| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Überwachungstool ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.11.2014, 10:48
| #1 |
 |  Überwachungstool ? Hallo liebe TB-Community Gestern hab ich sofort Panik bekommen, als sich meine Maus plötzlich selbständig gemacht hat und das Vollbild zugemacht hatte, als ich auf twitch.tv unterwegs war. Ich hab mir einen stream in Vollbild angeschaut und plötzlich schließt sich das Vollbild-Fenster und das Rechtsklick-Fenster öffnet sich. Ich wurde sofort panisch und suchte in Google nach ähnlichem. Hab sofort Beiträge über Fernüberwachungstools gefunden. Kann mir vielleicht jemand, der mehr Ahnung auf diesem Gebiet hat, helfen. Ich würde gern sicher sein, das auf meinem Computer sich nichts "eingenistet" hat. Bin ganz besorgt.   |
|
01.11.2014, 10:55
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Überwachungstool ? Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
01.11.2014, 12:32
| #3 |
| | Überwachungstool ? Hab ich gemacht:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by klopsi (administrator) on KLOPSI-PC on 01-11-2014 12:29:46
Running from C:\Users\klopsi\Desktop
Loaded Profiles: klopsi & (Available profiles: klopsi)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default
FF Homepage: hxxp://encrypted.google.com/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\klopsi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: WOT - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-26]
FF Extension: FastestFox - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\smarterwiki@wikiatic.com.xpi [2014-08-01]
FF Extension: Adblock Plus - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\klopsi\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-31] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 12:29 - 2014-11-01 12:30 - 00009503 _____ () C:\Users\klopsi\Desktop\FRST.txt
2014-11-01 12:29 - 2014-11-01 12:29 - 00000000 ____D () C:\FRST
2014-11-01 12:27 - 2014-11-01 12:27 - 02114048 _____ (Farbar) C:\Users\klopsi\Desktop\FRST64.exe
2014-11-01 12:27 - 2014-11-01 12:27 - 00000000 ____D () C:\Users\klopsi\Desktop\Frst.2
2014-10-31 23:35 - 2014-10-31 23:37 - 131078000 _____ (AVAST Software) C:\Users\klopsi\Downloads\avast_free_antivirus_setup_10.exe
2014-10-31 23:16 - 2014-10-31 23:16 - 00000000 ____H () C:\Users\klopsi\Documents\Default.rdp
2014-10-31 11:20 - 2014-10-31 11:20 - 05424601 _____ () C:\Users\klopsi\Downloads\USB_Oszilloskop.zip
2014-10-29 22:50 - 2014-10-29 22:50 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-28 20:53 - 2014-10-28 20:53 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Unity
2014-10-28 20:52 - 2014-10-28 20:52 - 01080416 _____ (Unity Technologies ApS) C:\Users\klopsi\Downloads\UnityWebPlayer.exe
2014-10-28 20:52 - 2014-10-28 20:52 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Unity
2014-10-26 15:37 - 2014-10-31 12:11 - 00000000 ____D () C:\Users\klopsi\Desktop\EIB S1
2014-10-26 14:36 - 2014-10-31 23:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 14:34 - 2014-10-26 14:39 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-26 14:34 - 2014-10-26 14:34 - 00001083 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\ProgramData\Licenses
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-10-26 14:34 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-10-26 14:34 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-10-26 14:29 - 2014-10-26 14:29 - 01156136 _____ (Ruiware) C:\Users\klopsi\Downloads\wpsetup.exe
2014-10-26 14:27 - 2014-10-26 14:27 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-26 14:27 - 2014-10-26 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-26 14:27 - 2014-10-26 14:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-26 14:27 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-26 14:27 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-26 14:27 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-26 14:25 - 2014-10-26 14:25 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-10-26 14:25 - 2014-10-26 14:25 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Secunia PSI
2014-10-26 14:25 - 2014-10-26 14:25 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-10-26 14:24 - 2014-10-26 14:24 - 05329480 _____ (Secunia) C:\Users\klopsi\Downloads\PSISetup_3.0.0.9016(1).exe
2014-10-26 14:23 - 2014-10-26 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\klopsi\Downloads\TFC.exe
2014-10-26 14:21 - 2014-10-26 14:22 - 04095448 _____ (BrightFort LLC ) C:\Users\klopsi\Downloads\spywareblastersetup50.exe
2014-10-26 14:21 - 2014-10-26 14:21 - 00526323 _____ () C:\Users\klopsi\Downloads\web_of_trust_wot-20131118-fx.zip
2014-10-26 14:20 - 2014-10-26 14:20 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\klopsi\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-10-26 14:20 - 2014-10-26 14:20 - 05329480 _____ (Secunia) C:\Users\klopsi\Downloads\PSISetup_3.0.0.9016.exe
2014-10-26 13:29 - 2014-10-26 13:29 - 00000000 ____D () C:\Users\klopsi\Documents\My eBooks
2014-10-26 13:29 - 2014-10-26 13:29 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\AdobeUM
2014-10-26 12:47 - 2014-10-26 12:47 - 00000866 _____ () C:\DelFix.txt
2014-10-22 23:47 - 2014-10-22 23:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-22 23:47 - 2014-10-22 23:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-22 23:43 - 2014-10-22 23:44 - 01055936 _____ (Adobe) C:\Users\klopsi\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-10-22 23:42 - 2014-10-22 23:42 - 00854704 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\uninstall_flash_player.exe
2014-10-22 23:40 - 2014-10-22 23:40 - 17960624 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\install_flash_player_13_plugin.exe
2014-10-22 23:38 - 2014-10-22 23:38 - 17919664 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\install_flash_player_15_plugin.exe
2014-10-22 21:10 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-22 21:10 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-22 21:10 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-22 21:10 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-22 21:10 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-22 21:10 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-22 21:10 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-22 21:10 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-22 21:10 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-22 21:10 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-22 21:10 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-22 21:10 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-22 21:10 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-22 21:10 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-22 21:10 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-22 21:10 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-22 21:10 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-22 21:10 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-22 21:10 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-22 21:10 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-22 21:10 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-22 21:10 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-22 21:10 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-22 21:09 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-22 21:09 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-22 21:09 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-22 21:09 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-22 21:09 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-22 21:09 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-22 21:09 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-22 21:09 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-22 21:09 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-22 21:09 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-22 21:09 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-22 21:09 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-22 21:09 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-22 21:09 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-22 21:09 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-22 21:09 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-22 21:09 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-22 21:09 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-22 21:09 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-22 21:09 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-22 21:09 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-22 21:09 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-22 21:09 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-22 21:09 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-22 21:09 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-22 21:09 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-22 21:09 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-22 21:09 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-22 21:09 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-22 21:09 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-22 21:09 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-22 21:09 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-22 21:09 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-22 21:09 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-22 21:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-22 21:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-22 21:09 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-22 21:09 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-22 21:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-22 21:09 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-22 21:09 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-22 21:09 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-22 21:09 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-22 21:09 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-22 21:09 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-22 21:09 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-22 21:09 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-22 21:06 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-22 21:06 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-22 21:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-22 21:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-22 20:50 - 2014-10-22 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-22 20:04 - 2014-10-22 20:05 - 00000000 ____D () C:\Users\klopsi\Desktop\FRST
2014-10-19 19:26 - 2014-10-19 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-10-18 14:06 - 2014-10-18 14:06 - 01121208 _____ () C:\Users\klopsi\Downloads\ProcessMonitor.zip
2014-10-18 14:06 - 2014-10-18 14:06 - 00000000 ____D () C:\Users\klopsi\Downloads\ProcessMonitor
2014-10-18 13:21 - 2014-10-18 13:20 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-18 13:16 - 2014-10-29 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-18 13:16 - 2014-10-18 13:16 - 00000000 ____D () C:\Windows\ERUNT
2014-10-18 13:15 - 2014-10-18 13:15 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\klopsi\Downloads\avira_de_av___ws.exe
2014-10-18 11:51 - 2014-10-18 11:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 11:36 - 2014-10-18 11:37 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\klopsi\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-06 19:20 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-10-06 19:20 - 2014-10-06 20:16 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\TS3Client
2014-10-06 14:05 - 2014-10-06 14:05 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Blizzard
2014-10-06 13:59 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-06 13:58 - 2014-10-06 13:58 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Blizzard Entertainment
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Battle.net
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-06 13:57 - 2014-10-12 12:56 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Battle.net
2014-10-06 13:57 - 2014-10-06 13:57 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-06 13:57 - 2014-10-06 13:57 - 00000000 ____D () C:\ProgramData\Battle.net
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 12:25 - 2014-08-02 19:26 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Skype
2014-11-01 12:25 - 2014-08-01 21:25 - 01799148 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 00:11 - 2014-08-05 20:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-01 00:10 - 2014-08-02 07:22 - 00000000 ____D () C:\Windows\Panther
2014-10-31 23:32 - 2009-07-14 05:45 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-31 23:32 - 2009-07-14 05:45 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-31 22:17 - 2014-08-02 07:20 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2014-10-31 22:17 - 2014-08-02 07:20 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2014-10-31 22:17 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-31 07:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 22:51 - 2014-09-25 17:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-26 14:29 - 2014-09-21 16:38 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Adobe
2014-10-26 13:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-26 13:31 - 2014-08-22 15:47 - 00000076 _____ () C:\Users\klopsi\Desktop\Neues Textdokument.txt
2014-10-22 21:26 - 2009-07-14 05:45 - 00265696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-22 21:25 - 2014-08-01 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 21:12 - 2014-08-02 20:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-22 20:24 - 2014-08-03 19:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-22 20:03 - 2014-08-22 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-18 13:16 - 2014-08-01 21:35 - 00057560 _____ () C:\Users\klopsi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 08:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-13 08:15 - 2014-08-01 21:30 - 00000000 ____D () C:\Users\klopsi
2014-10-13 08:14 - 2014-08-31 16:38 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-10-13 08:14 - 2014-08-22 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-13 08:14 - 2014-08-22 11:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-13 08:14 - 2014-08-02 19:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-13 08:14 - 2014-08-02 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-13 08:14 - 2014-08-01 22:11 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-13 08:14 - 2014-08-01 22:11 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-13 08:13 - 2014-08-22 11:16 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Avg2014
2014-10-13 08:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-03 09:02 - 2014-08-02 20:28 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\klopsi\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:49
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by klopsi at 2014-11-01 12:30:43
Running from C:\Users\klopsi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-10-2014 09:48:28 Windows Update
13-10-2014 07:09:40 Wiederherstellungsvorgang
22-10-2014 20:10:13 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {DA4A0661-015A-4A9B-877E-FC6C5925347B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
==================== Loaded Modules (whitelisted) =============
2014-10-22 20:50 - 2014-10-22 20:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-18 11:27 - 2014-10-22 23:47 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2515552902-1029408911-2965342807-500 - Administrator - Disabled)
Gast (S-1-5-21-2515552902-1029408911-2965342807-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2515552902-1029408911-2965342807-1002 - Limited - Enabled)
klopsi (S-1-5-21-2515552902-1029408911-2965342807-1000 - Administrator - Enabled) => C:\Users\klopsi
==================== Faulty Device Manager Devices =============
Name: WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/31/2014 07:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/26/2014 02:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11a0
Startzeit: 01cff120a12708ad
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe
Berichts-ID: ecdb9168-5d13-11e4-9b79-dc0ea1a3207a
Error: (10/26/2014 02:26:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 248
Startzeit: 01cff1204d67e463
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe
Berichts-ID: bd5cb9a7-5d13-11e4-9b79-dc0ea1a3207a
Error: (10/26/2014 00:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 04:48:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 09:56:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 09:27:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 09:27:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 08:00:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: klopsi-PC)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/22/2014 07:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/31/2014 07:30:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Avgldx64
Error: (10/31/2014 07:30:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater3.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2014 07:30:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2014 07:30:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/29/2014 11:33:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (10/26/2014 00:50:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Avgldx64
Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater3.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/23/2014 04:47:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Avgldx64
Microsoft Office Sessions:
=========================
Error: (10/31/2014 07:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/26/2014 02:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: psi.exe3.0.0.901611a001cff120a12708ad10C:\Program Files (x86)\Secunia\PSI\psi.exeecdb9168-5d13-11e4-9b79-dc0ea1a3207a
Error: (10/26/2014 02:26:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: psi.exe3.0.0.901624801cff1204d67e46310C:\Program Files (x86)\Secunia\PSI\psi.exebd5cb9a7-5d13-11e4-9b79-dc0ea1a3207a
Error: (10/26/2014 00:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 04:48:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 09:56:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2014 09:27:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 09:27:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 08:00:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: klopsi-PC)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)
Error: (10/22/2014 07:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 32%
Total physical RAM: 7862.7 MB
Available physical RAM: 5326.72 MB
Total Pagefile: 19860.88 MB
Available Pagefile: 17184.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:647.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 35C812CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.11.2014, 12:40
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.11.2014, 16:31
| #5 |
| | Überwachungstool ?Code:
ATTFilter 16:22:14.0121 0x18d4 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:22:18.0138 0x18d4 ============================================================
16:22:18.0138 0x18d4 Current date / time: 2014/11/01 16:22:18.0138
16:22:18.0138 0x18d4 SystemInfo:
16:22:18.0138 0x18d4
16:22:18.0138 0x18d4 OS Version: 6.1.7601 ServicePack: 1.0
16:22:18.0138 0x18d4 Product type: Workstation
16:22:18.0138 0x18d4 ComputerName: KLOPSI-PC
16:22:18.0138 0x18d4 UserName: klopsi
16:22:18.0138 0x18d4 Windows directory: C:\Windows
16:22:18.0138 0x18d4 System windows directory: C:\Windows
16:22:18.0138 0x18d4 Running under WOW64
16:22:18.0138 0x18d4 Processor architecture: Intel x64
16:22:18.0138 0x18d4 Number of processors: 2
16:22:18.0138 0x18d4 Page size: 0x1000
16:22:18.0138 0x18d4 Boot type: Normal boot
16:22:18.0138 0x18d4 ============================================================
16:22:20.0821 0x18d4 KLMD registered as C:\Windows\system32\drivers\85304370.sys
16:22:21.0131 0x18d4 System UUID: {A7ED6027-D90F-4AEC-4950-786047F43A44}
16:22:21.0979 0x18d4 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:21.0989 0x18d4 ============================================================
16:22:21.0989 0x18d4 \Device\Harddisk0\DR0:
16:22:21.0990 0x18d4 MBR partitions:
16:22:21.0990 0x18d4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:22:21.0990 0x18d4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x575136F0
16:22:21.0990 0x18d4 ============================================================
16:22:22.0009 0x18d4 C: <-> \Device\Harddisk0\DR0\Partition2
16:22:22.0009 0x18d4 ============================================================
16:22:22.0009 0x18d4 Initialize success
16:22:22.0009 0x18d4 ============================================================
16:22:37.0710 0x06d8 ============================================================
16:22:37.0710 0x06d8 Scan started
16:22:37.0710 0x06d8 Mode: Manual;
16:22:37.0710 0x06d8 ============================================================
16:22:37.0710 0x06d8 KSN ping started
16:22:40.0451 0x06d8 KSN ping finished: true
16:22:41.0691 0x06d8 ================ Scan system memory ========================
16:22:41.0691 0x06d8 System memory - ok
16:22:41.0691 0x06d8 ================ Scan services =============================
16:22:41.0889 0x06d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:22:41.0907 0x06d8 1394ohci - ok
16:22:41.0976 0x06d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:22:41.0994 0x06d8 ACPI - ok
16:22:42.0003 0x06d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:22:42.0008 0x06d8 AcpiPmi - ok
16:22:42.0154 0x06d8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:22:42.0169 0x06d8 AdobeARMservice - ok
16:22:42.0229 0x06d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:22:42.0251 0x06d8 adp94xx - ok
16:22:42.0274 0x06d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:22:42.0288 0x06d8 adpahci - ok
16:22:42.0298 0x06d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:22:42.0309 0x06d8 adpu320 - ok
16:22:42.0336 0x06d8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:22:42.0346 0x06d8 AeLookupSvc - ok
16:22:42.0399 0x06d8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:22:42.0423 0x06d8 AFD - ok
16:22:42.0454 0x06d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:22:42.0463 0x06d8 agp440 - ok
16:22:42.0478 0x06d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:22:42.0486 0x06d8 ALG - ok
16:22:42.0496 0x06d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:22:42.0501 0x06d8 aliide - ok
16:22:42.0516 0x06d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:22:42.0521 0x06d8 amdide - ok
16:22:42.0551 0x06d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:22:42.0560 0x06d8 AmdK8 - ok
16:22:42.0581 0x06d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:22:42.0589 0x06d8 AmdPPM - ok
16:22:42.0616 0x06d8 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:22:42.0625 0x06d8 amdsata - ok
16:22:42.0654 0x06d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:22:42.0665 0x06d8 amdsbs - ok
16:22:42.0676 0x06d8 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:22:42.0681 0x06d8 amdxata - ok
16:22:42.0801 0x06d8 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:22:42.0820 0x06d8 AntiVirSchedulerService - ok
16:22:42.0860 0x06d8 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:22:42.0880 0x06d8 AntiVirService - ok
16:22:42.0920 0x06d8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:22:42.0928 0x06d8 AppID - ok
16:22:42.0950 0x06d8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:22:42.0961 0x06d8 AppIDSvc - ok
16:22:42.0997 0x06d8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:22:43.0010 0x06d8 Appinfo - ok
16:22:43.0062 0x06d8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:22:43.0074 0x06d8 AppMgmt - ok
16:22:43.0093 0x06d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:22:43.0102 0x06d8 arc - ok
16:22:43.0139 0x06d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:22:43.0149 0x06d8 arcsas - ok
16:22:43.0251 0x06d8 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:22:43.0261 0x06d8 aspnet_state - ok
16:22:43.0276 0x06d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:43.0281 0x06d8 AsyncMac - ok
16:22:43.0293 0x06d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:22:43.0294 0x06d8 atapi - ok
16:22:43.0424 0x06d8 [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:22:43.0494 0x06d8 athr - ok
16:22:43.0556 0x06d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:43.0582 0x06d8 AudioEndpointBuilder - ok
16:22:43.0622 0x06d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:22:43.0638 0x06d8 AudioSrv - ok
16:22:43.0675 0x06d8 [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
16:22:43.0687 0x06d8 Avgdiska - ok
16:22:43.0697 0x06d8 AVGIDSAgent - ok
16:22:43.0716 0x06d8 [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:22:43.0730 0x06d8 AVGIDSDriver - ok
16:22:43.0755 0x06d8 [ B0E4A1F342A3F8B75C4A4ADB044761C9, 208D033EE04206FEDFC99102025A53D53EF2D3FB373882776DE43D663BE9A01B ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:22:43.0767 0x06d8 AVGIDSHA - ok
16:22:43.0794 0x06d8 [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:22:43.0807 0x06d8 Avgldx64 - ok
16:22:43.0885 0x06d8 [ 197F28711B4B71E6575E5298CCEDC737, 16B7A9E59CA5EF8241029E16408CC1DD77004B195C9FE0677DE35A723FCA3DB4 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:22:43.0902 0x06d8 Avgloga - ok
16:22:43.0921 0x06d8 [ 22B257B0A8A83924CB96D1BA2A076C2F, BA1E33DC2D76F9347160E159BFB857E673222745409686E32E707EB2847A2520 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:22:43.0931 0x06d8 Avgmfx64 - ok
16:22:43.0962 0x06d8 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:22:43.0976 0x06d8 avgntflt - ok
16:22:44.0006 0x06d8 [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:22:44.0013 0x06d8 Avgrkx64 - ok
16:22:44.0035 0x06d8 [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:22:44.0048 0x06d8 Avgtdia - ok
16:22:44.0081 0x06d8 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
16:22:44.0088 0x06d8 avgtp - ok
16:22:44.0091 0x06d8 avgwd - ok
16:22:44.0109 0x06d8 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:22:44.0122 0x06d8 avipbb - ok
16:22:44.0185 0x06d8 [ 67955F48704C0551254E55025077DD55, 7276CDC98B5A7819733A1394AA0028C803F487CDE7710B3B716DB83EA15F6AE3 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:22:44.0202 0x06d8 Avira.OE.ServiceHost - ok
16:22:44.0242 0x06d8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:22:44.0253 0x06d8 avkmgr - ok
16:22:44.0287 0x06d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:22:44.0300 0x06d8 AxInstSV - ok
16:22:44.0345 0x06d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:22:44.0364 0x06d8 b06bdrv - ok
16:22:44.0397 0x06d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:22:44.0410 0x06d8 b57nd60a - ok
16:22:44.0443 0x06d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:22:44.0456 0x06d8 BDESVC - ok
16:22:44.0466 0x06d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:22:44.0470 0x06d8 Beep - ok
16:22:44.0530 0x06d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:22:44.0557 0x06d8 BFE - ok
16:22:44.0611 0x06d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:22:44.0644 0x06d8 BITS - ok
16:22:44.0670 0x06d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:22:44.0676 0x06d8 blbdrive - ok
16:22:44.0714 0x06d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:22:44.0726 0x06d8 bowser - ok
16:22:44.0752 0x06d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:22:44.0756 0x06d8 BrFiltLo - ok
16:22:44.0771 0x06d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:22:44.0775 0x06d8 BrFiltUp - ok
16:22:44.0805 0x06d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:22:44.0818 0x06d8 Browser - ok
16:22:44.0837 0x06d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:22:44.0852 0x06d8 Brserid - ok
16:22:44.0862 0x06d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:22:44.0869 0x06d8 BrSerWdm - ok
16:22:44.0874 0x06d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:22:44.0878 0x06d8 BrUsbMdm - ok
16:22:44.0895 0x06d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:22:44.0899 0x06d8 BrUsbSer - ok
16:22:44.0913 0x06d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:22:44.0920 0x06d8 BTHMODEM - ok
16:22:44.0953 0x06d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:22:44.0964 0x06d8 bthserv - ok
16:22:44.0990 0x06d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:22:44.0998 0x06d8 cdfs - ok
16:22:45.0036 0x06d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:22:45.0049 0x06d8 cdrom - ok
16:22:45.0076 0x06d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:22:45.0088 0x06d8 CertPropSvc - ok
16:22:45.0113 0x06d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:22:45.0120 0x06d8 circlass - ok
16:22:45.0147 0x06d8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:22:45.0164 0x06d8 CLFS - ok
16:22:45.0231 0x06d8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:45.0247 0x06d8 clr_optimization_v2.0.50727_32 - ok
16:22:45.0280 0x06d8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:22:45.0290 0x06d8 clr_optimization_v2.0.50727_64 - ok
16:22:45.0360 0x06d8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:22:45.0373 0x06d8 clr_optimization_v4.0.30319_32 - ok
16:22:45.0391 0x06d8 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:22:45.0403 0x06d8 clr_optimization_v4.0.30319_64 - ok
16:22:45.0437 0x06d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:22:45.0442 0x06d8 CmBatt - ok
16:22:45.0458 0x06d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:22:45.0463 0x06d8 cmdide - ok
16:22:45.0502 0x06d8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:22:45.0522 0x06d8 CNG - ok
16:22:45.0547 0x06d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:22:45.0553 0x06d8 Compbatt - ok
16:22:45.0575 0x06d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:22:45.0582 0x06d8 CompositeBus - ok
16:22:45.0594 0x06d8 COMSysApp - ok
16:22:45.0611 0x06d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:22:45.0617 0x06d8 crcdisk - ok
16:22:45.0660 0x06d8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:22:45.0674 0x06d8 CryptSvc - ok
16:22:45.0711 0x06d8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:22:45.0732 0x06d8 CSC - ok
16:22:45.0757 0x06d8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:22:45.0787 0x06d8 CscService - ok
16:22:45.0849 0x06d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:22:45.0863 0x06d8 DcomLaunch - ok
16:22:45.0905 0x06d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:22:45.0920 0x06d8 defragsvc - ok
16:22:45.0955 0x06d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:22:45.0966 0x06d8 DfsC - ok
16:22:46.0017 0x06d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:22:46.0042 0x06d8 Dhcp - ok
16:22:46.0071 0x06d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:22:46.0077 0x06d8 discache - ok
16:22:46.0098 0x06d8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:22:46.0106 0x06d8 Disk - ok
16:22:46.0142 0x06d8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:22:46.0151 0x06d8 dmvsc - ok
16:22:46.0196 0x06d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:22:46.0211 0x06d8 Dnscache - ok
16:22:46.0260 0x06d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:22:46.0277 0x06d8 dot3svc - ok
16:22:46.0296 0x06d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:22:46.0309 0x06d8 DPS - ok
16:22:46.0351 0x06d8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:22:46.0355 0x06d8 drmkaud - ok
16:22:46.0414 0x06d8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:22:46.0445 0x06d8 DXGKrnl - ok
16:22:46.0470 0x06d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:22:46.0483 0x06d8 EapHost - ok
16:22:46.0630 0x06d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:22:46.0716 0x06d8 ebdrv - ok
16:22:46.0747 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:22:46.0754 0x06d8 EFS - ok
16:22:46.0838 0x06d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:22:46.0864 0x06d8 ehRecvr - ok
16:22:46.0878 0x06d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:22:46.0890 0x06d8 ehSched - ok
16:22:46.0922 0x06d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:22:46.0943 0x06d8 elxstor - ok
16:22:46.0956 0x06d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:22:46.0960 0x06d8 ErrDev - ok
16:22:47.0031 0x06d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:22:47.0057 0x06d8 EventSystem - ok
16:22:47.0077 0x06d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:22:47.0089 0x06d8 exfat - ok
16:22:47.0109 0x06d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:22:47.0120 0x06d8 fastfat - ok
16:22:47.0164 0x06d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:22:47.0188 0x06d8 Fax - ok
16:22:47.0207 0x06d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:22:47.0211 0x06d8 fdc - ok
16:22:47.0221 0x06d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:22:47.0231 0x06d8 fdPHost - ok
16:22:47.0251 0x06d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:22:47.0261 0x06d8 FDResPub - ok
16:22:47.0271 0x06d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:22:47.0281 0x06d8 FileInfo - ok
16:22:47.0291 0x06d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:22:47.0301 0x06d8 Filetrace - ok
16:22:47.0311 0x06d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:22:47.0311 0x06d8 flpydisk - ok
16:22:47.0341 0x06d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:22:47.0361 0x06d8 FltMgr - ok
16:22:47.0441 0x06d8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:22:47.0471 0x06d8 FontCache - ok
16:22:47.0551 0x06d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:22:47.0551 0x06d8 FontCache3.0.0.0 - ok
16:22:47.0581 0x06d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:22:47.0591 0x06d8 FsDepends - ok
16:22:47.0611 0x06d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:22:47.0621 0x06d8 Fs_Rec - ok
16:22:47.0641 0x06d8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:22:47.0661 0x06d8 fvevol - ok
16:22:47.0671 0x06d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:22:47.0681 0x06d8 gagp30kx - ok
16:22:47.0731 0x06d8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:22:47.0761 0x06d8 gpsvc - ok
16:22:47.0771 0x06d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:22:47.0781 0x06d8 hcw85cir - ok
16:22:47.0831 0x06d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:47.0851 0x06d8 HdAudAddService - ok
16:22:47.0901 0x06d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:22:47.0921 0x06d8 HDAudBus - ok
16:22:47.0941 0x06d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:22:47.0951 0x06d8 HidBatt - ok
16:22:47.0971 0x06d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:22:47.0981 0x06d8 HidBth - ok
16:22:47.0991 0x06d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:22:47.0991 0x06d8 HidIr - ok
16:22:48.0021 0x06d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:22:48.0031 0x06d8 hidserv - ok
16:22:48.0061 0x06d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:22:48.0071 0x06d8 HidUsb - ok
16:22:48.0101 0x06d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:22:48.0111 0x06d8 hkmsvc - ok
16:22:48.0131 0x06d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:22:48.0151 0x06d8 HomeGroupListener - ok
16:22:48.0181 0x06d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:22:48.0191 0x06d8 HomeGroupProvider - ok
16:22:48.0221 0x06d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:22:48.0231 0x06d8 HpSAMD - ok
16:22:48.0281 0x06d8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:22:48.0321 0x06d8 HTTP - ok
16:22:48.0341 0x06d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:22:48.0341 0x06d8 hwpolicy - ok
16:22:48.0371 0x06d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:22:48.0381 0x06d8 i8042prt - ok
16:22:48.0441 0x06d8 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:22:48.0461 0x06d8 iaStor - ok
16:22:48.0501 0x06d8 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:22:48.0521 0x06d8 iaStorV - ok
16:22:48.0593 0x06d8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:22:48.0623 0x06d8 idsvc - ok
16:22:48.0633 0x06d8 IEEtwCollectorService - ok
16:22:49.0045 0x06d8 [ 31569A2E836C12014148BF7342716946, 07DAEF864AF41E8669A6F2546967014C58898BD42C4C2FA1961F32311D083565 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:22:49.0307 0x06d8 igfx - ok
16:22:49.0367 0x06d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:22:49.0377 0x06d8 iirsp - ok
16:22:49.0437 0x06d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:22:49.0467 0x06d8 IKEEXT - ok
16:22:49.0507 0x06d8 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:22:49.0517 0x06d8 Impcd - ok
16:22:49.0557 0x06d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:22:49.0567 0x06d8 intelide - ok
16:22:49.0587 0x06d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:22:49.0597 0x06d8 intelppm - ok
16:22:49.0656 0x06d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:22:49.0766 0x06d8 IPBusEnum - ok
16:22:49.0789 0x06d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:49.0789 0x06d8 IpFilterDriver - ok
16:22:49.0829 0x06d8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:22:49.0865 0x06d8 iphlpsvc - ok
16:22:49.0901 0x06d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:22:49.0911 0x06d8 IPMIDRV - ok
16:22:49.0941 0x06d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:22:49.0961 0x06d8 IPNAT - ok
16:22:49.0991 0x06d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:22:50.0001 0x06d8 IRENUM - ok
16:22:50.0011 0x06d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:22:50.0011 0x06d8 isapnp - ok
16:22:50.0041 0x06d8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:22:50.0061 0x06d8 iScsiPrt - ok
16:22:50.0111 0x06d8 [ 0469BFF65BBDEE9E46D0C45EE32A08BD, 8E11F03FC463CBC9FBBF5D2A29FBF1076C9317D2B8B7224E24C22553F160E065 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:22:50.0131 0x06d8 k57nd60a - ok
16:22:50.0261 0x06d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:50.0261 0x06d8 kbdclass - ok
16:22:50.0381 0x06d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:22:50.0381 0x06d8 kbdhid - ok
16:22:50.0513 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:22:50.0513 0x06d8 KeyIso - ok
16:22:50.0565 0x06d8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:22:50.0575 0x06d8 KSecDD - ok
16:22:50.0595 0x06d8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:22:50.0605 0x06d8 KSecPkg - ok
16:22:50.0625 0x06d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:22:50.0635 0x06d8 ksthunk - ok
16:22:50.0655 0x06d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:22:50.0675 0x06d8 KtmRm - ok
16:22:50.0725 0x06d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:22:50.0745 0x06d8 LanmanServer - ok
16:22:50.0755 0x06d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:50.0765 0x06d8 LanmanWorkstation - ok
16:22:50.0805 0x06d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:22:50.0815 0x06d8 lltdio - ok
16:22:50.0835 0x06d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:22:50.0855 0x06d8 lltdsvc - ok
16:22:50.0885 0x06d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:22:50.0895 0x06d8 lmhosts - ok
16:22:50.0925 0x06d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:22:50.0925 0x06d8 LSI_FC - ok
16:22:50.0945 0x06d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:22:50.0955 0x06d8 LSI_SAS - ok
16:22:50.0985 0x06d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:22:50.0985 0x06d8 LSI_SAS2 - ok
16:22:51.0005 0x06d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:22:51.0015 0x06d8 LSI_SCSI - ok
16:22:51.0045 0x06d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:22:51.0065 0x06d8 luafv - ok
16:22:51.0117 0x06d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:22:51.0127 0x06d8 Mcx2Svc - ok
16:22:51.0137 0x06d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:22:51.0147 0x06d8 megasas - ok
16:22:51.0167 0x06d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:22:51.0177 0x06d8 MegaSR - ok
16:22:51.0217 0x06d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:22:51.0227 0x06d8 MMCSS - ok
16:22:51.0237 0x06d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:22:51.0247 0x06d8 Modem - ok
16:22:51.0277 0x06d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:22:51.0277 0x06d8 monitor - ok
16:22:51.0337 0x06d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:22:51.0347 0x06d8 mouclass - ok
16:22:51.0367 0x06d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:22:51.0367 0x06d8 mouhid - ok
16:22:51.0387 0x06d8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:22:51.0407 0x06d8 mountmgr - ok
16:22:51.0467 0x06d8 [ 6ACCF2E8210880D7005C608AFDB5301C, D00122C928C5818A24E6C11183F79C253CFB6576AD54DC92AEEFC630ABBDE655 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:22:51.0477 0x06d8 MozillaMaintenance - ok
16:22:51.0497 0x06d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:22:51.0527 0x06d8 mpio - ok
16:22:51.0557 0x06d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:22:51.0567 0x06d8 mpsdrv - ok
16:22:51.0617 0x06d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:22:51.0647 0x06d8 MpsSvc - ok
16:22:51.0667 0x06d8 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:22:51.0677 0x06d8 MRxDAV - ok
16:22:51.0717 0x06d8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:51.0727 0x06d8 mrxsmb - ok
16:22:51.0747 0x06d8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:51.0757 0x06d8 mrxsmb10 - ok
16:22:51.0787 0x06d8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:51.0797 0x06d8 mrxsmb20 - ok
16:22:51.0837 0x06d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:22:51.0847 0x06d8 msahci - ok
16:22:51.0867 0x06d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:22:51.0877 0x06d8 msdsm - ok
16:22:51.0887 0x06d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:22:51.0907 0x06d8 MSDTC - ok
16:22:52.0079 0x06d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:22:52.0089 0x06d8 Msfs - ok
16:22:52.0151 0x06d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:22:52.0161 0x06d8 mshidkmdf - ok
16:22:52.0171 0x06d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:22:52.0181 0x06d8 msisadrv - ok
16:22:52.0211 0x06d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:22:52.0221 0x06d8 MSiSCSI - ok
16:22:52.0231 0x06d8 msiserver - ok
16:22:52.0271 0x06d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:22:52.0271 0x06d8 MSKSSRV - ok
16:22:52.0281 0x06d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:52.0291 0x06d8 MSPCLOCK - ok
16:22:52.0301 0x06d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:22:52.0311 0x06d8 MSPQM - ok
16:22:52.0349 0x06d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:22:52.0363 0x06d8 MsRPC - ok
16:22:52.0383 0x06d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:52.0383 0x06d8 mssmbios - ok
16:22:52.0403 0x06d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:22:52.0413 0x06d8 MSTEE - ok
16:22:52.0423 0x06d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:22:52.0423 0x06d8 MTConfig - ok
16:22:52.0443 0x06d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:22:52.0453 0x06d8 Mup - ok
16:22:52.0493 0x06d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:22:52.0513 0x06d8 napagent - ok
16:22:52.0563 0x06d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:22:52.0583 0x06d8 NativeWifiP - ok
16:22:52.0635 0x06d8 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:22:52.0675 0x06d8 NDIS - ok
16:22:52.0695 0x06d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:22:52.0705 0x06d8 NdisCap - ok
16:22:52.0725 0x06d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:52.0735 0x06d8 NdisTapi - ok
16:22:52.0745 0x06d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:52.0755 0x06d8 Ndisuio - ok
16:22:52.0775 0x06d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:52.0785 0x06d8 NdisWan - ok
16:22:52.0805 0x06d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:22:52.0815 0x06d8 NDProxy - ok
16:22:52.0835 0x06d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:22:52.0845 0x06d8 NetBIOS - ok
16:22:52.0855 0x06d8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:22:52.0875 0x06d8 NetBT - ok
16:22:52.0885 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:22:52.0885 0x06d8 Netlogon - ok
16:22:52.0925 0x06d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:22:52.0945 0x06d8 Netman - ok
16:22:52.0985 0x06d8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:52.0995 0x06d8 NetMsmqActivator - ok
16:22:53.0015 0x06d8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0025 0x06d8 NetPipeActivator - ok
16:22:53.0045 0x06d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:22:53.0078 0x06d8 netprofm - ok
16:22:53.0085 0x06d8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0087 0x06d8 NetTcpActivator - ok
16:22:53.0087 0x06d8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0097 0x06d8 NetTcpPortSharing - ok
16:22:53.0107 0x06d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:22:53.0117 0x06d8 nfrd960 - ok
16:22:53.0137 0x06d8 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:22:53.0157 0x06d8 NlaSvc - ok
16:22:53.0187 0x06d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:22:53.0198 0x06d8 Npfs - ok
16:22:53.0209 0x06d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:22:53.0218 0x06d8 nsi - ok
16:22:53.0229 0x06d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:22:53.0239 0x06d8 nsiproxy - ok
16:22:53.0329 0x06d8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:22:53.0381 0x06d8 Ntfs - ok
16:22:53.0391 0x06d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:22:53.0401 0x06d8 Null - ok
16:22:53.0431 0x06d8 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
16:22:53.0441 0x06d8 nusb3hub - ok
16:22:53.0471 0x06d8 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
16:22:53.0481 0x06d8 nusb3xhc - ok
16:22:53.0521 0x06d8 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:22:53.0531 0x06d8 nvraid - ok
16:22:53.0541 0x06d8 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:22:53.0551 0x06d8 nvstor - ok
16:22:53.0581 0x06d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:22:53.0601 0x06d8 nv_agp - ok
16:22:53.0638 0x06d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:22:53.0646 0x06d8 ohci1394 - ok
16:22:53.0683 0x06d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:22:53.0703 0x06d8 p2pimsvc - ok
16:22:53.0733 0x06d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:22:53.0753 0x06d8 p2psvc - ok
16:22:53.0773 0x06d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:22:53.0773 0x06d8 Parport - ok
16:22:53.0813 0x06d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:22:53.0823 0x06d8 partmgr - ok
16:22:53.0833 0x06d8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:22:53.0843 0x06d8 PcaSvc - ok
16:22:53.0863 0x06d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:22:53.0873 0x06d8 pci - ok
16:22:53.0883 0x06d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:22:53.0893 0x06d8 pciide - ok
16:22:53.0913 0x06d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:22:53.0923 0x06d8 pcmcia - ok
16:22:53.0943 0x06d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:22:53.0953 0x06d8 pcw - ok
16:22:53.0983 0x06d8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:22:54.0023 0x06d8 PEAUTH - ok
16:22:54.0095 0x06d8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:22:54.0145 0x06d8 PeerDistSvc - ok
16:22:54.0238 0x06d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:22:54.0247 0x06d8 PerfHost - ok
16:22:54.0349 0x06d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:22:54.0422 0x06d8 pla - ok
16:22:54.0501 0x06d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:22:54.0534 0x06d8 PlugPlay - ok
16:22:54.0554 0x06d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:22:54.0557 0x06d8 PNRPAutoReg - ok
16:22:54.0587 0x06d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:22:54.0597 0x06d8 PNRPsvc - ok
16:22:54.0637 0x06d8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:22:54.0657 0x06d8 PolicyAgent - ok
16:22:54.0687 0x06d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:22:54.0697 0x06d8 Power - ok
16:22:54.0753 0x06d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:22:54.0759 0x06d8 PptpMiniport - ok
16:22:54.0779 0x06d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:22:54.0789 0x06d8 Processor - ok
16:22:54.0849 0x06d8 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
16:22:54.0869 0x06d8 ProfSvc - ok
16:22:54.0889 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:54.0889 0x06d8 ProtectedStorage - ok
16:22:54.0920 0x06d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:22:54.0932 0x06d8 Psched - ok
16:22:54.0981 0x06d8 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
16:22:54.0991 0x06d8 PSI - ok
16:22:55.0061 0x06d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:22:55.0111 0x06d8 ql2300 - ok
16:22:55.0152 0x06d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:22:55.0163 0x06d8 ql40xx - ok
16:22:55.0203 0x06d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:22:55.0233 0x06d8 QWAVE - ok
16:22:55.0254 0x06d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:22:55.0263 0x06d8 QWAVEdrv - ok
16:22:55.0274 0x06d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:22:55.0291 0x06d8 RasAcd - ok
16:22:55.0315 0x06d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:22:55.0335 0x06d8 RasAgileVpn - ok
16:22:55.0365 0x06d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:22:55.0380 0x06d8 RasAuto - ok
16:22:55.0396 0x06d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:55.0407 0x06d8 Rasl2tp - ok
16:22:55.0456 0x06d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:22:55.0469 0x06d8 RasMan - ok
16:22:55.0504 0x06d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:55.0519 0x06d8 RasPppoe - ok
16:22:55.0591 0x06d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:22:55.0601 0x06d8 RasSstp - ok
16:22:55.0691 0x06d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:22:55.0711 0x06d8 rdbss - ok
16:22:55.0749 0x06d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:22:55.0755 0x06d8 rdpbus - ok
16:22:55.0770 0x06d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:55.0774 0x06d8 RDPCDD - ok
16:22:55.0813 0x06d8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:22:55.0843 0x06d8 RDPDR - ok
16:22:55.0875 0x06d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:22:55.0885 0x06d8 RDPENCDD - ok
16:22:55.0885 0x06d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:22:55.0895 0x06d8 RDPREFMP - ok
16:22:55.0934 0x06d8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:22:55.0947 0x06d8 RDPWD - ok
16:22:56.0002 0x06d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:22:56.0039 0x06d8 rdyboost - ok
16:22:56.0084 0x06d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:22:56.0113 0x06d8 RemoteAccess - ok
16:22:56.0199 0x06d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:22:56.0251 0x06d8 RemoteRegistry - ok
16:22:56.0289 0x06d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:22:56.0309 0x06d8 RpcEptMapper - ok
16:22:56.0364 0x06d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:22:56.0369 0x06d8 RpcLocator - ok
16:22:56.0395 0x06d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:22:56.0413 0x06d8 RpcSs - ok
16:22:56.0471 0x06d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:22:56.0471 0x06d8 rspndr - ok
16:22:56.0501 0x06d8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:22:56.0501 0x06d8 s3cap - ok
16:22:56.0521 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:22:56.0521 0x06d8 SamSs - ok
16:22:56.0541 0x06d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:22:56.0551 0x06d8 sbp2port - ok
16:22:56.0561 0x06d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:22:56.0581 0x06d8 SCardSvr - ok
16:22:56.0591 0x06d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:22:56.0601 0x06d8 scfilter - ok
16:22:56.0641 0x06d8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:22:56.0681 0x06d8 Schedule - ok
16:22:56.0711 0x06d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:22:56.0721 0x06d8 SCPolicySvc - ok
16:22:56.0741 0x06d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:22:56.0761 0x06d8 SDRSVC - ok
16:22:56.0781 0x06d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:22:56.0791 0x06d8 secdrv - ok
16:22:56.0811 0x06d8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:22:56.0811 0x06d8 seclogon - ok
16:22:57.0001 0x06d8 [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:22:57.0051 0x06d8 Secunia PSI Agent - ok
16:22:57.0143 0x06d8 [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:22:57.0173 0x06d8 Secunia Update Agent - ok
16:22:57.0193 0x06d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:22:57.0203 0x06d8 SENS - ok
16:22:57.0213 0x06d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:22:57.0223 0x06d8 SensrSvc - ok
16:22:57.0233 0x06d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:22:57.0243 0x06d8 Serenum - ok
16:22:57.0283 0x06d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
16:22:57.0293 0x06d8 Serial - ok
16:22:57.0303 0x06d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:22:57.0303 0x06d8 sermouse - ok
16:22:57.0333 0x06d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:22:57.0343 0x06d8 SessionEnv - ok
16:22:57.0363 0x06d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:22:57.0363 0x06d8 sffdisk - ok
16:22:57.0373 0x06d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:22:57.0383 0x06d8 sffp_mmc - ok
16:22:57.0393 0x06d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:22:57.0393 0x06d8 sffp_sd - ok
16:22:57.0423 0x06d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:22:57.0423 0x06d8 sfloppy - ok
16:22:57.0453 0x06d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:22:57.0473 0x06d8 SharedAccess - ok
16:22:57.0493 0x06d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:22:57.0533 0x06d8 ShellHWDetection - ok
16:22:57.0543 0x06d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:22:57.0553 0x06d8 SiSRaid2 - ok
16:22:57.0573 0x06d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:22:57.0573 0x06d8 SiSRaid4 - ok
16:22:57.0643 0x06d8 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:22:57.0663 0x06d8 SkypeUpdate - ok
16:22:57.0703 0x06d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:22:57.0713 0x06d8 Smb - ok
16:22:57.0763 0x06d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:22:57.0773 0x06d8 SNMPTRAP - ok
16:22:57.0793 0x06d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:22:57.0803 0x06d8 spldr - ok
16:22:57.0833 0x06d8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
16:22:57.0853 0x06d8 Spooler - ok
16:22:58.0005 0x06d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:22:58.0132 0x06d8 sppsvc - ok
16:22:58.0157 0x06d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:22:58.0177 0x06d8 sppuinotify - ok
16:22:58.0217 0x06d8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:22:58.0237 0x06d8 srv - ok
16:22:58.0267 0x06d8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:22:58.0287 0x06d8 srv2 - ok
16:22:58.0307 0x06d8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:22:58.0327 0x06d8 srvnet - ok
16:22:58.0347 0x06d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:22:58.0367 0x06d8 SSDPSRV - ok
16:22:58.0367 0x06d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:22:58.0387 0x06d8 SstpSvc - ok
16:22:58.0499 0x06d8 [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:22:58.0542 0x06d8 Steam Client Service - ok
16:22:58.0571 0x06d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:22:58.0571 0x06d8 stexstor - ok
16:22:58.0631 0x06d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:22:58.0651 0x06d8 stisvc - ok
16:22:58.0691 0x06d8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:22:58.0701 0x06d8 storflt - ok
16:22:58.0731 0x06d8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:22:58.0741 0x06d8 StorSvc - ok
16:22:58.0761 0x06d8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:22:58.0771 0x06d8 storvsc - ok
16:22:58.0771 0x06d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:22:58.0781 0x06d8 swenum - ok
16:22:58.0821 0x06d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:22:58.0851 0x06d8 swprv - ok
16:22:58.0931 0x06d8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:22:58.0991 0x06d8 SysMain - ok
16:22:59.0001 0x06d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:22:59.0011 0x06d8 TabletInputService - ok
16:22:59.0031 0x06d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:22:59.0041 0x06d8 TapiSrv - ok
16:22:59.0061 0x06d8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:22:59.0081 0x06d8 TBS - ok
16:22:59.0171 0x06d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:22:59.0243 0x06d8 Tcpip - ok
16:22:59.0343 0x06d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:22:59.0393 0x06d8 TCPIP6 - ok
16:22:59.0423 0x06d8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:22:59.0433 0x06d8 tcpipreg - ok
16:22:59.0443 0x06d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:22:59.0443 0x06d8 TDPIPE - ok
16:22:59.0463 0x06d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:22:59.0473 0x06d8 TDTCP - ok
16:22:59.0503 0x06d8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:22:59.0513 0x06d8 tdx - ok
16:22:59.0533 0x06d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:22:59.0543 0x06d8 TermDD - ok
16:22:59.0583 0x06d8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
16:22:59.0613 0x06d8 TermService - ok
16:22:59.0643 0x06d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:22:59.0653 0x06d8 Themes - ok
16:22:59.0663 0x06d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:22:59.0663 0x06d8 THREADORDER - ok
16:22:59.0683 0x06d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:22:59.0693 0x06d8 TrkWks - ok
16:22:59.0753 0x06d8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:22:59.0763 0x06d8 TrustedInstaller - ok
16:22:59.0793 0x06d8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:22:59.0813 0x06d8 tssecsrv - ok
16:22:59.0843 0x06d8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:22:59.0853 0x06d8 TsUsbFlt - ok
16:22:59.0873 0x06d8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:22:59.0883 0x06d8 TsUsbGD - ok
16:22:59.0923 0x06d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:22:59.0943 0x06d8 tunnel - ok
16:22:59.0993 0x06d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:23:00.0003 0x06d8 uagp35 - ok
16:23:00.0023 0x06d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:23:00.0043 0x06d8 udfs - ok
16:23:00.0063 0x06d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:23:00.0073 0x06d8 UI0Detect - ok
16:23:00.0113 0x06d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:23:00.0113 0x06d8 uliagpkx - ok
16:23:00.0143 0x06d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:23:00.0143 0x06d8 umbus - ok
16:23:00.0153 0x06d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:23:00.0163 0x06d8 UmPass - ok
16:23:00.0183 0x06d8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:23:00.0203 0x06d8 UmRdpService - ok
16:23:00.0233 0x06d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:23:00.0253 0x06d8 upnphost - ok
16:23:00.0295 0x06d8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:23:00.0305 0x06d8 usbaudio - ok
16:23:00.0345 0x06d8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:00.0355 0x06d8 usbccgp - ok
16:23:00.0375 0x06d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:23:00.0385 0x06d8 usbcir - ok
16:23:00.0405 0x06d8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:23:00.0415 0x06d8 usbehci - ok
16:23:00.0445 0x06d8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:23:00.0465 0x06d8 usbhub - ok
16:23:00.0495 0x06d8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:23:00.0495 0x06d8 usbohci - ok
16:23:00.0537 0x06d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:23:00.0537 0x06d8 usbprint - ok
16:23:00.0567 0x06d8 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:00.0577 0x06d8 USBSTOR - ok
16:23:00.0587 0x06d8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:23:00.0607 0x06d8 usbuhci - ok
16:23:00.0637 0x06d8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:23:00.0647 0x06d8 usbvideo - ok
16:23:00.0677 0x06d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:23:00.0687 0x06d8 UxSms - ok
16:23:00.0697 0x06d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:23:00.0697 0x06d8 VaultSvc - ok
16:23:00.0758 0x06d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:23:00.0759 0x06d8 vdrvroot - ok
16:23:00.0799 0x06d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:23:00.0829 0x06d8 vds - ok
16:23:00.0859 0x06d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:00.0869 0x06d8 vga - ok
16:23:00.0889 0x06d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:23:00.0899 0x06d8 VgaSave - ok
16:23:00.0919 0x06d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:23:00.0929 0x06d8 vhdmp - ok
16:23:00.0949 0x06d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:23:00.0959 0x06d8 viaide - ok
16:23:00.0999 0x06d8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:23:01.0009 0x06d8 vmbus - ok
16:23:01.0029 0x06d8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:23:01.0039 0x06d8 VMBusHID - ok
16:23:01.0049 0x06d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:23:01.0059 0x06d8 volmgr - ok
16:23:01.0089 0x06d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:23:01.0109 0x06d8 volmgrx - ok
16:23:01.0129 0x06d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:23:01.0159 0x06d8 volsnap - ok
16:23:01.0179 0x06d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:23:01.0189 0x06d8 vsmraid - ok
16:23:01.0279 0x06d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:23:01.0349 0x06d8 VSS - ok
16:23:01.0369 0x06d8 vToolbarUpdater3.2.0 - ok
16:23:01.0379 0x06d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:01.0379 0x06d8 vwifibus - ok
16:23:01.0399 0x06d8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:01.0419 0x06d8 vwififlt - ok
16:23:01.0429 0x06d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:23:01.0459 0x06d8 W32Time - ok
16:23:01.0479 0x06d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:23:01.0489 0x06d8 WacomPen - ok
16:23:01.0509 0x06d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0519 0x06d8 WANARP - ok
16:23:01.0529 0x06d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0529 0x06d8 Wanarpv6 - ok
16:23:01.0579 0x06d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:23:01.0639 0x06d8 wbengine - ok
16:23:01.0649 0x06d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:23:01.0669 0x06d8 WbioSrvc - ok
16:23:01.0689 0x06d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:23:01.0709 0x06d8 wcncsvc - ok
16:23:01.0729 0x06d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:01.0739 0x06d8 WcsPlugInService - ok
16:23:01.0771 0x06d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:23:01.0777 0x06d8 Wd - ok
16:23:01.0851 0x06d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:23:01.0881 0x06d8 Wdf01000 - ok
16:23:01.0921 0x06d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:23:01.0931 0x06d8 WdiServiceHost - ok
16:23:01.0931 0x06d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:23:01.0941 0x06d8 WdiSystemHost - ok
16:23:01.0951 0x06d8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
16:23:01.0971 0x06d8 WebClient - ok
16:23:02.0031 0x06d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:23:02.0051 0x06d8 Wecsvc - ok
16:23:02.0071 0x06d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:23:02.0091 0x06d8 wercplsupport - ok
16:23:02.0121 0x06d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:23:02.0131 0x06d8 WerSvc - ok
16:23:02.0161 0x06d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:02.0171 0x06d8 WfpLwf - ok
16:23:02.0191 0x06d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:23:02.0191 0x06d8 WIMMount - ok
16:23:02.0221 0x06d8 WinDefend - ok
16:23:02.0251 0x06d8 WinHttpAutoProxySvc - ok
16:23:02.0311 0x06d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:23:02.0331 0x06d8 Winmgmt - ok
16:23:02.0441 0x06d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:23:02.0511 0x06d8 WinRM - ok
16:23:02.0591 0x06d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:02.0601 0x06d8 WinUsb - ok
16:23:02.0671 0x06d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:23:02.0711 0x06d8 Wlansvc - ok
16:23:02.0731 0x06d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:02.0741 0x06d8 WmiAcpi - ok
16:23:02.0781 0x06d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:23:02.0791 0x06d8 wmiApSrv - ok
16:23:02.0821 0x06d8 WMPNetworkSvc - ok
16:23:02.0831 0x06d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:23:02.0841 0x06d8 WPCSvc - ok
16:23:02.0851 0x06d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:23:02.0861 0x06d8 WPDBusEnum - ok
16:23:02.0881 0x06d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:23:02.0881 0x06d8 ws2ifsl - ok
16:23:02.0891 0x06d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:23:02.0911 0x06d8 wscsvc - ok
16:23:02.0921 0x06d8 WSearch - ok
16:23:03.0053 0x06d8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:23:03.0133 0x06d8 wuauserv - ok
16:23:03.0163 0x06d8 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:23:03.0163 0x06d8 WudfPf - ok
16:23:03.0193 0x06d8 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:03.0213 0x06d8 WUDFRd - ok
16:23:03.0243 0x06d8 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:23:03.0263 0x06d8 wudfsvc - ok
16:23:03.0273 0x06d8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:23:03.0293 0x06d8 WwanSvc - ok
16:23:03.0323 0x06d8 ================ Scan global ===============================
16:23:03.0353 0x06d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:03.0393 0x06d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:03.0423 0x06d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:03.0463 0x06d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:03.0523 0x06d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:03.0547 0x06d8 [ Global ] - ok
16:23:03.0548 0x06d8 ================ Scan MBR ==================================
16:23:03.0565 0x06d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:23:03.0965 0x06d8 \Device\Harddisk0\DR0 - ok
16:23:03.0965 0x06d8 ================ Scan VBR ==================================
16:23:03.0965 0x06d8 [ 54BA4C37D203C2B279E01A9F91269268 ] \Device\Harddisk0\DR0\Partition1
16:23:03.0965 0x06d8 \Device\Harddisk0\DR0\Partition1 - ok
16:23:03.0965 0x06d8 [ B92AF4BC5DFDD737B0B8D7D4C6A1738F ] \Device\Harddisk0\DR0\Partition2
16:23:03.0975 0x06d8 \Device\Harddisk0\DR0\Partition2 - ok
16:23:03.0975 0x06d8 ================ Scan generic autorun ======================
16:23:04.0005 0x06d8 [ A38D377D4FC5403602EBF3CAD8F8EA4E, 63D673BC7F3AB3185B35DE40263C11D2FB83FA4DDF4EE3C9B37BF9CCD9BBB08D ] C:\Windows\system32\igfxtray.exe
16:23:04.0015 0x06d8 IgfxTray - ok
16:23:04.0045 0x06d8 [ D3AF93D8029B326DCCF3197C14E7ECFF, 43315E01904D141136C2B579A78242376F65E3405C4108BB29F966B0BE0613DC ] C:\Windows\system32\hkcmd.exe
16:23:04.0065 0x06d8 HotKeysCmds - ok
16:23:04.0107 0x06d8 [ 7738067DEF9AF9E6DBFDEB0178046575, 1F7AB6E03C8FD0587287E8B7E3D365E0C5F90C6AB3014B0DB75980B0542AE6FB ] C:\Windows\system32\igfxpers.exe
16:23:04.0127 0x06d8 Persistence - ok
16:23:04.0207 0x06d8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:23:04.0267 0x06d8 Adobe ARM - ok
16:23:04.0267 0x06d8 AVG_UI - ok
16:23:04.0367 0x06d8 [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:23:04.0397 0x06d8 avgnt - ok
16:23:04.0427 0x06d8 [ 5CBF14D14D559ABC5C9936B3120A1A45, A1706B92AC2E02023A342FF4CF9D53AB6D8587EFC3A207B615CD49C36ABE0B4D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:23:04.0447 0x06d8 Avira Systray - ok
16:23:04.0527 0x06d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:04.0597 0x06d8 Sidebar - ok
16:23:04.0638 0x06d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:04.0649 0x06d8 mctadmin - ok
16:23:04.0699 0x06d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:04.0729 0x06d8 Sidebar - ok
16:23:04.0739 0x06d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:04.0739 0x06d8 mctadmin - ok
16:23:04.0769 0x06d8 Skype - ok
16:23:04.0769 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:05.0769 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:06.0771 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:07.0773 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:08.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:09.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:10.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:11.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:12.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:13.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:14.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:15.0775 0x06d8 Waiting for KSN requests completion. In queue: 338
16:23:16.0869 0x06d8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
16:23:16.0881 0x06d8 Win FW state via NFP2: enabled
16:23:19.0571 0x06d8 ============================================================
16:23:19.0571 0x06d8 Scan finished
16:23:19.0571 0x06d8 ============================================================
16:23:19.0571 0x1b9c Detected object count: 0
16:23:19.0571 0x1b9c Actual detected object count: 0
|
|
01.11.2014, 16:36
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ? OK, noch das hier: Schritt 1 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
__________________ --> Überwachungstool ? |
|
01.11.2014, 18:13
| #7 |
| | Überwachungstool ?Code:
ATTFilter HitmanPro 3.7.9.232
www.hitmanpro.com
Computer name . . . . : KLOPSI-PC
Windows . . . . . . . : 6.1.1.7601.X64/2
User name . . . . . . : klopsi-PC\klopsi
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2014-11-01 17:45:01
Scan mode . . . . . . : Normal
Scan duration . . . . : 3m 6s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 4
Objects scanned . . . : 1.043.063
Files scanned . . . . : 11.874
Remnants scanned . . : 246.943 files / 784.246 keys
Suspicious files ____________________________________________________________
C:\Users\klopsi\Desktop\FRST64.exe
Size . . . . . . . : 2.114.048 bytes
Age . . . . . . . : 0.2 days (2014-11-01 12:27:42)
Entropy . . . . . : 7.5
SHA-256 . . . . . : AE2D2C0759325087D4D2B6133D55129121438CE56BEAEA6141A9AF306183FCE5
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\klopsi\Desktop\FRST64.exe
C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
Size . . . . . . . : 2.112.000 bytes
Age . . . . . . . : 14.2 days (2014-10-18 13:22:39)
Entropy . . . . . : 7.5
SHA-256 . . . . . : 3ADC96D45DA2FCB4DAD5C5BD17D58394871EA61D73A345FF6291F4DB0DD22862
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
C:\Users\klopsi\Desktop\FRST\FRST64.exe
Size . . . . . . . : 2.112.512 bytes
Age . . . . . . . : 14.2 days (2014-10-18 13:22:39)
Entropy . . . . . : 7.5
SHA-256 . . . . . : 7F619D4E28A401051015E77116913A7E6DC3891B1248A2D08FCB439B38C730A6
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
www2 ? Noch nie was von gehört. |
|
01.11.2014, 18:52
| #8 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ?Zitat:
 Ansonsten sehe ich und die Scanner nichts von einem "Überwachungstool".  Was Du aber mal machen kannst ist das hier um das AVG-Zeug los zu werden: http://download.avg.com/filedir/util..._2014_4116.exe Und wenn Du "viel Zeit" hast kannst auch zu Deiner Beruhigung ESET scannen lassen. ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.11.2014, 21:31
| #9 |
| | Überwachungstool ?Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 07:58:38
# local_time=2014-11-01 08:58:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 7144 3316458 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687465 166501768 0 0
# scanned=3202
# found=0
# cleaned=0
# scan_time=60
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:02:50
# local_time=2014-11-01 09:02:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3796 3316710 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687717 166502020 0 0
# scanned=13917
# found=0
# cleaned=0
# scan_time=204
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:27:55
# local_time=2014-11-01 09:27:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 8901 3318215 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1689222 166503525 0 0
# scanned=61713
# found=2
# cleaned=0
# scan_time=918
sh=E7AA7AF674CDE49E1060AB332E610D3A1C2B2B70 ft=1 fh=4a583afd8f4e4e5c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\Microsoft NET Framework 4 5 2 - CHIP-Installer.exe"
sh=169D2CC9FDD96EED10F498824055D5CBC425D5A0 ft=1 fh=019d89f002eb2eec vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\SpeedFan - CHIP-Installer.exe"
|
|
01.11.2014, 21:41
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ? Naja, wenn Du schon den Scan startest, dann bitte nicht selber beenden und auch mit den empfohlenen Einstellungen... Wie dem auch sei, relevantes hat ESET bei diesen "Scans" nicht gefunden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.11.2014, 21:52
| #11 |
| | Überwachungstool ? Ok, danke. Eine Frage noch: Würden bei einer Neuinstallation auch alle Viren gelscht werden (falls man welche hätte) ? PS: Eigentlich habe ich es nicht selbst beendet (glaub ich  ) |
|
01.11.2014, 21:55
| #12 | ||
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ?Zitat:
Zitat:
Code:
ATTFilter # end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.11.2014, 21:57
| #13 |
| | Überwachungstool ? Verstehe Gut, dann bedanke ich mich noch mal für die Hilfe  |
|
01.11.2014, 22:00
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | Überwachungstool ? Gerne! Machs gut...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.11.2014, 23:15
| #15 |
| | Überwachungstool ? Hier nochmal richtig Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 07:58:38
# local_time=2014-11-01 08:58:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 7144 3316458 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687465 166501768 0 0
# scanned=3202
# found=0
# cleaned=0
# scan_time=60
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:02:50
# local_time=2014-11-01 09:02:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3796 3316710 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687717 166502020 0 0
# scanned=13917
# found=0
# cleaned=0
# scan_time=204
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:27:55
# local_time=2014-11-01 09:27:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 8901 3318215 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1689222 166503525 0 0
# scanned=61713
# found=2
# cleaned=0
# scan_time=918
sh=E7AA7AF674CDE49E1060AB332E610D3A1C2B2B70 ft=1 fh=4a583afd8f4e4e5c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\Microsoft NET Framework 4 5 2 - CHIP-Installer.exe"
sh=169D2CC9FDD96EED10F498824055D5CBC425D5A0 ft=1 fh=019d89f002eb2eec vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\SpeedFan - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20888
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-01 10:14:46
# local_time=2014-11-01 11:14:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3370 3324626 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1695633 166509936 0 0
# scanned=115383
# found=0
# cleaned=0
# scan_time=3235
|
|
| Themen zu Überwachungstool ? |
| ahnung, beiträge, compu, computer, gefunde, google, heulen, liebe, maus, nichts, panik, plötzlich, schließ, schließt, selbständig, sofort, stream, unterwegs, vollbild, würde, öffnet |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
