| |
| |||||||
Log-Analyse und Auswertung: BOO/TDss.O im MasterbootsektorWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.04.2014, 15:22
| #1 |
| |  BOO/TDss.O im Masterbootsektor Hallo liebe Helfer! Ich bekomme schon seit langem von Avira die Meldung "Im Masterbootsektor von Laufwerk"C:" wurde ein Virus oder unerwünschtes Programm "BOO/TDss.O gefunden". Meim momentanes Betriebssystem ist Windows 7. Ich nahm das zuerst nicht so ernst, da ich dachte Avira hat ja gar keinen Zugriff zum Masterbootsektor, nachdem ich aber mal nachgelesen habe nehme ich das jetzt sehr ernst und würde mich freuen wenn mir jemand helfen würde. Ich weiß nicht ob es im direkten Zusammenhang mit diesem "unerwünschten Programm" steht aber ich sag es mal dazu: Manchmal bleibt mein PC einfach so stecken und fängt sich nicht mehr (vor allem beim Abspielen von Video- und Audiodatein). Ich kenn mich leider garnicht gut aus und würde mich über eure Hilfe sehr freuen. Ich habe das Programm "Defogger" runtergeladen und auf disable geklickt und auch die Meldung "finished" bekommen, kann aber nicht mehr machen als wieder auf entweder "Disable" oder "Re-Able" zu drücken. Bei dem Programm Farbar Recovery Scan Tool kamen folgende Meldungen: "Error saving file:C:\FRST\HIVES\BCD ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\SYSTEM ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\SOFTWARE ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\DEFAULT ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\SECRURITY ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\SAM ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\Users\00000001\NTUSER.DAT ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert] "Error saving file:C:\FRST\HIVES\Users\0000002\UsrClass.dat ! Continue with next file? [RegCreatieKeyEx:5 - Zugriff verweigert]" PS: Das Programm hat immer wieder von alleine mit dem Scan angefangen. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by Krisi (ATTENTION: The logged in user is not administrator) on KRISZI-PC on 13-04-2014 16:10:57
Running from C:\Users\Krisi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dropbox, Inc.) C:\Users\Krisi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2013-10-11] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16334880 2009-07-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-14] (Microsoft Corporation)
HKU\S-1-5-21-1173677339-4284917320-2175899030-1003\...\Run: [Global Registration] - C:\Program Files (x86)\Acer\Registration\GREG.exe [2846240 2009-08-28] (Acer Incorporated)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)
Startup: C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Krisi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=aspire_8735&r=27361013n606l0338z1i5t49l1y84p
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=aspire_8735&r=27361013n606l0338z1i5t49l1y84p
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP2A242556-77DE-4E7B-B1EA-B88A6958A7B6&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP2A242556-77DE-4E7B-B1EA-B88A6958A7B6&q={searchTerms}&SSPV=
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deAT557
BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Krisi\AppData\Roaming\Mozilla\Firefox\Profiles\jd544rrd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: New Tab Tools - C:\Users\Krisi\AppData\Roaming\Mozilla\Firefox\Profiles\jd544rrd.default\Extensions\newtabtools@darktrojan.net.xpi [2014-04-11]
FF Extension: Adblock Plus - C:\Users\Krisi\AppData\Roaming\Mozilla\Firefox\Profiles\jd544rrd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-14]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-30]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-30] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-30] (Disc Soft Ltd)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-30] ()
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-13 16:10 - 2014-04-13 16:11 - 00016764 _____ () C:\Users\Krisi\Downloads\FRST.txt
2014-04-13 16:03 - 2014-04-13 16:10 - 00000000 ____D () C:\FRST
2014-04-13 16:03 - 2014-04-13 16:03 - 02157568 _____ (Farbar) C:\Users\Krisi\Downloads\FRST64.exe
2014-04-13 15:59 - 2014-04-13 16:00 - 00000474 _____ () C:\Users\Krisi\Downloads\defogger_disable.log
2014-04-13 15:59 - 2014-04-13 15:59 - 00000168 _____ () C:\Users\Kriszi\defogger_reenable
2014-04-13 15:58 - 2014-04-13 15:58 - 00050477 _____ () C:\Users\Krisi\Downloads\Defogger.exe
2014-04-13 15:47 - 2014-04-13 15:47 - 00035572 _____ () C:\Users\Krisi\Desktop\Ereignisse.txt
2014-04-11 16:20 - 2014-04-11 16:34 - 182856906 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E19.HDTV.x264-LOL.mp4
2014-04-11 16:20 - 2014-04-11 16:33 - 142524325 ____R () C:\Users\Krisi\Desktop\Community.S05E12.HDTV.x264-LOL.mp4
2014-04-11 16:19 - 2014-04-11 16:19 - 00000000 ____D () C:\14bfaf1544747815d3a0499f96
2014-04-09 08:44 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 08:44 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 08:44 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 08:44 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:43 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:43 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:43 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:43 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:43 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:43 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:43 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 20:54 - 2014-04-07 20:57 - 11141230 _____ () C:\Users\Krisi\Desktop\Wahrscheinlichkeitsbsp.zip
2014-04-06 16:09 - 2014-04-06 16:09 - 01069920 _____ (Solid State Networks) C:\Users\Krisi\Downloads\install_reader11_de_mssd_aaa_aih.exe
2014-04-04 22:57 - 2014-04-04 23:01 - 178659622 ____R () C:\Users\Krisi\Desktop\Community.S05E11.HDTV.x264-LOL.mp4
2014-04-04 22:53 - 2014-04-04 22:57 - 195487158 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E18.HDTV.x264-LOL.mp4
2014-04-01 12:31 - 2014-04-01 12:49 - 421354201 ____R () C:\Users\Krisi\Desktop\How.I.Met.Your.Mother.S09E23-E24.HDTV.x264-EXCELLENCE.mp4
2014-03-31 21:32 - 2014-03-31 21:34 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development
2014-03-31 18:57 - 2014-03-31 19:10 - 00000000 ____D () C:\Users\Krisi\Desktop\Frozen (2013) [1080p]
2014-03-30 13:36 - 2014-03-30 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 13:34 - 2014-03-30 13:34 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Risen
2014-03-30 13:25 - 2014-03-30 13:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 13:25 - 2014-03-30 13:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-30 13:19 - 2014-03-30 13:19 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-03-30 12:57 - 2014-03-30 13:17 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:53 - 2014-04-13 16:00 - 00000346 _____ () C:\Windows\Tasks\Acer Registration Reminder.job
2014-03-30 12:53 - 2014-03-30 12:53 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-30 12:52 - 2014-03-30 12:52 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-30 12:51 - 2014-03-30 13:18 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-30 12:44 - 2014-03-30 12:44 - 13429504 _____ (Disc Soft Ltd) C:\Users\Krisi\Downloads\DTLite4491-0356.exe
2014-03-30 12:42 - 2014-03-30 12:43 - 00000000 ____D () C:\Users\Krisi\Desktop\Risen
2014-03-28 18:21 - 2014-03-28 19:22 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-27 21:54 - 2014-03-27 22:12 - 00000000 ____D () C:\Users\Krisi\Desktop\Anchorman 2 The Legend Continues (2013)
2014-03-25 22:08 - 2014-03-25 22:08 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development Seasons 1-3
2014-03-25 13:56 - 2014-03-25 13:56 - 00000000 ____D () C:\Users\Krisi\Desktop\#switch
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-03-20 15:22 - 2014-03-20 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 14:48 - 2014-03-20 15:01 - 00000000 ____D () C:\Users\Krisi\Desktop\Aladdin (1992)
2014-03-20 14:02 - 2014-03-20 14:02 - 00000000 ____D () C:\c867c85914dd7e101d
2014-03-19 19:08 - 2014-03-19 19:12 - 133172497 ____R () C:\Users\Krisi\Desktop\The.Simpsons.S25E14.HDTV.x264-LOL.mp4
2014-03-19 13:04 - 2014-03-19 13:06 - 00000000 ____D () C:\Users\Krisi\Desktop\How I Met Your Mother S09E21 HDTV x264-EXCELLENCE[ettv]
2014-03-18 13:40 - 2014-03-18 13:40 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Room Arranger
2014-03-18 13:27 - 2014-03-20 18:02 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Room Arranger
2014-03-18 13:27 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\Documents\Room Arranger
2014-03-18 13:26 - 2014-03-28 18:58 - 00000000 ____D () C:\Program Files (x86)\Room Arranger
2014-03-18 13:26 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741 (1).exe
2014-03-18 13:25 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741.exe
2014-03-16 12:09 - 2014-03-16 12:13 - 197964391 ____R () C:\Users\Krisi\Desktop\Workaholics.S04E08.HDTV.x264-EXCELLENCE.mp4
2014-03-14 16:37 - 2014-03-14 16:37 - 00000000 ____D () C:\Windows\Sun
2014-03-14 16:35 - 2014-03-14 16:35 - 00000000 ____D () C:\ProgramData\Sun
2014-03-14 16:34 - 2014-03-14 16:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-14 16:34 - 2014-03-14 16:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-14 16:31 - 2014-03-14 16:31 - 29141928 _____ (Oracle Corporation) C:\Users\Krisi\Downloads\jre-7u51-windows-i586.exe
==================== One Month Modified Files and Folders =======
2014-04-13 16:11 - 2014-04-13 16:10 - 00016764 _____ () C:\Users\Krisi\Downloads\FRST.txt
2014-04-13 16:10 - 2014-04-13 16:03 - 00000000 ____D () C:\FRST
2014-04-13 16:03 - 2014-04-13 16:03 - 02157568 _____ (Farbar) C:\Users\Krisi\Downloads\FRST64.exe
2014-04-13 16:03 - 2013-10-11 11:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 16:00 - 2014-04-13 15:59 - 00000474 _____ () C:\Users\Krisi\Downloads\defogger_disable.log
2014-04-13 16:00 - 2014-03-30 12:53 - 00000346 _____ () C:\Windows\Tasks\Acer Registration Reminder.job
2014-04-13 15:59 - 2014-04-13 15:59 - 00000168 _____ () C:\Users\Kriszi\defogger_reenable
2014-04-13 15:59 - 2013-10-11 10:24 - 00000000 ____D () C:\Users\Kriszi
2014-04-13 15:58 - 2014-04-13 15:58 - 00050477 _____ () C:\Users\Krisi\Downloads\Defogger.exe
2014-04-13 15:47 - 2014-04-13 15:47 - 00035572 _____ () C:\Users\Krisi\Desktop\Ereignisse.txt
2014-04-13 15:33 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 15:33 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 15:32 - 2013-10-11 10:15 - 02018071 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 15:27 - 2013-10-14 18:04 - 00000000 ___RD () C:\Users\Krisi\Dropbox
2014-04-13 15:27 - 2013-10-14 18:02 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Dropbox
2014-04-13 15:26 - 2013-10-11 11:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 15:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-13 15:24 - 2009-07-14 06:51 - 00073035 _____ () C:\Windows\setupact.log
2014-04-12 23:26 - 2009-10-29 07:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 23:24 - 2013-10-11 13:38 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\uTorrent
2014-04-12 23:23 - 2013-10-12 15:46 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\vlc
2014-04-11 16:34 - 2014-04-11 16:20 - 182856906 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E19.HDTV.x264-LOL.mp4
2014-04-11 16:33 - 2014-04-11 16:20 - 142524325 ____R () C:\Users\Krisi\Desktop\Community.S05E12.HDTV.x264-LOL.mp4
2014-04-11 16:19 - 2014-04-11 16:19 - 00000000 ____D () C:\14bfaf1544747815d3a0499f96
2014-04-11 16:19 - 2013-10-16 08:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 16:19 - 2013-10-16 08:48 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 16:53 - 2013-11-06 09:54 - 00000000 ____D () C:\Users\Krisi\Desktop\Arbeit
2014-04-07 20:57 - 2014-04-07 20:54 - 11141230 _____ () C:\Users\Krisi\Desktop\Wahrscheinlichkeitsbsp.zip
2014-04-06 16:09 - 2014-04-06 16:09 - 01069920 _____ (Solid State Networks) C:\Users\Krisi\Downloads\install_reader11_de_mssd_aaa_aih.exe
2014-04-04 23:01 - 2014-04-04 22:57 - 178659622 ____R () C:\Users\Krisi\Desktop\Community.S05E11.HDTV.x264-LOL.mp4
2014-04-04 22:57 - 2014-04-04 22:53 - 195487158 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E18.HDTV.x264-LOL.mp4
2014-04-04 22:55 - 2013-10-11 01:57 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-04-04 22:55 - 2013-10-11 01:57 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-04-04 22:55 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 12:49 - 2014-04-01 12:31 - 421354201 ____R () C:\Users\Krisi\Desktop\How.I.Met.Your.Mother.S09E23-E24.HDTV.x264-EXCELLENCE.mp4
2014-03-31 21:34 - 2014-03-31 21:32 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development
2014-03-31 19:10 - 2014-03-31 18:57 - 00000000 ____D () C:\Users\Krisi\Desktop\Frozen (2013) [1080p]
2014-03-31 10:18 - 2013-10-11 13:40 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-31 03:16 - 2014-04-09 08:44 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-09 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-09 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 08:44 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 21:46 - 2013-10-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 14:43 - 2009-10-29 07:42 - 00918596 _____ () C:\Windows\PFRO.log
2014-03-30 13:36 - 2014-03-30 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 13:34 - 2014-03-30 13:34 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Risen
2014-03-30 13:25 - 2014-03-30 13:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 13:25 - 2014-03-30 13:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-30 13:24 - 2013-10-11 10:41 - 00059143 _____ () C:\Windows\DirectX.log
2014-03-30 13:19 - 2014-03-30 13:19 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-03-30 13:19 - 2009-10-28 19:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-30 13:18 - 2014-03-30 12:51 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-30 13:17 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:53 - 2014-03-30 12:53 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-30 12:52 - 2014-03-30 12:52 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-30 12:46 - 2013-10-12 15:22 - 00001283 _____ () C:\Windows\wininit.ini
2014-03-30 12:44 - 2014-03-30 12:44 - 13429504 _____ (Disc Soft Ltd) C:\Users\Krisi\Downloads\DTLite4491-0356.exe
2014-03-30 12:43 - 2014-03-30 12:42 - 00000000 ____D () C:\Users\Krisi\Desktop\Risen
2014-03-28 19:23 - 2013-10-20 16:54 - 00002018 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-03-28 19:22 - 2014-03-28 18:21 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-28 18:58 - 2014-03-18 13:26 - 00000000 ____D () C:\Program Files (x86)\Room Arranger
2014-03-28 18:22 - 2013-10-11 11:03 - 00000000 ____D () C:\Users\Krisi\AppData\Local\VirtualStore
2014-03-27 22:12 - 2014-03-27 21:54 - 00000000 ____D () C:\Users\Krisi\Desktop\Anchorman 2 The Legend Continues (2013)
2014-03-25 22:08 - 2014-03-25 22:08 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development Seasons 1-3
2014-03-25 13:56 - 2014-03-25 13:56 - 00000000 ____D () C:\Users\Krisi\Desktop\#switch
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-03-20 18:02 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Room Arranger
2014-03-20 15:23 - 2014-03-20 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 15:01 - 2014-03-20 14:48 - 00000000 ____D () C:\Users\Krisi\Desktop\Aladdin (1992)
2014-03-20 14:02 - 2014-03-20 14:02 - 00000000 ____D () C:\c867c85914dd7e101d
2014-03-19 19:12 - 2014-03-19 19:08 - 133172497 ____R () C:\Users\Krisi\Desktop\The.Simpsons.S25E14.HDTV.x264-LOL.mp4
2014-03-19 13:06 - 2014-03-19 13:04 - 00000000 ____D () C:\Users\Krisi\Desktop\How I Met Your Mother S09E21 HDTV x264-EXCELLENCE[ettv]
2014-03-18 13:40 - 2014-03-18 13:40 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Room Arranger
2014-03-18 13:27 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\Documents\Room Arranger
2014-03-18 13:26 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741 (1).exe
2014-03-18 13:26 - 2014-03-18 13:25 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741.exe
2014-03-16 12:13 - 2014-03-16 12:09 - 197964391 ____R () C:\Users\Krisi\Desktop\Workaholics.S04E08.HDTV.x264-EXCELLENCE.mp4
2014-03-16 12:08 - 2014-03-04 15:32 - 00000000 ____D () C:\Users\Krisi\Desktop\Dr.Who Seasons 1-7
2014-03-14 16:37 - 2014-03-14 16:37 - 00000000 ____D () C:\Windows\Sun
2014-03-14 16:35 - 2014-03-14 16:35 - 00000000 ____D () C:\ProgramData\Sun
2014-03-14 16:35 - 2014-03-14 16:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-14 16:34 - 2014-03-14 16:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-14 16:34 - 2014-03-14 16:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-14 16:31 - 2014-03-14 16:31 - 29141928 _____ (Oracle Corporation) C:\Users\Krisi\Downloads\jre-7u51-windows-i586.exe
2014-03-14 13:42 - 2013-10-12 22:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 13:42 - 2009-07-14 06:45 - 00427920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 13:41 - 2013-10-12 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\Krisi\AppData\Local\Temp\avgnt.exe
C:\Users\Krisi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Krisi\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2014 01
Ran by Krisi at 2014-04-13 16:12:27
Running from C:\Users\Krisi\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.13.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series Benutzerregistrierung (HKLM-x32\...\Canon MP280 series Benutzerregistrierung) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.55 - Conexant Systems)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Nuvoton EC Generic HID Driver (HKLM-x32\...\{92975DF9-EA36-4F36-A9AC-D412BC1D709E}) (Version: 8.80.1001 - Nuvoton Technology Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version: - CPUID)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.11.11 - Conduit) <==== ATTENTION
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Acer Registration Reminder.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
==================== Loaded Modules (whitelisted) =============
2013-10-11 10:31 - 2013-10-11 10:31 - 00200704 _____ () C:\Windows\PLFSetI.exe
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Krisi\AppData\Roaming\Dropbox\bin\libcef.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2013-10-16 08:58 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-16 08:58 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-30 13:36 - 2014-03-30 13:36 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-19 23:50 - 2014-02-19 23:50 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2014-03-20 15:22 - 2014-03-20 15:23 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-20 15:22 - 2014-03-20 15:23 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-20 15:22 - 2014-03-20 15:23 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-11 13:43 - 2013-09-30 11:01 - 00394824 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/13/2014 03:26:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cltmngui.exe, Version: 2.12.11.11, Zeitstempel: 0x5337f9a1
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00039342
ID des fehlerhaften Prozesses: 0xcec
Startzeit der fehlerhaften Anwendung: 0xcltmngui.exe0
Pfad der fehlerhaften Anwendung: cltmngui.exe1
Pfad des fehlerhaften Moduls: cltmngui.exe2
Berichtskennung: cltmngui.exe3
Error: (04/13/2014 03:26:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GREG.exe, Version: 1.2.3005.0, Zeitstempel: 0x4a850f5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xf2c
Startzeit der fehlerhaften Anwendung: 0xGREG.exe0
Pfad der fehlerhaften Anwendung: GREG.exe1
Pfad des fehlerhaften Moduls: GREG.exe2
Berichtskennung: GREG.exe3
Error: (04/13/2014 03:26:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.15.11.8652, Zeitstempel: 0x4a6f11c6
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.15.11.8652, Zeitstempel: 0x4a6f11c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000408b
ID des fehlerhaften Prozesses: 0xc38
Startzeit der fehlerhaften Anwendung: 0xnvvsvc.exe0
Pfad der fehlerhaften Anwendung: nvvsvc.exe1
Pfad des fehlerhaften Moduls: nvvsvc.exe2
Berichtskennung: nvvsvc.exe3
Error: (04/11/2014 04:32:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cltmngui.exe, Version: 2.12.11.11, Zeitstempel: 0x5337f9a1
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003b1d1
ID des fehlerhaften Prozesses: 0x854
Startzeit der fehlerhaften Anwendung: 0xcltmngui.exe0
Pfad der fehlerhaften Anwendung: cltmngui.exe1
Pfad des fehlerhaften Moduls: cltmngui.exe2
Berichtskennung: cltmngui.exe3
Error: (04/11/2014 04:32:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GREG.exe, Version: 1.2.3005.0, Zeitstempel: 0x4a850f5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xdb4
Startzeit der fehlerhaften Anwendung: 0xGREG.exe0
Pfad der fehlerhaften Anwendung: GREG.exe1
Pfad des fehlerhaften Moduls: GREG.exe2
Berichtskennung: GREG.exe3
Error: (04/11/2014 04:32:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.15.11.8652, Zeitstempel: 0x4a6f11c6
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.15.11.8652, Zeitstempel: 0x4a6f11c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000408b
ID des fehlerhaften Prozesses: 0xa10
Startzeit der fehlerhaften Anwendung: 0xnvvsvc.exe0
Pfad der fehlerhaften Anwendung: nvvsvc.exe1
Pfad des fehlerhaften Moduls: nvvsvc.exe2
Berichtskennung: nvvsvc.exe3
Error: (04/10/2014 08:18:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/10/2014 08:16:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/10/2014 06:31:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GREG.exe, Version: 1.2.3005.0, Zeitstempel: 0x4a850f5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xc44
Startzeit der fehlerhaften Anwendung: 0xGREG.exe0
Pfad der fehlerhaften Anwendung: GREG.exe1
Pfad des fehlerhaften Moduls: GREG.exe2
Berichtskennung: GREG.exe3
Error: (04/10/2014 06:31:12 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Search Protect by Conduit wurde wegen dieses Fehlers geschlossen.
Programm: Search Protect by Conduit
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
System errors:
=============
Error: (04/12/2014 11:23:55 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (04/11/2014 04:28:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 11.04.2014 um 16:25:02 unerwartet heruntergefahren.
Error: (04/10/2014 06:29:26 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.04.2014 um 12:50:09 unerwartet heruntergefahren.
Error: (04/07/2014 08:44:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/07/2014 08:44:38 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (03/31/2014 10:59:48 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (03/31/2014 06:05:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/31/2014 06:05:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (03/30/2014 02:44:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/30/2014 02:44:53 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 4090.93 MB
Available physical RAM: 2220.3 MB
Total Pagefile: 8180.04 MB
Available Pagefile: 6011.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:133.97 GB) NTFS
Drive d: (dle) (CDROM) (Total:4.37 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
ATTFilter Exportierte Ereignisse:
13.04.2014 15:26 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
13.04.2014 15:26 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
13.04.2014 15:23 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
13.04.2014 15:23 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
11.04.2014 16:30 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
11.04.2014 16:30 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
10.04.2014 18:30 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
10.04.2014 18:30 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
08.04.2014 11:31 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
08.04.2014 11:31 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.04.2014 12:01 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.04.2014 12:01 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.04.2014 08:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.04.2014 08:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
04.04.2014 22:49 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
04.04.2014 22:49 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
04.04.2014 10:21 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
04.04.2014 10:21 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
02.04.2014 14:24 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
02.04.2014 14:24 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
01.04.2014 17:25 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
01.04.2014 17:25 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
01.04.2014 07:35 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
01.04.2014 07:35 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.03.2014 18:06 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.03.2014 18:06 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.03.2014 10:13 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.03.2014 10:13 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 21:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 21:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 14:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 14:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 12:35 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
30.03.2014 12:35 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 18:27 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 18:27 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 18:20 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 18:20 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 06:46 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.03.2014 06:46 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
27.03.2014 20:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
27.03.2014 20:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.03.2014 23:25 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.03.2014 23:25 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.03.2014 21:28 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.03.2014 21:28 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
25.03.2014 12:12 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
25.03.2014 12:12 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 17:46 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 17:46 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 15:29 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 15:29 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 10:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
24.03.2014 10:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
23.03.2014 21:38 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
23.03.2014 21:38 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.03.2014 13:22 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.03.2014 13:22 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.03.2014 18:04 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.03.2014 18:04 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.03.2014 13:25 [System-Scanner] Malware gefunden
Die Datei 'Bootsektor 'HDD0(C:)''
enthielt einen Virus oder unerwünschtes Programm 'BOO/TDss.O' [virus].
Durchgeführte Aktion(en):
Enthält Code des Bootsektorvirus BOO/TDss.O.
19.03.2014 11:27 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.03.2014 11:27 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
18.03.2014 11:04 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
18.03.2014 11:04 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2014 17:03 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2014 17:03 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.03.2014 09:33 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.03.2014 09:33 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.03.2014 15:23 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
15.03.2014 15:23 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Honigdachs |
|
13.04.2014, 15:50
| #2 |
  | BOO/TDss.O im Masterbootsektor Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Ich bedanke mich für deine Geduld  |
|
13.04.2014, 16:50
| #3 |
| | BOO/TDss.O im Masterbootsektor Vielen vielen Dank
__________________ |
|
14.04.2014, 01:54
| #4 |
| | BOO/TDss.O im Masterbootsektor Hallo Honigdachs23 und Ich werde dir bei der Bereinigung des Computers helfen.
Alle Tools müssen unter einem Administrator-Account laufen. Schritt 1 Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
14.04.2014, 08:01
| #5 |
| | BOO/TDss.O im Masterbootsektor Anhang 66198 Code:
ATTFilter Detected Windows version: 6.1 Build 7601 Service Pack 1
Installing direct disk access driver ...
Driver connection handle: 0x0000011C
1 valid drive(s) found.
Details for Disk 0 - ST932032 5AS Rev 0001:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 38913/255/63
Boot loader reputation : Known Good (Windows Vista)
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : 8DF43F2BDE2D9451948FA14B5279969C777A7979
MD5 : 5C616939100B85E558DA92B899A0FC36
Code:
ATTFilter 08:54:51.0433 0x1438 TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
08:56:01.0233 0x1438 ============================================================
08:56:01.0233 0x1438 Current date / time: 2014/04/14 08:56:01.0233
08:56:01.0233 0x1438 SystemInfo:
08:56:01.0233 0x1438
08:56:01.0233 0x1438 OS Version: 6.1.7601 ServicePack: 1.0
08:56:01.0233 0x1438 Product type: Workstation
08:56:01.0234 0x1438 ComputerName: KRISZI-PC
08:56:01.0234 0x1438 UserName: Kriszi
08:56:01.0234 0x1438 Windows directory: C:\Windows
08:56:01.0234 0x1438 System windows directory: C:\Windows
08:56:01.0234 0x1438 Running under WOW64
08:56:01.0234 0x1438 Processor architecture: Intel x64
08:56:01.0234 0x1438 Number of processors: 2
08:56:01.0234 0x1438 Page size: 0x1000
08:56:01.0234 0x1438 Boot type: Normal boot
08:56:01.0234 0x1438 ============================================================
08:56:01.0734 0x1438 KLMD registered as C:\Windows\system32\drivers\39614295.sys
08:56:01.0972 0x1438 System UUID: {B75C98AF-BCA1-89F8-6162-B81CE0ABDF27}
08:56:02.0810 0x1438 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:56:02.0818 0x1438 ============================================================
08:56:02.0818 0x1438 \Device\Harddisk0\DR0:
08:56:02.0818 0x1438 MBR partitions:
08:56:02.0818 0x1438 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
08:56:02.0818 0x1438 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
08:56:02.0818 0x1438 ============================================================
08:56:02.0848 0x1438 C: <-> \Device\Harddisk0\DR0\Partition2
08:56:02.0848 0x1438 ============================================================
08:56:02.0848 0x1438 Initialize success
08:56:02.0848 0x1438 ============================================================
08:56:50.0568 0x0c14 ============================================================
08:56:50.0568 0x0c14 Scan started
08:56:50.0568 0x0c14 Mode: Manual; SigCheck; TDLFS;
08:56:50.0568 0x0c14 ============================================================
08:56:50.0568 0x0c14 KSN ping started
08:57:00.0308 0x0c14 KSN ping finished: true
08:57:01.0197 0x0c14 ================ Scan system memory ========================
08:57:01.0197 0x0c14 System memory - ok
08:57:01.0198 0x0c14 ================ Scan services =============================
08:57:01.0419 0x0c14 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:57:01.0549 0x0c14 1394ohci - ok
08:57:01.0596 0x0c14 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:57:01.0632 0x0c14 ACPI - ok
08:57:01.0663 0x0c14 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:57:01.0763 0x0c14 AcpiPmi - ok
08:57:01.0828 0x0c14 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:57:01.0878 0x0c14 adp94xx - ok
08:57:01.0926 0x0c14 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:57:01.0958 0x0c14 adpahci - ok
08:57:01.0991 0x0c14 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:57:02.0018 0x0c14 adpu320 - ok
08:57:02.0045 0x0c14 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:57:02.0184 0x0c14 AeLookupSvc - ok
08:57:02.0255 0x0c14 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
08:57:02.0424 0x0c14 AFD - ok
08:57:02.0516 0x0c14 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
08:57:02.0702 0x0c14 AgereSoftModem - ok
08:57:02.0742 0x0c14 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
08:57:02.0764 0x0c14 agp440 - ok
08:57:02.0808 0x0c14 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
08:57:02.0908 0x0c14 ALG - ok
08:57:02.0972 0x0c14 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
08:57:02.0990 0x0c14 aliide - ok
08:57:03.0009 0x0c14 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
08:57:03.0028 0x0c14 amdide - ok
08:57:03.0051 0x0c14 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:57:03.0141 0x0c14 AmdK8 - ok
08:57:03.0164 0x0c14 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:57:03.0208 0x0c14 AmdPPM - ok
08:57:03.0244 0x0c14 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:57:03.0268 0x0c14 amdsata - ok
08:57:03.0296 0x0c14 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:57:03.0323 0x0c14 amdsbs - ok
08:57:03.0353 0x0c14 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:57:03.0373 0x0c14 amdxata - ok
08:57:03.0482 0x0c14 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:57:03.0548 0x0c14 AntiVirSchedulerService - ok
08:57:03.0585 0x0c14 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:57:03.0619 0x0c14 AntiVirService - ok
08:57:03.0686 0x0c14 [ DAB48CB546A895C3FC6219F298CC6DD7, 6E1B1402E4D63412C6FF47E9184636A7E7065089564C1A6C8BE0728D99F7FDBA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
08:57:03.0822 0x0c14 AntiVirWebService - ok
08:57:03.0909 0x0c14 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
08:57:04.0145 0x0c14 AppID - ok
08:57:04.0177 0x0c14 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:57:04.0274 0x0c14 AppIDSvc - ok
08:57:04.0345 0x0c14 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
08:57:04.0420 0x0c14 Appinfo - ok
08:57:04.0456 0x0c14 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:57:04.0479 0x0c14 arc - ok
08:57:04.0514 0x0c14 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:57:04.0538 0x0c14 arcsas - ok
08:57:04.0690 0x0c14 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:57:04.0746 0x0c14 aspnet_state - ok
08:57:04.0779 0x0c14 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:57:04.0857 0x0c14 AsyncMac - ok
08:57:04.0903 0x0c14 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
08:57:04.0929 0x0c14 atapi - ok
08:57:05.0020 0x0c14 [ 88A02B6046356E6BE4E387FAA7451439, 6F9ADE0F5278191EE2A46F8517BB7CB5AB3D279D248E39BB6060B8FE3E52DF30 ] athr C:\Windows\system32\DRIVERS\athrx.sys
08:57:05.0183 0x0c14 athr - ok
08:57:05.0251 0x0c14 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
08:57:05.0299 0x0c14 atksgt - ok
08:57:05.0358 0x0c14 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:57:05.0445 0x0c14 AudioEndpointBuilder - ok
08:57:05.0490 0x0c14 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:57:05.0546 0x0c14 AudioSrv - ok
08:57:05.0570 0x0c14 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:57:05.0594 0x0c14 avgntflt - ok
08:57:05.0637 0x0c14 [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:57:05.0654 0x0c14 avipbb - ok
08:57:05.0687 0x0c14 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:57:05.0703 0x0c14 avkmgr - ok
08:57:05.0727 0x0c14 [ 3DE0EBA0BF4771C897F544CBF7CB8973, 6A032503561414EDCE0D123947AECACBAFE4BBF7D9849BA2DF010E28235973AB ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
08:57:05.0759 0x0c14 avnetflt - ok
08:57:05.0842 0x0c14 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:57:05.0978 0x0c14 AxInstSV - ok
08:57:06.0027 0x0c14 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:57:06.0109 0x0c14 b06bdrv - ok
08:57:06.0145 0x0c14 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:57:06.0196 0x0c14 b57nd60a - ok
08:57:06.0274 0x0c14 [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:57:06.0477 0x0c14 BCM43XX - ok
08:57:06.0502 0x0c14 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
08:57:06.0560 0x0c14 BDESVC - ok
08:57:06.0591 0x0c14 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
08:57:06.0649 0x0c14 Beep - ok
08:57:06.0722 0x0c14 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
08:57:06.0831 0x0c14 BFE - ok
08:57:06.0882 0x0c14 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
08:57:07.0008 0x0c14 BITS - ok
08:57:07.0043 0x0c14 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:57:07.0080 0x0c14 blbdrive - ok
08:57:07.0115 0x0c14 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:57:07.0152 0x0c14 bowser - ok
08:57:07.0178 0x0c14 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:57:07.0253 0x0c14 BrFiltLo - ok
08:57:07.0277 0x0c14 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:57:07.0298 0x0c14 BrFiltUp - ok
08:57:07.0337 0x0c14 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
08:57:07.0384 0x0c14 Browser - ok
08:57:07.0414 0x0c14 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:57:07.0466 0x0c14 Brserid - ok
08:57:07.0484 0x0c14 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:57:07.0522 0x0c14 BrSerWdm - ok
08:57:07.0551 0x0c14 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:57:07.0595 0x0c14 BrUsbMdm - ok
08:57:07.0601 0x0c14 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:57:07.0648 0x0c14 BrUsbSer - ok
08:57:07.0680 0x0c14 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:57:07.0723 0x0c14 BTHMODEM - ok
08:57:07.0762 0x0c14 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
08:57:07.0851 0x0c14 bthserv - ok
08:57:07.0903 0x0c14 [ D1787E11C6A0078DDEAF8CF3EE2AB293, 15362A48EFF3DDD6C6D9B333CB7F5FE835B60A256B29467AD749DCFAC6C761D3 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
08:57:07.0991 0x0c14 CAXHWAZL - ok
08:57:08.0020 0x0c14 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:57:08.0090 0x0c14 cdfs - ok
08:57:08.0145 0x0c14 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:57:08.0188 0x0c14 cdrom - ok
08:57:08.0221 0x0c14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
08:57:08.0294 0x0c14 CertPropSvc - ok
08:57:08.0339 0x0c14 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:57:08.0381 0x0c14 circlass - ok
08:57:08.0427 0x0c14 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
08:57:08.0462 0x0c14 CLFS - ok
08:57:08.0521 0x0c14 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:08.0557 0x0c14 clr_optimization_v2.0.50727_32 - ok
08:57:08.0595 0x0c14 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:57:08.0614 0x0c14 clr_optimization_v2.0.50727_64 - ok
08:57:08.0704 0x0c14 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:57:08.0781 0x0c14 clr_optimization_v4.0.30319_32 - ok
08:57:08.0797 0x0c14 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:57:08.0852 0x0c14 clr_optimization_v4.0.30319_64 - ok
08:57:09.0164 0x0c14 [ F31EAD497B8CBE16895A3B7B201C4EAE, D47ACD137FCC7433C83B56B7C4F6707F2AB4460485EC44FEA1E4C377920BA923 ] CltMngSvc C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
08:57:09.0247 0x0c14 CltMngSvc - ok
08:57:09.0275 0x0c14 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:57:09.0313 0x0c14 CmBatt - ok
08:57:09.0338 0x0c14 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:57:09.0357 0x0c14 cmdide - ok
08:57:09.0399 0x0c14 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
08:57:09.0462 0x0c14 CNG - ok
08:57:09.0517 0x0c14 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:57:09.0536 0x0c14 Compbatt - ok
08:57:09.0580 0x0c14 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:57:09.0619 0x0c14 CompositeBus - ok
08:57:09.0635 0x0c14 COMSysApp - ok
08:57:09.0708 0x0c14 [ D0C2CAA17C7B6D2200E1B5AA9D07135E, 5B3705B47DC15F2B61CA3821B883B9CD114D83FCC3344D11EB1D3DF495D75ABE ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
08:57:09.0739 0x0c14 cpuz135 - ok
08:57:09.0770 0x0c14 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:57:09.0789 0x0c14 crcdisk - ok
08:57:09.0832 0x0c14 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:57:09.0897 0x0c14 CryptSvc - ok
08:57:09.0946 0x0c14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:57:10.0025 0x0c14 DcomLaunch - ok
08:57:10.0066 0x0c14 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
08:57:10.0156 0x0c14 defragsvc - ok
08:57:10.0198 0x0c14 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:57:10.0259 0x0c14 DfsC - ok
08:57:10.0298 0x0c14 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:57:10.0384 0x0c14 Dhcp - ok
08:57:10.0417 0x0c14 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
08:57:10.0489 0x0c14 discache - ok
08:57:10.0529 0x0c14 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:57:10.0554 0x0c14 Disk - ok
08:57:10.0645 0x0c14 [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
08:57:10.0665 0x0c14 DKbFltr - ok
08:57:10.0714 0x0c14 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:57:10.0773 0x0c14 Dnscache - ok
08:57:10.0809 0x0c14 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
08:57:10.0894 0x0c14 dot3svc - ok
08:57:10.0939 0x0c14 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
08:57:10.0994 0x0c14 DPS - ok
08:57:11.0026 0x0c14 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:57:11.0057 0x0c14 drmkaud - ok
08:57:11.0121 0x0c14 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:57:11.0174 0x0c14 dtsoftbus01 - ok
08:57:11.0228 0x0c14 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:57:11.0322 0x0c14 DXGKrnl - ok
08:57:11.0362 0x0c14 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
08:57:11.0423 0x0c14 EapHost - ok
08:57:11.0583 0x0c14 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:57:11.0819 0x0c14 ebdrv - ok
08:57:11.0863 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
08:57:11.0902 0x0c14 EFS - ok
08:57:11.0987 0x0c14 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:57:12.0084 0x0c14 ehRecvr - ok
08:57:12.0113 0x0c14 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
08:57:12.0159 0x0c14 ehSched - ok
08:57:12.0229 0x0c14 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:57:12.0280 0x0c14 elxstor - ok
08:57:12.0415 0x0c14 [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
08:57:12.0494 0x0c14 ePowerSvc - ok
08:57:12.0526 0x0c14 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:57:12.0589 0x0c14 ErrDev - ok
08:57:12.0667 0x0c14 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
08:57:12.0762 0x0c14 EventSystem - ok
08:57:12.0786 0x0c14 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
08:57:12.0854 0x0c14 exfat - ok
08:57:12.0898 0x0c14 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:57:12.0987 0x0c14 fastfat - ok
08:57:13.0061 0x0c14 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
08:57:13.0152 0x0c14 Fax - ok
08:57:13.0186 0x0c14 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:57:13.0221 0x0c14 fdc - ok
08:57:13.0247 0x0c14 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
08:57:13.0303 0x0c14 fdPHost - ok
08:57:13.0317 0x0c14 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
08:57:13.0383 0x0c14 FDResPub - ok
08:57:13.0402 0x0c14 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:57:13.0424 0x0c14 FileInfo - ok
08:57:13.0450 0x0c14 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:57:13.0520 0x0c14 Filetrace - ok
08:57:13.0549 0x0c14 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:57:13.0569 0x0c14 flpydisk - ok
08:57:13.0602 0x0c14 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:57:13.0634 0x0c14 FltMgr - ok
08:57:13.0736 0x0c14 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
08:57:13.0828 0x0c14 FontCache - ok
08:57:13.0879 0x0c14 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:57:13.0910 0x0c14 FontCache3.0.0.0 - ok
08:57:13.0934 0x0c14 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:57:13.0956 0x0c14 FsDepends - ok
08:57:13.0988 0x0c14 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:57:14.0008 0x0c14 Fs_Rec - ok
08:57:14.0055 0x0c14 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:57:14.0091 0x0c14 fvevol - ok
08:57:14.0113 0x0c14 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:57:14.0134 0x0c14 gagp30kx - ok
08:57:14.0181 0x0c14 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
08:57:14.0272 0x0c14 gpsvc - ok
08:57:14.0371 0x0c14 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
08:57:14.0448 0x0c14 Greg_Service - ok
08:57:14.0567 0x0c14 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:57:14.0589 0x0c14 gupdate - ok
08:57:14.0633 0x0c14 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:57:14.0655 0x0c14 gupdatem - ok
08:57:14.0703 0x0c14 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:57:14.0740 0x0c14 gusvc - ok
08:57:14.0771 0x0c14 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:57:14.0833 0x0c14 hcw85cir - ok
08:57:14.0887 0x0c14 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:57:14.0934 0x0c14 HdAudAddService - ok
08:57:14.0967 0x0c14 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:57:15.0006 0x0c14 HDAudBus - ok
08:57:15.0037 0x0c14 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:57:15.0079 0x0c14 HidBatt - ok
08:57:15.0124 0x0c14 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:57:15.0166 0x0c14 HidBth - ok
08:57:15.0193 0x0c14 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:57:15.0230 0x0c14 HidIr - ok
08:57:15.0256 0x0c14 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
08:57:15.0321 0x0c14 hidserv - ok
08:57:15.0359 0x0c14 [ 93A55379CF5FBEE665467F7216E23282, C8E40C70128D3ED1E70B2EDD019EEEFE35C7CE8B2300EA2DE9F2C3962A555688 ] hidshim C:\Windows\system32\DRIVERS\hidshim.sys
08:57:15.0391 0x0c14 hidshim - ok
08:57:15.0440 0x0c14 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:57:15.0466 0x0c14 HidUsb - ok
08:57:15.0490 0x0c14 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:57:15.0555 0x0c14 hkmsvc - ok
08:57:15.0609 0x0c14 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:57:15.0705 0x0c14 HomeGroupListener - ok
08:57:15.0743 0x0c14 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:57:15.0784 0x0c14 HomeGroupProvider - ok
08:57:15.0820 0x0c14 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:57:15.0843 0x0c14 HpSAMD - ok
08:57:15.0895 0x0c14 [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
08:57:15.0947 0x0c14 HsfXAudioService - ok
08:57:16.0035 0x0c14 [ 26C5D00321937E49B6BC91029947D094, 610BBA49EAB5926FBC4B7990A64A8C3E5B7634CB25A39FC4D9104DD60FA3451A ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
08:57:16.0144 0x0c14 HSF_DPV - ok
08:57:16.0202 0x0c14 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:57:16.0322 0x0c14 HTTP - ok
08:57:16.0352 0x0c14 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:57:16.0369 0x0c14 hwpolicy - ok
08:57:16.0403 0x0c14 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:57:16.0428 0x0c14 i8042prt - ok
08:57:16.0493 0x0c14 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
08:57:16.0537 0x0c14 IAANTMON - ok
08:57:16.0568 0x0c14 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:57:16.0588 0x0c14 iaStor - ok
08:57:16.0645 0x0c14 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:57:16.0691 0x0c14 iaStorV - ok
08:57:16.0766 0x0c14 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:57:16.0842 0x0c14 idsvc - ok
08:57:16.0886 0x0c14 IEEtwCollectorService - ok
08:57:17.0137 0x0c14 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:57:17.0482 0x0c14 igfx - ok
08:57:17.0520 0x0c14 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:57:17.0541 0x0c14 iirsp - ok
08:57:17.0590 0x0c14 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
08:57:17.0679 0x0c14 IKEEXT - ok
08:57:17.0703 0x0c14 IntcAzAudAddService - ok
08:57:17.0743 0x0c14 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
08:57:17.0762 0x0c14 intelide - ok
08:57:17.0797 0x0c14 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:57:17.0837 0x0c14 intelppm - ok
08:57:17.0869 0x0c14 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:57:17.0927 0x0c14 IPBusEnum - ok
08:57:17.0991 0x0c14 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:57:18.0053 0x0c14 IpFilterDriver - ok
08:57:18.0096 0x0c14 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:57:18.0183 0x0c14 iphlpsvc - ok
08:57:18.0211 0x0c14 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:57:18.0237 0x0c14 IPMIDRV - ok
08:57:18.0268 0x0c14 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:57:18.0330 0x0c14 IPNAT - ok
08:57:18.0358 0x0c14 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:57:18.0451 0x0c14 IRENUM - ok
08:57:18.0496 0x0c14 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:57:18.0527 0x0c14 isapnp - ok
08:57:18.0574 0x0c14 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:57:18.0629 0x0c14 iScsiPrt - ok
08:57:18.0664 0x0c14 [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
08:57:18.0696 0x0c14 k57nd60a - ok
08:57:18.0717 0x0c14 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:57:18.0739 0x0c14 kbdclass - ok
08:57:18.0770 0x0c14 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:57:18.0810 0x0c14 kbdhid - ok
08:57:18.0840 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
08:57:18.0856 0x0c14 KeyIso - ok
08:57:18.0890 0x0c14 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:57:18.0929 0x0c14 KSecDD - ok
08:57:18.0955 0x0c14 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:57:18.0991 0x0c14 KSecPkg - ok
08:57:19.0010 0x0c14 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:57:19.0068 0x0c14 ksthunk - ok
08:57:19.0111 0x0c14 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
08:57:19.0214 0x0c14 KtmRm - ok
08:57:19.0248 0x0c14 [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
08:57:19.0281 0x0c14 L1E - ok
08:57:19.0309 0x0c14 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:57:19.0388 0x0c14 LanmanServer - ok
08:57:19.0424 0x0c14 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:57:19.0492 0x0c14 LanmanWorkstation - ok
08:57:19.0568 0x0c14 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
08:57:19.0590 0x0c14 lirsgt - ok
08:57:19.0615 0x0c14 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:57:19.0677 0x0c14 lltdio - ok
08:57:19.0720 0x0c14 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:57:19.0803 0x0c14 lltdsvc - ok
08:57:19.0820 0x0c14 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:57:19.0859 0x0c14 lmhosts - ok
08:57:19.0910 0x0c14 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:57:19.0933 0x0c14 LSI_FC - ok
08:57:19.0954 0x0c14 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:57:19.0977 0x0c14 LSI_SAS - ok
08:57:19.0991 0x0c14 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:57:20.0014 0x0c14 LSI_SAS2 - ok
08:57:20.0031 0x0c14 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:57:20.0054 0x0c14 LSI_SCSI - ok
08:57:20.0085 0x0c14 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
08:57:20.0146 0x0c14 luafv - ok
08:57:20.0197 0x0c14 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:57:20.0258 0x0c14 Mcx2Svc - ok
08:57:20.0281 0x0c14 [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:57:20.0316 0x0c14 mdmxsdk - ok
08:57:20.0349 0x0c14 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:57:20.0372 0x0c14 megasas - ok
08:57:20.0407 0x0c14 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:57:20.0440 0x0c14 MegaSR - ok
08:57:20.0512 0x0c14 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:57:20.0538 0x0c14 Microsoft Office Groove Audit Service - ok
08:57:20.0581 0x0c14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
08:57:20.0643 0x0c14 MMCSS - ok
08:57:20.0677 0x0c14 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
08:57:20.0731 0x0c14 Modem - ok
08:57:20.0752 0x0c14 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:57:20.0792 0x0c14 monitor - ok
08:57:20.0809 0x0c14 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:57:20.0830 0x0c14 mouclass - ok
08:57:20.0855 0x0c14 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:57:20.0887 0x0c14 mouhid - ok
08:57:20.0929 0x0c14 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:57:20.0952 0x0c14 mountmgr - ok
08:57:21.0027 0x0c14 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:57:21.0057 0x0c14 MozillaMaintenance - ok
08:57:21.0100 0x0c14 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
08:57:21.0128 0x0c14 mpio - ok
08:57:21.0161 0x0c14 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:57:21.0224 0x0c14 mpsdrv - ok
08:57:21.0282 0x0c14 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:57:21.0387 0x0c14 MpsSvc - ok
08:57:21.0426 0x0c14 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:57:21.0492 0x0c14 MRxDAV - ok
08:57:21.0516 0x0c14 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:57:21.0586 0x0c14 mrxsmb - ok
08:57:21.0622 0x0c14 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:57:21.0682 0x0c14 mrxsmb10 - ok
08:57:21.0704 0x0c14 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:57:21.0730 0x0c14 mrxsmb20 - ok
08:57:21.0768 0x0c14 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
08:57:21.0798 0x0c14 msahci - ok
08:57:21.0817 0x0c14 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:57:21.0842 0x0c14 msdsm - ok
08:57:21.0865 0x0c14 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
08:57:21.0912 0x0c14 MSDTC - ok
08:57:21.0955 0x0c14 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:57:21.0999 0x0c14 Msfs - ok
08:57:22.0020 0x0c14 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:57:22.0076 0x0c14 mshidkmdf - ok
08:57:22.0106 0x0c14 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:57:22.0127 0x0c14 msisadrv - ok
08:57:22.0174 0x0c14 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:57:22.0251 0x0c14 MSiSCSI - ok
08:57:22.0257 0x0c14 msiserver - ok
08:57:22.0291 0x0c14 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:57:22.0366 0x0c14 MSKSSRV - ok
08:57:22.0395 0x0c14 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:57:22.0442 0x0c14 MSPCLOCK - ok
08:57:22.0449 0x0c14 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:57:22.0504 0x0c14 MSPQM - ok
08:57:22.0540 0x0c14 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:57:22.0572 0x0c14 MsRPC - ok
08:57:22.0598 0x0c14 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:57:22.0616 0x0c14 mssmbios - ok
08:57:22.0647 0x0c14 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:57:22.0696 0x0c14 MSTEE - ok
08:57:22.0717 0x0c14 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:57:22.0753 0x0c14 MTConfig - ok
08:57:22.0777 0x0c14 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
08:57:22.0799 0x0c14 Mup - ok
08:57:22.0820 0x0c14 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
08:57:22.0835 0x0c14 mwlPSDFilter - ok
08:57:22.0849 0x0c14 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
08:57:22.0864 0x0c14 mwlPSDNServ - ok
08:57:22.0891 0x0c14 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
08:57:22.0909 0x0c14 mwlPSDVDisk - ok
08:57:22.0970 0x0c14 [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
08:57:23.0008 0x0c14 MWLService - ok
08:57:23.0051 0x0c14 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
08:57:23.0121 0x0c14 napagent - ok
08:57:23.0174 0x0c14 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:57:23.0225 0x0c14 NativeWifiP - ok
08:57:23.0305 0x0c14 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
08:57:23.0342 0x0c14 NDIS - ok
08:57:23.0383 0x0c14 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:57:23.0429 0x0c14 NdisCap - ok
08:57:23.0449 0x0c14 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:57:23.0507 0x0c14 NdisTapi - ok
08:57:23.0546 0x0c14 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:57:23.0600 0x0c14 Ndisuio - ok
08:57:23.0639 0x0c14 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:57:23.0698 0x0c14 NdisWan - ok
08:57:23.0734 0x0c14 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:57:23.0797 0x0c14 NDProxy - ok
08:57:23.0828 0x0c14 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:57:23.0881 0x0c14 NetBIOS - ok
08:57:23.0908 0x0c14 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:57:23.0981 0x0c14 NetBT - ok
08:57:24.0012 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
08:57:24.0027 0x0c14 Netlogon - ok
08:57:24.0072 0x0c14 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
08:57:24.0154 0x0c14 Netman - ok
08:57:24.0245 0x0c14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:24.0323 0x0c14 NetMsmqActivator - ok
08:57:24.0347 0x0c14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:24.0363 0x0c14 NetPipeActivator - ok
08:57:24.0399 0x0c14 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
08:57:24.0483 0x0c14 netprofm - ok
08:57:24.0519 0x0c14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:24.0536 0x0c14 NetTcpActivator - ok
08:57:24.0545 0x0c14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:24.0562 0x0c14 NetTcpPortSharing - ok
08:57:24.0605 0x0c14 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:57:24.0626 0x0c14 nfrd960 - ok
08:57:24.0656 0x0c14 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:57:24.0713 0x0c14 NlaSvc - ok
08:57:24.0738 0x0c14 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:57:24.0783 0x0c14 Npfs - ok
08:57:24.0809 0x0c14 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
08:57:24.0873 0x0c14 nsi - ok
08:57:24.0896 0x0c14 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:57:24.0944 0x0c14 nsiproxy - ok
08:57:25.0044 0x0c14 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:57:25.0196 0x0c14 Ntfs - ok
08:57:25.0275 0x0c14 [ 14E66F603FB187713AEB02AD3B0390CF, E4025ECBEC50B85E3A860763053243C47E3FCE76F2348429C03827240A8DF3B6 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
08:57:25.0306 0x0c14 NTI IScheduleSvc - ok
08:57:25.0353 0x0c14 [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
08:57:25.0372 0x0c14 NTIBackupSvc - ok
08:57:25.0411 0x0c14 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
08:57:25.0429 0x0c14 NTIDrvr - ok
08:57:25.0456 0x0c14 [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
08:57:25.0514 0x0c14 NTISchedulerSvc - ok
08:57:25.0541 0x0c14 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
08:57:25.0587 0x0c14 Null - ok
08:57:25.0611 0x0c14 [ D46FAA5D102B065610C7CD5855E9C08B, C6D6834256926FE85B7410D084AA65C6553571D67371A63B6132A40AA63A009B ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
08:57:25.0647 0x0c14 nuvotonhidgeneric - ok
08:57:25.0693 0x0c14 [ 6E41A4DF26340A07A489B721F9721EC1, C4CF1F9A9B51897FA91113FE41C214D7869D8C3053E8C6C5CC1A8BF3D3452EF0 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
08:57:25.0713 0x0c14 NVHDA - ok
08:57:26.0148 0x0c14 [ 24F526274353FF7BB93D99D238E582DA, 050FBD95BC1073EF366577133DF47C77088F5B935E08EE33C2A31F1AD4D41202 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:57:26.0734 0x0c14 nvlddmkm - ok
08:57:26.0809 0x0c14 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:57:26.0833 0x0c14 nvraid - ok
08:57:26.0854 0x0c14 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:57:26.0880 0x0c14 nvstor - ok
08:57:26.0929 0x0c14 [ AAD3B6F3E5B9FE1D29BF627904F6120F, 24EE5A642E1C2D3AF3F1A95F634564DED32BAE5EA97DBAC3F9D0CF97DFA9B94B ] nvsvc C:\Windows\system32\nvvsvc.exe
08:57:26.0949 0x0c14 nvsvc - ok
08:57:26.0983 0x0c14 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:57:27.0008 0x0c14 nv_agp - ok
08:57:27.0089 0x0c14 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:57:27.0158 0x0c14 odserv - ok
08:57:27.0187 0x0c14 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:57:27.0213 0x0c14 ohci1394 - ok
08:57:27.0270 0x0c14 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:57:27.0298 0x0c14 ose - ok
08:57:27.0346 0x0c14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:57:27.0408 0x0c14 p2pimsvc - ok
08:57:27.0451 0x0c14 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
08:57:27.0513 0x0c14 p2psvc - ok
08:57:27.0548 0x0c14 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:57:27.0583 0x0c14 Parport - ok
08:57:27.0608 0x0c14 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:57:27.0635 0x0c14 partmgr - ok
08:57:27.0703 0x0c14 [ 9665402B7FA59302D520AD845DDFC026, 7FFE81F5402005FBD947A7440C12A206C58F3FDAE33F3E96987C334057CDB79E ] Partner Service C:\ProgramData\Partner\Partner.exe
08:57:27.0746 0x0c14 Partner Service - ok
08:57:27.0781 0x0c14 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
08:57:27.0828 0x0c14 PcaSvc - ok
08:57:27.0855 0x0c14 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
08:57:27.0883 0x0c14 pci - ok
08:57:27.0919 0x0c14 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
08:57:27.0947 0x0c14 pciide - ok
08:57:27.0980 0x0c14 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:57:28.0009 0x0c14 pcmcia - ok
08:57:28.0031 0x0c14 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
08:57:28.0050 0x0c14 pcw - ok
08:57:28.0145 0x0c14 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
08:57:28.0257 0x0c14 PDF Architect Helper Service - ok
08:57:28.0309 0x0c14 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
08:57:28.0382 0x0c14 PDF Architect Service - ok
08:57:28.0419 0x0c14 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:57:28.0523 0x0c14 PEAUTH - ok
08:57:28.0604 0x0c14 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:57:28.0633 0x0c14 PerfHost - ok
08:57:28.0722 0x0c14 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
08:57:28.0875 0x0c14 pla - ok
08:57:28.0943 0x0c14 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:57:29.0021 0x0c14 PlugPlay - ok
08:57:29.0040 0x0c14 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:57:29.0078 0x0c14 PNRPAutoReg - ok
08:57:29.0108 0x0c14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:57:29.0133 0x0c14 PNRPsvc - ok
08:57:29.0168 0x0c14 [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64 C:\Windows\system32\DRIVERS\point64.sys
08:57:29.0187 0x0c14 Point64 - ok
08:57:29.0230 0x0c14 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:57:29.0325 0x0c14 PolicyAgent - ok
08:57:29.0363 0x0c14 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
08:57:29.0417 0x0c14 Power - ok
08:57:29.0444 0x0c14 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:57:29.0504 0x0c14 PptpMiniport - ok
08:57:29.0537 0x0c14 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:57:29.0585 0x0c14 Processor - ok
08:57:29.0615 0x0c14 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
08:57:29.0665 0x0c14 ProfSvc - ok
08:57:29.0680 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:57:29.0695 0x0c14 ProtectedStorage - ok
08:57:29.0727 0x0c14 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:57:29.0784 0x0c14 Psched - ok
08:57:29.0857 0x0c14 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:57:29.0958 0x0c14 ql2300 - ok
08:57:29.0991 0x0c14 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:57:30.0017 0x0c14 ql40xx - ok
08:57:30.0043 0x0c14 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
08:57:30.0097 0x0c14 QWAVE - ok
08:57:30.0120 0x0c14 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:57:30.0160 0x0c14 QWAVEdrv - ok
08:57:30.0177 0x0c14 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:57:30.0232 0x0c14 RasAcd - ok
08:57:30.0285 0x0c14 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:57:30.0331 0x0c14 RasAgileVpn - ok
08:57:30.0356 0x0c14 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
08:57:30.0413 0x0c14 RasAuto - ok
08:57:30.0441 0x0c14 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:57:30.0501 0x0c14 Rasl2tp - ok
08:57:30.0540 0x0c14 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
08:57:30.0618 0x0c14 RasMan - ok
08:57:30.0650 0x0c14 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:57:30.0765 0x0c14 RasPppoe - ok
08:57:30.0783 0x0c14 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:57:30.0846 0x0c14 RasSstp - ok
08:57:30.0884 0x0c14 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:57:30.0951 0x0c14 rdbss - ok
08:57:30.0973 0x0c14 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:57:31.0001 0x0c14 rdpbus - ok
08:57:31.0021 0x0c14 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:57:31.0076 0x0c14 RDPCDD - ok
08:57:31.0112 0x0c14 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:57:31.0165 0x0c14 RDPENCDD - ok
08:57:31.0187 0x0c14 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:57:31.0230 0x0c14 RDPREFMP - ok
08:57:31.0291 0x0c14 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:57:31.0337 0x0c14 RdpVideoMiniport - ok
08:57:31.0375 0x0c14 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:57:31.0423 0x0c14 RDPWD - ok
08:57:31.0472 0x0c14 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:57:31.0503 0x0c14 rdyboost - ok
08:57:31.0531 0x0c14 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:57:31.0598 0x0c14 RemoteAccess - ok
08:57:31.0634 0x0c14 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:57:31.0706 0x0c14 RemoteRegistry - ok
08:57:31.0731 0x0c14 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:57:31.0796 0x0c14 RpcEptMapper - ok
08:57:31.0835 0x0c14 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
08:57:31.0876 0x0c14 RpcLocator - ok
08:57:31.0922 0x0c14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
08:57:31.0977 0x0c14 RpcSs - ok
08:57:32.0017 0x0c14 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:57:32.0075 0x0c14 rspndr - ok
08:57:32.0141 0x0c14 [ 2DB8116D52B19216812C4E6D5D837810, 00A524FF80DE69B6B6CA767C90723E833891C006AB43E65A1F6F14C38B8F2427 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
08:57:32.0188 0x0c14 RSUSBSTOR - ok
08:57:32.0202 0x0c14 RtsUIR - ok
08:57:32.0222 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
08:57:32.0241 0x0c14 SamSs - ok
08:57:32.0271 0x0c14 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:57:32.0296 0x0c14 sbp2port - ok
08:57:32.0328 0x0c14 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:57:32.0407 0x0c14 SCardSvr - ok
08:57:32.0436 0x0c14 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:57:32.0491 0x0c14 scfilter - ok
08:57:32.0549 0x0c14 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
08:57:32.0677 0x0c14 Schedule - ok
08:57:32.0708 0x0c14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:57:32.0755 0x0c14 SCPolicySvc - ok
08:57:32.0781 0x0c14 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:57:32.0857 0x0c14 SDRSVC - ok
08:57:33.0017 0x0c14 [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
08:57:33.0135 0x0c14 SDScannerService - ok
08:57:33.0227 0x0c14 [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
08:57:33.0295 0x0c14 SDUpdateService - ok
08:57:33.0330 0x0c14 [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
08:57:33.0346 0x0c14 SDWSCService - ok
08:57:33.0373 0x0c14 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:57:33.0432 0x0c14 secdrv - ok
08:57:33.0455 0x0c14 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
08:57:33.0528 0x0c14 seclogon - ok
08:57:33.0567 0x0c14 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
08:57:33.0638 0x0c14 SENS - ok
08:57:33.0661 0x0c14 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:57:33.0728 0x0c14 SensrSvc - ok
08:57:33.0776 0x0c14 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:57:33.0810 0x0c14 Serenum - ok
08:57:33.0828 0x0c14 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:57:33.0864 0x0c14 Serial - ok
08:57:33.0895 0x0c14 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:57:33.0916 0x0c14 sermouse - ok
08:57:33.0963 0x0c14 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
08:57:34.0036 0x0c14 SessionEnv - ok
08:57:34.0065 0x0c14 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:57:34.0099 0x0c14 sffdisk - ok
08:57:34.0114 0x0c14 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:57:34.0143 0x0c14 sffp_mmc - ok
08:57:34.0159 0x0c14 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:57:34.0193 0x0c14 sffp_sd - ok
08:57:34.0221 0x0c14 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:57:34.0251 0x0c14 sfloppy - ok
08:57:34.0297 0x0c14 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:57:34.0389 0x0c14 SharedAccess - ok
08:57:34.0441 0x0c14 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:57:34.0526 0x0c14 ShellHWDetection - ok
08:57:34.0564 0x0c14 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:57:34.0585 0x0c14 SiSRaid2 - ok
08:57:34.0605 0x0c14 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:57:34.0627 0x0c14 SiSRaid4 - ok
08:57:34.0659 0x0c14 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:57:34.0717 0x0c14 Smb - ok
08:57:34.0775 0x0c14 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:57:34.0833 0x0c14 SNMPTRAP - ok
08:57:34.0862 0x0c14 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
08:57:34.0879 0x0c14 spldr - ok
08:57:34.0922 0x0c14 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
08:57:35.0021 0x0c14 Spooler - ok
08:57:35.0182 0x0c14 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
08:57:35.0437 0x0c14 sppsvc - ok
08:57:35.0479 0x0c14 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:57:35.0547 0x0c14 sppuinotify - ok
08:57:35.0584 0x0c14 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:57:35.0637 0x0c14 srv - ok
08:57:35.0667 0x0c14 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:57:35.0720 0x0c14 srv2 - ok
08:57:35.0765 0x0c14 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
08:57:35.0803 0x0c14 SrvHsfHDA - ok
08:57:35.0879 0x0c14 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:57:36.0012 0x0c14 SrvHsfV92 - ok
08:57:36.0077 0x0c14 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
08:57:36.0160 0x0c14 SrvHsfWinac - ok
08:57:36.0200 0x0c14 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:57:36.0263 0x0c14 srvnet - ok
08:57:36.0307 0x0c14 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:57:36.0402 0x0c14 SSDPSRV - ok
08:57:36.0418 0x0c14 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:57:36.0465 0x0c14 SstpSvc - ok
08:57:36.0491 0x0c14 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:57:36.0511 0x0c14 stexstor - ok
08:57:36.0553 0x0c14 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
08:57:36.0631 0x0c14 stisvc - ok
08:57:36.0662 0x0c14 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
08:57:36.0681 0x0c14 swenum - ok
08:57:36.0716 0x0c14 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
08:57:36.0831 0x0c14 swprv - ok
08:57:36.0879 0x0c14 [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:57:36.0907 0x0c14 SynTP - ok
08:57:37.0003 0x0c14 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
08:57:37.0161 0x0c14 SysMain - ok
08:57:37.0198 0x0c14 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:57:37.0248 0x0c14 TabletInputService - ok
08:57:37.0276 0x0c14 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
08:57:37.0353 0x0c14 TapiSrv - ok
08:57:37.0388 0x0c14 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
08:57:37.0449 0x0c14 TBS - ok
08:57:37.0545 0x0c14 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:57:37.0699 0x0c14 Tcpip - ok
08:57:37.0810 0x0c14 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:57:37.0876 0x0c14 TCPIP6 - ok
08:57:37.0910 0x0c14 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:57:37.0971 0x0c14 tcpipreg - ok
08:57:38.0014 0x0c14 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:57:38.0061 0x0c14 TDPIPE - ok
08:57:38.0095 0x0c14 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:57:38.0150 0x0c14 TDTCP - ok
08:57:38.0193 0x0c14 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:57:38.0242 0x0c14 tdx - ok
08:57:38.0275 0x0c14 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
08:57:38.0297 0x0c14 TermDD - ok
08:57:38.0333 0x0c14 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
08:57:38.0444 0x0c14 TermService - ok
08:57:38.0485 0x0c14 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
08:57:38.0535 0x0c14 Themes - ok
08:57:38.0563 0x0c14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
08:57:38.0604 0x0c14 THREADORDER - ok
08:57:38.0661 0x0c14 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
08:57:38.0722 0x0c14 TrkWks - ok
08:57:38.0762 0x0c14 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:57:38.0827 0x0c14 TrustedInstaller - ok
08:57:38.0860 0x0c14 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:57:38.0924 0x0c14 tssecsrv - ok
08:57:38.0959 0x0c14 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:57:39.0006 0x0c14 TsUsbFlt - ok
08:57:39.0043 0x0c14 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:57:39.0101 0x0c14 tunnel - ok
08:57:39.0137 0x0c14 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:57:39.0160 0x0c14 uagp35 - ok
08:57:39.0177 0x0c14 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
08:57:39.0194 0x0c14 UBHelper - ok
08:57:39.0232 0x0c14 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:57:39.0301 0x0c14 udfs - ok
08:57:39.0330 0x0c14 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:57:39.0357 0x0c14 UI0Detect - ok
08:57:39.0379 0x0c14 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:57:39.0400 0x0c14 uliagpkx - ok
08:57:39.0423 0x0c14 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
08:57:39.0454 0x0c14 umbus - ok
08:57:39.0478 0x0c14 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:57:39.0515 0x0c14 UmPass - ok
08:57:39.0609 0x0c14 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
08:57:39.0630 0x0c14 Updater Service - ok
08:57:39.0671 0x0c14 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
08:57:39.0749 0x0c14 upnphost - ok
08:57:39.0776 0x0c14 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:57:39.0831 0x0c14 usbccgp - ok
08:57:39.0836 0x0c14 USBCCID - ok
08:57:39.0880 0x0c14 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:57:39.0922 0x0c14 usbcir - ok
08:57:39.0943 0x0c14 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:57:39.0983 0x0c14 usbehci - ok
08:57:40.0032 0x0c14 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:57:40.0090 0x0c14 usbhub - ok
08:57:40.0120 0x0c14 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:57:40.0160 0x0c14 usbohci - ok
08:57:40.0202 0x0c14 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:57:40.0243 0x0c14 usbprint - ok
08:57:40.0285 0x0c14 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:57:40.0336 0x0c14 usbscan - ok
08:57:40.0372 0x0c14 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:57:40.0427 0x0c14 USBSTOR - ok
08:57:40.0450 0x0c14 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:57:40.0468 0x0c14 usbuhci - ok
08:57:40.0495 0x0c14 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:57:40.0540 0x0c14 usbvideo - ok
08:57:40.0566 0x0c14 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
08:57:40.0616 0x0c14 UxSms - ok
08:57:40.0629 0x0c14 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
08:57:40.0645 0x0c14 VaultSvc - ok
08:57:40.0670 0x0c14 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:57:40.0690 0x0c14 vdrvroot - ok
08:57:40.0745 0x0c14 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
08:57:40.0827 0x0c14 vds - ok
08:57:40.0862 0x0c14 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:57:40.0884 0x0c14 vga - ok
08:57:40.0904 0x0c14 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:57:40.0962 0x0c14 VgaSave - ok
08:57:40.0997 0x0c14 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:57:41.0031 0x0c14 vhdmp - ok
08:57:41.0069 0x0c14 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
08:57:41.0091 0x0c14 viaide - ok
08:57:41.0113 0x0c14 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:57:41.0136 0x0c14 volmgr - ok
08:57:41.0190 0x0c14 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:57:41.0265 0x0c14 volmgrx - ok
08:57:41.0316 0x0c14 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:57:41.0349 0x0c14 volsnap - ok
08:57:41.0391 0x0c14 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:57:41.0418 0x0c14 vsmraid - ok
08:57:41.0501 0x0c14 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
08:57:41.0651 0x0c14 VSS - ok
08:57:41.0678 0x0c14 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:57:41.0702 0x0c14 vwifibus - ok
08:57:41.0713 0x0c14 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:57:41.0740 0x0c14 vwififlt - ok
08:57:41.0777 0x0c14 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
08:57:41.0858 0x0c14 W32Time - ok
08:57:41.0879 0x0c14 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:57:41.0910 0x0c14 WacomPen - ok
08:57:41.0958 0x0c14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:57:42.0014 0x0c14 WANARP - ok
08:57:42.0020 0x0c14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:57:42.0059 0x0c14 Wanarpv6 - ok
08:57:42.0164 0x0c14 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:57:42.0297 0x0c14 WatAdminSvc - ok
08:57:42.0394 0x0c14 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
08:57:42.0529 0x0c14 wbengine - ok
08:57:42.0571 0x0c14 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:57:42.0616 0x0c14 WbioSrvc - ok
08:57:42.0667 0x0c14 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:57:42.0758 0x0c14 wcncsvc - ok
08:57:42.0776 0x0c14 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:57:42.0826 0x0c14 WcsPlugInService - ok
08:57:42.0847 0x0c14 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:57:42.0867 0x0c14 Wd - ok
08:57:42.0929 0x0c14 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:57:43.0014 0x0c14 Wdf01000 - ok
08:57:43.0042 0x0c14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:57:43.0153 0x0c14 WdiServiceHost - ok
08:57:43.0174 0x0c14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:57:43.0201 0x0c14 WdiSystemHost - ok
08:57:43.0234 0x0c14 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
08:57:43.0281 0x0c14 WebClient - ok
08:57:43.0313 0x0c14 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:57:43.0419 0x0c14 Wecsvc - ok
08:57:43.0445 0x0c14 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:57:43.0498 0x0c14 wercplsupport - ok
08:57:43.0519 0x0c14 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
08:57:43.0562 0x0c14 WerSvc - ok
08:57:43.0590 0x0c14 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:57:43.0633 0x0c14 WfpLwf - ok
08:57:43.0644 0x0c14 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:57:43.0664 0x0c14 WIMMount - ok
08:57:43.0739 0x0c14 [ A6EA7A3FC4B00F48535B506DB1E86EFD, B2A28C0438BA679D760FB8B68289D625CF6204DFF8000A285B5CA68417314F65 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
08:57:43.0848 0x0c14 winachsf - ok
08:57:43.0878 0x0c14 WinDefend - ok
08:57:43.0888 0x0c14 WinHttpAutoProxySvc - ok
08:57:43.0946 0x0c14 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:57:44.0020 0x0c14 Winmgmt - ok
08:57:44.0139 0x0c14 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
08:57:44.0358 0x0c14 WinRM - ok
08:57:44.0434 0x0c14 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:57:44.0472 0x0c14 WinUsb - ok
08:57:44.0543 0x0c14 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:57:44.0664 0x0c14 Wlansvc - ok
08:57:44.0694 0x0c14 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:57:44.0712 0x0c14 WmiAcpi - ok
08:57:44.0745 0x0c14 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:57:44.0787 0x0c14 wmiApSrv - ok
08:57:44.0826 0x0c14 WMPNetworkSvc - ok
08:57:44.0855 0x0c14 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:57:44.0899 0x0c14 WPCSvc - ok
08:57:44.0933 0x0c14 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:57:44.0964 0x0c14 WPDBusEnum - ok
08:57:44.0985 0x0c14 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:57:45.0044 0x0c14 ws2ifsl - ok
08:57:45.0070 0x0c14 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
08:57:45.0112 0x0c14 wscsvc - ok
08:57:45.0118 0x0c14 WSearch - ok
08:57:45.0246 0x0c14 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
08:57:45.0380 0x0c14 wuauserv - ok
08:57:45.0421 0x0c14 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:57:45.0474 0x0c14 WudfPf - ok
08:57:45.0515 0x0c14 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:57:45.0562 0x0c14 WUDFRd - ok
08:57:45.0588 0x0c14 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:57:45.0630 0x0c14 wudfsvc - ok
08:57:45.0667 0x0c14 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
08:57:45.0732 0x0c14 WwanSvc - ok
08:57:45.0757 0x0c14 [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
08:57:45.0786 0x0c14 XAudio - ok
08:57:45.0806 0x0c14 ================ Scan global ===============================
08:57:45.0834 0x0c14 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:57:45.0866 0x0c14 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:57:45.0896 0x0c14 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:57:45.0921 0x0c14 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:57:45.0967 0x0c14 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:57:45.0977 0x0c14 [ Global ] - ok
08:57:45.0977 0x0c14 ================ Scan MBR ==================================
08:57:45.0996 0x0c14 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:57:46.0102 0x0c14 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
08:57:46.0102 0x0c14 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
08:57:55.0952 0x0c14 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
08:57:55.0952 0x0c14 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:58:05.0651 0x0c14 ================ Scan VBR ==================================
08:58:05.0713 0x0c14 [ 904C567745952755899D081D059D86AA ] \Device\Harddisk0\DR0\Partition1
08:58:05.0717 0x0c14 \Device\Harddisk0\DR0\Partition1 - ok
08:58:05.0724 0x0c14 [ CDCBD88920F38265637E894C20608E5C ] \Device\Harddisk0\DR0\Partition2
08:58:05.0727 0x0c14 \Device\Harddisk0\DR0\Partition2 - ok
08:58:05.0800 0x0c14 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
08:58:05.0806 0x0c14 Win FW state via NFP2: enabled
08:58:15.0492 0x0c14 ============================================================
08:58:15.0492 0x0c14 Scan finished
08:58:15.0492 0x0c14 ============================================================
08:58:15.0510 0x1934 Detected object count: 2
08:58:15.0510 0x1934 Actual detected object count: 2
08:58:42.0614 0x1934 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
08:58:42.0614 0x1934 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
08:58:42.0615 0x1934 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:58:42.0615 0x1934 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
14.04.2014, 14:56
| #6 |
| | BOO/TDss.O im Masterbootsektor Entfernen wir den mal. Schritt 1 Starte bitte TDSS Killer nochmal.
Mache nun anschließend einen Scan mit Avira und schaue, ob Avira immer noch etwas findet. |
|
14.04.2014, 20:32
| #7 |
| | BOO/TDss.O im Masterbootsektor Hallo! Passt hab beides gecured/deleted Code:
ATTFilter 16:52:59.0703 0x10ac TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
16:53:05.0203 0x10ac ============================================================
16:53:05.0203 0x10ac Current date / time: 2014/04/14 16:53:05.0203
16:53:05.0203 0x10ac SystemInfo:
16:53:05.0203 0x10ac
16:53:05.0203 0x10ac OS Version: 6.1.7601 ServicePack: 1.0
16:53:05.0204 0x10ac Product type: Workstation
16:53:05.0204 0x10ac ComputerName: KRISZI-PC
16:53:05.0204 0x10ac UserName: Kriszi
16:53:05.0204 0x10ac Windows directory: C:\Windows
16:53:05.0204 0x10ac System windows directory: C:\Windows
16:53:05.0204 0x10ac Running under WOW64
16:53:05.0204 0x10ac Processor architecture: Intel x64
16:53:05.0204 0x10ac Number of processors: 2
16:53:05.0204 0x10ac Page size: 0x1000
16:53:05.0204 0x10ac Boot type: Normal boot
16:53:05.0204 0x10ac ============================================================
16:53:05.0657 0x10ac KLMD registered as C:\Windows\system32\drivers\98980394.sys
16:53:06.0056 0x10ac System UUID: {B75C98AF-BCA1-89F8-6162-B81CE0ABDF27}
16:53:06.0792 0x10ac Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:06.0803 0x10ac ============================================================
16:53:06.0803 0x10ac \Device\Harddisk0\DR0:
16:53:06.0804 0x10ac MBR partitions:
16:53:06.0804 0x10ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
16:53:06.0804 0x10ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
16:53:06.0804 0x10ac ============================================================
16:53:06.0829 0x10ac C: <-> \Device\Harddisk0\DR0\Partition2
16:53:06.0829 0x10ac ============================================================
16:53:06.0830 0x10ac Initialize success
16:53:06.0830 0x10ac ============================================================
16:53:15.0942 0x0ff4 ============================================================
16:53:15.0942 0x0ff4 Scan started
16:53:15.0942 0x0ff4 Mode: Manual; SigCheck; TDLFS;
16:53:15.0942 0x0ff4 ============================================================
16:53:15.0942 0x0ff4 KSN ping started
16:53:25.0789 0x0ff4 KSN ping finished: true
16:53:26.0191 0x0ff4 ================ Scan system memory ========================
16:53:26.0191 0x0ff4 System memory - ok
16:53:26.0196 0x0ff4 ================ Scan services =============================
16:53:26.0570 0x0ff4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:53:26.0751 0x0ff4 1394ohci - ok
16:53:26.0857 0x0ff4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:53:26.0894 0x0ff4 ACPI - ok
16:53:26.0921 0x0ff4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:53:27.0057 0x0ff4 AcpiPmi - ok
16:53:27.0120 0x0ff4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:53:27.0166 0x0ff4 adp94xx - ok
16:53:27.0239 0x0ff4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:53:27.0279 0x0ff4 adpahci - ok
16:53:27.0304 0x0ff4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:53:27.0332 0x0ff4 adpu320 - ok
16:53:27.0380 0x0ff4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:53:27.0595 0x0ff4 AeLookupSvc - ok
16:53:27.0693 0x0ff4 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
16:53:27.0833 0x0ff4 AFD - ok
16:53:27.0936 0x0ff4 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:53:28.0097 0x0ff4 AgereSoftModem - ok
16:53:28.0142 0x0ff4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:53:28.0167 0x0ff4 agp440 - ok
16:53:28.0242 0x0ff4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:53:28.0448 0x0ff4 ALG - ok
16:53:28.0527 0x0ff4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:53:28.0552 0x0ff4 aliide - ok
16:53:28.0586 0x0ff4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:53:28.0610 0x0ff4 amdide - ok
16:53:28.0672 0x0ff4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:53:28.0748 0x0ff4 AmdK8 - ok
16:53:28.0774 0x0ff4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:53:28.0821 0x0ff4 AmdPPM - ok
16:53:28.0898 0x0ff4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:53:28.0926 0x0ff4 amdsata - ok
16:53:28.0972 0x0ff4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:53:29.0070 0x0ff4 amdsbs - ok
16:53:29.0116 0x0ff4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:53:29.0157 0x0ff4 amdxata - ok
16:53:29.0537 0x0ff4 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:53:29.0611 0x0ff4 AntiVirSchedulerService - ok
16:53:29.0735 0x0ff4 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:53:29.0808 0x0ff4 AntiVirService - ok
16:53:29.0857 0x0ff4 [ DAB48CB546A895C3FC6219F298CC6DD7, 6E1B1402E4D63412C6FF47E9184636A7E7065089564C1A6C8BE0728D99F7FDBA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:53:29.0962 0x0ff4 AntiVirWebService - ok
16:53:30.0004 0x0ff4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:53:30.0292 0x0ff4 AppID - ok
16:53:30.0338 0x0ff4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:53:30.0454 0x0ff4 AppIDSvc - ok
16:53:30.0504 0x0ff4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:53:30.0563 0x0ff4 Appinfo - ok
16:53:30.0595 0x0ff4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:53:30.0625 0x0ff4 arc - ok
16:53:30.0642 0x0ff4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:53:30.0681 0x0ff4 arcsas - ok
16:53:30.0861 0x0ff4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:53:30.0892 0x0ff4 aspnet_state - ok
16:53:30.0917 0x0ff4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:53:30.0973 0x0ff4 AsyncMac - ok
16:53:31.0019 0x0ff4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:53:31.0034 0x0ff4 atapi - ok
16:53:31.0125 0x0ff4 [ 88A02B6046356E6BE4E387FAA7451439, 6F9ADE0F5278191EE2A46F8517BB7CB5AB3D279D248E39BB6060B8FE3E52DF30 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:53:31.0311 0x0ff4 athr - ok
16:53:31.0378 0x0ff4 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
16:53:31.0426 0x0ff4 atksgt - ok
16:53:31.0485 0x0ff4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:53:31.0573 0x0ff4 AudioEndpointBuilder - ok
16:53:31.0623 0x0ff4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:53:31.0687 0x0ff4 AudioSrv - ok
16:53:31.0730 0x0ff4 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:53:31.0759 0x0ff4 avgntflt - ok
16:53:31.0841 0x0ff4 [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:53:31.0866 0x0ff4 avipbb - ok
16:53:31.0891 0x0ff4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:53:31.0910 0x0ff4 avkmgr - ok
16:53:31.0931 0x0ff4 [ 3DE0EBA0BF4771C897F544CBF7CB8973, 6A032503561414EDCE0D123947AECACBAFE4BBF7D9849BA2DF010E28235973AB ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:53:31.0945 0x0ff4 avnetflt - ok
16:53:32.0015 0x0ff4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:53:32.0177 0x0ff4 AxInstSV - ok
16:53:32.0230 0x0ff4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:53:32.0338 0x0ff4 b06bdrv - ok
16:53:32.0374 0x0ff4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:53:32.0453 0x0ff4 b57nd60a - ok
16:53:32.0546 0x0ff4 [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:53:32.0741 0x0ff4 BCM43XX - ok
16:53:32.0774 0x0ff4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:53:32.0869 0x0ff4 BDESVC - ok
16:53:32.0905 0x0ff4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:53:32.0957 0x0ff4 Beep - ok
16:53:33.0025 0x0ff4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:53:33.0125 0x0ff4 BFE - ok
16:53:33.0175 0x0ff4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:53:33.0267 0x0ff4 BITS - ok
16:53:33.0291 0x0ff4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:53:33.0328 0x0ff4 blbdrive - ok
16:53:33.0363 0x0ff4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:53:33.0389 0x0ff4 bowser - ok
16:53:33.0437 0x0ff4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:53:33.0480 0x0ff4 BrFiltLo - ok
16:53:33.0514 0x0ff4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:53:33.0557 0x0ff4 BrFiltUp - ok
16:53:33.0599 0x0ff4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:53:33.0662 0x0ff4 Browser - ok
16:53:33.0706 0x0ff4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:53:33.0792 0x0ff4 Brserid - ok
16:53:33.0931 0x0ff4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:53:33.0968 0x0ff4 BrSerWdm - ok
16:53:34.0008 0x0ff4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:53:34.0040 0x0ff4 BrUsbMdm - ok
16:53:34.0046 0x0ff4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:53:34.0083 0x0ff4 BrUsbSer - ok
16:53:34.0115 0x0ff4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:53:34.0160 0x0ff4 BTHMODEM - ok
16:53:34.0208 0x0ff4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:53:34.0291 0x0ff4 bthserv - ok
16:53:34.0340 0x0ff4 [ D1787E11C6A0078DDEAF8CF3EE2AB293, 15362A48EFF3DDD6C6D9B333CB7F5FE835B60A256B29467AD749DCFAC6C761D3 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
16:53:34.0496 0x0ff4 CAXHWAZL - ok
16:53:34.0565 0x0ff4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:53:34.0702 0x0ff4 cdfs - ok
16:53:34.0767 0x0ff4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:53:34.0833 0x0ff4 cdrom - ok
16:53:34.0880 0x0ff4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:53:34.0939 0x0ff4 CertPropSvc - ok
16:53:35.0005 0x0ff4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:53:35.0077 0x0ff4 circlass - ok
16:53:35.0115 0x0ff4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:53:35.0142 0x0ff4 CLFS - ok
16:53:35.0220 0x0ff4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:35.0260 0x0ff4 clr_optimization_v2.0.50727_32 - ok
16:53:35.0294 0x0ff4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:53:35.0315 0x0ff4 clr_optimization_v2.0.50727_64 - ok
16:53:35.0402 0x0ff4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:53:35.0419 0x0ff4 clr_optimization_v4.0.30319_32 - ok
16:53:35.0441 0x0ff4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:53:35.0458 0x0ff4 clr_optimization_v4.0.30319_64 - ok
16:53:35.0790 0x0ff4 [ F31EAD497B8CBE16895A3B7B201C4EAE, D47ACD137FCC7433C83B56B7C4F6707F2AB4460485EC44FEA1E4C377920BA923 ] CltMngSvc C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
16:53:35.0964 0x0ff4 CltMngSvc - ok
16:53:36.0018 0x0ff4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:53:36.0083 0x0ff4 CmBatt - ok
16:53:36.0125 0x0ff4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:53:36.0153 0x0ff4 cmdide - ok
16:53:36.0242 0x0ff4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:53:36.0312 0x0ff4 CNG - ok
16:53:36.0381 0x0ff4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:53:36.0403 0x0ff4 Compbatt - ok
16:53:36.0588 0x0ff4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:53:36.0644 0x0ff4 CompositeBus - ok
16:53:36.0666 0x0ff4 COMSysApp - ok
16:53:36.0781 0x0ff4 [ D0C2CAA17C7B6D2200E1B5AA9D07135E, 5B3705B47DC15F2B61CA3821B883B9CD114D83FCC3344D11EB1D3DF495D75ABE ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
16:53:36.0811 0x0ff4 cpuz135 - ok
16:53:36.0844 0x0ff4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:53:36.0873 0x0ff4 crcdisk - ok
16:53:36.0927 0x0ff4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:53:37.0003 0x0ff4 CryptSvc - ok
16:53:37.0184 0x0ff4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:53:37.0283 0x0ff4 DcomLaunch - ok
16:53:37.0349 0x0ff4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:53:37.0422 0x0ff4 defragsvc - ok
16:53:37.0468 0x0ff4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:53:37.0544 0x0ff4 DfsC - ok
16:53:37.0603 0x0ff4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:53:37.0696 0x0ff4 Dhcp - ok
16:53:37.0757 0x0ff4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:53:37.0834 0x0ff4 discache - ok
16:53:37.0866 0x0ff4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:53:37.0887 0x0ff4 Disk - ok
16:53:37.0971 0x0ff4 [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
16:53:37.0997 0x0ff4 DKbFltr - ok
16:53:38.0041 0x0ff4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:53:38.0149 0x0ff4 Dnscache - ok
16:53:38.0201 0x0ff4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:53:38.0281 0x0ff4 dot3svc - ok
16:53:38.0332 0x0ff4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:53:38.0391 0x0ff4 DPS - ok
16:53:38.0441 0x0ff4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:53:38.0506 0x0ff4 drmkaud - ok
16:53:38.0608 0x0ff4 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:53:38.0734 0x0ff4 dtsoftbus01 - ok
16:53:38.0886 0x0ff4 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:53:38.0984 0x0ff4 DXGKrnl - ok
16:53:39.0030 0x0ff4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:53:39.0092 0x0ff4 EapHost - ok
16:53:39.0290 0x0ff4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:53:39.0619 0x0ff4 ebdrv - ok
16:53:39.0765 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
16:53:39.0955 0x0ff4 EFS - ok
16:53:40.0086 0x0ff4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:53:40.0276 0x0ff4 ehRecvr - ok
16:53:40.0310 0x0ff4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:53:40.0376 0x0ff4 ehSched - ok
16:53:40.0427 0x0ff4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:53:40.0488 0x0ff4 elxstor - ok
16:53:40.0614 0x0ff4 [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:53:40.0680 0x0ff4 ePowerSvc - ok
16:53:40.0711 0x0ff4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:53:40.0765 0x0ff4 ErrDev - ok
16:53:40.0834 0x0ff4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:53:40.0911 0x0ff4 EventSystem - ok
16:53:40.0938 0x0ff4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:53:41.0010 0x0ff4 exfat - ok
16:53:41.0036 0x0ff4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:53:41.0108 0x0ff4 fastfat - ok
16:53:41.0181 0x0ff4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:53:41.0285 0x0ff4 Fax - ok
16:53:41.0316 0x0ff4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:53:41.0353 0x0ff4 fdc - ok
16:53:41.0399 0x0ff4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:53:41.0472 0x0ff4 fdPHost - ok
16:53:41.0502 0x0ff4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:53:41.0572 0x0ff4 FDResPub - ok
16:53:41.0587 0x0ff4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:53:41.0608 0x0ff4 FileInfo - ok
16:53:41.0635 0x0ff4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:53:41.0709 0x0ff4 Filetrace - ok
16:53:41.0745 0x0ff4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:53:41.0767 0x0ff4 flpydisk - ok
16:53:41.0798 0x0ff4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:53:41.0827 0x0ff4 FltMgr - ok
16:53:41.0919 0x0ff4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:53:42.0026 0x0ff4 FontCache - ok
16:53:42.0075 0x0ff4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:53:42.0105 0x0ff4 FontCache3.0.0.0 - ok
16:53:42.0141 0x0ff4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:53:42.0165 0x0ff4 FsDepends - ok
16:53:42.0195 0x0ff4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:53:42.0222 0x0ff4 Fs_Rec - ok
16:53:42.0262 0x0ff4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:53:42.0288 0x0ff4 fvevol - ok
16:53:42.0309 0x0ff4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:53:42.0337 0x0ff4 gagp30kx - ok
16:53:42.0388 0x0ff4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:53:42.0486 0x0ff4 gpsvc - ok
16:53:42.0591 0x0ff4 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
16:53:42.0633 0x0ff4 Greg_Service - ok
16:53:42.0694 0x0ff4 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:42.0712 0x0ff4 gupdate - ok
16:53:42.0749 0x0ff4 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:42.0763 0x0ff4 gupdatem - ok
16:53:42.0819 0x0ff4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:53:42.0852 0x0ff4 gusvc - ok
16:53:42.0867 0x0ff4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:53:42.0944 0x0ff4 hcw85cir - ok
16:53:42.0995 0x0ff4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:53:43.0068 0x0ff4 HdAudAddService - ok
16:53:43.0108 0x0ff4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:53:43.0189 0x0ff4 HDAudBus - ok
16:53:43.0222 0x0ff4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:53:43.0265 0x0ff4 HidBatt - ok
16:53:43.0287 0x0ff4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:53:43.0330 0x0ff4 HidBth - ok
16:53:43.0344 0x0ff4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:53:43.0383 0x0ff4 HidIr - ok
16:53:43.0409 0x0ff4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:53:43.0475 0x0ff4 hidserv - ok
16:53:43.0499 0x0ff4 [ 93A55379CF5FBEE665467F7216E23282, C8E40C70128D3ED1E70B2EDD019EEEFE35C7CE8B2300EA2DE9F2C3962A555688 ] hidshim C:\Windows\system32\DRIVERS\hidshim.sys
16:53:43.0533 0x0ff4 hidshim - ok
16:53:43.0592 0x0ff4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:53:43.0663 0x0ff4 HidUsb - ok
16:53:43.0709 0x0ff4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:53:43.0766 0x0ff4 hkmsvc - ok
16:53:43.0802 0x0ff4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:53:43.0908 0x0ff4 HomeGroupListener - ok
16:53:43.0950 0x0ff4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:53:44.0035 0x0ff4 HomeGroupProvider - ok
16:53:44.0072 0x0ff4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:53:44.0106 0x0ff4 HpSAMD - ok
16:53:44.0169 0x0ff4 [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
16:53:44.0275 0x0ff4 HsfXAudioService - ok
16:53:44.0377 0x0ff4 [ 26C5D00321937E49B6BC91029947D094, 610BBA49EAB5926FBC4B7990A64A8C3E5B7634CB25A39FC4D9104DD60FA3451A ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
16:53:44.0694 0x0ff4 HSF_DPV - ok
16:53:44.0773 0x0ff4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:53:44.0856 0x0ff4 HTTP - ok
16:53:44.0911 0x0ff4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:53:44.0926 0x0ff4 hwpolicy - ok
16:53:44.0990 0x0ff4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:53:45.0071 0x0ff4 i8042prt - ok
16:53:45.0371 0x0ff4 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:53:45.0512 0x0ff4 IAANTMON - ok
16:53:45.0546 0x0ff4 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:53:45.0568 0x0ff4 iaStor - ok
16:53:45.0640 0x0ff4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:53:45.0702 0x0ff4 iaStorV - ok
16:53:45.0769 0x0ff4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:53:45.0881 0x0ff4 idsvc - ok
16:53:45.0918 0x0ff4 IEEtwCollectorService - ok
16:53:46.0188 0x0ff4 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:53:46.0554 0x0ff4 igfx - ok
16:53:46.0585 0x0ff4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:53:46.0608 0x0ff4 iirsp - ok
16:53:46.0655 0x0ff4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:53:46.0724 0x0ff4 IKEEXT - ok
16:53:46.0747 0x0ff4 IntcAzAudAddService - ok
16:53:46.0786 0x0ff4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:53:46.0806 0x0ff4 intelide - ok
16:53:46.0840 0x0ff4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:53:46.0879 0x0ff4 intelppm - ok
16:53:46.0923 0x0ff4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:53:46.0980 0x0ff4 IPBusEnum - ok
16:53:47.0046 0x0ff4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:53:47.0134 0x0ff4 IpFilterDriver - ok
16:53:47.0183 0x0ff4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:53:47.0265 0x0ff4 iphlpsvc - ok
16:53:47.0298 0x0ff4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:53:47.0325 0x0ff4 IPMIDRV - ok
16:53:47.0366 0x0ff4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:53:47.0429 0x0ff4 IPNAT - ok
16:53:47.0445 0x0ff4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:53:47.0516 0x0ff4 IRENUM - ok
16:53:47.0539 0x0ff4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:53:47.0558 0x0ff4 isapnp - ok
16:53:47.0602 0x0ff4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:53:47.0634 0x0ff4 iScsiPrt - ok
16:53:47.0675 0x0ff4 [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:53:47.0706 0x0ff4 k57nd60a - ok
16:53:47.0727 0x0ff4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:53:47.0749 0x0ff4 kbdclass - ok
16:53:47.0780 0x0ff4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:53:47.0822 0x0ff4 kbdhid - ok
16:53:47.0839 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
16:53:47.0855 0x0ff4 KeyIso - ok
16:53:47.0889 0x0ff4 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:53:47.0908 0x0ff4 KSecDD - ok
16:53:47.0930 0x0ff4 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:53:47.0949 0x0ff4 KSecPkg - ok
16:53:47.0976 0x0ff4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:53:48.0035 0x0ff4 ksthunk - ok
16:53:48.0083 0x0ff4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:53:48.0159 0x0ff4 KtmRm - ok
16:53:48.0192 0x0ff4 [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
16:53:48.0226 0x0ff4 L1E - ok
16:53:48.0253 0x0ff4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:53:48.0310 0x0ff4 LanmanServer - ok
16:53:48.0346 0x0ff4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:53:48.0403 0x0ff4 LanmanWorkstation - ok
16:53:48.0479 0x0ff4 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
16:53:48.0491 0x0ff4 lirsgt - ok
16:53:48.0516 0x0ff4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:53:48.0578 0x0ff4 lltdio - ok
16:53:48.0643 0x0ff4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:53:48.0726 0x0ff4 lltdsvc - ok
16:53:48.0753 0x0ff4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:53:48.0799 0x0ff4 lmhosts - ok
16:53:48.0843 0x0ff4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:53:48.0867 0x0ff4 LSI_FC - ok
16:53:48.0887 0x0ff4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:53:48.0913 0x0ff4 LSI_SAS - ok
16:53:48.0924 0x0ff4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:53:48.0946 0x0ff4 LSI_SAS2 - ok
16:53:48.0964 0x0ff4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:53:48.0989 0x0ff4 LSI_SCSI - ok
16:53:49.0018 0x0ff4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:53:49.0080 0x0ff4 luafv - ok
16:53:49.0118 0x0ff4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:53:49.0168 0x0ff4 Mcx2Svc - ok
16:53:49.0203 0x0ff4 [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:53:49.0249 0x0ff4 mdmxsdk - ok
16:53:49.0283 0x0ff4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:53:49.0316 0x0ff4 megasas - ok
16:53:49.0340 0x0ff4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:53:49.0373 0x0ff4 MegaSR - ok
16:53:49.0446 0x0ff4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:53:49.0493 0x0ff4 Microsoft Office Groove Audit Service - ok
16:53:49.0525 0x0ff4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:53:49.0587 0x0ff4 MMCSS - ok
16:53:49.0622 0x0ff4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:53:49.0676 0x0ff4 Modem - ok
16:53:49.0697 0x0ff4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:53:49.0737 0x0ff4 monitor - ok
16:53:49.0764 0x0ff4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:53:49.0790 0x0ff4 mouclass - ok
16:53:49.0832 0x0ff4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:53:49.0875 0x0ff4 mouhid - ok
16:53:49.0906 0x0ff4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:53:49.0923 0x0ff4 mountmgr - ok
16:53:49.0985 0x0ff4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:53:50.0028 0x0ff4 MozillaMaintenance - ok
16:53:50.0066 0x0ff4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:53:50.0095 0x0ff4 mpio - ok
16:53:50.0116 0x0ff4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:53:50.0180 0x0ff4 mpsdrv - ok
16:53:50.0237 0x0ff4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:53:50.0321 0x0ff4 MpsSvc - ok
16:53:50.0359 0x0ff4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:53:50.0419 0x0ff4 MRxDAV - ok
16:53:50.0449 0x0ff4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:53:50.0501 0x0ff4 mrxsmb - ok
16:53:50.0529 0x0ff4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:53:50.0570 0x0ff4 mrxsmb10 - ok
16:53:50.0594 0x0ff4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:53:50.0630 0x0ff4 mrxsmb20 - ok
16:53:50.0679 0x0ff4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:53:50.0706 0x0ff4 msahci - ok
16:53:50.0739 0x0ff4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:53:50.0770 0x0ff4 msdsm - ok
16:53:50.0798 0x0ff4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:53:50.0845 0x0ff4 MSDTC - ok
16:53:50.0888 0x0ff4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:53:50.0929 0x0ff4 Msfs - ok
16:53:50.0942 0x0ff4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:53:50.0997 0x0ff4 mshidkmdf - ok
16:53:51.0028 0x0ff4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:53:51.0043 0x0ff4 msisadrv - ok
16:53:51.0085 0x0ff4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:53:51.0149 0x0ff4 MSiSCSI - ok
16:53:51.0154 0x0ff4 msiserver - ok
16:53:51.0180 0x0ff4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:53:51.0238 0x0ff4 MSKSSRV - ok
16:53:51.0263 0x0ff4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:53:51.0305 0x0ff4 MSPCLOCK - ok
16:53:51.0316 0x0ff4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:53:51.0372 0x0ff4 MSPQM - ok
16:53:51.0407 0x0ff4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:53:51.0433 0x0ff4 MsRPC - ok
16:53:51.0465 0x0ff4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:53:51.0486 0x0ff4 mssmbios - ok
16:53:51.0503 0x0ff4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:53:51.0564 0x0ff4 MSTEE - ok
16:53:51.0584 0x0ff4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:53:51.0621 0x0ff4 MTConfig - ok
16:53:51.0644 0x0ff4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:53:51.0662 0x0ff4 Mup - ok
16:53:51.0687 0x0ff4 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
16:53:51.0700 0x0ff4 mwlPSDFilter - ok
16:53:51.0716 0x0ff4 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
16:53:51.0733 0x0ff4 mwlPSDNServ - ok
16:53:51.0758 0x0ff4 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
16:53:51.0777 0x0ff4 mwlPSDVDisk - ok
16:53:51.0833 0x0ff4 [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
16:53:51.0860 0x0ff4 MWLService - ok
16:53:51.0907 0x0ff4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:53:51.0980 0x0ff4 napagent - ok
16:53:52.0041 0x0ff4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:53:52.0093 0x0ff4 NativeWifiP - ok
16:53:52.0161 0x0ff4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:53:52.0199 0x0ff4 NDIS - ok
16:53:52.0229 0x0ff4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:53:52.0274 0x0ff4 NdisCap - ok
16:53:52.0294 0x0ff4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:53:52.0352 0x0ff4 NdisTapi - ok
16:53:52.0391 0x0ff4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:53:52.0445 0x0ff4 Ndisuio - ok
16:53:52.0473 0x0ff4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:53:52.0533 0x0ff4 NdisWan - ok
16:53:52.0569 0x0ff4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:53:52.0630 0x0ff4 NDProxy - ok
16:53:52.0662 0x0ff4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:53:52.0716 0x0ff4 NetBIOS - ok
16:53:52.0753 0x0ff4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:53:52.0815 0x0ff4 NetBT - ok
16:53:52.0835 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
16:53:52.0851 0x0ff4 Netlogon - ok
16:53:52.0895 0x0ff4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:53:52.0955 0x0ff4 Netman - ok
16:53:53.0046 0x0ff4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:53.0104 0x0ff4 NetMsmqActivator - ok
16:53:53.0137 0x0ff4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:53.0154 0x0ff4 NetPipeActivator - ok
16:53:53.0189 0x0ff4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:53:53.0263 0x0ff4 netprofm - ok
16:53:53.0288 0x0ff4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:53.0305 0x0ff4 NetTcpActivator - ok
16:53:53.0315 0x0ff4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:53:53.0333 0x0ff4 NetTcpPortSharing - ok
16:53:53.0363 0x0ff4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:53:53.0387 0x0ff4 nfrd960 - ok
16:53:53.0424 0x0ff4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:53:53.0459 0x0ff4 NlaSvc - ok
16:53:53.0484 0x0ff4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:53:53.0525 0x0ff4 Npfs - ok
16:53:53.0555 0x0ff4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:53:53.0608 0x0ff4 nsi - ok
16:53:53.0631 0x0ff4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:53:53.0679 0x0ff4 nsiproxy - ok
16:53:53.0779 0x0ff4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:53:53.0880 0x0ff4 Ntfs - ok
16:53:53.0967 0x0ff4 [ 14E66F603FB187713AEB02AD3B0390CF, E4025ECBEC50B85E3A860763053243C47E3FCE76F2348429C03827240A8DF3B6 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
16:53:53.0996 0x0ff4 NTI IScheduleSvc - ok
16:53:54.0055 0x0ff4 [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
16:53:54.0083 0x0ff4 NTIBackupSvc - ok
16:53:54.0113 0x0ff4 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
16:53:54.0130 0x0ff4 NTIDrvr - ok
16:53:54.0158 0x0ff4 [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
16:53:54.0211 0x0ff4 NTISchedulerSvc - ok
16:53:54.0243 0x0ff4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:53:54.0289 0x0ff4 Null - ok
16:53:54.0313 0x0ff4 [ D46FAA5D102B065610C7CD5855E9C08B, C6D6834256926FE85B7410D084AA65C6553571D67371A63B6132A40AA63A009B ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
16:53:54.0351 0x0ff4 nuvotonhidgeneric - ok
16:53:54.0428 0x0ff4 [ 6E41A4DF26340A07A489B721F9721EC1, C4CF1F9A9B51897FA91113FE41C214D7869D8C3053E8C6C5CC1A8BF3D3452EF0 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:53:54.0448 0x0ff4 NVHDA - ok
16:53:54.0913 0x0ff4 [ 24F526274353FF7BB93D99D238E582DA, 050FBD95BC1073EF366577133DF47C77088F5B935E08EE33C2A31F1AD4D41202 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:53:55.0517 0x0ff4 nvlddmkm - ok
16:53:55.0734 0x0ff4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:53:55.0771 0x0ff4 nvraid - ok
16:53:55.0799 0x0ff4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:53:55.0831 0x0ff4 nvstor - ok
16:53:55.0886 0x0ff4 [ AAD3B6F3E5B9FE1D29BF627904F6120F, 24EE5A642E1C2D3AF3F1A95F634564DED32BAE5EA97DBAC3F9D0CF97DFA9B94B ] nvsvc C:\Windows\system32\nvvsvc.exe
16:53:55.0923 0x0ff4 nvsvc - ok
16:53:55.0961 0x0ff4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:53:55.0993 0x0ff4 nv_agp - ok
16:53:56.0079 0x0ff4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:53:56.0158 0x0ff4 odserv - ok
16:53:56.0188 0x0ff4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:53:56.0220 0x0ff4 ohci1394 - ok
16:53:56.0283 0x0ff4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:53:56.0314 0x0ff4 ose - ok
16:53:56.0383 0x0ff4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:53:56.0504 0x0ff4 p2pimsvc - ok
16:53:56.0539 0x0ff4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:53:56.0598 0x0ff4 p2psvc - ok
16:53:56.0636 0x0ff4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:53:56.0661 0x0ff4 Parport - ok
16:53:56.0707 0x0ff4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:53:56.0724 0x0ff4 partmgr - ok
16:53:56.0797 0x0ff4 [ 9665402B7FA59302D520AD845DDFC026, 7FFE81F5402005FBD947A7440C12A206C58F3FDAE33F3E96987C334057CDB79E ] Partner Service C:\ProgramData\Partner\Partner.exe
16:53:56.0856 0x0ff4 Partner Service - ok
16:53:56.0916 0x0ff4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:53:56.0973 0x0ff4 PcaSvc - ok
16:53:57.0012 0x0ff4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:53:57.0048 0x0ff4 pci - ok
16:53:57.0106 0x0ff4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:53:57.0124 0x0ff4 pciide - ok
16:53:57.0156 0x0ff4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:53:57.0187 0x0ff4 pcmcia - ok
16:53:57.0207 0x0ff4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:53:57.0224 0x0ff4 pcw - ok
16:53:57.0327 0x0ff4 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
16:53:57.0467 0x0ff4 PDF Architect Helper Service - ok
16:53:57.0529 0x0ff4 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
16:53:57.0603 0x0ff4 PDF Architect Service - ok
16:53:57.0639 0x0ff4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:53:57.0739 0x0ff4 PEAUTH - ok
16:53:57.0845 0x0ff4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:53:57.0893 0x0ff4 PerfHost - ok
16:53:57.0998 0x0ff4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:53:58.0148 0x0ff4 pla - ok
16:53:58.0200 0x0ff4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:53:58.0272 0x0ff4 PlugPlay - ok
16:53:58.0292 0x0ff4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:53:58.0330 0x0ff4 PNRPAutoReg - ok
16:53:58.0360 0x0ff4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:53:58.0386 0x0ff4 PNRPsvc - ok
16:53:58.0420 0x0ff4 [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:53:58.0441 0x0ff4 Point64 - ok
16:53:58.0482 0x0ff4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:53:58.0575 0x0ff4 PolicyAgent - ok
16:53:58.0615 0x0ff4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:53:58.0669 0x0ff4 Power - ok
16:53:58.0707 0x0ff4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:53:58.0768 0x0ff4 PptpMiniport - ok
16:53:58.0811 0x0ff4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:53:58.0870 0x0ff4 Processor - ok
16:53:58.0901 0x0ff4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:53:58.0969 0x0ff4 ProfSvc - ok
16:53:58.0987 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:53:59.0003 0x0ff4 ProtectedStorage - ok
16:53:59.0034 0x0ff4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:53:59.0091 0x0ff4 Psched - ok
16:53:59.0164 0x0ff4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:53:59.0266 0x0ff4 ql2300 - ok
16:53:59.0299 0x0ff4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:53:59.0325 0x0ff4 ql40xx - ok
16:53:59.0364 0x0ff4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:53:59.0419 0x0ff4 QWAVE - ok
16:53:59.0450 0x0ff4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:53:59.0496 0x0ff4 QWAVEdrv - ok
16:53:59.0517 0x0ff4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:53:59.0575 0x0ff4 RasAcd - ok
16:53:59.0625 0x0ff4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:53:59.0684 0x0ff4 RasAgileVpn - ok
16:53:59.0707 0x0ff4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:53:59.0764 0x0ff4 RasAuto - ok
16:53:59.0792 0x0ff4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:53:59.0851 0x0ff4 Rasl2tp - ok
16:53:59.0891 0x0ff4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:53:59.0956 0x0ff4 RasMan - ok
16:53:59.0990 0x0ff4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:54:00.0049 0x0ff4 RasPppoe - ok
16:54:00.0080 0x0ff4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:54:00.0147 0x0ff4 RasSstp - ok
16:54:00.0192 0x0ff4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:54:00.0258 0x0ff4 rdbss - ok
16:54:00.0280 0x0ff4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:54:00.0320 0x0ff4 rdpbus - ok
16:54:00.0340 0x0ff4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:54:00.0393 0x0ff4 RDPCDD - ok
16:54:00.0430 0x0ff4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:54:00.0482 0x0ff4 RDPENCDD - ok
16:54:00.0527 0x0ff4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:54:00.0581 0x0ff4 RDPREFMP - ok
16:54:00.0620 0x0ff4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:54:00.0705 0x0ff4 RdpVideoMiniport - ok
16:54:00.0737 0x0ff4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:54:00.0795 0x0ff4 RDPWD - ok
16:54:00.0838 0x0ff4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:54:00.0868 0x0ff4 rdyboost - ok
16:54:00.0926 0x0ff4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:54:00.0993 0x0ff4 RemoteAccess - ok
16:54:01.0040 0x0ff4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:54:01.0150 0x0ff4 RemoteRegistry - ok
16:54:01.0194 0x0ff4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:54:01.0280 0x0ff4 RpcEptMapper - ok
16:54:01.0307 0x0ff4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:54:01.0328 0x0ff4 RpcLocator - ok
16:54:01.0373 0x0ff4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:54:01.0426 0x0ff4 RpcSs - ok
16:54:01.0479 0x0ff4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:54:01.0547 0x0ff4 rspndr - ok
16:54:01.0605 0x0ff4 [ 2DB8116D52B19216812C4E6D5D837810, 00A524FF80DE69B6B6CA767C90723E833891C006AB43E65A1F6F14C38B8F2427 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
16:54:01.0638 0x0ff4 RSUSBSTOR - ok
16:54:01.0658 0x0ff4 RtsUIR - ok
16:54:01.0672 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
16:54:01.0688 0x0ff4 SamSs - ok
16:54:01.0710 0x0ff4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:54:01.0735 0x0ff4 sbp2port - ok
16:54:01.0767 0x0ff4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:54:01.0827 0x0ff4 SCardSvr - ok
16:54:01.0853 0x0ff4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:54:01.0908 0x0ff4 scfilter - ok
16:54:01.0968 0x0ff4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:54:02.0225 0x0ff4 Schedule - ok
16:54:02.0260 0x0ff4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:54:02.0299 0x0ff4 SCPolicySvc - ok
16:54:02.0331 0x0ff4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:54:02.0411 0x0ff4 SDRSVC - ok
16:54:02.0586 0x0ff4 [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:54:02.0731 0x0ff4 SDScannerService - ok
16:54:02.0823 0x0ff4 [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:54:02.0931 0x0ff4 SDUpdateService - ok
16:54:02.0968 0x0ff4 [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:54:02.0986 0x0ff4 SDWSCService - ok
16:54:03.0010 0x0ff4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:54:03.0071 0x0ff4 secdrv - ok
16:54:03.0092 0x0ff4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:54:03.0167 0x0ff4 seclogon - ok
16:54:03.0204 0x0ff4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:54:03.0263 0x0ff4 SENS - ok
16:54:03.0287 0x0ff4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:54:03.0347 0x0ff4 SensrSvc - ok
16:54:03.0381 0x0ff4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:54:03.0410 0x0ff4 Serenum - ok
16:54:03.0432 0x0ff4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:54:03.0458 0x0ff4 Serial - ok
16:54:03.0489 0x0ff4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:54:03.0512 0x0ff4 sermouse - ok
16:54:03.0555 0x0ff4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:54:03.0613 0x0ff4 SessionEnv - ok
16:54:03.0637 0x0ff4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:54:03.0685 0x0ff4 sffdisk - ok
16:54:03.0707 0x0ff4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:54:03.0750 0x0ff4 sffp_mmc - ok
16:54:03.0763 0x0ff4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:54:03.0798 0x0ff4 sffp_sd - ok
16:54:03.0836 0x0ff4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:54:03.0878 0x0ff4 sfloppy - ok
16:54:03.0935 0x0ff4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:54:04.0066 0x0ff4 SharedAccess - ok
16:54:04.0124 0x0ff4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:54:04.0185 0x0ff4 ShellHWDetection - ok
16:54:04.0201 0x0ff4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:54:04.0223 0x0ff4 SiSRaid2 - ok
16:54:04.0242 0x0ff4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:54:04.0266 0x0ff4 SiSRaid4 - ok
16:54:04.0296 0x0ff4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:54:04.0354 0x0ff4 Smb - ok
16:54:04.0402 0x0ff4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:54:04.0449 0x0ff4 SNMPTRAP - ok
16:54:04.0488 0x0ff4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:54:04.0515 0x0ff4 spldr - ok
16:54:04.0560 0x0ff4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:54:04.0703 0x0ff4 Spooler - ok
16:54:04.0850 0x0ff4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:54:05.0074 0x0ff4 sppsvc - ok
16:54:05.0105 0x0ff4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:54:05.0173 0x0ff4 sppuinotify - ok
16:54:05.0210 0x0ff4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:54:05.0276 0x0ff4 srv - ok
16:54:05.0315 0x0ff4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:54:05.0369 0x0ff4 srv2 - ok
16:54:05.0414 0x0ff4 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:54:05.0449 0x0ff4 SrvHsfHDA - ok
16:54:05.0527 0x0ff4 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:54:05.0665 0x0ff4 SrvHsfV92 - ok
16:54:05.0713 0x0ff4 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:54:05.0812 0x0ff4 SrvHsfWinac - ok
16:54:05.0837 0x0ff4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:54:05.0871 0x0ff4 srvnet - ok
16:54:05.0908 0x0ff4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:54:05.0983 0x0ff4 SSDPSRV - ok
16:54:05.0992 0x0ff4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:54:06.0043 0x0ff4 SstpSvc - ok
16:54:06.0074 0x0ff4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:54:06.0094 0x0ff4 stexstor - ok
16:54:06.0135 0x0ff4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:54:06.0225 0x0ff4 stisvc - ok
16:54:06.0255 0x0ff4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:54:06.0282 0x0ff4 swenum - ok
16:54:06.0331 0x0ff4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:54:06.0461 0x0ff4 swprv - ok
16:54:06.0516 0x0ff4 [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:54:06.0545 0x0ff4 SynTP - ok
16:54:06.0629 0x0ff4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:54:06.0743 0x0ff4 SysMain - ok
16:54:06.0781 0x0ff4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:54:06.0830 0x0ff4 TabletInputService - ok
16:54:06.0858 0x0ff4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:54:06.0934 0x0ff4 TapiSrv - ok
16:54:06.0964 0x0ff4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:54:07.0030 0x0ff4 TBS - ok
16:54:07.0150 0x0ff4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:54:07.0262 0x0ff4 Tcpip - ok
16:54:07.0358 0x0ff4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:54:07.0419 0x0ff4 TCPIP6 - ok
16:54:07.0459 0x0ff4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:54:07.0491 0x0ff4 tcpipreg - ok
16:54:07.0530 0x0ff4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:54:07.0585 0x0ff4 TDPIPE - ok
16:54:07.0612 0x0ff4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:54:07.0641 0x0ff4 TDTCP - ok
16:54:07.0676 0x0ff4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:54:07.0723 0x0ff4 tdx - ok
16:54:07.0747 0x0ff4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:54:07.0771 0x0ff4 TermDD - ok
16:54:07.0806 0x0ff4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:54:07.0900 0x0ff4 TermService - ok
16:54:07.0936 0x0ff4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:54:07.0974 0x0ff4 Themes - ok
16:54:08.0002 0x0ff4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:54:08.0042 0x0ff4 THREADORDER - ok
16:54:08.0056 0x0ff4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:54:08.0105 0x0ff4 TrkWks - ok
16:54:08.0135 0x0ff4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:54:08.0188 0x0ff4 TrustedInstaller - ok
16:54:08.0222 0x0ff4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:54:08.0284 0x0ff4 tssecsrv - ok
16:54:08.0321 0x0ff4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:54:08.0396 0x0ff4 TsUsbFlt - ok
16:54:08.0450 0x0ff4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:54:08.0524 0x0ff4 tunnel - ok
16:54:08.0565 0x0ff4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:54:08.0588 0x0ff4 uagp35 - ok
16:54:08.0616 0x0ff4 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:54:08.0633 0x0ff4 UBHelper - ok
16:54:08.0672 0x0ff4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:54:08.0739 0x0ff4 udfs - ok
16:54:08.0770 0x0ff4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:54:08.0797 0x0ff4 UI0Detect - ok
16:54:08.0818 0x0ff4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:54:08.0840 0x0ff4 uliagpkx - ok
16:54:08.0862 0x0ff4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:54:08.0893 0x0ff4 umbus - ok
16:54:08.0929 0x0ff4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:54:08.0965 0x0ff4 UmPass - ok
16:54:09.0061 0x0ff4 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:54:09.0086 0x0ff4 Updater Service - ok
16:54:09.0130 0x0ff4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:54:09.0197 0x0ff4 upnphost - ok
16:54:09.0227 0x0ff4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:54:09.0289 0x0ff4 usbccgp - ok
16:54:09.0294 0x0ff4 USBCCID - ok
16:54:09.0341 0x0ff4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:54:09.0383 0x0ff4 usbcir - ok
16:54:09.0405 0x0ff4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:54:09.0440 0x0ff4 usbehci - ok
16:54:09.0483 0x0ff4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:54:09.0529 0x0ff4 usbhub - ok
16:54:09.0559 0x0ff4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:54:09.0599 0x0ff4 usbohci - ok
16:54:09.0630 0x0ff4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:54:09.0672 0x0ff4 usbprint - ok
16:54:09.0726 0x0ff4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:54:09.0782 0x0ff4 usbscan - ok
16:54:09.0844 0x0ff4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:54:09.0910 0x0ff4 USBSTOR - ok
16:54:09.0944 0x0ff4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:54:09.0965 0x0ff4 usbuhci - ok
16:54:09.0991 0x0ff4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:54:10.0045 0x0ff4 usbvideo - ok
16:54:10.0072 0x0ff4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:54:10.0113 0x0ff4 UxSms - ok
16:54:10.0160 0x0ff4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
16:54:10.0187 0x0ff4 VaultSvc - ok
16:54:10.0219 0x0ff4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:54:10.0235 0x0ff4 vdrvroot - ok
16:54:10.0277 0x0ff4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:54:10.0379 0x0ff4 vds - ok
16:54:10.0433 0x0ff4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:54:10.0459 0x0ff4 vga - ok
16:54:10.0486 0x0ff4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:54:10.0542 0x0ff4 VgaSave - ok
16:54:10.0590 0x0ff4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:54:10.0621 0x0ff4 vhdmp - ok
16:54:10.0663 0x0ff4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:54:10.0682 0x0ff4 viaide - ok
16:54:10.0746 0x0ff4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:54:10.0774 0x0ff4 volmgr - ok
16:54:10.0812 0x0ff4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:54:10.0838 0x0ff4 volmgrx - ok
16:54:10.0866 0x0ff4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:54:10.0890 0x0ff4 volsnap - ok
16:54:10.0918 0x0ff4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:54:10.0944 0x0ff4 vsmraid - ok
16:54:11.0042 0x0ff4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:54:11.0178 0x0ff4 VSS - ok
16:54:11.0206 0x0ff4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:54:11.0229 0x0ff4 vwifibus - ok
16:54:11.0241 0x0ff4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:54:11.0268 0x0ff4 vwififlt - ok
16:54:11.0304 0x0ff4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:54:11.0374 0x0ff4 W32Time - ok
16:54:11.0395 0x0ff4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:54:11.0426 0x0ff4 WacomPen - ok
16:54:11.0474 0x0ff4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:54:11.0578 0x0ff4 WANARP - ok
16:54:11.0589 0x0ff4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:54:11.0635 0x0ff4 Wanarpv6 - ok
16:54:11.0726 0x0ff4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:54:11.0857 0x0ff4 WatAdminSvc - ok
16:54:11.0964 0x0ff4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:54:12.0133 0x0ff4 wbengine - ok
16:54:12.0179 0x0ff4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:54:12.0239 0x0ff4 WbioSrvc - ok
16:54:12.0272 0x0ff4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:54:12.0330 0x0ff4 wcncsvc - ok
16:54:12.0348 0x0ff4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:54:12.0397 0x0ff4 WcsPlugInService - ok
16:54:12.0419 0x0ff4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:54:12.0439 0x0ff4 Wd - ok
16:54:12.0500 0x0ff4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:54:12.0553 0x0ff4 Wdf01000 - ok
16:54:12.0570 0x0ff4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:54:12.0682 0x0ff4 WdiServiceHost - ok
16:54:12.0702 0x0ff4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:54:12.0726 0x0ff4 WdiSystemHost - ok
16:54:12.0772 0x0ff4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:54:12.0809 0x0ff4 WebClient - ok
16:54:12.0852 0x0ff4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:54:12.0931 0x0ff4 Wecsvc - ok
16:54:12.0951 0x0ff4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:54:12.0993 0x0ff4 wercplsupport - ok
16:54:13.0013 0x0ff4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:54:13.0055 0x0ff4 WerSvc - ok
16:54:13.0084 0x0ff4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:54:13.0128 0x0ff4 WfpLwf - ok
16:54:13.0139 0x0ff4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:54:13.0159 0x0ff4 WIMMount - ok
16:54:13.0228 0x0ff4 [ A6EA7A3FC4B00F48535B506DB1E86EFD, B2A28C0438BA679D760FB8B68289D625CF6204DFF8000A285B5CA68417314F65 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
16:54:13.0320 0x0ff4 winachsf - ok
16:54:13.0351 0x0ff4 WinDefend - ok
16:54:13.0361 0x0ff4 WinHttpAutoProxySvc - ok
16:54:13.0423 0x0ff4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:54:13.0516 0x0ff4 Winmgmt - ok
16:54:13.0631 0x0ff4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:54:13.0820 0x0ff4 WinRM - ok
16:54:13.0886 0x0ff4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:54:13.0923 0x0ff4 WinUsb - ok
16:54:13.0983 0x0ff4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:54:14.0071 0x0ff4 Wlansvc - ok
16:54:14.0101 0x0ff4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:54:14.0121 0x0ff4 WmiAcpi - ok
16:54:14.0152 0x0ff4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:54:14.0194 0x0ff4 wmiApSrv - ok
16:54:14.0222 0x0ff4 WMPNetworkSvc - ok
16:54:14.0251 0x0ff4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:54:14.0295 0x0ff4 WPCSvc - ok
16:54:14.0330 0x0ff4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:54:14.0373 0x0ff4 WPDBusEnum - ok
16:54:14.0393 0x0ff4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:54:14.0451 0x0ff4 ws2ifsl - ok
16:54:14.0477 0x0ff4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:54:14.0509 0x0ff4 wscsvc - ok
16:54:14.0514 0x0ff4 WSearch - ok
16:54:14.0657 0x0ff4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
16:54:14.0803 0x0ff4 wuauserv - ok
16:54:14.0839 0x0ff4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:54:14.0892 0x0ff4 WudfPf - ok
16:54:14.0933 0x0ff4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:54:14.0965 0x0ff4 WUDFRd - ok
16:54:14.0985 0x0ff4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:54:15.0027 0x0ff4 wudfsvc - ok
16:54:15.0074 0x0ff4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:54:15.0157 0x0ff4 WwanSvc - ok
16:54:15.0186 0x0ff4 [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
16:54:15.0215 0x0ff4 XAudio - ok
16:54:15.0235 0x0ff4 ================ Scan global ===============================
16:54:15.0263 0x0ff4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:54:15.0296 0x0ff4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:54:15.0325 0x0ff4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:54:15.0350 0x0ff4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:54:15.0384 0x0ff4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:54:15.0394 0x0ff4 [ Global ] - ok
16:54:15.0394 0x0ff4 ================ Scan MBR ==================================
16:54:15.0413 0x0ff4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:54:15.0519 0x0ff4 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
16:54:15.0519 0x0ff4 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
16:54:25.0457 0x0ff4 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
16:54:25.0457 0x0ff4 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:54:35.0204 0x0ff4 ================ Scan VBR ==================================
16:54:35.0307 0x0ff4 [ 904C567745952755899D081D059D86AA ] \Device\Harddisk0\DR0\Partition1
16:54:35.0311 0x0ff4 \Device\Harddisk0\DR0\Partition1 - ok
16:54:35.0328 0x0ff4 [ CDCBD88920F38265637E894C20608E5C ] \Device\Harddisk0\DR0\Partition2
16:54:35.0333 0x0ff4 \Device\Harddisk0\DR0\Partition2 - ok
16:54:35.0398 0x0ff4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
16:54:35.0403 0x0ff4 Win FW state via NFP2: enabled
16:54:45.0111 0x0ff4 ============================================================
16:54:45.0111 0x0ff4 Scan finished
16:54:45.0111 0x0ff4 ============================================================
16:54:45.0132 0x00a8 Detected object count: 2
16:54:45.0132 0x00a8 Actual detected object count: 2
16:55:23.0976 0x00a8 \Device\Harddisk0\DR0\# - copied to quarantine
16:55:23.0979 0x00a8 \Device\Harddisk0\DR0 - copied to quarantine
16:55:24.0157 0x00a8 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
16:55:24.0161 0x00a8 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
16:55:24.0166 0x00a8 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
16:55:24.0170 0x00a8 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
16:55:24.0175 0x00a8 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
16:55:24.0181 0x00a8 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
16:55:24.0188 0x00a8 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
16:55:24.0194 0x00a8 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
16:55:24.0201 0x00a8 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
16:55:24.0207 0x00a8 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:55:24.0211 0x00a8 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:55:24.0217 0x00a8 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:55:24.0222 0x00a8 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:55:24.0238 0x00a8 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
16:55:24.0244 0x00a8 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
16:55:24.0250 0x00a8 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
16:55:24.0255 0x00a8 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
16:55:24.0311 0x00a8 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
16:55:24.0324 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
16:55:24.0341 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
16:55:24.0363 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
16:55:24.0384 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
16:55:24.0393 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
16:55:24.0409 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
16:55:24.0458 0x00a8 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
16:55:24.0461 0x00a8 \Device\Harddisk0\DR0 - ok
16:55:24.0784 0x00a8 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
16:55:24.0845 0x00a8 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
16:55:24.0848 0x00a8 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
16:55:24.0884 0x00a8 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
16:55:24.0888 0x00a8 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
16:55:24.0890 0x00a8 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
16:55:24.0923 0x00a8 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
16:55:24.0932 0x00a8 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
16:55:24.0937 0x00a8 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
16:55:24.0941 0x00a8 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
16:55:24.0946 0x00a8 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:55:24.0954 0x00a8 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:55:24.0963 0x00a8 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:55:24.0969 0x00a8 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:55:24.0973 0x00a8 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
16:55:24.0978 0x00a8 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
16:55:24.0982 0x00a8 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
16:55:24.0988 0x00a8 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
16:55:25.0043 0x00a8 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
16:55:25.0102 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
16:55:25.0132 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
16:55:25.0154 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
16:55:25.0170 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
16:55:25.0177 0x00a8 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
16:55:25.0200 0x00a8 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
16:55:25.0201 0x00a8 \Device\Harddisk0\DR0\TDLFS - deleted
16:55:25.0201 0x00a8 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
16:55:25.0327 0x00a8 KLMD registered as C:\Windows\system32\drivers\25123667.sys
16:55:32.0531 0x1770 Deinitialize success
|
|
14.04.2014, 20:33
| #8 |
| | BOO/TDss.O im Masterbootsektor Avira: Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 14. April 2014 17:00
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : KRISZI-PC
Versionsinformationen:
BUILD.DAT : 14.0.3.350 56624 Bytes 25.02.2014 11:41:00
AVSCAN.EXE : 14.0.3.332 1058384 Bytes 20.02.2014 10:23:19
AVSCANRC.DLL : 14.0.2.292 62008 Bytes 18.02.2014 15:12:43
LUKE.DLL : 14.0.3.336 65616 Bytes 20.02.2014 10:23:25
AVSCPLR.DLL : 14.0.3.336 124496 Bytes 20.02.2014 10:23:19
AVREG.DLL : 14.0.3.336 250448 Bytes 20.02.2014 10:23:19
avlode.dll : 14.0.3.336 544848 Bytes 20.02.2014 10:23:18
avlode.rdf : 14.0.3.38 58680 Bytes 14.03.2014 08:28:21
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:01:31
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:01:31
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:01:31
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:01:31
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:01:31
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:01:31
VBASE006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 19:56:16
VBASE007.VDF : 7.11.139.39 2048 Bytes 27.03.2014 19:56:16
VBASE008.VDF : 7.11.139.40 2048 Bytes 27.03.2014 19:56:16
VBASE009.VDF : 7.11.139.41 2048 Bytes 27.03.2014 19:56:16
VBASE010.VDF : 7.11.139.42 2048 Bytes 27.03.2014 19:56:16
VBASE011.VDF : 7.11.139.43 2048 Bytes 27.03.2014 19:56:17
VBASE012.VDF : 7.11.139.44 2048 Bytes 27.03.2014 19:56:17
VBASE013.VDF : 7.11.139.45 2048 Bytes 27.03.2014 19:56:17
VBASE014.VDF : 7.11.139.171 111104 Bytes 28.03.2014 16:02:47
VBASE015.VDF : 7.11.140.23 150016 Bytes 30.03.2014 10:39:39
VBASE016.VDF : 7.11.140.143 222720 Bytes 01.04.2014 12:28:37
VBASE017.VDF : 7.11.140.235 144384 Bytes 03.04.2014 11:25:23
VBASE018.VDF : 7.11.141.81 193536 Bytes 05.04.2014 12:49:26
VBASE019.VDF : 7.11.141.203 241152 Bytes 08.04.2014 06:28:07
VBASE020.VDF : 7.11.142.83 144896 Bytes 10.04.2014 16:34:51
VBASE021.VDF : 7.11.142.221 171008 Bytes 12.04.2014 20:07:23
VBASE022.VDF : 7.11.142.222 2048 Bytes 12.04.2014 20:07:23
VBASE023.VDF : 7.11.142.223 2048 Bytes 12.04.2014 20:07:23
VBASE024.VDF : 7.11.142.224 2048 Bytes 12.04.2014 20:07:23
VBASE025.VDF : 7.11.142.225 2048 Bytes 12.04.2014 20:07:23
VBASE026.VDF : 7.11.142.226 2048 Bytes 12.04.2014 20:07:23
VBASE027.VDF : 7.11.142.227 2048 Bytes 12.04.2014 20:07:23
VBASE028.VDF : 7.11.142.228 2048 Bytes 12.04.2014 20:07:23
VBASE029.VDF : 7.11.142.229 2048 Bytes 12.04.2014 20:07:23
VBASE030.VDF : 7.11.142.230 2048 Bytes 12.04.2014 20:07:23
VBASE031.VDF : 7.11.143.98 224256 Bytes 14.04.2014 11:09:30
Engineversion : 8.3.18.4
AEVDF.DLL : 8.3.0.4 118976 Bytes 24.03.2014 09:48:34
AESCRIPT.DLL : 8.1.4.200 528584 Bytes 10.04.2014 16:34:51
AESCN.DLL : 8.3.0.2 135360 Bytes 24.03.2014 09:48:34
AESBX.DLL : 8.2.20.6 1331575 Bytes 13.01.2014 13:51:20
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 15:58:43
AEPACK.DLL : 8.4.0.16 778440 Bytes 03.04.2014 11:25:23
AEOFFICE.DLL : 8.3.0.2 201084 Bytes 14.03.2014 08:28:20
AEHEUR.DLL : 8.1.4.1014 6664392 Bytes 10.04.2014 16:34:51
AEHELP.DLL : 8.3.0.0 274808 Bytes 11.03.2014 20:30:43
AEGEN.DLL : 8.1.7.24 442743 Bytes 11.03.2014 20:30:43
AEEXP.DLL : 8.4.1.258 512376 Bytes 14.03.2014 08:28:20
AEEMU.DLL : 8.1.3.2 393587 Bytes 30.09.2013 09:01:12
AECORE.DLL : 8.3.0.6 241864 Bytes 19.03.2014 17:08:18
AEBB.DLL : 8.1.1.4 53619 Bytes 30.09.2013 09:01:12
AVWINLL.DLL : 14.0.3.252 23608 Bytes 20.02.2014 10:23:17
AVPREF.DLL : 14.0.3.252 48696 Bytes 20.02.2014 10:23:19
AVREP.DLL : 14.0.3.252 175672 Bytes 20.02.2014 10:23:19
AVARKT.DLL : 14.0.3.336 256080 Bytes 20.02.2014 10:23:17
AVEVTLOG.DLL : 14.0.3.336 165968 Bytes 20.02.2014 10:23:18
SQLITE3.DLL : 3.7.0.1 394824 Bytes 30.09.2013 09:01:31
AVSMTP.DLL : 14.0.3.252 60472 Bytes 20.02.2014 10:23:19
NETNT.DLL : 14.0.3.252 13368 Bytes 20.02.2014 10:23:25
RCIMAGE.DLL : 14.0.3.260 4979256 Bytes 20.02.2014 10:23:17
RCTEXT.DLL : 14.0.3.282 72760 Bytes 20.02.2014 10:23:17
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Montag, 14. April 2014 17:00
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '166' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerSvc.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'GregHSRW.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'SchedulerSvc.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConversionService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDFSSvc.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDUpdSvc.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWSCSvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'ipoint.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'itype.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess '{360FEA3E-CDAF-4D1F-979D-E4A8E0E9ED8B}.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'mwlDaemon.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'PLFSetI.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerTray.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'BackupManagerTray.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'EgisUpdate.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'ArcadeDeluxeAgent.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMVService.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDTray.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNSEMAIN.EXE' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerEvent.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'CltMngSvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'cltmng.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'cltmngui.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2263' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <ACER>
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0017.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0018.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0019.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0021.dta
[FUND] Ist das Trojanische Pferd TR/Alureon.FA.74
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0017.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0018.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0019.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0021.dta
[FUND] Ist das Trojanische Pferd TR/Alureon.FA.74
Beginne mit der Desinfektion:
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0021.dta
[FUND] Ist das Trojanische Pferd TR/Alureon.FA.74
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0019.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0018.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0017.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0021.dta
[FUND] Ist das Trojanische Pferd TR/Alureon.FA.74
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0019.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0018.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0017.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
[WARNUNG] Die Datei wurde ignoriert.
C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[WARNUNG] Die Datei wurde ignoriert.
Ende des Suchlaufs: Montag, 14. April 2014 21:23
Benötigte Zeit: 2:36:07 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
33154 Verzeichnisse wurden überprüft
851722 Dateien wurden geprüft
24 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
851698 Dateien ohne Befall
8022 Archive wurden durchsucht
24 Warnungen
0 Hinweise
772247 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
15.04.2014, 12:02
| #9 |
| | BOO/TDss.O im Masterbootsektor Das mit den Logs passt schon so. Der MBR ist wieder sauber. Weiter geht es mit der Adware und den Kontrollscans. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
Besteht nun noch ein Problem? |
|
15.04.2014, 17:03
| #10 |
| | BOO/TDss.O im Masterbootsektor Hallo Das freut mich! AdwCleaner: Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 15/04/2014 um 13:51:19
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kriszi - KRISZI-PC
# Gestartet von : C:\Users\Kriszi\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : Partner Service
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Kriszi\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Kriszi\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\Kriszi\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Kriszi\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Kriszi\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Krisi\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Krisi\AppData\Local\Temp\boost_interprocess
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Kriszi\AppData\Roaming\Mozilla\Firefox\Profiles\l0idw4yg.default\prefs.js ]
[ Datei : C:\Users\Krisi\AppData\Roaming\Mozilla\Firefox\Profiles\jd544rrd.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3873 octets] - [15/04/2014 13:50:31]
AdwCleaner[S0].txt - [3510 octets] - [15/04/2014 13:51:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3570 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.04.2014 Suchlauf-Zeit: 14:38:20 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.15.05 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Kriszi Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 286595 Verstrichene Zeit: 37 Min, 48 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 56 PUP.Optional.Conduit.A, C:\Users\Krisi\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [a85846baf9072dd3d7de07115ca5c33d], PUP.Optional.SearchProtect.A, C:\Users\Kriszi\AppData\Local\Temp\nsq6BA5.exe, In Quarantäne, [926ed7294fb19967398d81a25da44ab6], PUP.Optional.SearchProtect.A, C:\Users\Kriszi\AppData\Local\Temp\nsqB16C.exe, In Quarantäne, [0cf40bf58c74f10fc60077ac837e6c94], PUP.Optional.Conduit.A, C:\Users\Kriszi\AppData\Local\Temp\utt3A88.tmp.exe, In Quarantäne, [58a8b54ba75969974ba6be58956c6d93], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsbDB14.exe, In Quarantäne, [689844bcfb05699705c1180bcf3205fb], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsc3F06.exe, In Quarantäne, [44bc5ba5bd4347b9873f998ac53c8e72], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsc42FD.exe, In Quarantäne, [f40ca060b24e5fa1e0e6170c98699a66], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsc4A4C.exe, In Quarantäne, [c838907010f0d9279f27988b05fc30d0], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd6CF9.exe, In Quarantäne, [cf31d62a3bc516ea497de83b946dd828], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsdFB3C.exe, In Quarantäne, [4bb5dd2329d7847cf9cda57e0001c43c], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nseB7FF.exe, In Quarantäne, [37c94bb5b64ab34d1aacfd26e91818e8], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsg5970.exe, In Quarantäne, [c9373ac650b008f83b8bab78a55cb14f], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsg75C7.exe, In Quarantäne, [0af6e51beb15748c9b2bec374fb20000], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh4147.exe, In Quarantäne, [679926da7789728e972fdc4745bc6799], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh4454.exe, In Quarantäne, [29d72ed2aa56e818a323ba69d72aa25e], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh5A91.exe, In Quarantäne, [df217d83ff0100007650190af11039c7], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh79A5.exe, In Quarantäne, [e31d768ab7492ad6ccfa190ad22fa060], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh7ED4.exe, In Quarantäne, [6997ac5445bb0cf45e68160d22dfcd33], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsi8615.exe, In Quarantäne, [d12f2fd1966aac54fcca55ce728fb749], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss75A1.exe, In Quarantäne, [5da323dd9d637f8109bda380b150c23e], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss8605.exe, In Quarantäne, [35cbec14758b9d638343a083eb16cd33], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss8921.exe, In Quarantäne, [808049b7af5110f07c4a3de6b34e07f9], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssE276.exe, In Quarantäne, [6c940cf423dda35d8e38998ac041d729], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsu30B6.exe, In Quarantäne, [cc345aa67789a45c10b6c45fe1209070], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsu740D.exe, In Quarantäne, [8080d52b09f755ab02c47ca7976ade22], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv50A9.exe, In Quarantäne, [5ba5cf3154acd12ffbcb81a2b84932ce], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx50E1.exe, In Quarantäne, [936dac543dc337c9efd74bd8c23f9a66], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx5796.exe, In Quarantäne, [1ae67f819868bd43c50168bbf50cb34d], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx75C0.exe, In Quarantäne, [cf313ec245bb5da3e7df1310ad5409f7], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx7746.exe, In Quarantäne, [a55b3ec2a45c17e97a4cfd2652afdd23], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxB08E.exe, In Quarantäne, [d0309a66b9479c64c7ffcc57d22fd927], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxD04D.exe, In Quarantäne, [59a77d8318e8ff017c4a2102b44db44c], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsjFF52.exe, In Quarantäne, [9868619f15eb87794a7cd44f4cb5d42c], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm1B02.exe, In Quarantäne, [03fdcc34c9370cf436903fe441c0f40c], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm1BED.exe, In Quarantäne, [b94756aa44bcaa5611b5041f5ea354ac], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsmB8E4.exe, In Quarantäne, [8b75d72922de3cc47155be65738ea45c], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsmBB06.exe, In Quarantäne, [cd33c73959a7d12f11b5859e18e9fe02], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsmFB04.exe, In Quarantäne, [06fa52ae9f613fc1ba0c83a0c43da25e], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn4C5F.exe, In Quarantäne, [ea16a45c7b8550b07e48ee35b44d47b9], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn79C6.exe, In Quarantäne, [2bd5728e758b28d812b4e24152af36ca], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxE247.exe, In Quarantäne, [fb05f10f0bf5b34d299d61c27b8606fa], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn872D.exe, In Quarantäne, [b9479b656b956b958b3bc063ca3754ac], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnAC0C.exe, In Quarantäne, [ac54619f42be07f9c50147dcc83908f8], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnBF8C.exe, In Quarantäne, [51af3dc3dc2457a9bb0b4dd6ea1736ca], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnD750.exe, In Quarantäne, [de223fc136ca68986462a18251b03dc3], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD870.exe, In Quarantäne, [758bd32dce320ff1c9fd82a145bc30d0], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD871.exe, In Quarantäne, [b947a15f956b09f7309646dd926f7987], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoE47A.exe, In Quarantäne, [07f9b54b48b8e0201fa7a47f3cc539c7], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsq7BCF.exe, In Quarantäne, [cc3404fc9d630af67d4956cda958aa56], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrDECC.exe, In Quarantäne, [a55bfb051de37e82b51164bf51b0e719], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss1E7C.exe, In Quarantäne, [31cf897725dbe61a972f4ad99b667d83], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss5AD1.exe, In Quarantäne, [07f919e7d03025db9b2b58cbcd341be5], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss6CBA.exe, In Quarantäne, [5ea2837dd72944bc8a3cc55e9a6755ab], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxD26F.exe, In Quarantäne, [6f913cc449b7b0507d49d54ed0311ae6], PUP.Optional.OpenCandy, C:\Users\Krisi\Downloads\DTLite4491-0356.exe, In Quarantäne, [b54b817f2ed2ef114b7656f03fc5ac54], PUP.Optional.DownloadSponsor, C:\Users\Krisi\Downloads\Photoscape - CHIP-Downloader.exe, In Quarantäne, [e91737c9e51b629ec3ae16e8e3209f61], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a4f5fc5bd462e946b193520264721d5f
# engine=17895
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-15 03:48:05
# local_time=2014-04-15 05:48:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 15303 17045213 8059 0
# compatibility_mode=5893 16776573 100 94 14303 149206735 0 0
# scanned=183950
# found=24
# cleaned=0
# scan_time=10098
sh=1B55A807FB047C47C0CFF49162A91BE77E50F051 ft=1 fh=4a92c2fd18962af4 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0005.dta"
sh=7C794856DA9A3D40740431C1C355324BF15F7B9F ft=1 fh=3c404436a28ba5f7 vn="a variant of Win64/Olmasco.AF trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0006.dta"
sh=8FC47002C94322D27E7CC23DE0E09366278D1FAC ft=1 fh=b59116e9ea4b609b vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0007.dta"
sh=C1537F8F8308DB428A17D8309AF853CBDDD86378 ft=1 fh=c25e6ab804e54205 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0008.dta"
sh=D5F20E8DD68BF3F2755756925DE31F78941EFD8F ft=1 fh=533da6b67824c7dc vn="a variant of Win32/Olmasco.AI trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0009.dta"
sh=BD23CFA926B0FE04CDE450F63D7BDC381D238E12 ft=1 fh=e7aec2c971424e71 vn="Win64/Olmasco.V trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0010.dta"
sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0011.dta"
sh=0052E97FFDEB7172B5306B68B008697EB61862A4 ft=1 fh=98c9107c7a5c7106 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0012.dta"
sh=3F20A1B9A9B3BD3FE2D0A633163354FAA0F88CB0 ft=1 fh=84c5424661190d94 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0018.dta"
sh=3C983AEBE1FB0416228C931D9AE55C6229E16B64 ft=1 fh=a6f0517b381dc357 vn="a variant of Win32/Kryptik.VAW trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0019.dta"
sh=A27F8552F5441F93074C353B207728CAF08E1D65 ft=1 fh=645418a7830ac699 vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0020.dta"
sh=5042BE31C99C1BC56ECD4E17F2EA9C62429D7E0B ft=1 fh=2daf6b25d34e32de vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\mbr0000\tdlfs0000\tsk0021.dta"
sh=1B55A807FB047C47C0CFF49162A91BE77E50F051 ft=1 fh=4a92c2fd18962af4 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0005.dta"
sh=7C794856DA9A3D40740431C1C355324BF15F7B9F ft=1 fh=3c404436a28ba5f7 vn="a variant of Win64/Olmasco.AF trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0006.dta"
sh=8FC47002C94322D27E7CC23DE0E09366278D1FAC ft=1 fh=b59116e9ea4b609b vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0007.dta"
sh=C1537F8F8308DB428A17D8309AF853CBDDD86378 ft=1 fh=c25e6ab804e54205 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0008.dta"
sh=D5F20E8DD68BF3F2755756925DE31F78941EFD8F ft=1 fh=533da6b67824c7dc vn="a variant of Win32/Olmasco.AI trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0009.dta"
sh=BD23CFA926B0FE04CDE450F63D7BDC381D238E12 ft=1 fh=e7aec2c971424e71 vn="Win64/Olmasco.V trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0010.dta"
sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0011.dta"
sh=0052E97FFDEB7172B5306B68B008697EB61862A4 ft=1 fh=98c9107c7a5c7106 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0012.dta"
sh=3F20A1B9A9B3BD3FE2D0A633163354FAA0F88CB0 ft=1 fh=84c5424661190d94 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0018.dta"
sh=3C983AEBE1FB0416228C931D9AE55C6229E16B64 ft=1 fh=a6f0517b381dc357 vn="a variant of Win32/Kryptik.VAW trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0019.dta"
sh=A27F8552F5441F93074C353B207728CAF08E1D65 ft=1 fh=645418a7830ac699 vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0020.dta"
sh=5042BE31C99C1BC56ECD4E17F2EA9C62429D7E0B ft=1 fh=2daf6b25d34e32de vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\14.04.2014_16.53.05\tdlfs0000\tsk0021.dta"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Kriszi (administrator) on KRISZI-PC on 15-04-2014 17:56:06
Running from C:\Users\Krisi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2013-10-11] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16334880 2009-07-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1173677339-4284917320-2175899030-1001\...\Run: [uTorrent] => C:\Users\Krisi\AppData\Roaming\uTorrent\uTorrent.exe [1141328 2013-10-11] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kriszi\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=aspire_8735&r=27361013n606l0338z1i5t49l1y84p
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deAT557
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Kriszi\AppData\Roaming\Mozilla\Firefox\Profiles\l0idw4yg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-30]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-30] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-30] (Disc Soft Ltd)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-30] ()
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-15 17:55 - 2014-04-15 17:55 - 00000000 ____D () C:\Users\Krisi\Downloads\FRST-OlderVersion
2014-04-15 14:55 - 2014-04-15 14:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:50 - 2014-04-15 14:50 - 02347384 _____ (ESET) C:\Users\Kriszi\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:47 - 2014-04-15 14:47 - 00007500 _____ () C:\Users\Kriszi\Desktop\mbam.txt
2014-04-15 14:02 - 2014-04-15 14:02 - 00003658 _____ () C:\Users\Kriszi\Desktop\AdwCleaner[S0].txt
2014-04-15 13:59 - 2014-04-15 14:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:58 - 2014-04-15 13:58 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:58 - 2014-04-15 13:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:58 - 2014-04-15 13:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-15 13:58 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:58 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:58 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:57 - 2014-04-15 13:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kriszi\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:50 - 2014-04-15 13:51 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:49 - 2014-04-15 13:49 - 01426178 _____ () C:\Users\Kriszi\Downloads\adwcleaner.exe
2014-04-14 16:55 - 2014-04-14 16:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-14 10:06 - 2014-04-14 10:06 - 00292448 _____ () C:\Users\Krisi\Desktop\Woche Praktikantenzeugnis
2014-04-14 10:05 - 2014-04-14 10:05 - 00215882 _____ () C:\Users\Krisi\Desktop\ORF Praktikantenzeugnis
2014-04-14 08:54 - 2014-04-14 08:54 - 00000000 ____D () C:\Users\Kriszi\Documents\tdsskiller
2014-04-14 08:53 - 2014-04-14 08:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Kriszi\Downloads\tdsskiller.exe
2014-04-14 08:45 - 2014-04-14 08:45 - 00000594 _____ () C:\Users\Kriszi\Desktop\MBRMastr_2014.04.14_08.45.12.txt
2014-04-14 08:45 - 2014-04-14 08:45 - 00000575 _____ () C:\Users\Kriszi\Desktop\emsi.zip
2014-04-14 08:45 - 2014-04-14 08:45 - 00000512 _____ () C:\Users\Kriszi\Desktop\emsi.mbr
2014-04-14 08:44 - 2014-04-14 08:44 - 00788728 _____ (Emsisoft GmbH) C:\Users\Kriszi\Downloads\mbrmastr.exe
2014-04-14 08:43 - 2014-04-14 08:43 - 00000000 ____D () C:\Users\Kriszi\AppData\Local\Macromedia
2014-04-14 08:41 - 2014-04-14 08:42 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\Mozilla
2014-04-14 08:41 - 2014-04-14 08:42 - 00000000 ____D () C:\Users\Kriszi\AppData\Local\Mozilla
2014-04-14 07:36 - 2014-04-14 07:42 - 00000000 ____D () C:\Users\Krisi\Desktop\Californication S07E01 HDTV x264-EXCELLENCE[ettv]
2014-04-14 07:13 - 2014-04-14 07:36 - 208949176 _____ () C:\Users\Krisi\Desktop\Californication.S07E01.HDTV.x264-EXCELLENCE.mp4
2014-04-13 16:12 - 2014-04-13 16:16 - 00029048 _____ () C:\Users\Krisi\Downloads\Addition.txt
2014-04-13 16:10 - 2014-04-15 17:56 - 00016262 _____ () C:\Users\Krisi\Downloads\FRST.txt
2014-04-13 16:03 - 2014-04-15 17:56 - 00000000 ____D () C:\FRST
2014-04-13 16:03 - 2014-04-15 17:55 - 02054144 _____ (Farbar) C:\Users\Krisi\Downloads\FRST64.exe
2014-04-13 15:59 - 2014-04-13 16:00 - 00000474 _____ () C:\Users\Krisi\Downloads\defogger_disable.log
2014-04-13 15:59 - 2014-04-13 15:59 - 00000168 _____ () C:\Users\Kriszi\defogger_reenable
2014-04-13 15:58 - 2014-04-13 15:58 - 00050477 _____ () C:\Users\Krisi\Downloads\Defogger.exe
2014-04-13 15:47 - 2014-04-13 15:47 - 00035572 _____ () C:\Users\Krisi\Desktop\Ereignisse.txt
2014-04-11 16:20 - 2014-04-11 16:34 - 182856906 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E19.HDTV.x264-LOL.mp4
2014-04-11 16:20 - 2014-04-11 16:33 - 142524325 ____R () C:\Users\Krisi\Desktop\Community.S05E12.HDTV.x264-LOL.mp4
2014-04-11 16:19 - 2014-04-11 16:19 - 00000000 ____D () C:\14bfaf1544747815d3a0499f96
2014-04-09 08:44 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 08:44 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 08:44 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 08:44 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:43 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:43 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:43 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:43 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:43 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:43 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:43 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:43 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 20:54 - 2014-04-07 20:57 - 11141230 _____ () C:\Users\Krisi\Desktop\Wahrscheinlichkeitsbsp.zip
2014-04-06 16:09 - 2014-04-06 16:09 - 01069920 _____ (Solid State Networks) C:\Users\Krisi\Downloads\install_reader11_de_mssd_aaa_aih.exe
2014-04-04 22:57 - 2014-04-04 23:01 - 178659622 ____R () C:\Users\Krisi\Desktop\Community.S05E11.HDTV.x264-LOL.mp4
2014-04-04 22:53 - 2014-04-04 22:57 - 195487158 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E18.HDTV.x264-LOL.mp4
2014-04-01 12:31 - 2014-04-01 12:49 - 421354201 ____R () C:\Users\Krisi\Desktop\How.I.Met.Your.Mother.S09E23-E24.HDTV.x264-EXCELLENCE.mp4
2014-03-31 21:32 - 2014-03-31 21:34 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development
2014-03-31 18:57 - 2014-03-31 19:10 - 00000000 ____D () C:\Users\Krisi\Desktop\Frozen (2013) [1080p]
2014-03-30 13:36 - 2014-03-30 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 13:34 - 2014-03-30 13:34 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Risen
2014-03-30 13:25 - 2014-03-30 13:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 13:25 - 2014-03-30 13:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-30 13:19 - 2014-03-30 13:19 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-03-30 12:57 - 2014-03-30 13:17 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:53 - 2014-04-15 17:42 - 00000346 _____ () C:\Windows\Tasks\Acer Registration Reminder.job
2014-03-30 12:53 - 2014-04-15 14:00 - 00003352 _____ () C:\Windows\System32\Tasks\Acer Registration Reminder
2014-03-30 12:53 - 2014-03-30 12:53 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-30 12:52 - 2014-03-30 12:52 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-30 12:51 - 2014-03-30 13:18 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-30 12:42 - 2014-03-30 12:43 - 00000000 ____D () C:\Users\Krisi\Desktop\Risen
2014-03-28 18:57 - 2014-03-28 18:57 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-28 18:21 - 2014-03-28 19:22 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-27 21:54 - 2014-03-27 22:12 - 00000000 ____D () C:\Users\Krisi\Desktop\Anchorman 2 The Legend Continues (2013)
2014-03-25 22:08 - 2014-03-25 22:08 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development Seasons 1-3
2014-03-25 13:56 - 2014-03-25 13:56 - 00000000 ____D () C:\Users\Krisi\Desktop\#switch
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-03-20 15:22 - 2014-03-20 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 14:48 - 2014-03-20 15:01 - 00000000 ____D () C:\Users\Krisi\Desktop\Aladdin (1992)
2014-03-20 14:02 - 2014-03-20 14:02 - 00000000 ____D () C:\c867c85914dd7e101d
2014-03-19 19:08 - 2014-03-19 19:12 - 133172497 ____R () C:\Users\Krisi\Desktop\The.Simpsons.S25E14.HDTV.x264-LOL.mp4
2014-03-19 13:04 - 2014-03-19 13:06 - 00000000 ____D () C:\Users\Krisi\Desktop\How I Met Your Mother S09E21 HDTV x264-EXCELLENCE[ettv]
2014-03-18 13:40 - 2014-03-18 13:40 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Room Arranger
2014-03-18 13:27 - 2014-03-20 18:02 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Room Arranger
2014-03-18 13:27 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\Documents\Room Arranger
2014-03-18 13:26 - 2014-03-28 18:58 - 00000000 ____D () C:\Program Files (x86)\Room Arranger
2014-03-18 13:26 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741 (1).exe
2014-03-18 13:25 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741.exe
2014-03-16 12:09 - 2014-03-16 12:13 - 197964391 ____R () C:\Users\Krisi\Desktop\Workaholics.S04E08.HDTV.x264-EXCELLENCE.mp4
==================== One Month Modified Files and Folders =======
2014-04-15 17:56 - 2014-04-13 16:10 - 00016262 _____ () C:\Users\Krisi\Downloads\FRST.txt
2014-04-15 17:56 - 2014-04-13 16:03 - 00000000 ____D () C:\FRST
2014-04-15 17:55 - 2014-04-15 17:55 - 00000000 ____D () C:\Users\Krisi\Downloads\FRST-OlderVersion
2014-04-15 17:55 - 2014-04-13 16:03 - 02054144 _____ (Farbar) C:\Users\Krisi\Downloads\FRST64.exe
2014-04-15 17:42 - 2014-03-30 12:53 - 00000346 _____ () C:\Windows\Tasks\Acer Registration Reminder.job
2014-04-15 17:42 - 2013-10-11 11:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 15:31 - 2013-10-11 10:15 - 01104934 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 14:55 - 2014-04-15 14:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:53 - 2013-10-11 01:57 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-04-15 14:53 - 2013-10-11 01:57 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-04-15 14:53 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 14:50 - 2014-04-15 14:50 - 02347384 _____ (ESET) C:\Users\Kriszi\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:48 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 14:48 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 14:47 - 2014-04-15 14:47 - 00007500 _____ () C:\Users\Kriszi\Desktop\mbam.txt
2014-04-15 14:46 - 2014-04-15 13:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 14:41 - 2013-10-11 11:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 14:40 - 2009-10-29 07:42 - 00929930 _____ () C:\Windows\PFRO.log
2014-04-15 14:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 14:40 - 2009-07-14 06:51 - 00073315 _____ () C:\Windows\setupact.log
2014-04-15 14:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-04-15 14:02 - 2014-04-15 14:02 - 00003658 _____ () C:\Users\Kriszi\Desktop\AdwCleaner[S0].txt
2014-04-15 14:00 - 2014-03-30 12:53 - 00003352 _____ () C:\Windows\System32\Tasks\Acer Registration Reminder
2014-04-15 13:58 - 2014-04-15 13:58 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:58 - 2014-04-15 13:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:58 - 2014-04-15 13:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-15 13:57 - 2014-04-15 13:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kriszi\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:51 - 2014-04-15 13:50 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:49 - 2014-04-15 13:49 - 01426178 _____ () C:\Users\Kriszi\Downloads\adwcleaner.exe
2014-04-15 13:47 - 2013-10-11 13:38 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\uTorrent
2014-04-15 13:10 - 2013-10-12 15:46 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\vlc
2014-04-15 10:37 - 2013-10-14 18:02 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Dropbox
2014-04-15 10:01 - 2013-10-14 18:04 - 00000000 ___RD () C:\Users\Krisi\Dropbox
2014-04-14 16:55 - 2014-04-14 16:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-14 12:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 10:07 - 2013-11-06 09:54 - 00000000 ____D () C:\Users\Krisi\Desktop\Arbeit
2014-04-14 10:06 - 2014-04-14 10:06 - 00292448 _____ () C:\Users\Krisi\Desktop\Woche Praktikantenzeugnis
2014-04-14 10:05 - 2014-04-14 10:05 - 00215882 _____ () C:\Users\Krisi\Desktop\ORF Praktikantenzeugnis
2014-04-14 08:54 - 2014-04-14 08:54 - 00000000 ____D () C:\Users\Kriszi\Documents\tdsskiller
2014-04-14 08:53 - 2014-04-14 08:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Kriszi\Downloads\tdsskiller.exe
2014-04-14 08:45 - 2014-04-14 08:45 - 00000594 _____ () C:\Users\Kriszi\Desktop\MBRMastr_2014.04.14_08.45.12.txt
2014-04-14 08:45 - 2014-04-14 08:45 - 00000575 _____ () C:\Users\Kriszi\Desktop\emsi.zip
2014-04-14 08:45 - 2014-04-14 08:45 - 00000512 _____ () C:\Users\Kriszi\Desktop\emsi.mbr
2014-04-14 08:44 - 2014-04-14 08:44 - 00788728 _____ (Emsisoft GmbH) C:\Users\Kriszi\Downloads\mbrmastr.exe
2014-04-14 08:43 - 2014-04-14 08:43 - 00000000 ____D () C:\Users\Kriszi\AppData\Local\Macromedia
2014-04-14 08:42 - 2014-04-14 08:41 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\Mozilla
2014-04-14 08:42 - 2014-04-14 08:41 - 00000000 ____D () C:\Users\Kriszi\AppData\Local\Mozilla
2014-04-14 07:42 - 2014-04-14 07:36 - 00000000 ____D () C:\Users\Krisi\Desktop\Californication S07E01 HDTV x264-EXCELLENCE[ettv]
2014-04-14 07:36 - 2014-04-14 07:13 - 208949176 _____ () C:\Users\Krisi\Desktop\Californication.S07E01.HDTV.x264-EXCELLENCE.mp4
2014-04-13 16:16 - 2014-04-13 16:12 - 00029048 _____ () C:\Users\Krisi\Downloads\Addition.txt
2014-04-13 16:00 - 2014-04-13 15:59 - 00000474 _____ () C:\Users\Krisi\Downloads\defogger_disable.log
2014-04-13 15:59 - 2014-04-13 15:59 - 00000168 _____ () C:\Users\Kriszi\defogger_reenable
2014-04-13 15:59 - 2013-10-11 10:24 - 00000000 ____D () C:\Users\Kriszi
2014-04-13 15:58 - 2014-04-13 15:58 - 00050477 _____ () C:\Users\Krisi\Downloads\Defogger.exe
2014-04-13 15:47 - 2014-04-13 15:47 - 00035572 _____ () C:\Users\Krisi\Desktop\Ereignisse.txt
2014-04-12 23:26 - 2009-10-29 07:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 16:34 - 2014-04-11 16:20 - 182856906 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E19.HDTV.x264-LOL.mp4
2014-04-11 16:33 - 2014-04-11 16:20 - 142524325 ____R () C:\Users\Krisi\Desktop\Community.S05E12.HDTV.x264-LOL.mp4
2014-04-11 16:19 - 2014-04-11 16:19 - 00000000 ____D () C:\14bfaf1544747815d3a0499f96
2014-04-11 16:19 - 2013-10-16 08:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 16:19 - 2013-10-16 08:48 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 20:57 - 2014-04-07 20:54 - 11141230 _____ () C:\Users\Krisi\Desktop\Wahrscheinlichkeitsbsp.zip
2014-04-06 16:09 - 2014-04-06 16:09 - 01069920 _____ (Solid State Networks) C:\Users\Krisi\Downloads\install_reader11_de_mssd_aaa_aih.exe
2014-04-05 11:58 - 2013-10-11 11:02 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-05 11:58 - 2013-10-11 11:02 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 23:01 - 2014-04-04 22:57 - 178659622 ____R () C:\Users\Krisi\Desktop\Community.S05E11.HDTV.x264-LOL.mp4
2014-04-04 22:57 - 2014-04-04 22:53 - 195487158 ____R () C:\Users\Krisi\Desktop\Parks.and.Recreation.S06E18.HDTV.x264-LOL.mp4
2014-04-03 09:51 - 2014-04-15 13:58 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:58 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:58 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 12:49 - 2014-04-01 12:31 - 421354201 ____R () C:\Users\Krisi\Desktop\How.I.Met.Your.Mother.S09E23-E24.HDTV.x264-EXCELLENCE.mp4
2014-03-31 21:34 - 2014-03-31 21:32 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development
2014-03-31 19:10 - 2014-03-31 18:57 - 00000000 ____D () C:\Users\Krisi\Desktop\Frozen (2013) [1080p]
2014-03-31 03:16 - 2014-04-09 08:44 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-09 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-09 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 08:44 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 21:46 - 2013-10-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 13:36 - 2014-03-30 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 13:34 - 2014-03-30 13:34 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Risen
2014-03-30 13:25 - 2014-03-30 13:25 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 13:25 - 2014-03-30 13:25 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-30 13:24 - 2013-10-11 10:41 - 00059143 _____ () C:\Windows\DirectX.log
2014-03-30 13:19 - 2014-03-30 13:19 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-03-30 13:19 - 2009-10-28 19:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-30 13:18 - 2014-03-30 12:51 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-30 13:17 - 2014-03-30 12:57 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:53 - 2014-03-30 12:53 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-30 12:52 - 2014-03-30 12:52 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Users\Kriszi\AppData\Roaming\DAEMON Tools Lite
2014-03-30 12:52 - 2014-03-30 12:52 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-30 12:47 - 2013-10-11 10:24 - 00111680 _____ () C:\Users\Kriszi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 12:46 - 2013-10-12 15:22 - 00001283 _____ () C:\Windows\wininit.ini
2014-03-30 12:46 - 2013-10-11 10:26 - 00001429 _____ () C:\Users\Kriszi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-30 12:43 - 2014-03-30 12:42 - 00000000 ____D () C:\Users\Krisi\Desktop\Risen
2014-03-28 19:23 - 2013-10-20 16:54 - 00002018 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-03-28 19:22 - 2014-03-28 18:21 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-28 18:58 - 2014-03-18 13:26 - 00000000 ____D () C:\Program Files (x86)\Room Arranger
2014-03-28 18:57 - 2014-03-28 18:57 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-28 18:22 - 2013-10-11 11:03 - 00000000 ____D () C:\Users\Krisi\AppData\Local\VirtualStore
2014-03-27 22:12 - 2014-03-27 21:54 - 00000000 ____D () C:\Users\Krisi\Desktop\Anchorman 2 The Legend Continues (2013)
2014-03-25 22:08 - 2014-03-25 22:08 - 00000000 ____D () C:\Users\Krisi\Desktop\Arrested Development Seasons 1-3
2014-03-25 13:56 - 2014-03-25 13:56 - 00000000 ____D () C:\Users\Krisi\Desktop\#switch
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-25 13:50 - 2014-03-25 13:50 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-03-20 18:02 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\AppData\Local\Room Arranger
2014-03-20 15:23 - 2014-03-20 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 15:01 - 2014-03-20 14:48 - 00000000 ____D () C:\Users\Krisi\Desktop\Aladdin (1992)
2014-03-20 14:02 - 2014-03-20 14:02 - 00000000 ____D () C:\c867c85914dd7e101d
2014-03-19 19:12 - 2014-03-19 19:08 - 133172497 ____R () C:\Users\Krisi\Desktop\The.Simpsons.S25E14.HDTV.x264-LOL.mp4
2014-03-19 13:06 - 2014-03-19 13:04 - 00000000 ____D () C:\Users\Krisi\Desktop\How I Met Your Mother S09E21 HDTV x264-EXCELLENCE[ettv]
2014-03-18 13:40 - 2014-03-18 13:40 - 00000000 ____D () C:\Users\Krisi\AppData\Roaming\Room Arranger
2014-03-18 13:27 - 2014-03-18 13:27 - 00000000 ____D () C:\Users\Krisi\Documents\Room Arranger
2014-03-18 13:26 - 2014-03-18 13:26 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741 (1).exe
2014-03-18 13:26 - 2014-03-18 13:25 - 09664064 _____ () C:\Users\Krisi\Downloads\rooarr741.exe
2014-03-16 12:13 - 2014-03-16 12:09 - 197964391 ____R () C:\Users\Krisi\Desktop\Workaholics.S04E08.HDTV.x264-EXCELLENCE.mp4
2014-03-16 12:08 - 2014-03-04 15:32 - 00000000 ____D () C:\Users\Krisi\Desktop\Dr.Who Seasons 1-7
Some content of TEMP:
====================
C:\Users\Krisi\AppData\Local\Temp\avgnt.exe
C:\Users\Krisi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Kriszi\AppData\Local\Temp\AskSLib.dll
C:\Users\Kriszi\AppData\Local\Temp\avgnt.exe
C:\Users\Kriszi\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Kriszi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Kriszi\AppData\Local\Temp\pyl3956.tmp.exe
C:\Users\Kriszi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 08:28
==================== End Of Log ============================
Heißt das ich bin wieder clean? Ganz ganz liebe Grüße |
|
16.04.2014, 10:27
| #11 |
| | BOO/TDss.O im Masterbootsektor Ja, das heißt es. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Updates Öffne bitte mit beiden Browsern Adobe - Adobe Flash Player installieren und lade dir die neueste Version herunter. Entferne beim installieren den Haken bei McAfee Security Plus. Wenn du zufrieden bist, kannst du mir hier gerne danken. Ich sehe in deinen Logs nichts gefährliches mehr. Cleanup Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Die Reihenfolge ist hier entscheidend.
Tipps  Welches Antiviren-Programm soll ich nehmen?Es gibt kein Antiviren-Programm, dass alle Schädlinge findet und du kannst dich nicht 100%-ig auf das Programm verlassen. Es hängt immer noch von deinem Verhalten ab. Mit dem richtigen Verhalten schützt du dich am besten davor, dass du überhaupt infiziert wirst.
Nutze immer nur ein Antiviren Programm, da mehrere sich gegenseitig blockieren werden und es somit mehr schadet, als es nutzt. Falls du mehr als einen installiert hast, entscheide dich für einen von denen und deinstalliere die anderen. Halte außerdem dein Antiviren-Programm immer aktuell, denn durch eine veraltete Datenbank kann das Programm die neuen Infektionen nicht finden.
Zusätzlich zu deinem Antiviren-Programm kannst du kannst auch regelmäßig einen On-Demand Scanner laufen lassen um dir eine zweite Meinung zu holen. Ein On-Demand Scanner läuft im Gegensatz zu einem normalem Antiviren-Programm nicht ständig mit sondern nur wenn du ihm sagst, dass er das System scannen soll.
Was sollte ich vor dem Runterladen beachten?
Sonstige Tipps
Wenn du das Trojaner-Board unterstützten willst, kannst du gerne Spenden. Ich wünsche dir noch eine schöne Zeit. |
|
17.04.2014, 21:58
| #12 |
| | BOO/TDss.O im Masterbootsektor Vielen, vielen Dank |
|
Linear-Darstellung
