 0x0a54 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:49:03.0525 0x0a54 iirsp - ok
17:49:03.0607 0x0a54 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:49:03.0652 0x0a54 IKEEXT - ok
17:49:03.0698 0x0a54 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:49:03.0701 0x0a54 intaud_WaveExtensible - ok
17:49:03.0926 0x0a54 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:49:04.0118 0x0a54 IntcAzAudAddService - ok
17:49:04.0157 0x0a54 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:49:04.0179 0x0a54 IntcDAud - ok
17:49:04.0253 0x0a54 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:49:04.0317 0x0a54 Intel(R) Capability Licensing Service Interface - ok
17:49:04.0359 0x0a54 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:49:04.0361 0x0a54 intelide - ok
17:49:04.0398 0x0a54 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:49:04.0405 0x0a54 intelppm - ok
17:49:04.0452 0x0a54 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:49:04.0463 0x0a54 IPBusEnum - ok
17:49:04.0500 0x0a54 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:49:04.0507 0x0a54 IpFilterDriver - ok
17:49:04.0575 0x0a54 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:49:04.0605 0x0a54 iphlpsvc - ok
17:49:04.0628 0x0a54 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:49:04.0632 0x0a54 IPMIDRV - ok
17:49:04.0653 0x0a54 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:49:04.0658 0x0a54 IPNAT - ok
17:49:04.0682 0x0a54 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:49:04.0684 0x0a54 IRENUM - ok
17:49:04.0715 0x0a54 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:49:04.0718 0x0a54 isapnp - ok
17:49:04.0757 0x0a54 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:49:04.0779 0x0a54 iScsiPrt - ok
17:49:04.0823 0x0a54 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
17:49:04.0827 0x0a54 iusb3hcs - ok
17:49:04.0883 0x0a54 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
17:49:04.0917 0x0a54 iusb3hub - ok
17:49:04.0983 0x0a54 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
17:49:05.0028 0x0a54 iusb3xhc - ok
17:49:05.0065 0x0a54 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
17:49:05.0069 0x0a54 iwdbus - ok
17:49:05.0129 0x0a54 [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:49:05.0151 0x0a54 jhi_service - ok
17:49:05.0186 0x0a54 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:49:05.0189 0x0a54 kbdclass - ok
17:49:05.0221 0x0a54 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:49:05.0224 0x0a54 kbdhid - ok
17:49:05.0240 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
17:49:05.0242 0x0a54 KeyIso - ok
17:49:05.0318 0x0a54 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
17:49:05.0336 0x0a54 kl1 - ok
17:49:05.0469 0x0a54 [ 788E5F92721849A17BD64883C49EB825, CEBCE3D9A84D31F597F8592F0E62C2E6ED8A492087F121B151E64903A86CAC52 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:49:05.0491 0x0a54 KLIF - ok
17:49:05.0524 0x0a54 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
17:49:05.0525 0x0a54 KLIM6 - ok
17:49:05.0544 0x0a54 [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:49:05.0546 0x0a54 klkbdflt - ok
17:49:05.0564 0x0a54 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:49:05.0567 0x0a54 klmouflt - ok
17:49:05.0593 0x0a54 [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:49:05.0594 0x0a54 kltdi - ok
17:49:05.0609 0x0a54 [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:49:05.0614 0x0a54 kneps - ok
17:49:05.0659 0x0a54 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:49:05.0667 0x0a54 KSecDD - ok
17:49:05.0696 0x0a54 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:49:05.0718 0x0a54 KSecPkg - ok
17:49:05.0757 0x0a54 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:49:05.0760 0x0a54 ksthunk - ok
17:49:05.0806 0x0a54 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:49:05.0839 0x0a54 KtmRm - ok
17:49:05.0887 0x0a54 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:49:05.0909 0x0a54 LanmanServer - ok
17:49:05.0935 0x0a54 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:49:05.0942 0x0a54 LanmanWorkstation - ok
17:49:05.0994 0x0a54 [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:49:05.0997 0x0a54 lirsgt - ok
17:49:06.0042 0x0a54 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:49:06.0048 0x0a54 lltdio - ok
17:49:06.0093 0x0a54 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:49:06.0129 0x0a54 lltdsvc - ok
17:49:06.0164 0x0a54 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:49:06.0166 0x0a54 lmhosts - ok
17:49:06.0180 0x0a54 LMIGuardianSvc - ok
17:49:06.0228 0x0a54 [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:49:06.0237 0x0a54 LMS - ok
17:49:06.0277 0x0a54 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:49:06.0282 0x0a54 LSI_FC - ok
17:49:06.0313 0x0a54 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:49:06.0317 0x0a54 LSI_SAS - ok
17:49:06.0327 0x0a54 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:49:06.0331 0x0a54 LSI_SAS2 - ok
17:49:06.0346 0x0a54 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:49:06.0351 0x0a54 LSI_SCSI - ok
17:49:06.0365 0x0a54 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:49:06.0369 0x0a54 luafv - ok
17:49:06.0406 0x0a54 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:49:06.0413 0x0a54 Mcx2Svc - ok
17:49:06.0447 0x0a54 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:49:06.0452 0x0a54 megasas - ok
17:49:06.0495 0x0a54 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:49:06.0518 0x0a54 MegaSR - ok
17:49:06.0550 0x0a54 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
17:49:06.0554 0x0a54 MEIx64 - ok
17:49:06.0595 0x0a54 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
17:49:06.0598 0x0a54 MemeoBackgroundService - ok
17:49:06.0638 0x0a54 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:49:06.0647 0x0a54 MMCSS - ok
17:49:06.0666 0x0a54 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:49:06.0671 0x0a54 Modem - ok
17:49:06.0691 0x0a54 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:49:06.0693 0x0a54 monitor - ok
17:49:06.0724 0x0a54 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:49:06.0729 0x0a54 mouclass - ok
17:49:06.0767 0x0a54 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:49:06.0771 0x0a54 mouhid - ok
17:49:06.0818 0x0a54 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:49:06.0827 0x0a54 mountmgr - ok
17:49:06.0858 0x0a54 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:49:06.0881 0x0a54 mpio - ok
17:49:06.0911 0x0a54 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:49:06.0918 0x0a54 mpsdrv - ok
17:49:07.0011 0x0a54 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:49:07.0081 0x0a54 MpsSvc - ok
17:49:07.0118 0x0a54 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:49:07.0125 0x0a54 MRxDAV - ok
17:49:07.0170 0x0a54 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:49:07.0192 0x0a54 mrxsmb - ok
17:49:07.0227 0x0a54 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:49:07.0249 0x0a54 mrxsmb10 - ok
17:49:07.0277 0x0a54 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:49:07.0285 0x0a54 mrxsmb20 - ok
17:49:07.0320 0x0a54 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:49:07.0324 0x0a54 msahci - ok
17:49:07.0366 0x0a54 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:49:07.0376 0x0a54 msdsm - ok
17:49:07.0397 0x0a54 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:49:07.0408 0x0a54 MSDTC - ok
17:49:07.0437 0x0a54 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:49:07.0441 0x0a54 Msfs - ok
17:49:07.0462 0x0a54 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:49:07.0465 0x0a54 mshidkmdf - ok
17:49:07.0485 0x0a54 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:49:07.0490 0x0a54 msisadrv - ok
17:49:07.0527 0x0a54 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:49:07.0538 0x0a54 MSiSCSI - ok
17:49:07.0545 0x0a54 msiserver - ok
17:49:07.0571 0x0a54 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:49:07.0573 0x0a54 MSKSSRV - ok
17:49:07.0585 0x0a54 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:49:07.0587 0x0a54 MSPCLOCK - ok
17:49:07.0602 0x0a54 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:49:07.0603 0x0a54 MSPQM - ok
17:49:07.0630 0x0a54 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:49:07.0652 0x0a54 MsRPC - ok
17:49:07.0667 0x0a54 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:49:07.0670 0x0a54 mssmbios - ok
17:49:07.0683 0x0a54 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:49:07.0685 0x0a54 MSTEE - ok
17:49:07.0700 0x0a54 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:49:07.0702 0x0a54 MTConfig - ok
17:49:07.0718 0x0a54 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:49:07.0722 0x0a54 Mup - ok
17:49:07.0778 0x0a54 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:49:07.0812 0x0a54 MyWiFiDHCPDNS - ok
17:49:07.0875 0x0a54 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:49:07.0906 0x0a54 napagent - ok
17:49:07.0942 0x0a54 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:49:07.0971 0x0a54 NativeWifiP - ok
17:49:08.0036 0x0a54 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:49:08.0103 0x0a54 NDIS - ok
17:49:08.0121 0x0a54 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:49:08.0123 0x0a54 NdisCap - ok
17:49:08.0156 0x0a54 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:49:08.0158 0x0a54 NdisTapi - ok
17:49:08.0172 0x0a54 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:49:08.0176 0x0a54 Ndisuio - ok
17:49:08.0190 0x0a54 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:49:08.0196 0x0a54 NdisWan - ok
17:49:08.0212 0x0a54 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:49:08.0216 0x0a54 NDProxy - ok
17:49:08.0233 0x0a54 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:49:08.0236 0x0a54 NetBIOS - ok
17:49:08.0253 0x0a54 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:49:08.0261 0x0a54 NetBT - ok
17:49:08.0288 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
17:49:08.0290 0x0a54 Netlogon - ok
17:49:08.0317 0x0a54 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:49:08.0340 0x0a54 Netman - ok
17:49:08.0411 0x0a54 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:08.0423 0x0a54 NetMsmqActivator - ok
17:49:08.0476 0x0a54 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:08.0485 0x0a54 NetPipeActivator - ok
17:49:08.0540 0x0a54 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:49:08.0582 0x0a54 netprofm - ok
17:49:08.0596 0x0a54 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:08.0602 0x0a54 NetTcpActivator - ok
17:49:08.0609 0x0a54 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:08.0613 0x0a54 NetTcpPortSharing - ok
17:49:09.0028 0x0a54 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB, 74E975F3BF39B360C466A0CEEEF545D1B814EE1AEFF6B2FCDD81A33FA276FBF3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:49:09.0447 0x0a54 NETwNs64 - ok
17:49:09.0490 0x0a54 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:49:09.0492 0x0a54 nfrd960 - ok
17:49:09.0514 0x0a54 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:49:09.0524 0x0a54 NlaSvc - ok
17:49:09.0544 0x0a54 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:49:09.0546 0x0a54 Npfs - ok
17:49:09.0567 0x0a54 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:49:09.0570 0x0a54 nsi - ok
17:49:09.0587 0x0a54 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:49:09.0589 0x0a54 nsiproxy - ok
17:49:09.0678 0x0a54 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:49:09.0740 0x0a54 Ntfs - ok
17:49:09.0758 0x0a54 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:49:09.0760 0x0a54 Null - ok
17:49:09.0774 0x0a54 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:49:09.0779 0x0a54 nvraid - ok
17:49:09.0797 0x0a54 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:49:09.0804 0x0a54 nvstor - ok
17:49:09.0834 0x0a54 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:49:09.0838 0x0a54 nv_agp - ok
17:49:09.0852 0x0a54 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:49:09.0855 0x0a54 ohci1394 - ok
17:49:09.0920 0x0a54 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:49:09.0930 0x0a54 ose - ok
17:49:10.0183 0x0a54 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:49:10.0382 0x0a54 osppsvc - ok
17:49:10.0421 0x0a54 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:49:10.0432 0x0a54 p2pimsvc - ok
17:49:10.0455 0x0a54 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:49:10.0477 0x0a54 p2psvc - ok
17:49:10.0503 0x0a54 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:49:10.0508 0x0a54 Parport - ok
17:49:10.0539 0x0a54 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:49:10.0542 0x0a54 partmgr - ok
17:49:10.0555 0x0a54 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:49:10.0562 0x0a54 PcaSvc - ok
17:49:10.0575 0x0a54 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:49:10.0582 0x0a54 pci - ok
17:49:10.0624 0x0a54 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:49:10.0626 0x0a54 pciide - ok
17:49:10.0648 0x0a54 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:49:10.0672 0x0a54 pcmcia - ok
17:49:10.0699 0x0a54 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:49:10.0705 0x0a54 pcw - ok
17:49:10.0760 0x0a54 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:49:10.0792 0x0a54 PEAUTH - ok
17:49:10.0827 0x0a54 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys
17:49:10.0828 0x0a54 PEGAGFN - ok
17:49:10.0915 0x0a54 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:49:10.0921 0x0a54 PerfHost - ok
17:49:11.0032 0x0a54 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:49:11.0123 0x0a54 pla - ok
17:49:11.0178 0x0a54 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:49:11.0207 0x0a54 PlugPlay - ok
17:49:11.0222 0x0a54 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:49:11.0226 0x0a54 PNRPAutoReg - ok
17:49:11.0251 0x0a54 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:49:11.0265 0x0a54 PNRPsvc - ok
17:49:11.0303 0x0a54 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:49:11.0325 0x0a54 PolicyAgent - ok
17:49:11.0348 0x0a54 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:49:11.0355 0x0a54 Power - ok
17:49:11.0383 0x0a54 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:49:11.0388 0x0a54 PptpMiniport - ok
17:49:11.0416 0x0a54 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:49:11.0420 0x0a54 Processor - ok
17:49:11.0470 0x0a54 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
17:49:11.0483 0x0a54 ProfSvc - ok
17:49:11.0502 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:49:11.0504 0x0a54 ProtectedStorage - ok
17:49:11.0531 0x0a54 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:49:11.0539 0x0a54 Psched - ok
17:49:11.0574 0x0a54 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
17:49:11.0583 0x0a54 PSI_SVC_2 - ok
17:49:11.0659 0x0a54 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:49:11.0744 0x0a54 ql2300 - ok
17:49:11.0785 0x0a54 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:49:11.0796 0x0a54 ql40xx - ok
17:49:11.0838 0x0a54 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:49:11.0863 0x0a54 QWAVE - ok
17:49:11.0887 0x0a54 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:49:11.0892 0x0a54 QWAVEdrv - ok
17:49:11.0912 0x0a54 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:49:11.0915 0x0a54 RasAcd - ok
17:49:11.0953 0x0a54 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:49:11.0958 0x0a54 RasAgileVpn - ok
17:49:11.0985 0x0a54 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:49:11.0992 0x0a54 RasAuto - ok
17:49:12.0008 0x0a54 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:49:12.0013 0x0a54 Rasl2tp - ok
17:49:12.0046 0x0a54 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:49:12.0068 0x0a54 RasMan - ok
17:49:12.0083 0x0a54 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:49:12.0088 0x0a54 RasPppoe - ok
17:49:12.0127 0x0a54 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:49:12.0132 0x0a54 RasSstp - ok
17:49:12.0161 0x0a54 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:49:12.0182 0x0a54 rdbss - ok
17:49:12.0202 0x0a54 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:49:12.0205 0x0a54 rdpbus - ok
17:49:12.0223 0x0a54 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:49:12.0225 0x0a54 RDPCDD - ok
17:49:12.0235 0x0a54 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:49:12.0238 0x0a54 RDPENCDD - ok
17:49:12.0246 0x0a54 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:49:12.0248 0x0a54 RDPREFMP - ok
17:49:12.0280 0x0a54 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:49:12.0289 0x0a54 RDPWD - ok
17:49:12.0321 0x0a54 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:49:12.0330 0x0a54 rdyboost - ok
17:49:12.0381 0x0a54 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:49:12.0392 0x0a54 RegSrvc - ok
17:49:12.0425 0x0a54 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:49:12.0436 0x0a54 RemoteAccess - ok
17:49:12.0470 0x0a54 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:49:12.0493 0x0a54 RemoteRegistry - ok
17:49:12.0518 0x0a54 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:49:12.0526 0x0a54 RFCOMM - ok
17:49:12.0604 0x0a54 [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
17:49:12.0622 0x0a54 RichVideo64 - ok
17:49:12.0656 0x0a54 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:49:12.0664 0x0a54 RpcEptMapper - ok
17:49:12.0684 0x0a54 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:49:12.0688 0x0a54 RpcLocator - ok
17:49:12.0734 0x0a54 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:49:12.0749 0x0a54 RpcSs - ok
17:49:12.0776 0x0a54 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:49:12.0779 0x0a54 rspndr - ok
17:49:12.0843 0x0a54 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
17:49:12.0859 0x0a54 RSUSBSTOR - ok
17:49:12.0918 0x0a54 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:49:12.0951 0x0a54 RTL8167 - ok
17:49:12.0965 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
17:49:12.0967 0x0a54 SamSs - ok
17:49:13.0020 0x0a54 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:49:13.0023 0x0a54 SASDIFSV - ok
17:49:13.0059 0x0a54 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:49:13.0062 0x0a54 SASKUTIL - ok
17:49:13.0093 0x0a54 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:49:13.0099 0x0a54 sbp2port - ok
17:49:13.0128 0x0a54 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:49:13.0136 0x0a54 SCardSvr - ok
17:49:13.0146 0x0a54 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:49:13.0149 0x0a54 scfilter - ok
17:49:13.0201 0x0a54 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:49:13.0270 0x0a54 Schedule - ok
17:49:13.0300 0x0a54 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:49:13.0302 0x0a54 SCPolicySvc - ok
17:49:13.0319 0x0a54 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:49:13.0326 0x0a54 SDRSVC - ok
17:49:13.0366 0x0a54 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:49:13.0368 0x0a54 secdrv - ok
17:49:13.0378 0x0a54 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:49:13.0386 0x0a54 seclogon - ok
17:49:13.0402 0x0a54 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:49:13.0408 0x0a54 SENS - ok
17:49:13.0431 0x0a54 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:49:13.0436 0x0a54 SensrSvc - ok
17:49:13.0462 0x0a54 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:49:13.0465 0x0a54 Serenum - ok
17:49:13.0498 0x0a54 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:49:13.0504 0x0a54 Serial - ok
17:49:13.0541 0x0a54 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:49:13.0544 0x0a54 sermouse - ok
17:49:13.0585 0x0a54 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:49:13.0593 0x0a54 SessionEnv - ok
17:49:13.0620 0x0a54 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:49:13.0622 0x0a54 sffdisk - ok
17:49:13.0651 0x0a54 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:49:13.0655 0x0a54 sffp_mmc - ok
17:49:13.0670 0x0a54 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:49:13.0673 0x0a54 sffp_sd - ok
17:49:13.0696 0x0a54 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:49:13.0699 0x0a54 sfloppy - ok
17:49:13.0775 0x0a54 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:49:13.0820 0x0a54 Sftfs - ok
17:49:13.0880 0x0a54 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:49:13.0892 0x0a54 sftlist - ok
17:49:13.0927 0x0a54 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:49:13.0937 0x0a54 Sftplay - ok
17:49:13.0946 0x0a54 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:49:13.0948 0x0a54 Sftredir - ok
17:49:13.0981 0x0a54 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:49:13.0984 0x0a54 Sftvol - ok
17:49:14.0004 0x0a54 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:49:14.0011 0x0a54 sftvsa - ok
17:49:14.0050 0x0a54 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:49:14.0072 0x0a54 SharedAccess - ok
17:49:14.0101 0x0a54 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:49:14.0123 0x0a54 ShellHWDetection - ok
17:49:14.0158 0x0a54 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:49:14.0160 0x0a54 SiSRaid2 - ok
17:49:14.0189 0x0a54 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:49:14.0193 0x0a54 SiSRaid4 - ok
17:49:14.0220 0x0a54 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:49:14.0224 0x0a54 Smb - ok
17:49:14.0270 0x0a54 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:49:14.0273 0x0a54 SNMPTRAP - ok
17:49:14.0281 0x0a54 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:49:14.0283 0x0a54 spldr - ok
17:49:14.0316 0x0a54 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:49:14.0349 0x0a54 Spooler - ok
17:49:14.0495 0x0a54 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:49:14.0580 0x0a54 sppsvc - ok
17:49:14.0598 0x0a54 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:49:14.0603 0x0a54 sppuinotify - ok
17:49:14.0643 0x0a54 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:49:14.0665 0x0a54 srv - ok
17:49:14.0686 0x0a54 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:49:14.0708 0x0a54 srv2 - ok
17:49:14.0737 0x0a54 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:49:14.0743 0x0a54 srvnet - ok
17:49:14.0774 0x0a54 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:49:14.0782 0x0a54 SSDPSRV - ok
17:49:14.0804 0x0a54 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:49:14.0809 0x0a54 SstpSvc - ok
17:49:14.0834 0x0a54 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:49:14.0836 0x0a54 stexstor - ok
17:49:14.0882 0x0a54 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:49:14.0905 0x0a54 stisvc - ok
17:49:14.0915 0x0a54 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:49:14.0917 0x0a54 swenum - ok
17:49:14.0952 0x0a54 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:49:14.0980 0x0a54 swprv - ok
17:49:15.0018 0x0a54 [ E157A3A7A09BDBB74AFEAB352D5D76F1, 2CDB47B68A5DA7BDE02594CCA969B1FDD1444CC150A11D4F31B790B022B9CE86 ] SynTP C:\Windows\system32\drivers\SynTP.sys
17:49:15.0040 0x0a54 SynTP - ok
17:49:15.0108 0x0a54 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:49:15.0187 0x0a54 SysMain - ok
17:49:15.0237 0x0a54 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:49:15.0242 0x0a54 TabletInputService - ok
17:49:15.0265 0x0a54 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:49:15.0276 0x0a54 TapiSrv - ok
17:49:15.0297 0x0a54 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:49:15.0301 0x0a54 TBS - ok
17:49:15.0385 0x0a54 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:49:15.0452 0x0a54 Tcpip - ok
17:49:15.0529 0x0a54 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:49:15.0568 0x0a54 TCPIP6 - ok
17:49:15.0592 0x0a54 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:49:15.0594 0x0a54 tcpipreg - ok
17:49:15.0623 0x0a54 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:49:15.0624 0x0a54 TDPIPE - ok
17:49:15.0647 0x0a54 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:49:15.0649 0x0a54 TDTCP - ok
17:49:15.0671 0x0a54 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:49:15.0676 0x0a54 tdx - ok
17:49:15.0693 0x0a54 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:49:15.0697 0x0a54 TermDD - ok
17:49:15.0734 0x0a54 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:49:15.0767 0x0a54 TermService - ok
17:49:15.0787 0x0a54 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:49:15.0791 0x0a54 Themes - ok
17:49:15.0814 0x0a54 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:49:15.0817 0x0a54 THREADORDER - ok
17:49:15.0832 0x0a54 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:49:15.0837 0x0a54 TrkWks - ok
17:49:15.0885 0x0a54 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:49:15.0892 0x0a54 TrustedInstaller - ok
17:49:15.0922 0x0a54 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:49:15.0925 0x0a54 tssecsrv - ok
17:49:15.0949 0x0a54 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:49:15.0952 0x0a54 TsUsbFlt - ok
17:49:15.0975 0x0a54 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:49:15.0977 0x0a54 TsUsbGD - ok
17:49:16.0015 0x0a54 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:49:16.0022 0x0a54 tunnel - ok
17:49:16.0048 0x0a54 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:49:16.0054 0x0a54 uagp35 - ok
17:49:16.0089 0x0a54 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:49:16.0123 0x0a54 udfs - ok
17:49:16.0153 0x0a54 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:49:16.0158 0x0a54 UI0Detect - ok
17:49:16.0187 0x0a54 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:49:16.0191 0x0a54 uliagpkx - ok
17:49:16.0226 0x0a54 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:49:16.0230 0x0a54 umbus - ok
17:49:16.0239 0x0a54 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:49:16.0242 0x0a54 UmPass - ok
17:49:16.0332 0x0a54 [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:49:16.0357 0x0a54 UNS - ok
17:49:16.0387 0x0a54 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:49:16.0417 0x0a54 upnphost - ok
17:49:16.0469 0x0a54 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:49:16.0480 0x0a54 usbaudio - ok
17:49:16.0527 0x0a54 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:49:16.0536 0x0a54 usbccgp - ok
17:49:16.0569 0x0a54 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:49:16.0575 0x0a54 usbcir - ok
17:49:16.0595 0x0a54 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:49:16.0599 0x0a54 usbehci - ok
17:49:16.0639 0x0a54 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:49:16.0661 0x0a54 usbhub - ok
17:49:16.0685 0x0a54 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:49:16.0688 0x0a54 usbohci - ok
17:49:16.0725 0x0a54 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:49:16.0728 0x0a54 usbprint - ok
17:49:16.0767 0x0a54 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:49:16.0770 0x0a54 usbscan - ok
17:49:16.0799 0x0a54 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:49:16.0804 0x0a54 USBSTOR - ok
17:49:16.0838 0x0a54 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:49:16.0841 0x0a54 usbuhci - ok
17:49:16.0867 0x0a54 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:49:16.0877 0x0a54 usbvideo - ok
17:49:16.0902 0x0a54 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:49:16.0907 0x0a54 UxSms - ok
17:49:16.0928 0x0a54 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
17:49:16.0931 0x0a54 VaultSvc - ok
17:49:16.0954 0x0a54 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:49:16.0958 0x0a54 vdrvroot - ok
17:49:16.0994 0x0a54 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:49:17.0033 0x0a54 vds - ok
17:49:17.0062 0x0a54 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:49:17.0065 0x0a54 vga - ok
17:49:17.0087 0x0a54 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:49:17.0090 0x0a54 VgaSave - ok
17:49:17.0124 0x0a54 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:49:17.0146 0x0a54 vhdmp - ok
17:49:17.0175 0x0a54 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:49:17.0178 0x0a54 viaide - ok
17:49:17.0219 0x0a54 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:49:17.0227 0x0a54 volmgr - ok
17:49:17.0270 0x0a54 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:49:17.0303 0x0a54 volmgrx - ok
17:49:17.0334 0x0a54 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:49:17.0368 0x0a54 volsnap - ok
17:49:17.0397 0x0a54 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:49:17.0406 0x0a54 vsmraid - ok
17:49:17.0515 0x0a54 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:49:17.0596 0x0a54 VSS - ok
17:49:17.0616 0x0a54 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:49:17.0619 0x0a54 vwifibus - ok
17:49:17.0663 0x0a54 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:49:17.0670 0x0a54 vwififlt - ok
17:49:17.0683 0x0a54 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:49:17.0687 0x0a54 vwifimp - ok
17:49:17.0747 0x0a54 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:49:17.0773 0x0a54 W32Time - ok
17:49:17.0792 0x0a54 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:49:17.0795 0x0a54 WacomPen - ok
17:49:17.0831 0x0a54 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:49:17.0840 0x0a54 WANARP - ok
17:49:17.0850 0x0a54 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:49:17.0855 0x0a54 Wanarpv6 - ok
17:49:17.0860 0x0a54 watchmi - ok
17:49:17.0985 0x0a54 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:49:18.0077 0x0a54 wbengine - ok
17:49:18.0104 0x0a54 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:49:18.0112 0x0a54 WbioSrvc - ok
17:49:18.0143 0x0a54 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:49:18.0166 0x0a54 wcncsvc - ok
17:49:18.0181 0x0a54 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:49:18.0186 0x0a54 WcsPlugInService - ok
17:49:18.0217 0x0a54 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:49:18.0219 0x0a54 Wd - ok
17:49:18.0283 0x0a54 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:49:18.0357 0x0a54 Wdf01000 - ok
17:49:18.0381 0x0a54 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:49:18.0385 0x0a54 WdiServiceHost - ok
17:49:18.0392 0x0a54 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:49:18.0396 0x0a54 WdiSystemHost - ok
17:49:18.0430 0x0a54 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:49:18.0451 0x0a54 WebClient - ok
17:49:18.0483 0x0a54 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:49:18.0494 0x0a54 Wecsvc - ok
17:49:18.0511 0x0a54 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:49:18.0516 0x0a54 wercplsupport - ok
17:49:18.0538 0x0a54 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:49:18.0544 0x0a54 WerSvc - ok
17:49:18.0578 0x0a54 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:49:18.0581 0x0a54 WfpLwf - ok
17:49:18.0591 0x0a54 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:49:18.0594 0x0a54 WIMMount - ok
17:49:18.0625 0x0a54 WinDefend - ok
17:49:18.0646 0x0a54 WinHttpAutoProxySvc - ok
17:49:18.0719 0x0a54 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:49:18.0734 0x0a54 Winmgmt - ok
17:49:18.0833 0x0a54 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:49:18.0948 0x0a54 WinRM - ok
17:49:19.0014 0x0a54 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:49:19.0019 0x0a54 WinUsb - ok
17:49:19.0087 0x0a54 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:49:19.0127 0x0a54 Wlansvc - ok
17:49:19.0168 0x0a54 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:49:19.0174 0x0a54 wlcrasvc - ok
17:49:19.0318 0x0a54 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:49:19.0367 0x0a54 wlidsvc - ok
17:49:19.0405 0x0a54 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:49:19.0407 0x0a54 WmiAcpi - ok
17:49:19.0448 0x0a54 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:49:19.0455 0x0a54 wmiApSrv - ok
17:49:19.0493 0x0a54 WMPNetworkSvc - ok
17:49:19.0519 0x0a54 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:49:19.0526 0x0a54 WPCSvc - ok
17:49:19.0550 0x0a54 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:49:19.0560 0x0a54 WPDBusEnum - ok
17:49:19.0589 0x0a54 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:49:19.0593 0x0a54 ws2ifsl - ok
17:49:19.0619 0x0a54 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:49:19.0630 0x0a54 wscsvc - ok
17:49:19.0636 0x0a54 WSearch - ok
17:49:19.0768 0x0a54 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:49:19.0863 0x0a54 wuauserv - ok
17:49:19.0893 0x0a54 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:49:19.0897 0x0a54 WudfPf - ok
17:49:19.0922 0x0a54 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:49:19.0929 0x0a54 WUDFRd - ok
17:49:19.0962 0x0a54 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:49:19.0967 0x0a54 wudfsvc - ok
17:49:19.0995 0x0a54 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:49:20.0004 0x0a54 WwanSvc - ok
17:49:20.0124 0x0a54 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:49:20.0181 0x0a54 ZeroConfigService - ok
17:49:20.0240 0x0a54 ================ Scan global ===============================
17:49:20.0266 0x0a54 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:49:20.0307 0x0a54 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:49:20.0349 0x0a54 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:49:20.0385 0x0a54 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:49:20.0411 0x0a54 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:49:20.0432 0x0a54 [ Global ] - ok
17:49:20.0433 0x0a54 ================ Scan MBR ==================================
17:49:20.0441 0x0a54 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
17:49:22.0783 0x0a54 \Device\Harddisk0\DR0 - ok
17:49:22.0784 0x0a54 ================ Scan VBR ==================================
17:49:22.0786 0x0a54 [ F7023CE49E6D63390E01C4A2AD200ECB ] \Device\Harddisk0\DR0\Partition1
17:49:22.0788 0x0a54 \Device\Harddisk0\DR0\Partition1 - ok
17:49:22.0790 0x0a54 [ 5EFB57CA4AAA1E2F009B706ADFCD77F0 ] \Device\Harddisk0\DR0\Partition2
17:49:22.0792 0x0a54 \Device\Harddisk0\DR0\Partition2 - ok
17:49:22.0794 0x0a54 [ E733BC0073BE27336311323D0B612C7A ] \Device\Harddisk0\DR0\Partition3
17:49:22.0795 0x0a54 \Device\Harddisk0\DR0\Partition3 - ok
17:49:22.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:23.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:24.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:25.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:26.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:27.0796 0x0a54 Waiting for KSN requests completion. In queue: 400
17:49:28.0796 0x0a54 Waiting for KSN requests completion. In queue: 295
17:49:29.0828 0x0a54 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
17:49:29.0831 0x0a54 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
17:49:32.0288 0x0a54 ============================================================
17:49:32.0288 0x0a54 Scan finished
17:49:32.0288 0x0a54 ============================================================
17:49:32.0309 0x2378 Detected object count: 0
17:49:32.0309 0x2378 Actual detected object count: 0
 |
|
27.03.2014, 18:21
| #2 |
| /// the machine /// TB-Ausbilder    | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde POste mal FRST, aber alles bis jetzt ist sauber.
__________________
__________________ |
|
27.03.2014, 18:50
| #3 |
| | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde Scheint sauber, aber die Errors sehen für mich komisch aus.
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by miezmau71 at 2014-03-27 18:46:36
Running from C:\Users\miezmau71\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Adblock IE 1.0 (HKLM\...\{58160488-037B-42CD-B575-AF804A2F0F47}) (Version: 1.0.0488 - MGTEK)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Brother MFL-Pro Suite DCP-375CW (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Java(TM) 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0055 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pokemon Online 2.0.22 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version: - Dreambelievers)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XMedia Recode Version 3.1.5.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.5.4 - XMedia Recode)
==================== Restore Points =========================
19-02-2014 13:16:59 Ende der Bereinigung
27-02-2014 07:37:49 Geplanter Prüfpunkt
27-02-2014 08:31:33 Windows Update
28-02-2014 02:00:11 Windows Update
13-03-2014 10:00:43 Windows Update
19-03-2014 12:54:12 Entfernt Anno 1701
19-03-2014 12:55:34 Installiert Anno 1701
19-03-2014 13:22:31 Installiert Anno 1701
20-03-2014 07:47:19 Windows Update
25-03-2014 18:41:34 Installed Java 7 Update 51
25-03-2014 19:10:17 Installed Java 7 Update 51
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-02-12 18:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0254C761-1B0C-4EA7-B8D4-1B17A4E3A1AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-10] (Google Inc.)
Task: {183F8C73-8574-4E3F-8D32-BDA5C03C02D1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {53D660C0-AF10-427E-B0FE-89FAB97B9E5D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000Core => C:\Users\miezmau71\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-04] (Facebook Inc.)
Task: {5780D91B-2FAB-488E-8AAA-A61623455890} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-10] (Google Inc.)
Task: {80615883-C061-4634-A3A2-C77C2F3ACFEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {807A42C8-9D7E-4EC4-B189-26E3C8329A2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {A19DD001-5CF5-4E7A-B8C3-067DBAD00588} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000UA => C:\Users\miezmau71\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-04] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000Core.job => C:\Users\miezmau71\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000UA.job => C:\Users\miezmau71\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-02-22 17:36 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-02-22 17:36 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-05-11 09:30 - 2011-09-13 09:16 - 00342984 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2012-02-22 19:09 - 2010-08-19 17:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-02-21 23:09 - 2012-01-06 02:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-22 17:36 - 2012-02-07 02:34 - 00823808 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-02-22 17:36 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-02-22 17:36 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-02-22 17:36 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-02-22 17:36 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-02-22 17:36 - 2011-12-21 00:08 - 03454464 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-08-17 20:39 - 2013-08-09 16:34 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2014-02-14 16:06 - 2014-02-14 16:06 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-02-21 23:36 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-21 23:21 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-02-22 17:36 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-02-22 17:36 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 08:20 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: SBUpd => 2
MSCONFIG\Services: VideoAcceleratorService => 2
MSCONFIG\Services: watchmi => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk => C:\Windows\pss\Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^miezmau71^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => "C:\Users\miezmau71\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\miezmau71\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/27/2014 00:47:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/27/2014 00:45:57 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/27/2014 11:49:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 11:49:48 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/27/2014 05:58:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 05:58:44 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/26/2014 06:04:47 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/26/2014 05:46:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2014 05:46:24 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/26/2014 07:29:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/27/2014 11:49:19 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/27/2014 05:58:15 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/26/2014 05:45:57 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/26/2014 07:28:42 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/25/2014 07:47:45 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.03.2014 um 19:45:33 unerwartet heruntergefahren.
Error: (03/25/2014 07:47:29 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/25/2014 06:05:27 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/25/2014 05:46:46 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/24/2014 07:30:57 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (03/23/2014 07:21:32 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Microsoft Office Sessions:
=========================
Error: (03/27/2014 00:47:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (03/27/2014 00:45:57 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/27/2014 11:49:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 11:49:48 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/27/2014 05:58:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 05:58:44 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/26/2014 06:04:47 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/26/2014 05:46:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2014 05:46:24 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (03/26/2014 07:29:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-03-27 12:48:29.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-27 12:48:29.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-27 12:48:29.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-27 12:48:29.880
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-27 12:48:29.870
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-27 12:48:29.870
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-06 10:36:25.401
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-06 10:36:25.385
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-06 10:36:25.385
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-06 10:36:25.370
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8086.48 MB
Available physical RAM: 5583.89 MB
Total Pagefile: 16171.15 MB
Available Pagefile: 13094.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:348.8 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:22.92 GB) NTFS
Drive e: (ANNO1701) (CDROM) (Total:1.95 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
28.03.2014, 10:38
| #4 |
| /// the machine /// TB-Ausbilder | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde FRST.txt fehlt. Die Error Meldungen sind Kopien aus dem Eventviewer. da steht immer was drin, jeder Pups wird dort eingetragen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.03.2014, 18:01
| #5 |
| | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde Ok, gut zu wissen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by miezmau71 (administrator) on MIEZMAU71-PC on 27-03-2014 18:46:04
Running from C:\Users\miezmau71\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
() C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POSD.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] - C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-174627838-266789775-880759636-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCD77A5F7D7A7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U2) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-29]
CHR Extension: (AdBlock) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-18]
CHR Extension: (Virtuelle Tastatur) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-29]
CHR Extension: (Google Wallet) - C:\Users\miezmau71\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
S4 watchmi; "C:\Program Files (x86)\watchmi\TvdService.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-15] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-05-10] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2012-05-11] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2012-05-11] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2012-05-11] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-08-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-08-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-08-09] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-15] ()
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-27 18:46 - 2014-03-27 18:46 - 00018576 _____ () C:\Users\miezmau71\Desktop\FRST.txt
2014-03-27 18:46 - 2014-03-27 18:46 - 00000000 ____D () C:\FRST
2014-03-27 18:45 - 2014-03-27 18:45 - 02157056 _____ (Farbar) C:\Users\miezmau71\Downloads\FRST64.exe
2014-03-27 18:45 - 2014-03-27 18:45 - 02157056 _____ (Farbar) C:\Users\miezmau71\Desktop\FRST64.exe
2014-03-27 18:45 - 2014-03-27 18:45 - 01145856 _____ (Farbar) C:\Users\miezmau71\Downloads\FRST.exe
2014-03-27 17:47 - 2014-03-27 17:47 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Downloads\tdsskiller (1).exe
2014-03-27 17:25 - 2014-03-27 17:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Downloads\tdsskiller.exe
2014-03-27 17:25 - 2014-03-27 17:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Desktop\tdsskiller.exe
2014-03-27 17:19 - 2014-03-27 17:19 - 00000594 _____ () C:\Users\miezmau71\Desktop\emsi.zip
2014-03-27 17:18 - 2014-03-27 17:18 - 00000575 _____ () C:\Users\miezmau71\Desktop\MBRMastr_2014.03.27_17.18.52.txt
2014-03-27 17:18 - 2014-03-27 17:18 - 00000512 _____ () C:\Users\miezmau71\Desktop\emsi.mbr
2014-03-27 17:17 - 2014-03-27 17:17 - 00788728 _____ (Emsisoft GmbH) C:\Users\miezmau71\Downloads\mbrmastr.exe
2014-03-27 17:17 - 2014-03-27 17:17 - 00788728 _____ (Emsisoft GmbH) C:\Users\miezmau71\Desktop\mbrmastr.exe
2014-03-25 20:13 - 2014-03-25 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-25 20:11 - 2014-03-25 20:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-25 20:11 - 2014-03-25 20:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-25 20:08 - 2014-03-25 20:08 - 00921000 _____ (Oracle Corporation) C:\Users\miezmau71\Downloads\chromeinstall-7u51 (1).exe
2014-03-25 19:51 - 2014-03-25 19:51 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-03-25 19:39 - 2014-03-25 19:40 - 00000000 ____D () C:\Users\miezmau71\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-03-25 19:39 - 2014-03-25 19:39 - 00001812 _____ () C:\Users\miezmau71\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\Users\miezmau71\AppData\Roaming\SUPERAntiSpyware.com
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-25 19:37 - 2014-03-25 19:37 - 00921000 _____ (Oracle Corporation) C:\Users\miezmau71\Downloads\chromeinstall-7u51.exe
2014-03-25 18:28 - 2014-03-25 18:29 - 29393568 _____ (SUPERAntiSpyware) C:\Users\miezmau71\Desktop\SUPERAntiSpyware.exe
2014-03-25 07:00 - 2014-03-25 07:00 - 00000000 ____D () C:\Users\miezmau71\AppData\Local\{E583DDAF-4D00-449C-9B3C-EFF176E6BB59}
2014-03-23 19:29 - 2014-03-23 19:29 - 00002296 _____ () C:\Users\miezmau71\Desktop\aswMBR.txt
2014-03-23 19:29 - 2014-03-23 19:29 - 00000512 _____ () C:\Users\miezmau71\Desktop\MBR.dat
2014-03-23 19:26 - 2014-03-23 19:26 - 04745728 _____ (AVAST Software) C:\Users\miezmau71\Downloads\aswMBR.exe
2014-03-23 19:26 - 2014-03-23 19:26 - 04745728 _____ (AVAST Software) C:\Users\miezmau71\Desktop\aswMBR.exe
2014-03-19 14:20 - 2013-03-15 19:24 - 185600232 _____ (Macrovision Corporation) C:\Users\miezmau71\Desktop\anno1701_patch104_ger.exe
2014-03-19 14:01 - 2014-03-19 14:01 - 00001896 _____ () C:\Users\Public\Desktop\Anno 1701.lnk
2014-03-14 19:38 - 2014-03-14 19:38 - 00000000 ____D () C:\Users\miezmau71\AppData\Local\{74F7143B-EDE1-48F1-9F56-DDC4F23449A1}
2014-03-13 10:50 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 10:50 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 10:50 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 10:50 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 10:50 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 10:50 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 10:50 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 10:50 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 10:50 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 10:50 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 10:50 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 10:50 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 10:50 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 10:50 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 10:50 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 10:50 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 10:50 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 10:50 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 10:50 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 10:50 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 10:50 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 10:50 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 10:50 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 10:50 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 10:50 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 10:50 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 10:50 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 10:50 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 10:50 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 10:50 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 10:50 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 10:50 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 10:50 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 10:50 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 10:50 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 10:50 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 10:50 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 10:50 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 10:50 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 10:50 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 10:50 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 10:50 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 10:50 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 10:50 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 10:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 10:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 10:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 10:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-03 22:24 - 2014-03-03 22:24 - 00001264 _____ () C:\Users\miezmau71\Desktop\Revo Uninstaller.lnk
2014-03-03 22:24 - 2014-03-03 22:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-03 22:22 - 2014-03-03 22:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\miezmau71\Downloads\revosetup.exe
==================== One Month Modified Files and Folders =======
2014-03-27 18:46 - 2014-03-27 18:46 - 00018576 _____ () C:\Users\miezmau71\Desktop\FRST.txt
2014-03-27 18:46 - 2014-03-27 18:46 - 00000000 ____D () C:\FRST
2014-03-27 18:46 - 2012-10-27 14:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 18:45 - 2014-03-27 18:45 - 02157056 _____ (Farbar) C:\Users\miezmau71\Downloads\FRST64.exe
2014-03-27 18:45 - 2014-03-27 18:45 - 02157056 _____ (Farbar) C:\Users\miezmau71\Desktop\FRST64.exe
2014-03-27 18:45 - 2014-03-27 18:45 - 01145856 _____ (Farbar) C:\Users\miezmau71\Downloads\FRST.exe
2014-03-27 18:43 - 2013-08-09 10:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-27 18:35 - 2013-02-11 20:36 - 00071091 _____ () C:\Windows\setupact.log
2014-03-27 18:28 - 2012-02-21 19:50 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-03-27 18:28 - 2012-02-21 19:50 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-03-27 18:28 - 2009-07-14 06:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 18:25 - 2012-05-10 07:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 18:25 - 2012-05-10 07:01 - 01570889 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 17:47 - 2014-03-27 17:47 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Downloads\tdsskiller (1).exe
2014-03-27 17:42 - 2014-02-04 20:29 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000UA.job
2014-03-27 17:25 - 2014-03-27 17:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Downloads\tdsskiller.exe
2014-03-27 17:25 - 2014-03-27 17:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\miezmau71\Desktop\tdsskiller.exe
2014-03-27 17:19 - 2014-03-27 17:19 - 00000594 _____ () C:\Users\miezmau71\Desktop\emsi.zip
2014-03-27 17:18 - 2014-03-27 17:18 - 00000575 _____ () C:\Users\miezmau71\Desktop\MBRMastr_2014.03.27_17.18.52.txt
2014-03-27 17:18 - 2014-03-27 17:18 - 00000512 _____ () C:\Users\miezmau71\Desktop\emsi.mbr
2014-03-27 17:17 - 2014-03-27 17:17 - 00788728 _____ (Emsisoft GmbH) C:\Users\miezmau71\Downloads\mbrmastr.exe
2014-03-27 17:17 - 2014-03-27 17:17 - 00788728 _____ (Emsisoft GmbH) C:\Users\miezmau71\Desktop\mbrmastr.exe
2014-03-27 17:16 - 2012-05-10 07:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-27 11:57 - 2012-05-10 07:15 - 00000000 ____D () C:\Users\miezmau71\Documents\Youcam
2014-03-27 11:57 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 11:57 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 11:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-25 20:13 - 2014-03-25 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-25 20:10 - 2014-03-25 20:11 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-25 20:10 - 2014-03-25 20:11 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-25 20:10 - 2013-02-17 14:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-25 20:10 - 2013-02-17 14:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-25 20:10 - 2013-02-17 14:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-25 20:08 - 2014-03-25 20:08 - 00921000 _____ (Oracle Corporation) C:\Users\miezmau71\Downloads\chromeinstall-7u51 (1).exe
2014-03-25 19:51 - 2014-03-25 19:51 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-03-25 19:48 - 2012-05-10 07:13 - 00000000 ____D () C:\Users\miezmau71
2014-03-25 19:40 - 2014-03-25 19:39 - 00000000 ____D () C:\Users\miezmau71\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-03-25 19:39 - 2014-03-25 19:39 - 00001812 _____ () C:\Users\miezmau71\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\Users\miezmau71\AppData\Roaming\SUPERAntiSpyware.com
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-25 19:39 - 2014-03-25 19:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-25 19:37 - 2014-03-25 19:37 - 00921000 _____ (Oracle Corporation) C:\Users\miezmau71\Downloads\chromeinstall-7u51.exe
2014-03-25 18:29 - 2014-03-25 18:28 - 29393568 _____ (SUPERAntiSpyware) C:\Users\miezmau71\Desktop\SUPERAntiSpyware.exe
2014-03-25 07:00 - 2014-03-25 07:00 - 00000000 ____D () C:\Users\miezmau71\AppData\Local\{E583DDAF-4D00-449C-9B3C-EFF176E6BB59}
2014-03-25 07:00 - 2012-07-05 12:23 - 00000000 ____D () C:\Users\miezmau71\AppData\Local\Windows Live
2014-03-23 20:42 - 2014-02-04 20:29 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-174627838-266789775-880759636-1000Core.job
2014-03-23 19:29 - 2014-03-23 19:29 - 00002296 _____ () C:\Users\miezmau71\Desktop\aswMBR.txt
2014-03-23 19:29 - 2014-03-23 19:29 - 00000512 _____ () C:\Users\miezmau71\Desktop\MBR.dat
2014-03-23 19:26 - 2014-03-23 19:26 - 04745728 _____ (AVAST Software) C:\Users\miezmau71\Downloads\aswMBR.exe
2014-03-23 19:26 - 2014-03-23 19:26 - 04745728 _____ (AVAST Software) C:\Users\miezmau71\Desktop\aswMBR.exe
2014-03-20 08:51 - 2013-08-15 20:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 08:48 - 2012-02-21 20:44 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 14:22 - 2013-03-15 18:48 - 00000000 ____D () C:\Program Files (x86)\Anno 1701
2014-03-19 14:01 - 2014-03-19 14:01 - 00001896 _____ () C:\Users\Public\Desktop\Anno 1701.lnk
2014-03-19 13:55 - 2012-02-21 23:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-17 08:20 - 2012-05-10 07:07 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 19:43 - 2013-03-15 18:45 - 00000000 ____D () C:\Users\miezmau71\Desktop\Anno 1701
2014-03-14 19:38 - 2014-03-14 19:38 - 00000000 ____D () C:\Users\miezmau71\AppData\Local\{74F7143B-EDE1-48F1-9F56-DDC4F23449A1}
2014-03-14 09:46 - 2012-10-27 14:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 09:46 - 2012-10-27 14:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 09:46 - 2012-02-21 22:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 16:17 - 2009-07-14 05:45 - 00394416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 16:16 - 2013-03-13 19:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 16:16 - 2013-03-13 19:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-03 22:24 - 2014-03-03 22:24 - 00001264 _____ () C:\Users\miezmau71\Desktop\Revo Uninstaller.lnk
2014-03-03 22:24 - 2014-03-03 22:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-03 22:22 - 2014-03-03 22:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\miezmau71\Downloads\revosetup.exe
2014-03-03 17:25 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-01 07:05 - 2014-03-13 10:50 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 10:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 10:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 10:50 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 10:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 10:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 10:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 10:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 10:50 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 10:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 10:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 10:50 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 10:50 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 10:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 10:50 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 10:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 10:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 10:50 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 10:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 10:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 10:50 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 10:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 10:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 10:50 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 10:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 10:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 10:50 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 10:50 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 10:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 10:50 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 10:50 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 10:50 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 10:50 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 10:50 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 10:50 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 10:50 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 10:50 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 10:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 10:50 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 03:01 - 2013-04-18 13:30 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 13:35 - 2013-02-23 03:41 - 00111596 _____ () C:\Windows\PFRO.log
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-23 19:55
==================== End Of Log ============================
|
|
29.03.2014, 09:55
| #6 |
| /// the machine /// TB-Ausbilder | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde alles gut
__________________ --> aswMBR Locked Files, TDSS Killer und MBR Master keine Funde |
|
29.03.2014, 10:45
| #7 |
| | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde Dasch ja zuppa.  Danke für deine Hilfe, auch wenn sie gar nicht benötigt war. |
|
30.03.2014, 07:02
| #8 |
| /// the machine /// TB-Ausbilder | aswMBR Locked Files, TDSS Killer und MBR Master keine Funde Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu aswMBR Locked Files, TDSS Killer und MBR Master keine Funde |
| auswerten, avast, avp, browser, cdrom, classpnp.sys, computer, desktop, detected, dxgkrnl, fontcache, google, hal.dll, harddisk, internet, kaspersky, log, log file, monitor, object, rootkit, scan, security, superantispyware, system, tdss, tunnel, virus, windows, wmp |
Linear-Darstellung
