| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe auf Link in Phishing Mail geklickt.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.09.2014, 21:28
| #1 |
 |  Habe auf Link in Phishing Mail geklickt. Hallo, ich habe vor wenigen Tagen ein Spiel online gekauft. Heute kam dann eine Mail, auf denen was von Zahlungsschwierigkeiten stand. Ich sollte doch das ganze verifizieren. Da das alles so gut passte, habe ich Depp auf den Link in der Mail geklickt. Der führte zu eine leeren (?) Domain. Da erst wurde ich misstrauisch und habe mich mit dem Support von dem Spieleladen in Verbindung gesetzt. Die meinten, es wäre eine Phishing-Mail, ich sollte einen Virenscan machen und mein Mail Passort ändern. Ich habe das System mit Avira Antivirus, Micorosoft Defender und Avira PC Cleaner gescannt. Gefunden wurde nichts. Aber ein gutes Gefühl habe ich da nicht. Kann ich noch tiefergehend suchen? Vielen Dank für Eure Hilfe! |
|
26.09.2014, 21:40
| #2 |
| /// the machine /// TB-Ausbilder    | Habe auf Link in Phishing Mail geklickt. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
27.09.2014, 15:19
| #3 |
| | Habe auf Link in Phishing Mail geklickt. Hallo Schrauber,
__________________hier die Ergebnisse: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by Bellschuh (administrator) on FATMAN4 on 27-09-2014 16:14:31
Running from C:\Users\Bellschuh\Downloads
Loaded Profile: Bellschuh (Available profiles: Bellschuh & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-08-22] (APN)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3629220902-2211534231-193797327-1000\...\MountPoints2: {952065ce-6a16-11e3-a72c-806e6f6e6963} - G:\Run.exe
HKU\S-1-5-21-3629220902-2211534231-193797327-1000\...\MountPoints2: {d49c8155-6a19-11e3-b8d8-806e6f6e6963} - F:\autoplay.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x901BDF4535FECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bellschuh\AppData\Roaming\Mozilla\Firefox\Profiles\k5lc1pa6.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Bellschuh\AppData\Roaming\Mozilla\Firefox\Profiles\k5lc1pa6.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Bellschuh\AppData\Roaming\Mozilla\Firefox\Profiles\k5lc1pa6.default\Extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi [2014-02-21]
FF Extension: Image Zoom - C:\Users\Bellschuh\AppData\Roaming\Mozilla\Firefox\Profiles\k5lc1pa6.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2013-12-27]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-08-22] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-02] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-27 16:14 - 2014-09-27 16:14 - 00013864 _____ () C:\Users\Bellschuh\Downloads\FRST.txt
2014-09-27 16:14 - 2014-09-27 16:14 - 00000000 ____D () C:\FRST
2014-09-27 16:13 - 2014-09-27 16:13 - 02108928 _____ (Farbar) C:\Users\Bellschuh\Downloads\FRST64.exe
2014-09-24 20:48 - 2014-09-24 20:48 - 00081200 _____ () C:\Users\Bellschuh\Downloads\No Leader Deathdate Mod.zip
2014-09-24 09:35 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:35 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 20:48 - 2014-09-23 20:48 - 00000000 ____D () C:\Users\Bellschuh\Documents\Stronghold Crusader 2
2014-09-23 16:17 - 2014-09-23 16:17 - 00000209 _____ () C:\Users\Bellschuh\Desktop\Stronghold Crusader 2.url
2014-09-20 14:01 - 2014-09-20 14:01 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-20 14:01 - 2014-09-17 04:10 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-20 14:01 - 2014-09-17 04:10 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-20 13:59 - 2014-09-14 01:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-20 13:59 - 2014-09-04 21:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-20 13:59 - 2014-09-04 21:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-20 13:58 - 2014-09-14 01:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-20 13:58 - 2014-09-14 01:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-20 13:52 - 2014-09-20 13:55 - 319671744 _____ (NVIDIA Corporation) C:\Users\Bellschuh\Downloads\344.11-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-09-10 19:28 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 19:28 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 19:28 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 19:28 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 19:28 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 19:28 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 19:28 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 19:28 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 19:28 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 19:28 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 19:28 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 19:28 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 19:28 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 19:28 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 19:28 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 19:28 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 19:28 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 19:28 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 19:28 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 19:28 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 19:28 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 19:28 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 19:28 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 19:28 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 19:28 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 19:28 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 19:28 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 19:28 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 19:28 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 19:28 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 19:28 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 19:28 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 19:28 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 19:28 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 19:28 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 19:28 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 19:28 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 19:28 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 19:28 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 19:28 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 19:28 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 19:28 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 19:28 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 19:28 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 19:28 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 19:28 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 19:28 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 19:28 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 19:28 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 19:28 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 19:28 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 19:28 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 19:28 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 19:28 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 19:28 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 19:28 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 19:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 19:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 13:23 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 13:23 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 13:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 13:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 13:23 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 13:23 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 13:23 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 13:23 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 13:23 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 13:23 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 13:23 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:15 - 2014-09-10 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-10 09:12 - 2014-09-11 21:20 - 00000000 ____D () C:\Users\Christine\Desktop\Bäckerei Kolb
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-02 14:14 - 2014-09-02 14:14 - 00000000 ____D () C:\Users\Bellschuh\AppData\Local\Adobe
2014-08-28 16:20 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:20 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:20 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-27 16:14 - 2013-12-21 10:09 - 01513529 _____ () C:\Windows\WindowsUpdate.log
2014-09-27 16:12 - 2013-12-21 10:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-27 16:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 16:11 - 2009-07-14 06:51 - 00130808 _____ () C:\Windows\setupact.log
2014-09-27 01:11 - 2013-12-22 02:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-27 00:46 - 2013-12-21 10:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-26 20:24 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-26 20:24 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-26 20:22 - 2009-07-14 19:58 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-09-26 20:22 - 2009-07-14 19:58 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-09-26 20:22 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 23:01 - 2014-05-11 10:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:01 - 2013-12-22 02:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 09:12 - 2013-12-27 14:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-24 08:49 - 2013-12-26 19:09 - 00000000 ____D () C:\Users\Bellschuh\AppData\Roaming\vlc
2014-09-23 22:11 - 2013-12-22 02:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 22:11 - 2013-12-22 02:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 22:11 - 2013-12-22 02:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:46 - 2013-12-26 18:46 - 00495761 _____ () C:\Windows\DirectX.log
2014-09-21 08:56 - 2014-01-22 20:23 - 00000000 ____D () C:\Users\Christine\AppData\Local\NVIDIA Corporation
2014-09-20 14:01 - 2014-01-17 16:19 - 00000000 ____D () C:\Users\Bellschuh\AppData\Local\NVIDIA Corporation
2014-09-20 14:01 - 2014-01-17 16:17 - 00001347 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-09-20 14:01 - 2014-01-17 16:16 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-20 14:01 - 2014-01-17 16:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-20 14:00 - 2014-01-17 16:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-20 13:59 - 2013-12-21 10:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-20 13:57 - 2014-04-09 13:43 - 00000000 ____D () C:\Users\Bellschuh\Downloads\Neuer Ordner (4)
2014-09-18 15:54 - 2014-01-05 17:09 - 00000000 ____D () C:\Users\Bellschuh\AppData\Roaming\Skype
2014-09-17 04:10 - 2014-01-17 16:17 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-17 04:10 - 2014-01-17 16:17 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-16 21:28 - 2014-01-18 19:00 - 00000000 ____D () C:\Users\Bellschuh\Documents\Assassin's Creed IV Black Flag
2014-09-15 09:06 - 2013-12-21 10:25 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 19:29 - 2014-04-22 18:41 - 00010240 _____ () C:\Users\Bellschuh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-14 01:48 - 2014-04-09 13:45 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-14 01:48 - 2014-04-09 13:45 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-14 01:48 - 2014-04-09 13:45 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-14 01:48 - 2014-01-17 16:16 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-14 01:48 - 2014-01-17 16:16 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-14 01:48 - 2014-01-17 16:16 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-14 01:48 - 2014-01-17 16:16 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 23:53 - 2014-01-17 16:16 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 23:53 - 2014-01-17 16:16 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 23:53 - 2014-01-17 16:16 - 02557640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-13 23:53 - 2014-01-17 16:16 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 23:53 - 2014-01-17 16:16 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 23:53 - 2014-01-17 16:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-11 17:37 - 2014-01-17 16:16 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-10 19:28 - 2013-12-21 10:15 - 01597378 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 19:27 - 2013-12-21 11:18 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 19:27 - 2013-12-21 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 19:26 - 2014-05-08 23:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 09:16 - 2014-08-18 21:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 09:15 - 2014-08-18 21:01 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-10 09:15 - 2013-12-26 18:22 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-07 11:56 - 2014-03-29 16:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-07 11:56 - 2014-01-05 17:09 - 00000000 ____D () C:\ProgramData\Skype
2014-09-04 21:14 - 2014-01-17 16:16 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-08-31 12:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-31 00:46 - 2014-07-02 16:56 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-31 00:46 - 2014-01-18 19:00 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-28 21:35 - 2009-07-14 06:45 - 00411240 _____ () C:\Windows\system32\FNTCACHE.DAT
Some content of TEMP:
====================
C:\Users\Bellschuh\AppData\Local\Temp\avgnt.exe
C:\Users\Bellschuh\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Bellschuh\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\Bellschuh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxgmjqe.dll
C:\Users\Bellschuh\AppData\Local\Temp\MP3_German_Launcher_1_27_0_0.exe
C:\Users\Bellschuh\AppData\Local\Temp\Quarantine.exe
C:\Users\Bellschuh\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Christine\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 23:33
==================== End Of Log ============================
und: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014
Ran by Bellschuh at 2014-09-27 16:14:48
Running from C:\Users\Bellschuh\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C1002}) (Version: 12.16.2.2041 - APN, LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
everpixx 6.7 (HKLM-x32\...\{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1) (Version: - everpixx)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Geeks3D FurMark 1.12.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Hearts of Iron 2 (HKLM-x32\...\{98786147-80E3-41A5-A80C-1F3C028558CF}) (Version: - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301031}) (Version: 7.02.9753 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Pharao (HKLM-x32\...\Pharao) (Version: - )
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.2 - Samsung Electronics)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version: - FireFly Studios)
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0003 - Firefly Studios)
Supreme Commander - Forged Alliance (HKCU\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3629220902-2211534231-193797327-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3629220902-2211534231-193797327-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3629220902-2211534231-193797327-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3629220902-2211534231-193797327-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3629220902-2211534231-193797327-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bellschuh\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-09-2014 18:23:37 Windows Update
20-09-2014 12:01:31 DirectX wurde installiert
23-09-2014 13:35:17 Windows Update
23-09-2014 18:45:59 DirectX wurde installiert
23-09-2014 18:46:27 Microsoft Visual C++ 2005 Redistributable wird installiert
24-09-2014 14:02:45 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {6921B1D1-EBC3-46FF-B7DC-37BFD9196669} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {DBA0D0F9-8EBE-4C46-84AF-0652E938F06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {EA39F7AA-6CC8-4821-8713-924C058F5ACB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-17 16:16 - 2014-09-13 23:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-18 19:00 - 2014-07-02 16:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-18 21:01 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Bellschuh\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-11 10:29 - 2014-09-24 23:01 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 09:12 - 2014-09-10 09:12 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2013-12-26 17:46 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Bellschuh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Bellschuh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
========================= Accounts: ==========================
Administrator (S-1-5-21-3629220902-2211534231-193797327-500 - Administrator - Disabled)
Bellschuh (S-1-5-21-3629220902-2211534231-193797327-1000 - Administrator - Enabled) => C:\Users\Bellschuh
Christine (S-1-5-21-3629220902-2211534231-193797327-1003 - Limited - Enabled) => C:\Users\Christine
Gast (S-1-5-21-3629220902-2211534231-193797327-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3629220902-2211534231-193797327-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/26/2014 11:34:09 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (09/25/2014 06:00:24 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (09/24/2014 02:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Name des fehlerhaften Moduls: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014f42
ID des fehlerhaften Prozesses: 0x11b0
Startzeit der fehlerhaften Anwendung: 0xHoI2.exe0
Pfad der fehlerhaften Anwendung: HoI2.exe1
Pfad des fehlerhaften Moduls: HoI2.exe2
Berichtskennung: HoI2.exe3
Error: (09/24/2014 02:43:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Name des fehlerhaften Moduls: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014f42
ID des fehlerhaften Prozesses: 0x1364
Startzeit der fehlerhaften Anwendung: 0xHoI2.exe0
Pfad der fehlerhaften Anwendung: HoI2.exe1
Pfad des fehlerhaften Moduls: HoI2.exe2
Berichtskennung: HoI2.exe3
Error: (09/24/2014 02:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Name des fehlerhaften Moduls: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014f42
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xHoI2.exe0
Pfad der fehlerhaften Anwendung: HoI2.exe1
Pfad des fehlerhaften Moduls: HoI2.exe2
Berichtskennung: HoI2.exe3
Error: (09/24/2014 11:36:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Name des fehlerhaften Moduls: HoI2.exe, Version: 1.0.0.1, Zeitstempel: 0x437b00a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014f42
ID des fehlerhaften Prozesses: 0x14f8
Startzeit der fehlerhaften Anwendung: 0xHoI2.exe0
Pfad der fehlerhaften Anwendung: HoI2.exe1
Pfad des fehlerhaften Moduls: HoI2.exe2
Berichtskennung: HoI2.exe3
Error: (09/24/2014 09:52:34 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (09/24/2014 09:12:14 AM) (Source: MsiInstaller) (EventID: 1024) (User: Fatman4)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/23/2014 04:36:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (09/21/2014 00:36:48 PM) (Source: MsiInstaller) (EventID: 1024) (User: Fatman4)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
System errors:
=============
Error: (09/27/2014 04:11:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/26/2014 08:17:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/26/2014 02:03:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/25/2014 05:30:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/25/2014 09:14:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/24/2014 08:32:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/24/2014 06:42:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (09/24/2014 08:47:00 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (09/24/2014 08:47:00 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (09/24/2014 08:46:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Microsoft Office Sessions:
=========================
Error: (04/25/2014 07:24:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 8136.66 MB
Available physical RAM: 5862.77 MB
Total Pagefile: 16271.49 MB
Available Pagefile: 13932.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.66 GB) (Free:48.51 GB) NTFS
Drive d: () (Fixed) (Total:465.66 GB) (Free:304.75 GB) NTFS
Drive e: (Tine) (Fixed) (Total:74.53 GB) (Free:68.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BC4C1BB4)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 40BE40BE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 74.5 GB) (Disk ID: 05B032AC)
Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
28.09.2014, 09:44
| #4 |
| /// the machine /// TB-Ausbilder | Habe auf Link in Phishing Mail geklickt. hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.09.2014, 09:51
| #5 |
| | Habe auf Link in Phishing Mail geklickt. Hallo Schrauber, das Programm hat nichts gefunden. Hier der Inhalt des Logs: Code:
ATTFilter 10:47:36.0336 0x1238 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:47:36.0336 0x1238 UEFI system
10:47:40.0002 0x1238 ============================================================
10:47:40.0002 0x1238 Current date / time: 2014/09/28 10:47:40.0002
10:47:40.0002 0x1238 SystemInfo:
10:47:40.0002 0x1238
10:47:40.0002 0x1238 OS Version: 6.1.7601 ServicePack: 1.0
10:47:40.0002 0x1238 Product type: Workstation
10:47:40.0002 0x1238 ComputerName: FATMAN4
10:47:40.0002 0x1238 UserName: Bellschuh
10:47:40.0002 0x1238 Windows directory: C:\Windows
10:47:40.0002 0x1238 System windows directory: C:\Windows
10:47:40.0002 0x1238 Running under WOW64
10:47:40.0002 0x1238 Processor architecture: Intel x64
10:47:40.0002 0x1238 Number of processors: 4
10:47:40.0002 0x1238 Page size: 0x1000
10:47:40.0002 0x1238 Boot type: Normal boot
10:47:40.0002 0x1238 ============================================================
10:47:41.0375 0x1238 KLMD registered as C:\Windows\system32\drivers\57397359.sys
10:47:41.0468 0x1238 System UUID: {17A01F90-F8A6-A43C-D30D-71244815BCD4}
10:47:41.0702 0x1238 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:47:41.0702 0x1238 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:47:41.0702 0x1238 Drive \Device\Harddisk2\DR2 - Size: 0x12A1E0DE00 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:47:41.0718 0x1238 ============================================================
10:47:41.0718 0x1238 \Device\Harddisk0\DR0:
10:47:41.0718 0x1238 GPT partitions:
10:47:41.0718 0x1238 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3AD20B60-CF7A-4504-B971-615893AF0745}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
10:47:41.0718 0x1238 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {56A93815-9131-4291-A461-2DCF1F355E64}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
10:47:41.0718 0x1238 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE493834-C81F-4B3A-A589-54BEFD443817}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D152800
10:47:41.0718 0x1238 MBR partitions:
10:47:41.0718 0x1238 \Device\Harddisk1\DR1:
10:47:41.0718 0x1238 MBR partitions:
10:47:41.0718 0x1238 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:47:41.0718 0x1238 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
10:47:41.0718 0x1238 \Device\Harddisk2\DR2:
10:47:41.0718 0x1238 MBR partitions:
10:47:41.0718 0x1238 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E000
10:47:41.0718 0x1238 ============================================================
10:47:41.0718 0x1238 C: <-> \Device\Harddisk0\DR0\Partition3
10:47:41.0765 0x1238 D: <-> \Device\Harddisk1\DR1\Partition2
10:47:41.0765 0x1238 E: <-> \Device\Harddisk2\DR2\Partition1
10:47:41.0765 0x1238 ============================================================
10:47:41.0765 0x1238 Initialize success
10:47:41.0765 0x1238 ============================================================
10:48:07.0333 0x0b14 ============================================================
10:48:07.0333 0x0b14 Scan started
10:48:07.0333 0x0b14 Mode: Manual; SigCheck; TDLFS;
10:48:07.0333 0x0b14 ============================================================
10:48:07.0333 0x0b14 KSN ping started
10:48:15.0211 0x0b14 KSN ping finished: true
10:48:15.0429 0x0b14 ================ Scan system memory ========================
10:48:15.0429 0x0b14 System memory - ok
10:48:15.0429 0x0b14 ================ Scan services =============================
10:48:15.0461 0x0b14 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:48:15.0523 0x0b14 1394ohci - ok
10:48:15.0539 0x0b14 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:48:15.0554 0x0b14 ACPI - ok
10:48:15.0554 0x0b14 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:48:15.0570 0x0b14 AcpiPmi - ok
10:48:15.0570 0x0b14 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:48:15.0570 0x0b14 AdobeARMservice - ok
10:48:15.0601 0x0b14 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:48:15.0617 0x0b14 AdobeFlashPlayerUpdateSvc - ok
10:48:15.0617 0x0b14 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:48:15.0632 0x0b14 adp94xx - ok
10:48:15.0648 0x0b14 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:48:15.0663 0x0b14 adpahci - ok
10:48:15.0663 0x0b14 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:48:15.0679 0x0b14 adpu320 - ok
10:48:15.0679 0x0b14 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:48:15.0710 0x0b14 AeLookupSvc - ok
10:48:15.0726 0x0b14 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:48:15.0741 0x0b14 AFD - ok
10:48:15.0741 0x0b14 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:48:15.0757 0x0b14 agp440 - ok
10:48:15.0757 0x0b14 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:48:15.0773 0x0b14 ALG - ok
10:48:15.0773 0x0b14 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:48:15.0773 0x0b14 aliide - ok
10:48:15.0788 0x0b14 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:48:15.0788 0x0b14 amdide - ok
10:48:15.0788 0x0b14 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:48:15.0804 0x0b14 AmdK8 - ok
10:48:15.0804 0x0b14 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:48:15.0819 0x0b14 AmdPPM - ok
10:48:15.0819 0x0b14 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:48:15.0835 0x0b14 amdsata - ok
10:48:15.0835 0x0b14 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:48:15.0835 0x0b14 amdsbs - ok
10:48:15.0851 0x0b14 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:48:15.0851 0x0b14 amdxata - ok
10:48:15.0866 0x0b14 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:48:15.0866 0x0b14 AntiVirSchedulerService - ok
10:48:15.0882 0x0b14 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:48:15.0882 0x0b14 AntiVirService - ok
10:48:15.0913 0x0b14 [ CA9E51B4456B64A92FE60A592EE7DE61, 358B95623C8577A158D789FB03910ECB86EE746031C78EC97A6A8EE9A5B0086B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:48:15.0929 0x0b14 AntiVirWebService - ok
10:48:15.0929 0x0b14 [ 454FC6D15AB10D13DD822777D44E158A, 49703F5004FC10FAC75B01C533ED51BF143D3F40D6E979A357CD47256906A030 ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
10:48:15.0944 0x0b14 APNMCP - ok
10:48:15.0944 0x0b14 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:48:15.0991 0x0b14 AppID - ok
10:48:15.0991 0x0b14 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:48:16.0022 0x0b14 AppIDSvc - ok
10:48:16.0022 0x0b14 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:48:16.0022 0x0b14 Appinfo - ok
10:48:16.0022 0x0b14 [ 1C726705935E89FD59E652E4F09148D0, 5D72DB5C493ED48ACBD1A520283C7B16E656FB1E8B00885696C79A09FC37487D ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
10:48:16.0194 0x0b14 AppleCharger - ok
10:48:16.0194 0x0b14 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
10:48:16.0209 0x0b14 AppleChargerSrv - ok
10:48:16.0209 0x0b14 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:48:16.0225 0x0b14 arc - ok
10:48:16.0225 0x0b14 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:48:16.0241 0x0b14 arcsas - ok
10:48:16.0241 0x0b14 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:48:16.0256 0x0b14 aspnet_state - ok
10:48:16.0256 0x0b14 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:48:16.0287 0x0b14 AsyncMac - ok
10:48:16.0287 0x0b14 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:48:16.0287 0x0b14 atapi - ok
10:48:16.0303 0x0b14 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:48:16.0334 0x0b14 AudioEndpointBuilder - ok
10:48:16.0350 0x0b14 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:48:16.0365 0x0b14 AudioSrv - ok
10:48:16.0381 0x0b14 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:48:16.0381 0x0b14 avgntflt - ok
10:48:16.0381 0x0b14 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:48:16.0397 0x0b14 avipbb - ok
10:48:16.0397 0x0b14 [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:48:16.0412 0x0b14 Avira.OE.ServiceHost - ok
10:48:16.0412 0x0b14 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:48:16.0412 0x0b14 avkmgr - ok
10:48:16.0428 0x0b14 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:48:16.0443 0x0b14 AxInstSV - ok
10:48:16.0443 0x0b14 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:48:16.0459 0x0b14 b06bdrv - ok
10:48:16.0475 0x0b14 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:48:16.0475 0x0b14 b57nd60a - ok
10:48:16.0490 0x0b14 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:48:16.0506 0x0b14 BDESVC - ok
10:48:16.0506 0x0b14 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:48:16.0521 0x0b14 Beep - ok
10:48:16.0553 0x0b14 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:48:16.0615 0x0b14 BFE - ok
10:48:16.0631 0x0b14 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:48:16.0677 0x0b14 BITS - ok
10:48:16.0677 0x0b14 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:48:16.0693 0x0b14 blbdrive - ok
10:48:16.0693 0x0b14 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:48:16.0709 0x0b14 bowser - ok
10:48:16.0709 0x0b14 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:48:16.0724 0x0b14 BrFiltLo - ok
10:48:16.0724 0x0b14 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:48:16.0740 0x0b14 BrFiltUp - ok
10:48:16.0740 0x0b14 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:48:16.0755 0x0b14 Browser - ok
10:48:16.0771 0x0b14 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:48:16.0787 0x0b14 Brserid - ok
10:48:16.0787 0x0b14 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:48:16.0802 0x0b14 BrSerWdm - ok
10:48:16.0802 0x0b14 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:48:16.0818 0x0b14 BrUsbMdm - ok
10:48:16.0818 0x0b14 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:48:16.0833 0x0b14 BrUsbSer - ok
10:48:16.0833 0x0b14 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:48:16.0849 0x0b14 BTHMODEM - ok
10:48:16.0849 0x0b14 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:48:16.0880 0x0b14 bthserv - ok
10:48:16.0880 0x0b14 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:48:16.0911 0x0b14 cdfs - ok
10:48:16.0911 0x0b14 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:48:16.0927 0x0b14 cdrom - ok
10:48:16.0927 0x0b14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:48:16.0943 0x0b14 CertPropSvc - ok
10:48:16.0943 0x0b14 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:48:16.0958 0x0b14 circlass - ok
10:48:16.0974 0x0b14 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:48:16.0989 0x0b14 CLFS - ok
10:48:16.0989 0x0b14 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:48:17.0005 0x0b14 clr_optimization_v2.0.50727_32 - ok
10:48:17.0005 0x0b14 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:48:17.0021 0x0b14 clr_optimization_v2.0.50727_64 - ok
10:48:17.0021 0x0b14 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:48:17.0036 0x0b14 clr_optimization_v4.0.30319_32 - ok
10:48:17.0052 0x0b14 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:48:17.0052 0x0b14 clr_optimization_v4.0.30319_64 - ok
10:48:17.0067 0x0b14 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:48:17.0067 0x0b14 CmBatt - ok
10:48:17.0067 0x0b14 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:48:17.0083 0x0b14 cmdide - ok
10:48:17.0083 0x0b14 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:48:17.0099 0x0b14 CNG - ok
10:48:17.0114 0x0b14 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:48:17.0114 0x0b14 Compbatt - ok
10:48:17.0114 0x0b14 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:48:17.0130 0x0b14 CompositeBus - ok
10:48:17.0130 0x0b14 COMSysApp - ok
10:48:17.0161 0x0b14 [ 3A92DDB2F7B7FE2E71AA1418804EBC3C, 1B84033A6DDB9D371AC34F8D65AB0F729E8A77B0D26C8DCA0965CE265474BD64 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:48:17.0177 0x0b14 cphs - ok
10:48:17.0177 0x0b14 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:48:17.0177 0x0b14 crcdisk - ok
10:48:17.0177 0x0b14 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:48:17.0192 0x0b14 CryptSvc - ok
10:48:17.0208 0x0b14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:48:17.0239 0x0b14 DcomLaunch - ok
10:48:17.0239 0x0b14 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:48:17.0270 0x0b14 defragsvc - ok
10:48:17.0270 0x0b14 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:48:17.0301 0x0b14 DfsC - ok
10:48:17.0301 0x0b14 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:48:17.0317 0x0b14 Dhcp - ok
10:48:17.0317 0x0b14 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:48:17.0348 0x0b14 discache - ok
10:48:17.0348 0x0b14 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:48:17.0348 0x0b14 Disk - ok
10:48:17.0364 0x0b14 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:48:17.0379 0x0b14 Dnscache - ok
10:48:17.0379 0x0b14 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:48:17.0411 0x0b14 dot3svc - ok
10:48:17.0411 0x0b14 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:48:17.0426 0x0b14 DPS - ok
10:48:17.0426 0x0b14 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:48:17.0442 0x0b14 drmkaud - ok
10:48:17.0457 0x0b14 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:48:17.0473 0x0b14 DXGKrnl - ok
10:48:17.0489 0x0b14 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:48:17.0504 0x0b14 EapHost - ok
10:48:17.0551 0x0b14 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:48:17.0613 0x0b14 ebdrv - ok
10:48:17.0613 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
10:48:17.0629 0x0b14 EFS - ok
10:48:17.0645 0x0b14 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:48:17.0660 0x0b14 ehRecvr - ok
10:48:17.0660 0x0b14 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:48:17.0676 0x0b14 ehSched - ok
10:48:17.0691 0x0b14 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:48:17.0707 0x0b14 elxstor - ok
10:48:17.0707 0x0b14 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:48:17.0723 0x0b14 ErrDev - ok
10:48:17.0723 0x0b14 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:48:17.0754 0x0b14 EventSystem - ok
10:48:17.0754 0x0b14 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:48:17.0785 0x0b14 exfat - ok
10:48:17.0785 0x0b14 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:48:17.0816 0x0b14 fastfat - ok
10:48:17.0816 0x0b14 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:48:17.0832 0x0b14 Fax - ok
10:48:17.0847 0x0b14 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:48:17.0847 0x0b14 fdc - ok
10:48:17.0847 0x0b14 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:48:17.0879 0x0b14 fdPHost - ok
10:48:17.0879 0x0b14 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:48:17.0894 0x0b14 FDResPub - ok
10:48:17.0894 0x0b14 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:48:17.0910 0x0b14 FileInfo - ok
10:48:17.0910 0x0b14 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:48:17.0925 0x0b14 Filetrace - ok
10:48:17.0941 0x0b14 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:48:17.0941 0x0b14 flpydisk - ok
10:48:17.0941 0x0b14 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:48:17.0957 0x0b14 FltMgr - ok
10:48:17.0972 0x0b14 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:48:18.0003 0x0b14 FontCache - ok
10:48:18.0019 0x0b14 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:48:18.0019 0x0b14 FontCache3.0.0.0 - ok
10:48:18.0019 0x0b14 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:48:18.0035 0x0b14 FsDepends - ok
10:48:18.0035 0x0b14 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:48:18.0035 0x0b14 Fs_Rec - ok
10:48:18.0050 0x0b14 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:48:18.0066 0x0b14 fvevol - ok
10:48:18.0066 0x0b14 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:48:18.0066 0x0b14 gagp30kx - ok
10:48:18.0066 0x0b14 gdrv - ok
10:48:18.0097 0x0b14 [ 11CE87BFED28457EC4A2FA264C83312E, 4171F6E7F9988B6174917992FB7DD97BCC6657DBC3D000016A4F5D1E4B5A338E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:48:18.0113 0x0b14 GfExperienceService - ok
10:48:18.0128 0x0b14 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:48:18.0159 0x0b14 gpsvc - ok
10:48:18.0159 0x0b14 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:48:18.0175 0x0b14 gupdate - ok
10:48:18.0175 0x0b14 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:48:18.0175 0x0b14 gupdatem - ok
10:48:18.0175 0x0b14 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:48:18.0191 0x0b14 hcw85cir - ok
10:48:18.0191 0x0b14 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:48:18.0222 0x0b14 HdAudAddService - ok
10:48:18.0222 0x0b14 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:48:18.0222 0x0b14 HDAudBus - ok
10:48:18.0237 0x0b14 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:48:18.0237 0x0b14 HidBatt - ok
10:48:18.0237 0x0b14 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:48:18.0253 0x0b14 HidBth - ok
10:48:18.0253 0x0b14 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:48:18.0269 0x0b14 HidIr - ok
10:48:18.0269 0x0b14 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:48:18.0300 0x0b14 hidserv - ok
10:48:18.0300 0x0b14 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:48:18.0300 0x0b14 HidUsb - ok
10:48:18.0331 0x0b14 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:48:18.0347 0x0b14 hkmsvc - ok
10:48:18.0347 0x0b14 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:48:18.0362 0x0b14 HomeGroupListener - ok
10:48:18.0378 0x0b14 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:48:18.0393 0x0b14 HomeGroupProvider - ok
10:48:18.0393 0x0b14 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:48:18.0393 0x0b14 HpSAMD - ok
10:48:18.0409 0x0b14 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:48:18.0440 0x0b14 HTTP - ok
10:48:18.0456 0x0b14 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:48:18.0456 0x0b14 hwpolicy - ok
10:48:18.0456 0x0b14 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:48:18.0471 0x0b14 i8042prt - ok
10:48:18.0487 0x0b14 [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
10:48:18.0503 0x0b14 iaStorA - ok
10:48:18.0503 0x0b14 [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:48:18.0503 0x0b14 IAStorDataMgrSvc - ok
10:48:18.0503 0x0b14 [ 6EE3E8FB6C5B1DCC42464BF95F32AC7A, 1D2C3F474B200946F190C2ACD6BF2B2ABDBA16374675920E78280131EDB4ED8C ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
10:48:18.0518 0x0b14 iaStorF - ok
10:48:18.0518 0x0b14 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:48:18.0534 0x0b14 iaStorV - ok
10:48:18.0549 0x0b14 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:48:18.0581 0x0b14 idsvc - ok
10:48:18.0581 0x0b14 IEEtwCollectorService - ok
10:48:18.0643 0x0b14 [ 5268F385C889BB942E0F9596DE83373F, 011280191EEF8053CD413734A0B08F5DF88CD8408CD8354AABF2216F4C59F921 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:48:18.0737 0x0b14 igfx - ok
10:48:18.0737 0x0b14 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:48:18.0737 0x0b14 iirsp - ok
10:48:18.0752 0x0b14 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:48:18.0783 0x0b14 IKEEXT - ok
10:48:18.0830 0x0b14 [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:48:18.0893 0x0b14 IntcAzAudAddService - ok
10:48:18.0893 0x0b14 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:48:18.0924 0x0b14 IntcDAud - ok
10:48:18.0924 0x0b14 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:48:18.0939 0x0b14 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
10:48:21.0295 0x0b14 Detect skipped due to KSN trusted
10:48:21.0295 0x0b14 Intel(R) Capability Licensing Service Interface - ok
10:48:21.0326 0x0b14 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
10:48:21.0389 0x0b14 Intel(R) Capability Licensing Service TCP IP Interface - ok
10:48:21.0389 0x0b14 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:48:21.0389 0x0b14 intelide - ok
10:48:21.0389 0x0b14 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:48:21.0404 0x0b14 intelppm - ok
10:48:21.0404 0x0b14 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:48:21.0435 0x0b14 IPBusEnum - ok
10:48:21.0435 0x0b14 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:48:21.0451 0x0b14 IpFilterDriver - ok
10:48:21.0467 0x0b14 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:48:21.0482 0x0b14 iphlpsvc - ok
10:48:21.0482 0x0b14 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:48:21.0498 0x0b14 IPMIDRV - ok
10:48:21.0498 0x0b14 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:48:21.0513 0x0b14 IPNAT - ok
10:48:21.0529 0x0b14 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:48:21.0529 0x0b14 IRENUM - ok
10:48:21.0529 0x0b14 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:48:21.0545 0x0b14 isapnp - ok
10:48:21.0545 0x0b14 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:48:21.0560 0x0b14 iScsiPrt - ok
10:48:21.0560 0x0b14 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:48:21.0576 0x0b14 iusb3hcs - ok
10:48:21.0576 0x0b14 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:48:21.0591 0x0b14 iusb3hub - ok
10:48:21.0607 0x0b14 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:48:21.0623 0x0b14 iusb3xhc - ok
10:48:21.0623 0x0b14 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:48:21.0638 0x0b14 jhi_service - ok
10:48:21.0638 0x0b14 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:48:21.0638 0x0b14 kbdclass - ok
10:48:21.0654 0x0b14 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:48:21.0654 0x0b14 kbdhid - ok
10:48:21.0654 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
10:48:21.0669 0x0b14 KeyIso - ok
10:48:21.0669 0x0b14 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:48:21.0669 0x0b14 KSecDD - ok
10:48:21.0685 0x0b14 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:48:21.0685 0x0b14 KSecPkg - ok
10:48:21.0685 0x0b14 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:48:21.0716 0x0b14 ksthunk - ok
10:48:21.0716 0x0b14 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:48:21.0747 0x0b14 KtmRm - ok
10:48:21.0747 0x0b14 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:48:21.0779 0x0b14 LanmanServer - ok
10:48:21.0779 0x0b14 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:48:21.0810 0x0b14 LanmanWorkstation - ok
10:48:21.0810 0x0b14 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:48:21.0825 0x0b14 lltdio - ok
10:48:21.0825 0x0b14 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:48:21.0857 0x0b14 lltdsvc - ok
10:48:21.0857 0x0b14 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:48:21.0888 0x0b14 lmhosts - ok
10:48:21.0888 0x0b14 [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:48:21.0903 0x0b14 LMS - ok
10:48:21.0903 0x0b14 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:48:21.0919 0x0b14 LSI_FC - ok
10:48:21.0919 0x0b14 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:48:21.0919 0x0b14 LSI_SAS - ok
10:48:21.0935 0x0b14 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:48:21.0935 0x0b14 LSI_SAS2 - ok
10:48:21.0935 0x0b14 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:48:21.0950 0x0b14 LSI_SCSI - ok
10:48:21.0950 0x0b14 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:48:21.0966 0x0b14 luafv - ok
10:48:21.0981 0x0b14 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:48:21.0997 0x0b14 LVRS64 - ok
10:48:22.0106 0x0b14 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:48:22.0169 0x0b14 LVUVC64 - ok
10:48:22.0184 0x0b14 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:48:22.0184 0x0b14 Mcx2Svc - ok
10:48:22.0184 0x0b14 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:48:22.0200 0x0b14 megasas - ok
10:48:22.0200 0x0b14 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:48:22.0215 0x0b14 MegaSR - ok
10:48:22.0215 0x0b14 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
10:48:22.0231 0x0b14 MEIx64 - ok
10:48:22.0231 0x0b14 [ 7C4C76B39D5525C4A465E0BE32528E19, B7FE3B2AE7E8A936AFC0572A6C4F23327400EAD16B26B6E1193F1C9C3767B3E1 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:48:22.0247 0x0b14 Microsoft Office Groove Audit Service - ok
10:48:22.0247 0x0b14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:48:22.0262 0x0b14 MMCSS - ok
10:48:22.0262 0x0b14 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:48:22.0293 0x0b14 Modem - ok
10:48:22.0293 0x0b14 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:48:22.0293 0x0b14 monitor - ok
10:48:22.0293 0x0b14 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:48:22.0309 0x0b14 mouclass - ok
10:48:22.0309 0x0b14 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:48:22.0325 0x0b14 mouhid - ok
10:48:22.0325 0x0b14 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:48:22.0325 0x0b14 mountmgr - ok
10:48:22.0340 0x0b14 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:48:22.0340 0x0b14 MozillaMaintenance - ok
10:48:22.0340 0x0b14 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:48:22.0356 0x0b14 mpio - ok
10:48:22.0356 0x0b14 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:48:22.0387 0x0b14 mpsdrv - ok
10:48:22.0403 0x0b14 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:48:22.0434 0x0b14 MpsSvc - ok
10:48:22.0434 0x0b14 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:48:22.0449 0x0b14 MRxDAV - ok
10:48:22.0449 0x0b14 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:48:22.0465 0x0b14 mrxsmb - ok
10:48:22.0465 0x0b14 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:48:22.0481 0x0b14 mrxsmb10 - ok
10:48:22.0481 0x0b14 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:48:22.0496 0x0b14 mrxsmb20 - ok
10:48:22.0496 0x0b14 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:48:22.0512 0x0b14 msahci - ok
10:48:22.0512 0x0b14 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:48:22.0512 0x0b14 msdsm - ok
10:48:22.0527 0x0b14 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:48:22.0527 0x0b14 MSDTC - ok
10:48:22.0543 0x0b14 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:48:22.0559 0x0b14 Msfs - ok
10:48:22.0559 0x0b14 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:48:22.0574 0x0b14 mshidkmdf - ok
10:48:22.0574 0x0b14 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:48:22.0590 0x0b14 msisadrv - ok
10:48:22.0590 0x0b14 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:48:22.0621 0x0b14 MSiSCSI - ok
10:48:22.0621 0x0b14 msiserver - ok
10:48:22.0621 0x0b14 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:48:22.0637 0x0b14 MSKSSRV - ok
10:48:22.0637 0x0b14 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:48:22.0652 0x0b14 MSPCLOCK - ok
10:48:22.0652 0x0b14 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:48:22.0683 0x0b14 MSPQM - ok
10:48:22.0683 0x0b14 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:48:22.0699 0x0b14 MsRPC - ok
10:48:22.0699 0x0b14 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:48:22.0699 0x0b14 mssmbios - ok
10:48:22.0699 0x0b14 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:48:22.0730 0x0b14 MSTEE - ok
10:48:22.0730 0x0b14 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:48:22.0730 0x0b14 MTConfig - ok
10:48:22.0730 0x0b14 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:48:22.0746 0x0b14 Mup - ok
10:48:22.0746 0x0b14 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:48:22.0777 0x0b14 napagent - ok
10:48:22.0777 0x0b14 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:48:22.0808 0x0b14 NativeWifiP - ok
10:48:22.0808 0x0b14 [ B498A14133BD09AD0817590ACE4470AD, 14CCC922C6596C97A5CF580209C4AFB6138A8FFD3A0E60CD506810DFCBC43A1A ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
10:48:22.0839 0x0b14 NBService - ok
10:48:22.0855 0x0b14 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:48:22.0871 0x0b14 NDIS - ok
10:48:22.0871 0x0b14 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:48:22.0886 0x0b14 NdisCap - ok
10:48:22.0886 0x0b14 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:48:22.0917 0x0b14 NdisTapi - ok
10:48:22.0917 0x0b14 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:48:22.0933 0x0b14 Ndisuio - ok
10:48:22.0933 0x0b14 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:48:22.0964 0x0b14 NdisWan - ok
10:48:22.0964 0x0b14 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:48:22.0980 0x0b14 NDProxy - ok
10:48:22.0980 0x0b14 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:48:23.0011 0x0b14 NetBIOS - ok
10:48:23.0011 0x0b14 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:48:23.0042 0x0b14 NetBT - ok
10:48:23.0042 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
10:48:23.0042 0x0b14 Netlogon - ok
10:48:23.0058 0x0b14 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:48:23.0073 0x0b14 Netman - ok
10:48:23.0089 0x0b14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:48:23.0089 0x0b14 NetMsmqActivator - ok
10:48:23.0105 0x0b14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:48:23.0105 0x0b14 NetPipeActivator - ok
10:48:23.0105 0x0b14 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:48:23.0136 0x0b14 netprofm - ok
10:48:23.0151 0x0b14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:48:23.0151 0x0b14 NetTcpActivator - ok
10:48:23.0151 0x0b14 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:48:23.0167 0x0b14 NetTcpPortSharing - ok
10:48:23.0167 0x0b14 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:48:23.0167 0x0b14 nfrd960 - ok
10:48:23.0183 0x0b14 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:48:23.0183 0x0b14 NlaSvc - ok
10:48:23.0198 0x0b14 [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
10:48:23.0214 0x0b14 NMIndexingService - ok
10:48:23.0214 0x0b14 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:48:23.0245 0x0b14 Npfs - ok
10:48:23.0245 0x0b14 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:48:23.0261 0x0b14 nsi - ok
10:48:23.0261 0x0b14 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:48:23.0292 0x0b14 nsiproxy - ok
10:48:23.0307 0x0b14 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:48:23.0354 0x0b14 Ntfs - ok
10:48:23.0354 0x0b14 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:48:23.0370 0x0b14 Null - ok
10:48:23.0370 0x0b14 NVHDA - ok
10:48:23.0541 0x0b14 [ A6975E0E4BE34667933846DE2F28AEFC, DFCF194C457A80C8222821001626D089FB1D97A37CA4D50D92144CE324911A78 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:48:23.0729 0x0b14 nvlddmkm - ok
10:48:23.0760 0x0b14 [ C4EFFA3554FA1B6E924209721A5ECD4E, 3AA2F87811804E5EF99ADDBDE6167E223C009C0649CB6B53D0454ADEDA5AF56C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:48:23.0791 0x0b14 NvNetworkService - ok
10:48:23.0791 0x0b14 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:48:23.0807 0x0b14 nvraid - ok
10:48:23.0807 0x0b14 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:48:23.0822 0x0b14 nvstor - ok
10:48:23.0822 0x0b14 [ 47EB46B8E8CE8DA4560F67B6F38F3763, 61A2194C7802A4297D8D4BA33CC270FF71B06727E3A2E652CEB27EE38FE0C7E5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:48:23.0822 0x0b14 NvStreamKms - ok
10:48:24.0119 0x0b14 [ 34878C9CFF0F0B95082A92F3A03A3F7B, 10B7CA015DF0381A76FFCCDAEB97D178F63219B7DA896981C32042B2FCF97506 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
10:48:24.0415 0x0b14 NvStreamSvc - ok
10:48:24.0446 0x0b14 [ 9AEDEFFFE581D775E70C1C228CCD495E, F31C6DED1292A9392B83F9F557070543984AAB73718785B1C189752B34D4805B ] nvsvc C:\Windows\system32\nvvsvc.exe
10:48:24.0462 0x0b14 nvsvc - ok
10:48:24.0462 0x0b14 [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:48:24.0462 0x0b14 nvvad_WaveExtensible - ok
10:48:24.0477 0x0b14 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:48:24.0477 0x0b14 nv_agp - ok
10:48:24.0493 0x0b14 [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:48:24.0509 0x0b14 odserv - ok
10:48:24.0509 0x0b14 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:48:24.0524 0x0b14 ohci1394 - ok
10:48:24.0524 0x0b14 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:48:24.0540 0x0b14 ose - ok
10:48:24.0540 0x0b14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:48:24.0555 0x0b14 p2pimsvc - ok
10:48:24.0555 0x0b14 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:48:24.0571 0x0b14 p2psvc - ok
10:48:24.0587 0x0b14 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:48:24.0587 0x0b14 Parport - ok
10:48:24.0587 0x0b14 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:48:24.0602 0x0b14 partmgr - ok
10:48:24.0602 0x0b14 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:48:24.0618 0x0b14 PcaSvc - ok
10:48:24.0633 0x0b14 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:48:24.0633 0x0b14 pci - ok
10:48:24.0633 0x0b14 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:48:24.0649 0x0b14 pciide - ok
10:48:24.0649 0x0b14 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:48:24.0665 0x0b14 pcmcia - ok
10:48:24.0665 0x0b14 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:48:24.0665 0x0b14 pcw - ok
10:48:24.0680 0x0b14 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:48:24.0711 0x0b14 PEAUTH - ok
10:48:24.0743 0x0b14 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:48:24.0743 0x0b14 PerfHost - ok
10:48:24.0774 0x0b14 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:48:24.0821 0x0b14 pla - ok
10:48:24.0821 0x0b14 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:48:24.0836 0x0b14 PlugPlay - ok
10:48:24.0836 0x0b14 PnkBstrA - ok
10:48:24.0852 0x0b14 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:48:24.0852 0x0b14 PNRPAutoReg - ok
10:48:24.0867 0x0b14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:48:24.0867 0x0b14 PNRPsvc - ok
10:48:24.0883 0x0b14 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:48:24.0914 0x0b14 PolicyAgent - ok
10:48:24.0914 0x0b14 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:48:24.0930 0x0b14 Power - ok
10:48:24.0930 0x0b14 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:48:24.0961 0x0b14 PptpMiniport - ok
10:48:24.0961 0x0b14 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:48:24.0977 0x0b14 Processor - ok
10:48:24.0977 0x0b14 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
10:48:24.0992 0x0b14 ProfSvc - ok
10:48:24.0992 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:48:24.0992 0x0b14 ProtectedStorage - ok
10:48:25.0008 0x0b14 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:48:25.0023 0x0b14 Psched - ok
10:48:25.0039 0x0b14 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:48:25.0070 0x0b14 ql2300 - ok
10:48:25.0086 0x0b14 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:48:25.0086 0x0b14 ql40xx - ok
10:48:25.0101 0x0b14 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:48:25.0117 0x0b14 QWAVE - ok
10:48:25.0117 0x0b14 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:48:25.0133 0x0b14 QWAVEdrv - ok
10:48:25.0133 0x0b14 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:48:25.0148 0x0b14 RasAcd - ok
10:48:25.0148 0x0b14 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:48:25.0164 0x0b14 RasAgileVpn - ok
10:48:25.0179 0x0b14 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:48:25.0195 0x0b14 RasAuto - ok
10:48:25.0195 0x0b14 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:48:25.0226 0x0b14 Rasl2tp - ok
10:48:25.0226 0x0b14 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:48:25.0257 0x0b14 RasMan - ok
10:48:25.0257 0x0b14 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:48:25.0273 0x0b14 RasPppoe - ok
10:48:25.0289 0x0b14 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:48:25.0304 0x0b14 RasSstp - ok
10:48:25.0304 0x0b14 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:48:25.0335 0x0b14 rdbss - ok
10:48:25.0335 0x0b14 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:48:25.0351 0x0b14 rdpbus - ok
10:48:25.0351 0x0b14 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:48:25.0367 0x0b14 RDPCDD - ok
10:48:25.0367 0x0b14 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:48:25.0382 0x0b14 RDPENCDD - ok
10:48:25.0398 0x0b14 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:48:25.0413 0x0b14 RDPREFMP - ok
10:48:25.0413 0x0b14 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:48:25.0429 0x0b14 RDPWD - ok
10:48:25.0429 0x0b14 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:48:25.0445 0x0b14 rdyboost - ok
10:48:25.0445 0x0b14 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:48:25.0476 0x0b14 RemoteAccess - ok
10:48:25.0476 0x0b14 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:48:25.0491 0x0b14 RemoteRegistry - ok
10:48:25.0491 0x0b14 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:48:25.0523 0x0b14 RpcEptMapper - ok
10:48:25.0523 0x0b14 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:48:25.0523 0x0b14 RpcLocator - ok
10:48:25.0538 0x0b14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:48:25.0569 0x0b14 RpcSs - ok
10:48:25.0569 0x0b14 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:48:25.0585 0x0b14 rspndr - ok
10:48:25.0601 0x0b14 [ B358C047E081AC70035017BD1D7ED818, D52455156F2913C5A88B18EC76C4C10B3589FE95F9735DD687A0307FA00FF500 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:48:25.0616 0x0b14 RTL8167 - ok
10:48:25.0616 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
10:48:25.0616 0x0b14 SamSs - ok
10:48:25.0632 0x0b14 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:48:25.0632 0x0b14 sbp2port - ok
10:48:25.0632 0x0b14 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:48:25.0663 0x0b14 SCardSvr - ok
10:48:25.0663 0x0b14 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:48:25.0679 0x0b14 scfilter - ok
10:48:25.0710 0x0b14 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:48:25.0741 0x0b14 Schedule - ok
10:48:25.0757 0x0b14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:48:25.0772 0x0b14 SCPolicySvc - ok
10:48:25.0772 0x0b14 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:48:25.0788 0x0b14 SDRSVC - ok
10:48:25.0788 0x0b14 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:48:25.0803 0x0b14 secdrv - ok
10:48:25.0819 0x0b14 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:48:25.0835 0x0b14 seclogon - ok
10:48:25.0835 0x0b14 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:48:25.0850 0x0b14 SENS - ok
10:48:25.0850 0x0b14 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:48:25.0866 0x0b14 SensrSvc - ok
10:48:25.0866 0x0b14 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:48:25.0881 0x0b14 Serenum - ok
10:48:25.0881 0x0b14 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:48:25.0897 0x0b14 Serial - ok
10:48:25.0897 0x0b14 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:48:25.0897 0x0b14 sermouse - ok
10:48:25.0913 0x0b14 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:48:25.0928 0x0b14 SessionEnv - ok
10:48:25.0928 0x0b14 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:48:25.0944 0x0b14 sffdisk - ok
10:48:25.0944 0x0b14 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:48:25.0944 0x0b14 sffp_mmc - ok
10:48:25.0959 0x0b14 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:48:25.0959 0x0b14 sffp_sd - ok
10:48:25.0959 0x0b14 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:48:25.0975 0x0b14 sfloppy - ok
10:48:25.0975 0x0b14 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:48:26.0006 0x0b14 SharedAccess - ok
10:48:26.0022 0x0b14 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:48:26.0037 0x0b14 ShellHWDetection - ok
10:48:26.0053 0x0b14 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:48:26.0053 0x0b14 SiSRaid2 - ok
10:48:26.0053 0x0b14 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:48:26.0069 0x0b14 SiSRaid4 - ok
10:48:26.0069 0x0b14 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:48:26.0100 0x0b14 SkypeUpdate - ok
10:48:26.0100 0x0b14 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:48:26.0131 0x0b14 Smb - ok
10:48:26.0131 0x0b14 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:48:26.0131 0x0b14 SNMPTRAP - ok
10:48:26.0131 0x0b14 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:48:26.0147 0x0b14 spldr - ok
10:48:26.0162 0x0b14 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:48:26.0178 0x0b14 Spooler - ok
10:48:26.0225 0x0b14 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:48:26.0287 0x0b14 sppsvc - ok
10:48:26.0303 0x0b14 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:48:26.0318 0x0b14 sppuinotify - ok
10:48:26.0334 0x0b14 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:48:26.0349 0x0b14 srv - ok
10:48:26.0349 0x0b14 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:48:26.0381 0x0b14 srv2 - ok
10:48:26.0381 0x0b14 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:48:26.0396 0x0b14 srvnet - ok
10:48:26.0396 0x0b14 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:48:26.0427 0x0b14 SSDPSRV - ok
10:48:26.0427 0x0b14 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:48:26.0443 0x0b14 SstpSvc - ok
10:48:26.0459 0x0b14 [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:48:26.0490 0x0b14 Steam Client Service - ok
10:48:26.0490 0x0b14 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:48:26.0490 0x0b14 stexstor - ok
10:48:26.0505 0x0b14 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:48:26.0537 0x0b14 stisvc - ok
10:48:26.0537 0x0b14 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:48:26.0537 0x0b14 swenum - ok
10:48:26.0552 0x0b14 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:48:26.0583 0x0b14 swprv - ok
10:48:26.0599 0x0b14 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:48:26.0646 0x0b14 SysMain - ok
10:48:26.0661 0x0b14 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:48:26.0661 0x0b14 TabletInputService - ok
10:48:26.0677 0x0b14 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:48:26.0708 0x0b14 TapiSrv - ok
10:48:26.0708 0x0b14 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:48:26.0724 0x0b14 TBS - ok
10:48:26.0755 0x0b14 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:48:26.0802 0x0b14 Tcpip - ok
10:48:26.0817 0x0b14 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:48:26.0849 0x0b14 TCPIP6 - ok
10:48:26.0864 0x0b14 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:48:26.0864 0x0b14 tcpipreg - ok
10:48:26.0864 0x0b14 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:48:26.0880 0x0b14 TDPIPE - ok
10:48:26.0880 0x0b14 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:48:26.0880 0x0b14 TDTCP - ok
10:48:26.0895 0x0b14 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:48:26.0911 0x0b14 tdx - ok
10:48:26.0911 0x0b14 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:48:26.0927 0x0b14 TermDD - ok
10:48:26.0927 0x0b14 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:48:26.0973 0x0b14 TermService - ok
10:48:26.0973 0x0b14 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:48:26.0989 0x0b14 Themes - ok
10:48:26.0989 0x0b14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:48:27.0005 0x0b14 THREADORDER - ok
10:48:27.0005 0x0b14 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:48:27.0036 0x0b14 TrkWks - ok
10:48:27.0036 0x0b14 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:48:27.0051 0x0b14 TrustedInstaller - ok
10:48:27.0067 0x0b14 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:48:27.0067 0x0b14 tssecsrv - ok
10:48:27.0067 0x0b14 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:48:27.0083 0x0b14 TsUsbFlt - ok
10:48:27.0083 0x0b14 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:48:27.0114 0x0b14 tunnel - ok
10:48:27.0114 0x0b14 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:48:27.0129 0x0b14 uagp35 - ok
10:48:27.0129 0x0b14 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:48:27.0161 0x0b14 udfs - ok
10:48:27.0161 0x0b14 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:48:27.0176 0x0b14 UI0Detect - ok
10:48:27.0176 0x0b14 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:48:27.0192 0x0b14 uliagpkx - ok
10:48:27.0192 0x0b14 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:48:27.0192 0x0b14 umbus - ok
10:48:27.0207 0x0b14 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:48:27.0285 0x0b14 UmPass - ok
10:48:27.0301 0x0b14 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:48:27.0317 0x0b14 UMVPFSrv - ok
10:48:27.0332 0x0b14 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:48:27.0363 0x0b14 upnphost - ok
10:48:27.0363 0x0b14 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:48:27.0379 0x0b14 usbaudio - ok
10:48:27.0379 0x0b14 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:48:27.0395 0x0b14 usbccgp - ok
10:48:27.0395 0x0b14 [ C02500A0EE2A47804077060DEEA26F92, 516187FE7060E8DA4DE4EB031649FAF47B155F6A00AB424DA663B4F0FEC266F3 ] UsbCharger C:\Windows\system32\DRIVERS\UsbCharger.sys
10:48:27.0395 0x0b14 UsbCharger - ok
10:48:27.0395 0x0b14 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:48:27.0410 0x0b14 usbcir - ok
10:48:27.0410 0x0b14 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:48:27.0426 0x0b14 usbehci - ok
10:48:27.0426 0x0b14 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:48:27.0441 0x0b14 usbhub - ok
10:48:27.0457 0x0b14 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:48:27.0457 0x0b14 usbohci - ok
10:48:27.0457 0x0b14 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:48:27.0473 0x0b14 usbprint - ok
10:48:27.0473 0x0b14 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:48:27.0488 0x0b14 usbscan - ok
10:48:27.0488 0x0b14 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:48:27.0504 0x0b14 USBSTOR - ok
10:48:27.0504 0x0b14 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:48:27.0504 0x0b14 usbuhci - ok
10:48:27.0519 0x0b14 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:48:27.0519 0x0b14 usbvideo - ok
10:48:27.0535 0x0b14 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:48:27.0551 0x0b14 UxSms - ok
10:48:27.0551 0x0b14 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
10:48:27.0566 0x0b14 VaultSvc - ok
10:48:27.0566 0x0b14 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:48:27.0566 0x0b14 vdrvroot - ok
10:48:27.0582 0x0b14 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:48:27.0613 0x0b14 vds - ok
10:48:27.0613 0x0b14 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:48:27.0629 0x0b14 vga - ok
10:48:27.0629 0x0b14 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:48:27.0644 0x0b14 VgaSave - ok
10:48:27.0644 0x0b14 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:48:27.0660 0x0b14 vhdmp - ok
10:48:27.0660 0x0b14 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:48:27.0675 0x0b14 viaide - ok
10:48:27.0675 0x0b14 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:48:27.0691 0x0b14 volmgr - ok
10:48:27.0691 0x0b14 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:48:27.0707 0x0b14 volmgrx - ok
10:48:27.0707 0x0b14 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:48:27.0722 0x0b14 volsnap - ok
10:48:27.0738 0x0b14 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:48:27.0738 0x0b14 vsmraid - ok
10:48:27.0769 0x0b14 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:48:27.0816 0x0b14 VSS - ok
10:48:27.0816 0x0b14 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:48:27.0831 0x0b14 vwifibus - ok
10:48:27.0831 0x0b14 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:48:27.0863 0x0b14 W32Time - ok
10:48:27.0863 0x0b14 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:48:27.0878 0x0b14 WacomPen - ok
10:48:27.0878 0x0b14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:48:27.0894 0x0b14 WANARP - ok
10:48:27.0909 0x0b14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:48:27.0925 0x0b14 Wanarpv6 - ok
10:48:27.0941 0x0b14 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:48:27.0972 0x0b14 wbengine - ok
10:48:27.0987 0x0b14 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:48:28.0003 0x0b14 WbioSrvc - ok
10:48:28.0003 0x0b14 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:48:28.0019 0x0b14 wcncsvc - ok
10:48:28.0034 0x0b14 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:48:28.0034 0x0b14 WcsPlugInService - ok
10:48:28.0034 0x0b14 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:48:28.0050 0x0b14 Wd - ok
10:48:28.0065 0x0b14 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:48:28.0081 0x0b14 Wdf01000 - ok
10:48:28.0081 0x0b14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:48:28.0097 0x0b14 WdiServiceHost - ok
10:48:28.0097 0x0b14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:48:28.0112 0x0b14 WdiSystemHost - ok
10:48:28.0112 0x0b14 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:48:28.0128 0x0b14 WebClient - ok
10:48:28.0143 0x0b14 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:48:28.0159 0x0b14 Wecsvc - ok
10:48:28.0159 0x0b14 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:48:28.0190 0x0b14 wercplsupport - ok
10:48:28.0190 0x0b14 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:48:28.0206 0x0b14 WerSvc - ok
10:48:28.0221 0x0b14 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:48:28.0237 0x0b14 WfpLwf - ok
10:48:28.0237 0x0b14 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:48:28.0237 0x0b14 WIMMount - ok
10:48:28.0237 0x0b14 WinDefend - ok
10:48:28.0253 0x0b14 WinHttpAutoProxySvc - ok
10:48:28.0253 0x0b14 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:48:28.0284 0x0b14 Winmgmt - ok
10:48:28.0315 0x0b14 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:48:28.0362 0x0b14 WinRM - ok
10:48:28.0377 0x0b14 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:48:28.0393 0x0b14 WinUsb - ok
10:48:28.0393 0x0b14 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:48:28.0424 0x0b14 Wlansvc - ok
10:48:28.0440 0x0b14 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:48:28.0440 0x0b14 WmiAcpi - ok
10:48:28.0440 0x0b14 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:48:28.0455 0x0b14 wmiApSrv - ok
10:48:28.0455 0x0b14 WMPNetworkSvc - ok
10:48:28.0455 0x0b14 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:48:28.0471 0x0b14 WPCSvc - ok
10:48:28.0471 0x0b14 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:48:28.0487 0x0b14 WPDBusEnum - ok
10:48:28.0487 0x0b14 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:48:28.0502 0x0b14 ws2ifsl - ok
10:48:28.0502 0x0b14 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:48:28.0518 0x0b14 wscsvc - ok
10:48:28.0518 0x0b14 WSearch - ok
10:48:28.0565 0x0b14 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:48:28.0596 0x0b14 wuauserv - ok
10:48:28.0611 0x0b14 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:48:28.0611 0x0b14 WudfPf - ok
10:48:28.0611 0x0b14 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:48:28.0627 0x0b14 WUDFRd - ok
10:48:28.0627 0x0b14 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:48:28.0643 0x0b14 wudfsvc - ok
10:48:28.0643 0x0b14 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:48:28.0658 0x0b14 WwanSvc - ok
10:48:28.0674 0x0b14 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
10:48:28.0674 0x0b14 xusb21 - ok
10:48:28.0674 0x0b14 ================ Scan global ===============================
10:48:28.0674 0x0b14 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:48:28.0689 0x0b14 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:48:28.0705 0x0b14 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:48:28.0705 0x0b14 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:48:28.0705 0x0b14 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:48:28.0721 0x0b14 [ Global ] - ok
10:48:28.0721 0x0b14 ================ Scan MBR ==================================
10:48:28.0721 0x0b14 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:48:28.0736 0x0b14 \Device\Harddisk0\DR0 - ok
10:48:28.0736 0x0b14 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:48:28.0986 0x0b14 \Device\Harddisk1\DR1 - ok
10:48:28.0986 0x0b14 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2
10:48:29.0064 0x0b14 \Device\Harddisk2\DR2 - ok
10:48:29.0064 0x0b14 ================ Scan VBR ==================================
10:48:29.0064 0x0b14 [ 680A6C0F2E2A65547BFFC5125EC96937 ] \Device\Harddisk0\DR0\Partition1
10:48:29.0064 0x0b14 \Device\Harddisk0\DR0\Partition1 - ok
10:48:29.0064 0x0b14 [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
10:48:29.0064 0x0b14 \Device\Harddisk0\DR0\Partition2 - ok
10:48:29.0079 0x0b14 [ 4837073E774A34EC9E7234B69D4E5360 ] \Device\Harddisk0\DR0\Partition3
10:48:29.0079 0x0b14 \Device\Harddisk0\DR0\Partition3 - ok
10:48:29.0079 0x0b14 [ FA8BD2C335E0E12C91AEBAEEBE4A391C ] \Device\Harddisk1\DR1\Partition1
10:48:29.0079 0x0b14 \Device\Harddisk1\DR1\Partition1 - ok
10:48:29.0079 0x0b14 [ 1411E9A092BF05F03F1BEEDFDC4197AE ] \Device\Harddisk1\DR1\Partition2
10:48:29.0079 0x0b14 \Device\Harddisk1\DR1\Partition2 - ok
10:48:29.0079 0x0b14 [ 67C1AC2CE2910249416042CFA104E87B ] \Device\Harddisk2\DR2\Partition1
10:48:29.0079 0x0b14 \Device\Harddisk2\DR2\Partition1 - ok
10:48:29.0079 0x0b14 ================ Scan generic autorun ======================
10:48:29.0267 0x0b14 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:48:29.0469 0x0b14 RTHDVCPL - ok
10:48:29.0501 0x0b14 [ 046CA262E8D521A1B050566E330B7178, 79283983AD7430DF90F60F2A46E683E1FE599E74F72DFA4661D719B0E906AF13 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:48:29.0547 0x0b14 NvBackend - ok
10:48:29.0547 0x0b14 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:48:29.0547 0x0b14 ShadowPlay - ok
10:48:29.0563 0x0b14 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:48:29.0563 0x0b14 USB3MON - ok
10:48:29.0579 0x0b14 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:48:29.0594 0x0b14 avgnt - ok
10:48:29.0625 0x0b14 [ F7DF6C050C454D594B07CFC5D77AAB63, 77766BC77917D1E9C87114E02A0B0D0052D36688DA4722317DE71C29311EACD2 ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
10:48:29.0657 0x0b14 ApnTBMon - ok
10:48:29.0657 0x0b14 [ 845EB283583BD3C89F09636A10114EF3, BCB3002B867052FB381B1E44D31E381200751E1AD3F991EB4233B73E3E034A0E ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
10:48:29.0657 0x0b14 Avira Systray - ok
10:48:29.0672 0x0b14 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:48:29.0688 0x0b14 Adobe ARM - ok
10:48:29.0703 0x0b14 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:48:29.0750 0x0b14 Sidebar - ok
10:48:29.0750 0x0b14 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:48:29.0766 0x0b14 mctadmin - ok
10:48:29.0781 0x0b14 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:48:29.0797 0x0b14 Sidebar - ok
10:48:29.0813 0x0b14 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:48:29.0813 0x0b14 mctadmin - ok
10:48:29.0844 0x0b14 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:48:29.0859 0x0b14 Sidebar - ok
10:48:29.0859 0x0b14 Waiting for KSN requests completion. In queue: 315
10:48:30.0889 0x0b14 Waiting for KSN requests completion. In queue: 315
10:48:31.0903 0x0b14 Waiting for KSN requests completion. In queue: 315
10:48:32.0948 0x0b14 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
10:48:32.0964 0x0b14 Win FW state via NFP2: enabled
10:48:35.0382 0x0b14 ============================================================
10:48:35.0382 0x0b14 Scan finished
10:48:35.0382 0x0b14 ============================================================
10:48:35.0382 0x1090 Detected object count: 0
10:48:35.0382 0x1090 Actual detected object count: 0
|
|
28.09.2014, 16:29
| #6 |
| /// the machine /// TB-Ausbilder | Habe auf Link in Phishing Mail geklickt. alles gut 
__________________ --> Habe auf Link in Phishing Mail geklickt. |
|
28.09.2014, 18:48
| #7 |
| | Habe auf Link in Phishing Mail geklickt. Das höre ich natürlich gerne. Vielen Dank, dass Du dir Zeit für mich genommen hast. Ihr macht hier eine ganz tolle Arbeit! Merkwürdig ist das ganze aber schon, den in der Phishing Mail standen Details zu meiner Bestellung. Mal schauen, ob da noch was nachkommt.... Viele Grüße und einen guten Start in die Woche! |
|
29.09.2014, 16:03
| #8 |
| /// the machine /// TB-Ausbilder | Habe auf Link in Phishing Mail geklickt. Dein Rechner ist in Ordnung. Passwörter würde ich auf jeden Fall ändern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Habe auf Link in Phishing Mail geklickt. |
| antivirus, avira, cleaner, defender, führte, gefunde, geklickt, gutes, heute, hilfe!, leere, leeren, link, mail, online, phishing, scan, spiel, suche, support, system, tagen, verbindung, virenscan, wenige |
Linear-Darstellung
