| |
| |||||||
Log-Analyse und Auswertung: Tastatur läßt Buchstaben ausWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.09.2014, 23:32
| #1 |
| |  Tastatur läßt Buchstaben aus Hallo Trojaner-Board, Seit einigen Tagen spinnt meine Tastatur. Ich schreibe realtiv schnell, aber seit kurzem scheint er einige Buchstaben die ich eingebe nicht anzunehmen. Mein PC laggt währenddessen auch minimal. Dieser Vorfall wiederholt sich nicht allzu oft, aber es stört. Ich habe die befürchtung, das unbefugte Personen sich zugang zu meinen Dateien beschaffen. Ich möchte gerne sicherstellen das mein PC nicht von einem Ausspionier Programm befallen ist. Bisher hab ich meinen PC nur einen komplett Scan, mit Avira Anti Virus unterlaufen lassen. defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:57 on 28/09/2014 (Administrator)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2014 02
Ran by Administrator (administrator) on 7-PC on 28-09-2014 23:59:43
Running from C:\Users\Administrator\Desktop
Loaded Profile: Administrator (Available profiles: Administrator)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Perfect Privacy) C:\Program Files\Perfect Privacy VPN Manager\VPNManagerService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(SiSoftware) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Administrator\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-09-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1125053414-927801948-1259786926-500\...\Run: [SendBlaster] => "C:\Program Files\SendBlaster3\sendblaster3.exe" /S
HKU\S-1-5-21-1125053414-927801948-1259786926-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{536C7612-A3BA-46EC-A682-235EAECA0248}: [NameServer] 176.10.116.169,67.202.67.106
Tcpip\..\Interfaces\{BA850C76-60DA-460C-8F66-976D8471F1B5}: [NameServer] 176.10.116.169,67.202.67.106
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bm2unjp.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bm2unjp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-19]
FF Extension: BetterPrivacy - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bm2unjp.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-09-19]
FF Extension: QuickJava - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bm2unjp.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-09-19]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [161016 2014-09-17] (Avira Operations GmbH & Co. KG)
R3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [File not signed]
R2 VPNManager; C:\Program Files\Perfect Privacy VPN Manager\VPNManagerService.exe [17408 2014-08-16] (Perfect Privacy) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-08-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-08-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-15] (CACE Technologies, Inc.)
R3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-08-14] (Avira GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 23:59 - 2014-09-28 23:59 - 02108928 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-09-28 23:59 - 2014-09-28 23:59 - 01100288 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2014-09-28 23:59 - 2014-09-28 23:59 - 00006647 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-09-28 23:59 - 2014-09-28 23:59 - 00000000 ____D () C:\FRST
2014-09-28 23:57 - 2014-09-28 23:58 - 00000488 _____ () C:\Users\Administrator\Desktop\defogger_disable.log
2014-09-28 23:57 - 2014-09-28 23:57 - 00000000 _____ () C:\Users\Administrator\defogger_reenable
2014-09-28 23:56 - 2014-09-28 23:56 - 01100288 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2014-09-28 23:56 - 2014-09-28 23:56 - 00050477 _____ () C:\Users\Administrator\Desktop\Defogger.exe
2014-09-28 19:50 - 2014-09-28 19:51 - 00000027 _____ () C:\Users\Administrator\Desktop\flex jabber.txt
2014-09-28 15:22 - 2014-09-28 15:24 - 16146272 _____ (PortableApps.com) C:\Users\Administrator\Downloads\PidginPortable_2.10.9.paf(1).exe
2014-09-28 15:21 - 2014-09-28 15:21 - 00519392 _____ (PortableApps.com) C:\Users\Administrator\Downloads\Pidgin-OTR_Portable_3.2_Rev_2.paf(1).exe
2014-09-28 14:43 - 2014-09-28 14:43 - 00519392 _____ (PortableApps.com) C:\Users\Administrator\Downloads\Pidgin-OTR_Portable_3.2_Rev_2.paf.exe
2014-09-28 13:30 - 2014-09-28 13:30 - 00000000 ____D () C:\Users\Administrator\Downloads\MirandaFusionPortable3.2.8
2014-09-28 13:29 - 2014-09-28 13:29 - 07770454 _____ () C:\Users\Administrator\Downloads\MirandaFusionPortable3.2.8.7z
2014-09-28 13:23 - 2014-09-28 13:23 - 00709272 _____ (PortableApps.com) C:\Users\Administrator\Downloads\Pidgin-OTR_Portable_4.0.0-1.paf.exe
2014-09-28 13:19 - 2014-09-28 13:19 - 01623752 _____ () C:\Users\Administrator\Downloads\pidgin-otr-4.0.0-1.exe
2014-09-28 13:18 - 2014-09-28 13:18 - 00000000 ____D () C:\Users\Administrator\Downloads\PidginPortable
2014-09-28 13:17 - 2014-09-28 13:18 - 16146272 _____ (PortableApps.com) C:\Users\Administrator\Downloads\PidginPortable_2.10.9.paf.exe
2014-09-28 13:17 - 2014-09-28 13:17 - 00000000 ____D () C:\Users\Administrator\Downloads\cleanranda_v2
2014-09-28 05:04 - 2014-09-28 13:19 - 00000000 ____D () C:\Users\Administrator\.zenmap
2014-09-28 05:04 - 2014-09-28 05:04 - 00000000 ____D () C:\Program Files\WinPcap
2014-09-28 05:03 - 2014-09-28 05:04 - 15620228 _____ (Insecure.org) C:\Users\Administrator\Downloads\nmap-5.20-setup.exe
2014-09-28 02:08 - 2014-09-28 02:08 - 07836062 _____ () C:\Users\Administrator\Downloads\w3d_miranda_pack.rar
2014-09-28 01:37 - 2014-09-28 01:37 - 01163292 _____ () C:\Users\Administrator\Downloads\mirotr.zip
2014-09-28 01:37 - 2014-09-28 01:37 - 00000000 ____D () C:\Users\Administrator\Downloads\mirotr
2014-09-28 00:31 - 2014-09-28 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram3D Miranda Pack 3.0
2014-09-28 00:31 - 2010-03-18 09:15 - 00770384 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-09-28 00:31 - 2010-03-18 09:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-09-28 00:28 - 2014-09-28 00:28 - 08039856 _____ (Wolfram3D ) C:\Users\Administrator\Downloads\w3d_miranda_pack.exe
2014-09-27 23:39 - 2014-09-27 23:39 - 00002110 _____ () C:\Users\Administrator\AppData\Local\recently-used.xbel
2014-09-27 21:05 - 2014-09-27 23:39 - 03187201 _____ () C:\Users\Administrator\Documents\Unbenannt.xcf
2014-09-27 21:05 - 2014-09-27 23:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\gtk-2.0
2014-09-27 20:03 - 2014-09-27 20:03 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-09-27 20:01 - 2014-09-27 20:03 - 00000000 ____D () C:\Program Files\GIMP 2
2014-09-27 19:54 - 2014-09-27 20:00 - 90396104 _____ (The GIMP Team ) C:\Users\Administrator\Downloads\gimp-2.8.10-setup.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 04964488 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup418.exe
2014-09-27 04:34 - 2014-09-27 04:34 - 00006928 _____ () C:\Users\Administrator\Downloads\html learn.txt
2014-09-27 04:28 - 2014-09-27 04:28 - 00000000 ____D () C:\Users\Administrator\Downloads\krypton118
2014-09-27 04:23 - 2014-09-27 04:23 - 00000000 ____D () C:\Users\Administrator\Downloads\krypton
2014-09-27 04:16 - 2014-09-27 04:23 - 22564182 _____ () C:\Users\Administrator\Downloads\krypton.rar
2014-09-27 04:13 - 2014-09-27 04:13 - 01581616 _____ () C:\Users\Administrator\Downloads\modus_versus-web.zip
2014-09-27 01:24 - 2014-09-27 01:24 - 00000000 ____D () C:\Users\Administrator\Desktop\Songtext
2014-09-26 20:29 - 2014-09-26 20:31 - 00000000 _____ () C:\Users\Administrator\Documents\Magix Video Maker 2014
2014-09-26 20:22 - 2014-09-26 20:25 - 00000000 ____D () C:\Program Files\TrueCrypt
2014-09-26 20:22 - 2014-09-26 20:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TrueCrypt
2014-09-26 20:22 - 2014-09-26 20:22 - 00231760 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2014-09-26 20:22 - 2014-09-26 20:22 - 00001028 _____ () C:\Users\Public\Desktop\TrueCrypt.lnk
2014-09-26 20:22 - 2014-09-26 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2014-09-26 18:14 - 2014-09-26 18:14 - 00007605 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2014-09-26 16:03 - 2014-09-27 01:22 - 00000000 ____D () C:\Users\Administrator\Desktop\Neuer Ordner
2014-09-26 15:17 - 2014-09-26 15:17 - 00001336 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Lite 2014.SP2a.lnk
2014-09-26 15:17 - 2014-09-26 15:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\NVIDIA
2014-09-26 15:17 - 2014-09-26 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2014-09-26 15:17 - 2014-04-25 11:06 - 14155776 _____ () C:\Users\Administrator\AppData\Roaming\Sandra.mdb
2014-09-26 15:16 - 2014-09-26 15:16 - 00000000 ____D () C:\Program Files\SiSoftware
2014-09-25 19:23 - 2014-09-25 21:01 - 00000255 _____ () C:\Users\Administrator\Desktop\Meine Daten.txt
2014-09-25 15:17 - 2014-09-26 19:31 - 00000567 _____ () C:\Users\Administrator\Desktop\Neues Textdokument (2).txt
2014-09-25 00:27 - 2014-09-25 00:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-24 14:35 - 2014-09-24 14:35 - 00000000 ____D () C:\Program Files\ISY
2014-09-24 14:35 - 2011-08-11 07:46 - 00602216 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTL8192su.sys
2014-09-23 23:03 - 2014-09-23 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-23 22:54 - 2014-09-26 13:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-23 22:54 - 2014-09-23 22:54 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-23 22:54 - 2014-07-02 22:54 - 00061728 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-23 22:54 - 2014-07-02 21:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-23 22:54 - 2014-07-02 21:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-09-23 22:54 - 2014-07-02 21:42 - 02556360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-23 22:54 - 2014-07-02 21:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-23 22:54 - 2014-07-02 21:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-23 22:54 - 2014-07-02 21:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-23 22:54 - 2014-07-02 19:39 - 00609240 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2014-09-23 22:54 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-23 22:53 - 2014-07-02 22:54 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 16122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 14498552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-23 22:53 - 2014-07-02 22:54 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2014-09-23 22:53 - 2014-07-02 22:54 - 00021215 _____ () C:\Windows\system32\nvinfo.pb
2014-09-23 22:51 - 2014-09-23 22:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-22 23:13 - 2014-09-22 23:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\SendBlaster3
2014-09-22 21:10 - 2014-09-22 21:10 - 00001719 _____ () C:\Windows\system32\ÜZERİNE BASARAK SÖYLÜYORUM TÜRKİYENİN YOBAZ MALLARINA BU YAHUDİ CESARET MADALYASI YAHUDİ OLMAYAN HİÇBİR ADAMA VERİLMEZ BU BİR İLK TİR YAHUDİ BUNU KENDİNDEN OLMAYANA VERMEZ VEREMEZ ARAŞTIRIN SO.lnk
2014-09-22 21:03 - 2014-09-22 21:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-21 01:18 - 2014-09-21 01:19 - 00000000 ____D () C:\sqlmap
2014-09-21 01:18 - 2014-09-21 01:18 - 00000000 ____D () C:\Python27
2014-09-21 01:18 - 2014-09-21 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-09-21 01:09 - 2014-09-21 01:09 - 00000000 ____D () C:\Users\Administrator\.thumbnails
2014-09-21 01:08 - 2014-09-21 01:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TeamViewer
2014-09-20 13:25 - 2014-09-28 04:36 - 00000000 ____D () C:\Users\Administrator\.gimp-2.8
2014-09-20 13:25 - 2014-09-20 13:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\gegl-0.2
2014-09-20 13:25 - 2014-09-20 13:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\fontconfig
2014-09-20 13:17 - 2014-09-20 13:39 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Nvu
2014-09-20 13:17 - 2014-09-20 13:17 - 00000851 _____ () C:\Users\Administrator\Desktop\Nvu.lnk
2014-09-20 13:17 - 2014-09-20 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu
2014-09-20 13:17 - 2014-09-20 13:17 - 00000000 ____D () C:\Program Files\Nvu
2014-09-20 09:03 - 2014-09-23 13:53 - 00000000 ____D () C:\Program Files\Steam
2014-09-20 09:03 - 2014-09-20 09:03 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-09-20 09:03 - 2014-09-20 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-20 09:03 - 2014-09-20 09:03 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-09-20 07:27 - 2004-03-08 13:00 - 00609824 _____ (Microsoft Corporation) C:\Windows\system32\COMCTL32.ocx
2014-09-20 07:27 - 1999-05-06 14:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Comdlg32.ocx
2014-09-20 07:19 - 2014-09-20 07:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-20 02:10 - 2014-09-20 02:10 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\OpenOffice
2014-09-20 02:07 - 2014-09-20 02:07 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-20 02:07 - 2014-09-20 02:07 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-20 02:07 - 2014-09-20 02:07 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-09-20 01:27 - 2014-09-20 01:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Notepad++
2014-09-20 01:27 - 2014-09-20 01:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 01:27 - 2014-09-20 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 01:27 - 2014-09-20 01:27 - 00000000 ____D () C:\Program Files\Notepad++
2014-09-19 14:30 - 2014-09-19 14:30 - 00000000 ____D () C:\Users\Administrator\Downloads\TeamViewerPortable_9.0.32494
2014-09-19 10:45 - 2014-09-24 22:38 - 00002012 ____H () C:\Users\Administrator\Documents\Default.rdp
2014-09-19 07:10 - 2014-09-27 01:25 - 00000616 _____ () C:\Users\Administrator\Desktop\Bitcoin Konto.txt
2014-09-19 07:08 - 2014-09-19 07:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-09-19 07:04 - 2014-09-19 07:04 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Avira
2014-09-19 07:04 - 2014-09-19 07:04 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Perfect_Privacy
2014-09-19 07:03 - 2014-09-27 20:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-09-19 07:03 - 2014-09-19 07:03 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-09-19 07:03 - 2014-09-19 07:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2014-09-19 07:02 - 2014-09-19 07:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-09-19 07:00 - 2014-09-20 07:23 - 00063568 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 07:00 - 2014-09-19 07:00 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-09-19 07:00 - 2014-09-19 07:00 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-09-19 06:59 - 2014-09-19 06:59 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 06:58 - 2014-09-28 23:57 - 00000000 ____D () C:\Users\Administrator
2014-09-19 06:58 - 2014-09-19 06:58 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 06:58 - 2014-09-19 06:58 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-09-19 06:58 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-19 06:58 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-19 06:56 - 2014-09-19 06:56 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-19 06:55 - 2009-11-25 00:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-09-19 06:55 - 2009-11-25 00:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-09-19 06:55 - 2009-11-25 00:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-09-19 06:55 - 2009-11-25 00:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-09-19 06:55 - 2009-11-25 00:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-09-19 06:54 - 2014-09-19 07:04 - 00000000 ____D () C:\Program Files\Perfect Privacy VPN Manager
2014-09-19 06:54 - 2014-09-19 06:54 - 00001108 _____ () C:\Users\Public\Desktop\VPN Manager.lnk
2014-09-19 06:54 - 2014-09-19 06:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Privacy VPN
2014-09-19 03:34 - 2014-09-27 19:25 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-19 03:34 - 2014-09-27 19:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-19 03:34 - 2014-09-19 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-18 23:09 - 2014-09-19 03:40 - 00000000 ____D () C:\Windows\Panther
2014-09-18 22:12 - 2014-09-18 22:12 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-18 22:12 - 2014-09-18 22:12 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-18 14:30 - 2014-09-18 14:28 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-18 14:27 - 2014-08-14 23:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-18 14:27 - 2014-08-14 23:30 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-18 14:27 - 2014-08-14 23:30 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-18 14:27 - 2014-08-14 23:30 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2014-09-18 14:26 - 2014-09-29 00:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 14:26 - 2014-09-19 07:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-18 14:26 - 2014-09-19 07:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-18 14:26 - 2014-09-18 14:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-18 14:24 - 2014-09-18 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-18 14:24 - 2014-09-18 14:27 - 00000000 ____D () C:\ProgramData\Avira
2014-09-18 14:24 - 2014-09-18 14:27 - 00000000 ____D () C:\Program Files\Avira
2014-09-18 14:24 - 2014-09-18 14:24 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-18 14:24 - 2014-09-18 14:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-18 14:02 - 2014-09-25 01:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-18 14:02 - 2014-09-18 14:02 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 12:10 - 2014-09-17 19:29 - 00000353 _____ () C:\Users\Administrator\Downloads\spielen.txt
2014-09-18 12:10 - 2014-09-16 10:10 - 00002809 _____ () C:\Users\Administrator\Downloads\uncrackbare hashes gute mitglieder.txt
2014-09-18 12:10 - 2014-09-16 05:32 - 00000000 ____D () C:\Users\Administrator\Downloads\Programme
2014-09-18 12:10 - 2014-09-15 15:14 - 00011143 _____ () C:\Users\Administrator\Downloads\mail;pass end.txt
2014-09-18 12:10 - 2014-09-14 16:12 - 00000903 _____ () C:\Users\Administrator\Downloads\password.txt
2014-09-18 12:06 - 2014-09-18 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-18 12:06 - 2014-09-18 12:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-18 11:40 - 2014-08-24 19:53 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-18 11:26 - 2014-09-26 14:02 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 11:25 - 2014-09-18 11:25 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 11:25 - 2014-09-18 11:25 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 11:22 - 2014-09-24 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISY Dienstprogramm für WLAN USB-Adapter
2014-09-18 11:22 - 2014-09-18 11:22 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
2014-09-18 11:17 - 2014-09-28 16:49 - 00077160 ____N () C:\Windows\WindowsUpdate.log
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\Programme
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-18 11:16 - 2014-09-18 11:16 - 00000000 __SHD () C:\Recovery
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 23:34 - 2009-07-14 06:34 - 00013600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 23:34 - 2009-07-14 06:34 - 00013600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-26 15:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-26 13:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 22:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-09-22 07:34 - 2009-07-14 06:33 - 00294440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-22 03:21 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-20 07:23 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-20 02:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-19 07:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-19 06:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-18 23:09 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-18 23:09 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-18 22:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-18 22:12 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-18 22:10 - 2009-07-14 10:57 - 00000000 ____D () C:\Windows\CSC
2014-09-18 11:22 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore
2014-09-18 11:16 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-18 11:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-27 06:16
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-09-2014 02
Ran by Administrator at 2014-09-29 00:00:08
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Avira (HKLM\...\{149bb302-ebda-47ae-b3e6-297cf4c356dc}) (Version: 1.1.21.40000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.40000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
ISY USB Wireless Adapter (HKLM\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.14 - ISY)
ISY USB Wireless Adapter (Version: 1.0.0.14 - ISY) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Python 2.7.7 (HKLM\...\{049CA433-77A0-4e48-AC76-180A282C4E10}) (Version: 2.7.7150 - Python Software Foundation)
SiSoftware Sandra Lite 2014.SP2a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.35.2014.6 - SiSoftware)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VPN Manager 1.6.69.0 (HKLM\...\VPN Manager) (Version: 1.6.69.0 - Perfect-Privacy)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
26-09-2014 13:16:31 SiSoftware Sandra Lite
26-09-2014 18:22:22 TrueCrypt installation
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2AE824B2-1EBD-4955-A8C3-23B3AB977071} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {B7C655AE-0777-4154-A496-7BF0AC4A20D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-09-23 22:54 - 2014-07-02 21:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-09-17 02:31 - 2014-09-17 02:31 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-09-17 02:30 - 2014-09-17 02:30 - 00066864 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-28 00:31 - 2011-02-27 15:21 - 00068720 _____ () Z:\Miranda IM\Plugins\shlext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2014-09-19 06:59 - 2014-09-17 02:31 - 00052472 ____N () C:\Users\Administrator\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-25 20:44 - 2014-09-25 20:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-25 00:27 - 2014-09-25 00:27 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-09-28 23:56 - 2014-09-28 23:56 - 00050477 _____ () C:\Users\Administrator\Desktop\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1125053414-927801948-1259786926-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1125053414-927801948-1259786926-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2014 06:36:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pidgin-portable.exe, Version: 2.10.9.0, Zeitstempel: 0x52eee0a8
Name des fehlerhaften Moduls: libgtk-win32-2.0-0.dll, Version: 2.16.6.0, Zeitstempel: 0x4b6f2415
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b8f71
ID des fehlerhaften Prozesses: 0xc0c
Startzeit der fehlerhaften Anwendung: 0xpidgin-portable.exe0
Pfad der fehlerhaften Anwendung: pidgin-portable.exe1
Pfad des fehlerhaften Moduls: pidgin-portable.exe2
Berichtskennung: pidgin-portable.exe3
Error: (09/28/2014 06:16:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/28/2014 00:21:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x176c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (09/28/2014 00:21:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 32.0.3.5379 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1700
Startzeit: 01cfda7848785f27
Endzeit: 136
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 8da6cfc9-4694-11e4-b2c9-00219b3e0e60
Error: (09/27/2014 07:31:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/27/2014 07:05:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/26/2014 11:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 32.0.3.5379 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 270
Startzeit: 01cfd9842f1e6c74
Endzeit: 128
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 3cd7dce2-45c2-11e4-b2c9-00219b3e0e60
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (09/27/2014 07:24:04 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{4999A4CB-B531-4E1A-A916-5E2B0319307E} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (09/26/2014 02:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2014 02:00:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (09/26/2014 02:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2014 02:00:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (09/26/2014 02:00:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2014 02:00:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (09/26/2014 02:00:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2014 02:00:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (09/26/2014 02:00:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (09/28/2014 06:36:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pidgin-portable.exe2.10.9.052eee0a8libgtk-win32-2.0-0.dll2.16.6.04b6f2415c0000005000b8f71c0c01cfdb1fc0c55f46Z:\PidginPortable\App\Pidgin\pidgin-portable.exeZ:\PidginPortable\App\Pidgin\Gtk\bin\libgtk-win32-2.0-0.dll9f0ba6a0-472d-11e4-b2c9-00219b3e0e60
Error: (09/28/2014 06:16:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sisoftware\sisoftware sandra lite 2014.sp2a\wnt500x64\RpcSandraSrv.exe
Error: (09/28/2014 00:21:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b176c01cfda894b448815C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll8ee595dc-4694-11e4-b2c9-00219b3e0e60
Error: (09/28/2014 00:21:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.3.5379170001cfda7848785f27136C:\Program Files\Mozilla Firefox\firefox.exe8da6cfc9-4694-11e4-b2c9-00219b3e0e60
Error: (09/27/2014 07:31:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sisoftware\sisoftware sandra lite 2014.sp2a\wnt500x64\RpcSandraSrv.exe
Error: (09/27/2014 07:05:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sisoftware\sisoftware sandra lite 2014.sp2a\wnt500x64\RpcSandraSrv.exe
Error: (09/26/2014 11:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.3.537927001cfd9842f1e6c74128C:\Program Files\Mozilla Firefox\firefox.exe3cd7dce2-45c2-11e4-b2c9-00219b3e0e60
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/26/2014 02:00:20 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 34%
Total physical RAM: 3069.61 MB
Available physical RAM: 2001.17 MB
Total Pagefile: 6137.5 MB
Available Pagefile: 4650.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.41 GB) (Free:52.08 GB) NTFS
Drive d: (IWL1000) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS
Drive z: () (Fixed) (Total:3.99 GB) (Free:3.77 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 266DC603)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer.txt Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-29 00:08:23
Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD800HLFS-75G6U0 rev.04.04V01 74,51GB
Running: f9j68edx.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pxldapog.sys
---- System - GMER 2.1 ----
SSDT 8FFA9BF6 ZwCreateSection
SSDT 8FFA9C00 ZwRequestWaitReplyPort
SSDT 8FFA9BFB ZwSetContextThread
SSDT 8FFA9C05 ZwSetSecurityObject
SSDT 8FFA9C0A ZwSystemDebugControl
SSDT 8FFA9B97 ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C92579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CB6F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 340 82CBE840 4 Bytes [F6, 9B, FA, 8F]
.text ntkrnlpa.exe!RtlSidHashLookup + 69C 82CBEB9C 4 Bytes [00, 9C, FA, 8F]
.text ntkrnlpa.exe!RtlSidHashLookup + 6E0 82CBEBE0 4 Bytes [FB, 9B, FA, 8F]
.text ntkrnlpa.exe!RtlSidHashLookup + 75C 82CBEC5C 4 Bytes [05, 9C, FA, 8F]
.text ntkrnlpa.exe!RtlSidHashLookup + 7B0 82CBECB0 4 Bytes [0A, 9C, FA, 8F]
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- EOF - GMER 2.1 ----
|
|
29.09.2014, 06:14
| #2 |
| /// the machine /// TB-Ausbilder    | Tastatur läßt Buchstaben aus hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
29.09.2014, 18:07
| #3 |
| | Tastatur läßt Buchstaben aus TDSSKiller
__________________Code:
ATTFilter 15:03:39.0671 0x0b54 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:03:43.0497 0x0b54 ============================================================
15:03:43.0497 0x0b54 Current date / time: 2014/09/29 15:03:43.0497
15:03:43.0497 0x0b54 SystemInfo:
15:03:43.0497 0x0b54
15:03:43.0497 0x0b54 OS Version: 6.1.7600 ServicePack: 0.0
15:03:43.0497 0x0b54 Product type: Workstation
15:03:43.0497 0x0b54 ComputerName: 7-PC
15:03:43.0498 0x0b54 UserName: Administrator
15:03:43.0498 0x0b54 Windows directory: C:\Windows
15:03:43.0498 0x0b54 System windows directory: C:\Windows
15:03:43.0498 0x0b54 Processor architecture: Intel x86
15:03:43.0498 0x0b54 Number of processors: 2
15:03:43.0498 0x0b54 Page size: 0x1000
15:03:43.0498 0x0b54 Boot type: Normal boot
15:03:43.0498 0x0b54 ============================================================
15:03:44.0527 0x0b54 KLMD registered as C:\Windows\system32\drivers\49827494.sys
15:03:44.0767 0x0b54 System UUID: {9FDCDC74-8D89-1365-5DB9-4C024DF5613E}
15:03:45.0298 0x0b54 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x142EF, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000050
15:03:45.0300 0x0b54 ============================================================
15:03:45.0300 0x0b54 \Device\Harddisk0\DR0:
15:03:45.0300 0x0b54 MBR partitions:
15:03:45.0300 0x0b54 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:03:45.0300 0x0b54 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94CF800
15:03:45.0300 0x0b54 ============================================================
15:03:45.0320 0x0b54 C: <-> \Device\Harddisk0\DR0\Partition2
15:03:45.0320 0x0b54 ============================================================
15:03:45.0320 0x0b54 Initialize success
15:03:45.0320 0x0b54 ============================================================
15:04:14.0441 0x0f58 ============================================================
15:04:14.0441 0x0f58 Scan started
15:04:14.0441 0x0f58 Mode: Manual; SigCheck; TDLFS;
15:04:14.0441 0x0f58 ============================================================
15:04:14.0441 0x0f58 KSN ping started
15:04:17.0671 0x0f58 KSN ping finished: true
15:04:18.0349 0x0f58 ================ Scan system memory ========================
15:04:18.0349 0x0f58 System memory - ok
15:04:18.0350 0x0f58 ================ Scan services =============================
15:04:18.0444 0x0f58 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:04:18.0539 0x0f58 1394ohci - ok
15:04:18.0565 0x0f58 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:04:18.0588 0x0f58 ACPI - ok
15:04:18.0601 0x0f58 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:04:18.0643 0x0f58 AcpiPmi - ok
15:04:18.0677 0x0f58 [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:04:18.0691 0x0f58 AdobeFlashPlayerUpdateSvc - ok
15:04:18.0705 0x0f58 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:04:18.0734 0x0f58 adp94xx - ok
15:04:18.0752 0x0f58 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:04:18.0781 0x0f58 adpahci - ok
15:04:18.0788 0x0f58 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:04:18.0807 0x0f58 adpu320 - ok
15:04:18.0821 0x0f58 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:04:18.0887 0x0f58 AeLookupSvc - ok
15:04:18.0915 0x0f58 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
15:04:18.0967 0x0f58 AFD - ok
15:04:18.0977 0x0f58 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:04:18.0993 0x0f58 agp440 - ok
15:04:19.0007 0x0f58 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:04:19.0032 0x0f58 aic78xx - ok
15:04:19.0041 0x0f58 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
15:04:19.0067 0x0f58 ALG - ok
15:04:19.0079 0x0f58 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:04:19.0101 0x0f58 aliide - ok
15:04:19.0106 0x0f58 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
15:04:19.0128 0x0f58 amdagp - ok
15:04:19.0138 0x0f58 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:04:19.0157 0x0f58 amdide - ok
15:04:19.0165 0x0f58 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:04:19.0190 0x0f58 AmdK8 - ok
15:04:19.0197 0x0f58 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:04:19.0224 0x0f58 AmdPPM - ok
15:04:19.0240 0x0f58 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:04:19.0258 0x0f58 amdsata - ok
15:04:19.0272 0x0f58 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:04:19.0311 0x0f58 amdsbs - ok
15:04:19.0323 0x0f58 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:04:19.0344 0x0f58 amdxata - ok
15:04:19.0402 0x0f58 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:04:19.0428 0x0f58 AntiVirSchedulerService - ok
15:04:19.0459 0x0f58 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:04:19.0484 0x0f58 AntiVirService - ok
15:04:19.0495 0x0f58 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
15:04:19.0551 0x0f58 AppID - ok
15:04:19.0576 0x0f58 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:04:19.0615 0x0f58 AppIDSvc - ok
15:04:19.0625 0x0f58 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
15:04:19.0655 0x0f58 Appinfo - ok
15:04:19.0688 0x0f58 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:04:19.0743 0x0f58 AppMgmt - ok
15:04:19.0764 0x0f58 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:04:19.0781 0x0f58 arc - ok
15:04:19.0791 0x0f58 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:04:19.0814 0x0f58 arcsas - ok
15:04:19.0861 0x0f58 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:04:19.0872 0x0f58 aspnet_state - ok
15:04:19.0883 0x0f58 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:04:19.0918 0x0f58 AsyncMac - ok
15:04:19.0928 0x0f58 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:04:19.0937 0x0f58 atapi - ok
15:04:19.0962 0x0f58 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:04:20.0010 0x0f58 AudioEndpointBuilder - ok
15:04:20.0032 0x0f58 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:04:20.0075 0x0f58 Audiosrv - ok
15:04:20.0091 0x0f58 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:04:20.0132 0x0f58 avgntflt - ok
15:04:20.0143 0x0f58 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:04:20.0160 0x0f58 avipbb - ok
15:04:20.0187 0x0f58 [ EBDCA96BFC0EF602DAADE9F79D0D549A, 4AD371DEA8A40A62A34CD081D374A980861A0712035083AC997B71CDF72F642F ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
15:04:20.0204 0x0f58 Avira.OE.ServiceHost - ok
15:04:20.0214 0x0f58 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:04:20.0227 0x0f58 avkmgr - ok
15:04:20.0247 0x0f58 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:04:20.0290 0x0f58 AxInstSV - ok
15:04:20.0315 0x0f58 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:04:20.0388 0x0f58 b06bdrv - ok
15:04:20.0414 0x0f58 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:04:20.0468 0x0f58 b57nd60x - ok
15:04:20.0502 0x0f58 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
15:04:20.0538 0x0f58 BDESVC - ok
15:04:20.0545 0x0f58 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
15:04:20.0577 0x0f58 Beep - ok
15:04:20.0605 0x0f58 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
15:04:20.0657 0x0f58 BFE - ok
15:04:20.0689 0x0f58 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\System32\qmgr.dll
15:04:20.0748 0x0f58 BITS - ok
15:04:20.0760 0x0f58 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:04:20.0777 0x0f58 blbdrive - ok
15:04:20.0787 0x0f58 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:04:20.0823 0x0f58 bowser - ok
15:04:20.0827 0x0f58 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:04:20.0856 0x0f58 BrFiltLo - ok
15:04:20.0859 0x0f58 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:04:20.0884 0x0f58 BrFiltUp - ok
15:04:20.0901 0x0f58 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
15:04:20.0928 0x0f58 Browser - ok
15:04:20.0944 0x0f58 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:04:21.0001 0x0f58 Brserid - ok
15:04:21.0006 0x0f58 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:04:21.0033 0x0f58 BrSerWdm - ok
15:04:21.0042 0x0f58 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:04:21.0068 0x0f58 BrUsbMdm - ok
15:04:21.0072 0x0f58 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:04:21.0091 0x0f58 BrUsbSer - ok
15:04:21.0096 0x0f58 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:04:21.0120 0x0f58 BTHMODEM - ok
15:04:21.0138 0x0f58 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
15:04:21.0177 0x0f58 bthserv - ok
15:04:21.0195 0x0f58 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:04:21.0228 0x0f58 cdfs - ok
15:04:21.0246 0x0f58 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:04:21.0267 0x0f58 cdrom - ok
15:04:21.0283 0x0f58 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
15:04:21.0310 0x0f58 CertPropSvc - ok
15:04:21.0319 0x0f58 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:04:21.0339 0x0f58 circlass - ok
15:04:21.0357 0x0f58 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
15:04:21.0392 0x0f58 CLFS - ok
15:04:21.0424 0x0f58 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:04:21.0448 0x0f58 clr_optimization_v2.0.50727_32 - ok
15:04:21.0474 0x0f58 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:04:21.0486 0x0f58 clr_optimization_v4.0.30319_32 - ok
15:04:21.0490 0x0f58 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:04:21.0507 0x0f58 CmBatt - ok
15:04:21.0514 0x0f58 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:04:21.0528 0x0f58 cmdide - ok
15:04:21.0548 0x0f58 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
15:04:21.0590 0x0f58 CNG - ok
15:04:21.0597 0x0f58 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:04:21.0611 0x0f58 Compbatt - ok
15:04:21.0628 0x0f58 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:04:21.0646 0x0f58 CompositeBus - ok
15:04:21.0650 0x0f58 COMSysApp - ok
15:04:21.0659 0x0f58 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:04:21.0673 0x0f58 crcdisk - ok
15:04:21.0689 0x0f58 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:04:21.0717 0x0f58 CryptSvc - ok
15:04:21.0737 0x0f58 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
15:04:21.0803 0x0f58 CSC - ok
15:04:21.0829 0x0f58 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
15:04:21.0865 0x0f58 CscService - ok
15:04:21.0893 0x0f58 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
15:04:21.0942 0x0f58 DcomLaunch - ok
15:04:21.0962 0x0f58 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
15:04:22.0005 0x0f58 defragsvc - ok
15:04:22.0024 0x0f58 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:04:22.0063 0x0f58 DfsC - ok
15:04:22.0092 0x0f58 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:04:22.0140 0x0f58 Dhcp - ok
15:04:22.0155 0x0f58 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
15:04:22.0191 0x0f58 discache - ok
15:04:22.0208 0x0f58 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:04:22.0224 0x0f58 Disk - ok
15:04:22.0239 0x0f58 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:04:22.0271 0x0f58 Dnscache - ok
15:04:22.0286 0x0f58 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
15:04:22.0342 0x0f58 dot3svc - ok
15:04:22.0371 0x0f58 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
15:04:22.0414 0x0f58 DPS - ok
15:04:22.0429 0x0f58 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:04:22.0474 0x0f58 drmkaud - ok
15:04:22.0499 0x0f58 [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:04:22.0597 0x0f58 DXGKrnl - ok
15:04:22.0621 0x0f58 [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
15:04:22.0664 0x0f58 e1express - ok
15:04:22.0685 0x0f58 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
15:04:22.0715 0x0f58 EapHost - ok
15:04:22.0807 0x0f58 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:04:22.0988 0x0f58 ebdrv - ok
15:04:23.0009 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
15:04:23.0027 0x0f58 EFS - ok
15:04:23.0066 0x0f58 [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:04:23.0151 0x0f58 ehRecvr - ok
15:04:23.0160 0x0f58 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
15:04:23.0188 0x0f58 ehSched - ok
15:04:23.0219 0x0f58 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:04:23.0271 0x0f58 elxstor - ok
15:04:23.0283 0x0f58 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:04:23.0303 0x0f58 ErrDev - ok
15:04:23.0337 0x0f58 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
15:04:23.0381 0x0f58 EventSystem - ok
15:04:23.0396 0x0f58 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
15:04:23.0431 0x0f58 exfat - ok
15:04:23.0442 0x0f58 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:04:23.0485 0x0f58 fastfat - ok
15:04:23.0511 0x0f58 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
15:04:23.0553 0x0f58 Fax - ok
15:04:23.0566 0x0f58 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:04:23.0593 0x0f58 fdc - ok
15:04:23.0602 0x0f58 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
15:04:23.0631 0x0f58 fdPHost - ok
15:04:23.0640 0x0f58 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
15:04:23.0671 0x0f58 FDResPub - ok
15:04:23.0682 0x0f58 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:04:23.0707 0x0f58 FileInfo - ok
15:04:23.0716 0x0f58 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:04:23.0751 0x0f58 Filetrace - ok
15:04:23.0762 0x0f58 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:04:23.0788 0x0f58 flpydisk - ok
15:04:23.0801 0x0f58 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:04:23.0827 0x0f58 FltMgr - ok
15:04:23.0859 0x0f58 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
15:04:23.0918 0x0f58 FontCache - ok
15:04:23.0939 0x0f58 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:04:23.0957 0x0f58 FontCache3.0.0.0 - ok
15:04:23.0964 0x0f58 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:04:23.0980 0x0f58 FsDepends - ok
15:04:23.0994 0x0f58 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:04:24.0009 0x0f58 Fs_Rec - ok
15:04:24.0024 0x0f58 [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:04:24.0049 0x0f58 fvevol - ok
15:04:24.0063 0x0f58 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:04:24.0079 0x0f58 gagp30kx - ok
15:04:24.0110 0x0f58 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
15:04:24.0154 0x0f58 gpsvc - ok
15:04:24.0163 0x0f58 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:04:24.0203 0x0f58 hcw85cir - ok
15:04:24.0236 0x0f58 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:04:24.0268 0x0f58 HdAudAddService - ok
15:04:24.0281 0x0f58 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:04:24.0297 0x0f58 HDAudBus - ok
15:04:24.0302 0x0f58 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:04:24.0329 0x0f58 HidBatt - ok
15:04:24.0342 0x0f58 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:04:24.0383 0x0f58 HidBth - ok
15:04:24.0393 0x0f58 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:04:24.0419 0x0f58 HidIr - ok
15:04:24.0428 0x0f58 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
15:04:24.0455 0x0f58 hidserv - ok
15:04:24.0475 0x0f58 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:04:24.0498 0x0f58 HidUsb - ok
15:04:24.0515 0x0f58 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:04:24.0542 0x0f58 hkmsvc - ok
15:04:24.0559 0x0f58 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:04:24.0607 0x0f58 HomeGroupListener - ok
15:04:24.0630 0x0f58 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:04:24.0656 0x0f58 HomeGroupProvider - ok
15:04:24.0664 0x0f58 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:04:24.0687 0x0f58 HpSAMD - ok
15:04:24.0716 0x0f58 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:04:24.0783 0x0f58 HTTP - ok
15:04:24.0794 0x0f58 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:04:24.0816 0x0f58 hwpolicy - ok
15:04:24.0827 0x0f58 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:04:24.0856 0x0f58 i8042prt - ok
15:04:24.0868 0x0f58 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:04:24.0893 0x0f58 iaStorV - ok
15:04:24.0941 0x0f58 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:04:25.0003 0x0f58 idsvc - ok
15:04:25.0016 0x0f58 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:04:25.0031 0x0f58 iirsp - ok
15:04:25.0068 0x0f58 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
15:04:25.0124 0x0f58 IKEEXT - ok
15:04:25.0136 0x0f58 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:04:25.0150 0x0f58 intelide - ok
15:04:25.0164 0x0f58 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:04:25.0177 0x0f58 intelppm - ok
15:04:25.0187 0x0f58 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:04:25.0221 0x0f58 IPBusEnum - ok
15:04:25.0230 0x0f58 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:04:25.0272 0x0f58 IpFilterDriver - ok
15:04:25.0290 0x0f58 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:04:25.0345 0x0f58 iphlpsvc - ok
15:04:25.0350 0x0f58 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:04:25.0383 0x0f58 IPMIDRV - ok
15:04:25.0389 0x0f58 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:04:25.0425 0x0f58 IPNAT - ok
15:04:25.0436 0x0f58 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:04:25.0456 0x0f58 IRENUM - ok
15:04:25.0474 0x0f58 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:04:25.0494 0x0f58 isapnp - ok
15:04:25.0509 0x0f58 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:04:25.0545 0x0f58 iScsiPrt - ok
15:04:25.0558 0x0f58 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:04:25.0581 0x0f58 kbdclass - ok
15:04:25.0596 0x0f58 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:04:25.0617 0x0f58 kbdhid - ok
15:04:25.0626 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
15:04:25.0640 0x0f58 KeyIso - ok
15:04:25.0647 0x0f58 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:04:25.0666 0x0f58 KSecDD - ok
15:04:25.0680 0x0f58 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:04:25.0700 0x0f58 KSecPkg - ok
15:04:25.0729 0x0f58 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:04:25.0796 0x0f58 KtmRm - ok
15:04:25.0815 0x0f58 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:04:25.0849 0x0f58 LanmanServer - ok
15:04:25.0864 0x0f58 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:04:25.0901 0x0f58 LanmanWorkstation - ok
15:04:25.0921 0x0f58 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:04:25.0957 0x0f58 lltdio - ok
15:04:25.0978 0x0f58 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:04:26.0028 0x0f58 lltdsvc - ok
15:04:26.0040 0x0f58 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:04:26.0074 0x0f58 lmhosts - ok
15:04:26.0087 0x0f58 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:04:26.0104 0x0f58 LSI_FC - ok
15:04:26.0110 0x0f58 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:04:26.0126 0x0f58 LSI_SAS - ok
15:04:26.0136 0x0f58 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:04:26.0152 0x0f58 LSI_SAS2 - ok
15:04:26.0164 0x0f58 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:04:26.0188 0x0f58 LSI_SCSI - ok
15:04:26.0196 0x0f58 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
15:04:26.0233 0x0f58 luafv - ok
15:04:26.0248 0x0f58 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:04:26.0269 0x0f58 Mcx2Svc - ok
15:04:26.0277 0x0f58 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:04:26.0292 0x0f58 megasas - ok
15:04:26.0307 0x0f58 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:04:26.0360 0x0f58 MegaSR - ok
15:04:26.0385 0x0f58 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
15:04:26.0411 0x0f58 MMCSS - ok
15:04:26.0437 0x0f58 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
15:04:26.0484 0x0f58 Modem - ok
15:04:26.0500 0x0f58 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:04:26.0516 0x0f58 monitor - ok
15:04:26.0524 0x0f58 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:04:26.0539 0x0f58 mouclass - ok
15:04:26.0550 0x0f58 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:04:26.0574 0x0f58 mouhid - ok
15:04:26.0582 0x0f58 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:04:26.0599 0x0f58 mountmgr - ok
15:04:26.0623 0x0f58 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:04:26.0635 0x0f58 MozillaMaintenance - ok
15:04:26.0646 0x0f58 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:04:26.0666 0x0f58 mpio - ok
15:04:26.0681 0x0f58 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:04:26.0724 0x0f58 mpsdrv - ok
15:04:26.0751 0x0f58 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:04:26.0797 0x0f58 MpsSvc - ok
15:04:26.0812 0x0f58 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:04:26.0835 0x0f58 MRxDAV - ok
15:04:26.0844 0x0f58 [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:04:26.0890 0x0f58 mrxsmb - ok
15:04:26.0911 0x0f58 [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:04:26.0962 0x0f58 mrxsmb10 - ok
15:04:26.0967 0x0f58 [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:04:27.0013 0x0f58 mrxsmb20 - ok
15:04:27.0024 0x0f58 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:04:27.0034 0x0f58 msahci - ok
15:04:27.0040 0x0f58 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:04:27.0059 0x0f58 msdsm - ok
15:04:27.0072 0x0f58 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
15:04:27.0118 0x0f58 MSDTC - ok
15:04:27.0132 0x0f58 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:04:27.0161 0x0f58 Msfs - ok
15:04:27.0172 0x0f58 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:04:27.0208 0x0f58 mshidkmdf - ok
15:04:27.0218 0x0f58 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:04:27.0241 0x0f58 msisadrv - ok
15:04:27.0259 0x0f58 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:04:27.0295 0x0f58 MSiSCSI - ok
15:04:27.0300 0x0f58 msiserver - ok
15:04:27.0318 0x0f58 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:04:27.0352 0x0f58 MSKSSRV - ok
15:04:27.0361 0x0f58 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:04:27.0400 0x0f58 MSPCLOCK - ok
15:04:27.0404 0x0f58 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:04:27.0434 0x0f58 MSPQM - ok
15:04:27.0446 0x0f58 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:04:27.0490 0x0f58 MsRPC - ok
15:04:27.0500 0x0f58 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:04:27.0511 0x0f58 mssmbios - ok
15:04:27.0520 0x0f58 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:04:27.0553 0x0f58 MSTEE - ok
15:04:27.0557 0x0f58 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:04:27.0574 0x0f58 MTConfig - ok
15:04:27.0585 0x0f58 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
15:04:27.0601 0x0f58 Mup - ok
15:04:27.0626 0x0f58 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
15:04:27.0677 0x0f58 napagent - ok
15:04:27.0700 0x0f58 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:04:27.0755 0x0f58 NativeWifiP - ok
15:04:27.0783 0x0f58 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:04:27.0815 0x0f58 NDIS - ok
15:04:27.0840 0x0f58 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:04:27.0869 0x0f58 NdisCap - ok
15:04:27.0887 0x0f58 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:04:27.0920 0x0f58 NdisTapi - ok
15:04:27.0941 0x0f58 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:04:27.0972 0x0f58 Ndisuio - ok
15:04:27.0985 0x0f58 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:04:28.0020 0x0f58 NdisWan - ok
15:04:28.0030 0x0f58 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:04:28.0060 0x0f58 NDProxy - ok
15:04:28.0069 0x0f58 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:04:28.0107 0x0f58 NetBIOS - ok
15:04:28.0118 0x0f58 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:04:28.0177 0x0f58 NetBT - ok
15:04:28.0188 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
15:04:28.0202 0x0f58 Netlogon - ok
15:04:28.0230 0x0f58 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
15:04:28.0274 0x0f58 Netman - ok
15:04:28.0299 0x0f58 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:04:28.0323 0x0f58 NetMsmqActivator - ok
15:04:28.0330 0x0f58 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:04:28.0349 0x0f58 NetPipeActivator - ok
15:04:28.0368 0x0f58 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
15:04:28.0408 0x0f58 netprofm - ok
15:04:28.0415 0x0f58 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:04:28.0427 0x0f58 NetTcpActivator - ok
15:04:28.0433 0x0f58 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:04:28.0445 0x0f58 NetTcpPortSharing - ok
15:04:28.0458 0x0f58 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:04:28.0481 0x0f58 nfrd960 - ok
15:04:28.0494 0x0f58 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:04:28.0532 0x0f58 NlaSvc - ok
15:04:28.0579 0x0f58 [ B9730495E0CF674680121E34BD95A73B, 1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] npf C:\Windows\system32\drivers\npf.sys
15:04:28.0598 0x0f58 npf - ok
15:04:28.0605 0x0f58 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:04:28.0637 0x0f58 Npfs - ok
15:04:28.0647 0x0f58 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
15:04:28.0673 0x0f58 nsi - ok
15:04:28.0682 0x0f58 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:04:28.0721 0x0f58 nsiproxy - ok
15:04:28.0768 0x0f58 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:04:28.0869 0x0f58 Ntfs - ok
15:04:28.0882 0x0f58 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
15:04:28.0916 0x0f58 Null - ok
15:04:29.0240 0x0f58 [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:04:29.0687 0x0f58 nvlddmkm - ok
15:04:29.0729 0x0f58 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:04:29.0751 0x0f58 nvraid - ok
15:04:29.0769 0x0f58 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:04:29.0788 0x0f58 nvstor - ok
15:04:29.0836 0x0f58 [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:04:29.0874 0x0f58 nvsvc - ok
15:04:29.0895 0x0f58 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:04:29.0913 0x0f58 nv_agp - ok
15:04:29.0918 0x0f58 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:04:29.0945 0x0f58 ohci1394 - ok
15:04:29.0968 0x0f58 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:04:30.0015 0x0f58 p2pimsvc - ok
15:04:30.0036 0x0f58 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
15:04:30.0084 0x0f58 p2psvc - ok
15:04:30.0100 0x0f58 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:04:30.0119 0x0f58 Parport - ok
15:04:30.0130 0x0f58 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:04:30.0147 0x0f58 partmgr - ok
15:04:30.0153 0x0f58 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:04:30.0175 0x0f58 Parvdm - ok
15:04:30.0185 0x0f58 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:04:30.0219 0x0f58 PcaSvc - ok
15:04:30.0234 0x0f58 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
15:04:30.0269 0x0f58 pci - ok
15:04:30.0278 0x0f58 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:04:30.0292 0x0f58 pciide - ok
15:04:30.0306 0x0f58 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:04:30.0340 0x0f58 pcmcia - ok
15:04:30.0348 0x0f58 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
15:04:30.0364 0x0f58 pcw - ok
15:04:30.0396 0x0f58 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:04:30.0465 0x0f58 PEAUTH - ok
15:04:30.0509 0x0f58 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:04:30.0578 0x0f58 PeerDistSvc - ok
15:04:30.0639 0x0f58 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
15:04:30.0758 0x0f58 pla - ok
15:04:30.0784 0x0f58 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:04:30.0829 0x0f58 PlugPlay - ok
15:04:30.0838 0x0f58 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:04:30.0873 0x0f58 PNRPAutoReg - ok
15:04:30.0892 0x0f58 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:04:30.0912 0x0f58 PNRPsvc - ok
15:04:30.0940 0x0f58 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:04:30.0988 0x0f58 PolicyAgent - ok
15:04:30.0999 0x0f58 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
15:04:31.0029 0x0f58 Power - ok
15:04:31.0054 0x0f58 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:04:31.0098 0x0f58 PptpMiniport - ok
15:04:31.0108 0x0f58 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:04:31.0141 0x0f58 Processor - ok
15:04:31.0164 0x0f58 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
15:04:31.0195 0x0f58 ProfSvc - ok
15:04:31.0206 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:04:31.0221 0x0f58 ProtectedStorage - ok
15:04:31.0240 0x0f58 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:04:31.0271 0x0f58 Psched - ok
15:04:31.0315 0x0f58 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:04:31.0406 0x0f58 ql2300 - ok
15:04:31.0424 0x0f58 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:04:31.0444 0x0f58 ql40xx - ok
15:04:31.0471 0x0f58 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
15:04:31.0519 0x0f58 QWAVE - ok
15:04:31.0531 0x0f58 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:04:31.0557 0x0f58 QWAVEdrv - ok
15:04:31.0564 0x0f58 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:04:31.0601 0x0f58 RasAcd - ok
15:04:31.0612 0x0f58 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:04:31.0659 0x0f58 RasAgileVpn - ok
15:04:31.0669 0x0f58 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
15:04:31.0703 0x0f58 RasAuto - ok
15:04:31.0712 0x0f58 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:04:31.0757 0x0f58 Rasl2tp - ok
15:04:31.0780 0x0f58 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
15:04:31.0818 0x0f58 RasMan - ok
15:04:31.0830 0x0f58 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:04:31.0866 0x0f58 RasPppoe - ok
15:04:31.0882 0x0f58 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:04:31.0918 0x0f58 RasSstp - ok
15:04:31.0932 0x0f58 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:04:31.0973 0x0f58 rdbss - ok
15:04:31.0980 0x0f58 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:04:32.0000 0x0f58 rdpbus - ok
15:04:32.0011 0x0f58 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:04:32.0041 0x0f58 RDPCDD - ok
15:04:32.0056 0x0f58 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:04:32.0098 0x0f58 RDPDR - ok
15:04:32.0111 0x0f58 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:04:32.0140 0x0f58 RDPENCDD - ok
15:04:32.0154 0x0f58 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:04:32.0189 0x0f58 RDPREFMP - ok
15:04:32.0202 0x0f58 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:04:32.0251 0x0f58 RDPWD - ok
15:04:32.0263 0x0f58 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:04:32.0298 0x0f58 rdyboost - ok
15:04:32.0317 0x0f58 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:04:32.0365 0x0f58 RemoteAccess - ok
15:04:32.0382 0x0f58 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:04:32.0423 0x0f58 RemoteRegistry - ok
15:04:32.0438 0x0f58 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:04:32.0465 0x0f58 RpcEptMapper - ok
15:04:32.0479 0x0f58 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
15:04:32.0497 0x0f58 RpcLocator - ok
15:04:32.0514 0x0f58 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
15:04:32.0550 0x0f58 RpcSs - ok
15:04:32.0565 0x0f58 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:04:32.0601 0x0f58 rspndr - ok
15:04:32.0656 0x0f58 [ 031C4928ABA3E209CD6F96B7F4B085ED, 1D3E60B0603365831676E8B537E74453A22A2297FB3C8B6F01975E68B6DC0BCB ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
15:04:32.0678 0x0f58 RTL8192su - ok
15:04:32.0697 0x0f58 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:04:32.0729 0x0f58 s3cap - ok
15:04:32.0742 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
15:04:32.0755 0x0f58 SamSs - ok
15:04:32.0804 0x0f58 [ 230FD3749904CA045EA5EC0AA14006E9, D7C79238F862B471740AFF4CC3982658D1339795E9EC884A8921EFE2E547D7C3 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\WNt500x86\Sandra.sys
15:04:32.0812 0x0f58 SANDRA - ok
15:04:32.0822 0x0f58 [ 65FCC1102E87462548AF8EC49620C9FC, 99FA15DA12D7550364F598EF78F04051FE1743A1D74BE6048DF840757FB08D0B ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe
15:04:32.0830 0x0f58 SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
15:04:36.0025 0x0f58 Detect skipped due to KSN trusted
15:04:36.0025 0x0f58 SandraAgentSrv - ok
15:04:36.0047 0x0f58 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:04:36.0064 0x0f58 sbp2port - ok
15:04:36.0085 0x0f58 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:04:36.0138 0x0f58 SCardSvr - ok
15:04:36.0149 0x0f58 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:04:36.0190 0x0f58 scfilter - ok
15:04:36.0231 0x0f58 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
15:04:36.0290 0x0f58 Schedule - ok
15:04:36.0302 0x0f58 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:04:36.0329 0x0f58 SCPolicySvc - ok
15:04:36.0336 0x0f58 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:04:36.0373 0x0f58 SDRSVC - ok
15:04:36.0384 0x0f58 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:04:36.0416 0x0f58 secdrv - ok
15:04:36.0425 0x0f58 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
15:04:36.0455 0x0f58 seclogon - ok
15:04:36.0465 0x0f58 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
15:04:36.0496 0x0f58 SENS - ok
15:04:36.0515 0x0f58 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:04:36.0575 0x0f58 SensrSvc - ok
15:04:36.0600 0x0f58 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:04:36.0616 0x0f58 Serenum - ok
15:04:36.0627 0x0f58 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:04:36.0650 0x0f58 Serial - ok
15:04:36.0662 0x0f58 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:04:36.0685 0x0f58 sermouse - ok
15:04:36.0702 0x0f58 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
15:04:36.0732 0x0f58 SessionEnv - ok
15:04:36.0740 0x0f58 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:04:36.0761 0x0f58 sffdisk - ok
15:04:36.0771 0x0f58 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:04:36.0792 0x0f58 sffp_mmc - ok
15:04:36.0796 0x0f58 [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:04:36.0819 0x0f58 sffp_sd - ok
15:04:36.0824 0x0f58 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:04:36.0844 0x0f58 sfloppy - ok
15:04:36.0870 0x0f58 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:04:36.0922 0x0f58 SharedAccess - ok
15:04:36.0944 0x0f58 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:04:36.0968 0x0f58 ShellHWDetection - ok
15:04:36.0979 0x0f58 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
15:04:36.0995 0x0f58 sisagp - ok
15:04:37.0007 0x0f58 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:04:37.0023 0x0f58 SiSRaid2 - ok
15:04:37.0029 0x0f58 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:04:37.0045 0x0f58 SiSRaid4 - ok
15:04:37.0057 0x0f58 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:04:37.0099 0x0f58 Smb - ok
15:04:37.0117 0x0f58 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:04:37.0139 0x0f58 SNMPTRAP - ok
15:04:37.0149 0x0f58 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
15:04:37.0163 0x0f58 spldr - ok
15:04:37.0190 0x0f58 [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
15:04:37.0222 0x0f58 Spooler - ok
15:04:37.0321 0x0f58 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
15:04:37.0454 0x0f58 sppsvc - ok
15:04:37.0474 0x0f58 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:04:37.0506 0x0f58 sppuinotify - ok
15:04:37.0532 0x0f58 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
15:04:37.0588 0x0f58 srv - ok
15:04:37.0608 0x0f58 [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:04:37.0661 0x0f58 srv2 - ok
15:04:37.0675 0x0f58 [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:04:37.0708 0x0f58 srvnet - ok
15:04:37.0721 0x0f58 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:04:37.0757 0x0f58 SSDPSRV - ok
15:04:37.0776 0x0f58 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
15:04:37.0795 0x0f58 ssmdrv - ok
15:04:37.0812 0x0f58 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:04:37.0842 0x0f58 SstpSvc - ok
15:04:37.0889 0x0f58 [ 15E9700890AE50AA6A8B68EBB8F82EAD, 99D909B8A20E47BBDB5902806C700EAF914192561D69182D93357C6C6F30EC0D ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
15:04:37.0938 0x0f58 Steam Client Service - ok
15:04:37.0990 0x0f58 [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:04:38.0017 0x0f58 Stereo Service - ok
15:04:38.0027 0x0f58 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:04:38.0042 0x0f58 stexstor - ok
15:04:38.0071 0x0f58 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
15:04:38.0106 0x0f58 StiSvc - ok
15:04:38.0126 0x0f58 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:04:38.0141 0x0f58 storflt - ok
15:04:38.0158 0x0f58 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
15:04:38.0186 0x0f58 StorSvc - ok
15:04:38.0200 0x0f58 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:04:38.0215 0x0f58 storvsc - ok
15:04:38.0230 0x0f58 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:04:38.0255 0x0f58 swenum - ok
15:04:38.0269 0x0f58 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
15:04:38.0309 0x0f58 swprv - ok
15:04:38.0351 0x0f58 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
15:04:38.0414 0x0f58 SysMain - ok
15:04:38.0435 0x0f58 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:04:38.0467 0x0f58 TabletInputService - ok
15:04:38.0484 0x0f58 [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
15:04:38.0499 0x0f58 tap0901 - ok
15:04:38.0509 0x0f58 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:04:38.0543 0x0f58 TapiSrv - ok
15:04:38.0553 0x0f58 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
15:04:38.0596 0x0f58 TBS - ok
15:04:38.0637 0x0f58 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:04:38.0742 0x0f58 Tcpip - ok
15:04:38.0783 0x0f58 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:04:38.0822 0x0f58 TCPIP6 - ok
15:04:38.0838 0x0f58 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:04:38.0874 0x0f58 tcpipreg - ok
15:04:38.0882 0x0f58 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:04:38.0910 0x0f58 TDPIPE - ok
15:04:38.0915 0x0f58 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:04:38.0957 0x0f58 TDTCP - ok
15:04:38.0969 0x0f58 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:04:39.0006 0x0f58 tdx - ok
15:04:39.0019 0x0f58 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:04:39.0040 0x0f58 TermDD - ok
15:04:39.0066 0x0f58 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
15:04:39.0125 0x0f58 TermService - ok
15:04:39.0137 0x0f58 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
15:04:39.0153 0x0f58 Themes - ok
15:04:39.0165 0x0f58 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
15:04:39.0191 0x0f58 THREADORDER - ok
15:04:39.0207 0x0f58 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
15:04:39.0238 0x0f58 TrkWks - ok
15:04:39.0269 0x0f58 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
15:04:39.0306 0x0f58 truecrypt - ok
15:04:39.0336 0x0f58 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:04:39.0354 0x0f58 TrustedInstaller - ok
15:04:39.0370 0x0f58 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:04:39.0400 0x0f58 tssecsrv - ok
15:04:39.0412 0x0f58 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:04:39.0446 0x0f58 tunnel - ok
15:04:39.0458 0x0f58 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:04:39.0474 0x0f58 uagp35 - ok
15:04:39.0488 0x0f58 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:04:39.0544 0x0f58 udfs - ok
15:04:39.0557 0x0f58 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:04:39.0580 0x0f58 UI0Detect - ok
15:04:39.0590 0x0f58 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:04:39.0606 0x0f58 uliagpkx - ok
15:04:39.0621 0x0f58 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:04:39.0647 0x0f58 umbus - ok
15:04:39.0658 0x0f58 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:04:39.0681 0x0f58 UmPass - ok
15:04:39.0700 0x0f58 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
15:04:39.0723 0x0f58 UmRdpService - ok
15:04:39.0736 0x0f58 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
15:04:39.0773 0x0f58 upnphost - ok
15:04:39.0782 0x0f58 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:04:39.0802 0x0f58 usbccgp - ok
15:04:39.0816 0x0f58 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:04:39.0852 0x0f58 usbcir - ok
15:04:39.0860 0x0f58 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:04:39.0873 0x0f58 usbehci - ok
15:04:39.0887 0x0f58 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:04:39.0912 0x0f58 usbhub - ok
15:04:39.0922 0x0f58 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:04:39.0938 0x0f58 usbohci - ok
15:04:39.0945 0x0f58 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:04:39.0965 0x0f58 usbprint - ok
15:04:39.0976 0x0f58 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:04:40.0008 0x0f58 USBSTOR - ok
15:04:40.0017 0x0f58 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:04:40.0031 0x0f58 usbuhci - ok
15:04:40.0042 0x0f58 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
15:04:40.0076 0x0f58 UxSms - ok
15:04:40.0086 0x0f58 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
15:04:40.0099 0x0f58 VaultSvc - ok
15:04:40.0107 0x0f58 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:04:40.0130 0x0f58 vdrvroot - ok
15:04:40.0155 0x0f58 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
15:04:40.0214 0x0f58 vds - ok
15:04:40.0233 0x0f58 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:04:40.0255 0x0f58 vga - ok
15:04:40.0264 0x0f58 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:04:40.0295 0x0f58 VgaSave - ok
15:04:40.0308 0x0f58 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:04:40.0348 0x0f58 vhdmp - ok
15:04:40.0358 0x0f58 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
15:04:40.0377 0x0f58 viaagp - ok
15:04:40.0383 0x0f58 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:04:40.0409 0x0f58 ViaC7 - ok
15:04:40.0417 0x0f58 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:04:40.0432 0x0f58 viaide - ok
15:04:40.0453 0x0f58 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:04:40.0487 0x0f58 vmbus - ok
15:04:40.0494 0x0f58 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:04:40.0517 0x0f58 VMBusHID - ok
15:04:40.0528 0x0f58 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:04:40.0546 0x0f58 volmgr - ok
15:04:40.0565 0x0f58 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:04:40.0605 0x0f58 volmgrx - ok
15:04:40.0620 0x0f58 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:04:40.0657 0x0f58 volsnap - ok
15:04:40.0685 0x0f58 [ C844A7F5E5153F6EC7236B518EDD0A9A, A00E2F41B010C86749A473138F1217AB5AD9E8B441DB4F8390A29D878C6DF83E ] VPNManager C:\Program Files\Perfect Privacy VPN Manager\VPNManagerService.exe
15:04:40.0690 0x0f58 VPNManager - detected UnsignedFile.Multi.Generic ( 1 )
15:04:43.0960 0x0f58 VPNManager ( UnsignedFile.Multi.Generic ) - warning
15:04:47.0169 0x0f58 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:04:47.0202 0x0f58 vsmraid - ok
15:04:47.0248 0x0f58 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
15:04:47.0311 0x0f58 VSS - ok
15:04:47.0325 0x0f58 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:04:47.0348 0x0f58 vwifibus - ok
15:04:47.0362 0x0f58 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:04:47.0388 0x0f58 vwififlt - ok
15:04:47.0403 0x0f58 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
15:04:47.0444 0x0f58 W32Time - ok
15:04:47.0458 0x0f58 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:04:47.0474 0x0f58 WacomPen - ok
15:04:47.0490 0x0f58 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:04:47.0521 0x0f58 WANARP - ok
15:04:47.0525 0x0f58 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:04:47.0551 0x0f58 Wanarpv6 - ok
15:04:47.0591 0x0f58 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
15:04:47.0678 0x0f58 wbengine - ok
15:04:47.0700 0x0f58 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:04:47.0733 0x0f58 WbioSrvc - ok
15:04:47.0744 0x0f58 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:04:47.0784 0x0f58 wcncsvc - ok
15:04:47.0797 0x0f58 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:04:47.0830 0x0f58 WcsPlugInService - ok
15:04:47.0838 0x0f58 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:04:47.0856 0x0f58 Wd - ok
15:04:47.0886 0x0f58 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:04:47.0935 0x0f58 Wdf01000 - ok
15:04:47.0958 0x0f58 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:04:47.0979 0x0f58 WdiServiceHost - ok
15:04:47.0983 0x0f58 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:04:48.0001 0x0f58 WdiSystemHost - ok
15:04:48.0013 0x0f58 [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
15:04:48.0053 0x0f58 WebClient - ok
15:04:48.0065 0x0f58 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:04:48.0108 0x0f58 Wecsvc - ok
15:04:48.0120 0x0f58 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:04:48.0155 0x0f58 wercplsupport - ok
15:04:48.0173 0x0f58 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
15:04:48.0201 0x0f58 WerSvc - ok
15:04:48.0225 0x0f58 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:04:48.0253 0x0f58 WfpLwf - ok
15:04:48.0262 0x0f58 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:04:48.0276 0x0f58 WIMMount - ok
15:04:48.0313 0x0f58 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:04:48.0374 0x0f58 WinDefend - ok
15:04:48.0381 0x0f58 WinHttpAutoProxySvc - ok
15:04:48.0416 0x0f58 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:04:48.0453 0x0f58 Winmgmt - ok
15:04:48.0502 0x0f58 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
15:04:48.0587 0x0f58 WinRM - ok
15:04:48.0618 0x0f58 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:04:48.0632 0x0f58 WinUsb - ok
15:04:48.0665 0x0f58 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:04:48.0723 0x0f58 Wlansvc - ok
15:04:48.0728 0x0f58 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:04:48.0749 0x0f58 WmiAcpi - ok
15:04:48.0767 0x0f58 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:04:48.0787 0x0f58 wmiApSrv - ok
15:04:48.0831 0x0f58 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:04:48.0910 0x0f58 WMPNetworkSvc - ok
15:04:48.0928 0x0f58 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:04:48.0952 0x0f58 WPCSvc - ok
15:04:48.0966 0x0f58 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:04:48.0986 0x0f58 WPDBusEnum - ok
15:04:49.0002 0x0f58 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:04:49.0035 0x0f58 ws2ifsl - ok
15:04:49.0045 0x0f58 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
15:04:49.0070 0x0f58 wscsvc - ok
15:04:49.0073 0x0f58 WSearch - ok
15:04:49.0137 0x0f58 [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv C:\Windows\system32\wuaueng.dll
15:04:49.0244 0x0f58 wuauserv - ok
15:04:49.0261 0x0f58 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:04:49.0296 0x0f58 WudfPf - ok
15:04:49.0309 0x0f58 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:04:49.0337 0x0f58 WUDFRd - ok
15:04:49.0357 0x0f58 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:04:49.0386 0x0f58 wudfsvc - ok
15:04:49.0399 0x0f58 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:04:49.0455 0x0f58 WwanSvc - ok
15:04:49.0471 0x0f58 ================ Scan global ===============================
15:04:49.0487 0x0f58 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
15:04:49.0506 0x0f58 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:04:49.0530 0x0f58 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:04:49.0546 0x0f58 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
15:04:49.0566 0x0f58 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
15:04:49.0578 0x0f58 [ Global ] - ok
15:04:49.0578 0x0f58 ================ Scan MBR ==================================
15:04:49.0586 0x0f58 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:04:49.0701 0x0f58 \Device\Harddisk0\DR0 - ok
15:04:49.0701 0x0f58 ================ Scan VBR ==================================
15:04:49.0704 0x0f58 [ BCC9852AEE8118CEDB7B937DC3AD5917 ] \Device\Harddisk0\DR0\Partition1
15:04:49.0706 0x0f58 \Device\Harddisk0\DR0\Partition1 - ok
15:04:49.0708 0x0f58 [ 7F50A4EB329162FAA3078B11B7913C8C ] \Device\Harddisk0\DR0\Partition2
15:04:49.0709 0x0f58 \Device\Harddisk0\DR0\Partition2 - ok
15:04:49.0710 0x0f58 ================ Scan generic autorun ======================
15:04:49.0732 0x0f58 [ FE2D45FB015BCE721259798B0780165D, B60AC78211B56F16B96962B88314EFBCFEF9F041B12025A0DD21A4C2CCB9EFD9 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
15:04:49.0741 0x0f58 Avira Systray - ok
15:04:49.0791 0x0f58 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
15:04:49.0822 0x0f58 avgnt - ok
15:04:49.0878 0x0f58 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:04:49.0945 0x0f58 Sidebar - ok
15:04:49.0961 0x0f58 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
15:04:49.0979 0x0f58 mctadmin - ok
15:04:50.0009 0x0f58 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:04:50.0050 0x0f58 Sidebar - ok
15:04:50.0058 0x0f58 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
15:04:50.0074 0x0f58 mctadmin - ok
15:04:50.0075 0x0f58 SendBlaster - ok
15:04:50.0223 0x0f58 [ 56B1B54136D8EC5967728EA6242390E8, 26997AD1E0F3429986204F3DD1980C9AF3E9E314DC59DF8039C568350DDCF86D ] C:\Program Files\CCleaner\CCleaner.exe
15:04:50.0379 0x0f58 CCleaner Monitoring - ok
15:04:50.0387 0x0f58 Waiting for KSN requests completion. In queue: 46
15:04:51.0387 0x0f58 Waiting for KSN requests completion. In queue: 46
15:04:52.0387 0x0f58 Waiting for KSN requests completion. In queue: 46
15:04:53.0387 0x0f58 Waiting for KSN requests completion. In queue: 46
15:04:54.0411 0x0f58 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
15:04:54.0415 0x0f58 Win FW state via NFP2: enabled
15:05:07.0765 0x0f58 ============================================================
15:05:07.0765 0x0f58 Scan finished
15:05:07.0765 0x0f58 ============================================================
15:05:07.0774 0x16e8 Detected object count: 1
15:05:07.0774 0x16e8 Actual detected object count: 1
15:05:29.0160 0x16e8 VPNManager ( UnsignedFile.Multi.Generic ) - skipped by user
15:05:29.0176 0x16e8 VPNManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.09.2014, 09:22
| #4 |
| /// the machine /// TB-Ausbilder | Tastatur läßt Buchstaben aus Bevor wir weiter testen, bitte mal ein anderes Keyboard versuchen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2014, 04:39
| #5 | |
| | Tastatur läßt Buchstaben ausZitat:
Vielen Dank! |
|
01.10.2014, 12:37
| #6 |
| /// the machine /// TB-Ausbilder | Tastatur läßt Buchstaben aus Ist das ein Laptop oder Desktop PC?
__________________ --> Tastatur läßt Buchstaben aus |
|
01.10.2014, 13:53
| #7 | |
| | Tastatur läßt Buchstaben ausZitat:
Aber hatte ich ja im ersten Beitrag schon erwähnt gehabt. MfG Zeze439 |
|
02.10.2014, 07:43
| #8 |
| /// the machine /// TB-Ausbilder | Tastatur läßt Buchstaben aus Dann versuch mal nen anderen Anschluss. Wenn PS2, dann teste USB, oder teste einen anderen USB.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2014, 00:57
| #9 | |
| | Tastatur läßt Buchstaben ausZitat:
Erst einmal ein Dank für Ihre Zeit und Ihre Tipps. Doch bevor wir jetzt tage lang weiter so verbleiben würde ich doch liebend gern mein System prüfen lassen. Ist es denn möglich? So das ich eine Infizierung zu 100% ausschließen kann. |
|
06.10.2014, 18:33
| #10 |
| /// the machine /// TB-Ausbilder | Tastatur läßt Buchstaben aus Wir haben dein System schon getestet. Malware ist da keine. Mach bitte mal nen CleanBoot: http://support.microsoft.com/kb/929135/de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Tastatur läßt Buchstaben aus |
| adware, antivirus, bitcoin, browser, ccsetup, defender, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 28, fehlercode windows, firefox, flash player, installation, mozilla, programm, realtek, registry, security, services.exe, svchost.exe, tastatur, windows |
Linear-Darstellung
