| |
| |||||||
Log-Analyse und Auswertung: Avira hat unbekanntes Objekt gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.11.2014, 14:20
| #1 |
| |  Avira hat unbekanntes Objekt gefunden Hallo! Hab seit einigen Tagen das Problem, dass beim scannen mit Avira eine Meldung erscheint, die mich darüber informiert, dass ein verstecktes Objekt gefunden wurde. Leider ohne Angabe, wo sich dieses befindet und was es bewirkt. Hab zwar schon bemerkt, dass sowas nicht unbedingt schädlich sein muss, verfüge aber nicht über die nötigen Kenntnisse um mir Gewissheit zu verschaffen und möchte daher hier um Hilfe bitten. Es handelt sich bei dem Gerät um einen ca. 4 Jahre alten Laptop mit Windows 7 32bit. Hier die Logfiles: -Farbar's Recovery Scan Tool : Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2014
Ran by timo at 2014-11-11 12:49:45
Running from C:\Users\timo\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Business Contact Manager für Outlook 2007 SP1 (HKLM\...\Business Contact Manager) (Version: 3.0.7311.0 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP1 (Version: 3.0.7311.0 - Microsoft Corporation) Hidden
CDisplay 1.8 (HKLM\...\CDisplay_is1) (Version: - dvd8n)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{A7581D39-EA20-4883-A480-80C21047052B}) (Version: 4.0.2 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus SX110_TX110 Manual (HKLM\...\Epson Stylus SX110_TX110 User’s Guide) (Version: - )
EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version: - SEIKO EPSON Corporation)
Exact Audio Copy 0.99pb5 (HKLM\...\Exact Audio Copy) (Version: 0.99pb5 - Andre Wiethoff)
GOG.com Downloader version 3.6.0 (HKLM\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{1D1D8ADC-BF08-4E61-9393-5FA305B16864}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{5C759B74-34F4-43C6-A5D9-039CB754C5E9}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.3 - Samsung)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Sanitarium (HKLM\...\GOGPACKSANITARIUM_is1) (Version: 2.0.0.25 - GOG.com)
Soda PDF 6 (HKLM\...\Soda6) (Version: 6.1.9.15110 - LULU Software Limited)
Soda PDF 6 Convert Module (HKLM\...\{BB8E1BCF-AE3B-44F4-A3B1-BFDEEDFE9D1D}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Create Module (HKLM\...\{35709A4D-0D4F-4CBD-BE15-4361885217A6}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Edit Module (HKLM\...\{E2318CE7-8F9A-48DD-B85B-BAAD3097CA6D}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Insert Module (HKLM\...\{946BF77C-726A-4ABE-9490-585EF18BFBDC}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 View Module (HKLM\...\{719A8CE6-9E05-4321-833C-E84FAD8B68DF}) (Version: 6.1.8.15098 - LULU Software Limited)
StarBurn Version 12r10 (Build 0x20091021) (HKLM\...\StarBurn_is1) (Version: - Rocket Division Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
Uniblue RegistryBooster (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.3042.00 - Microsoft Corporation)
Update for Office 2007 (KB934528) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}) (Version: - )
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version: - )
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.0.5 (HKLM\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
05-11-2014 18:28:14 Installed Dawn of War
05-11-2014 18:34:43 Installed Dawn of War
05-11-2014 18:45:53 Removed Dawn of War
07-11-2014 08:53:29 Windows Update
09-11-2014 18:00:37 Windows-Sicherung
11-11-2014 07:21:25 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0134E946-C63A-4375-B933-66C4B5739623} - System32\Tasks\{0D684E03-E16D-4657-A96B-281EF27DBFB9} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {0242A9DF-9740-4212-AA21-ECD06131135B} - System32\Tasks\{5D3BD2C8-504A-4A2C-8A88-6FC4A2189DBF} => D:\Diablo II\Diablo II\Diablo II.exe
Task: {026DF089-E6DC-478B-AC20-F5E2ABE16E80} - System32\Tasks\{C8CB2A5A-AADB-41FB-A28F-2B3958E7C7A4} => D:\games\wizadry 6\Wizardry.6-www.oldgames.sk-Compilation.exe
Task: {0335267B-AFF2-42F5-8BB3-AD9FAB9235A6} - System32\Tasks\{94688C24-0C83-46B1-8F70-8D8AF5097B85} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {08DC68FB-4A3E-4939-AC3C-A0B0CB50D2E0} - System32\Tasks\{7E5C4542-B930-416F-A1DF-C637B29B5E13} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {0B7F4D0F-1957-4D6C-944D-89EAD093C396} - System32\Tasks\{8747A850-06B9-47C2-9D49-638F24E7C298} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {0EFC1D9E-6D06-48C3-B965-82D7CF46DC74} - System32\Tasks\{67157E9A-15B4-45E5-B2DB-D89FD7072F98} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {1222F01C-8575-47ED-A92E-B0EBD380F660} - System32\Tasks\{27B59D04-90F4-4358-A57B-98BB38D982EB} => E:\English_Autorun.exe
Task: {12C17941-357F-45C0-9F40-C1F7D35C79EC} - System32\Tasks\{035EB14E-99E4-4BDC-B563-671859283180} => C:\Program Files\Oldgames\Wizardry 6\dosbox.exe
Task: {131C6103-3466-44D9-823A-607D75872791} - System32\Tasks\{A9067071-DA0D-46A2-AC0A-0DA413CE554A} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {147CEB48-66A5-4C0D-A3D3-CBC643746E1B} - System32\Tasks\{6BB8EABC-705F-45C1-B0D8-4CE331170BD2} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {1524794D-3B8A-469D-9A00-59B66085AE51} - System32\Tasks\{653CF444-FEB5-4F47-8588-C241F13AABA4} => D:\games\heroes of might\Heroes of Might and Magic III - Complete Portable.exe
Task: {178C394E-6BA7-451B-B8DC-469F7D80294B} - System32\Tasks\{76789700-73E2-479D-80A2-F9A6F1293656} => E:\Setup.exe
Task: {17B5201A-D6DC-4D9B-9EAD-D2A2FB35C324} - System32\Tasks\{8590FDFE-D5AF-4592-BA57-064CADDCDC56} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {19C5ABA3-A29B-4601-A0FE-C1B8C6783078} - System32\Tasks\{6F38A628-3DFA-4428-AC04-6E3938C43CFD} => D:\games\ice2\setup_icewind_dale_2.exe [2010-12-13] (GOG.com )
Task: {1CCDF7FB-ACBA-4D0A-87CC-1EFE7E679086} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {1D285DFF-DD13-4771-AC26-C71CE3741614} - System32\Tasks\{927ABDD2-323F-4615-A6ED-437138B5F5E6} => D:\games\heroes of might\Heroes of Might and Magic III - Complete Portable.exe
Task: {1D338013-DBD4-41C5-A32F-05641153F1FE} - System32\Tasks\{28A3445F-0325-4611-847B-1BBA30EB1B7C} => E:\DE\_setup\Setup.exe
Task: {1D6C606A-4B23-4200-97AE-3905E75353D2} - System32\Tasks\{967442DF-2766-48F7-ACB7-D7FE655EB15B} => D:\games\App\Fallout\Falloutw.exe
Task: {21EF02BB-80DF-4DE2-8750-295C0595D56D} - System32\Tasks\{83DF5BB5-8AE9-4162-B927-ADD14941A0CC} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {258BA975-348E-4237-A5F6-0BAB39DA661B} - System32\Tasks\{CB2EDA90-8232-463B-83D9-270E85F20DC4} => E:\INSTALL.EXE
Task: {27BD1143-3D1C-4AE8-9B01-8E5A4EBF67B4} - System32\Tasks\{0CBA4385-9C05-4245-8198-C074AABC1F14} => C:\Program Files\Oldgames\Albion CD English\dosbox.exe
Task: {27D52DB6-73C0-4BA8-A2A6-DCD064B75D11} - System32\Tasks\{E60028E3-3480-4828-9889-3C1B5430A0B1} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {28A3DA61-351F-4B10-B4C8-CBF5D211EE28} - System32\Tasks\{73F94FB2-3176-4FE0-97E0-6C41CBA1D8AF} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {28C66E34-EC52-478E-943A-64A3438F6067} - System32\Tasks\{59328CDC-9D06-43FB-9F82-FB4F8B65A97B} => D:\games\ultima underworld\Ultima.Underworld.12.CD-www.oldgames.sk-Compilation.exe
Task: {2D0CFBF7-2047-44EF-A012-D595203D3020} - System32\Tasks\{22033AC6-0556-4FC2-A05E-81D266A35C41} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {2F2779A8-2F53-444E-ABA7-DB2E6D85FE11} - System32\Tasks\{D38B5250-5032-42E0-A61E-B13481FF1AA9} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {2FAF5A24-366D-486D-B0D4-1D153AE45FB6} - System32\Tasks\{88FD6EDA-E54D-4AAC-9BC1-979A5CC31DED} => C:\Program Files\Oldgames\Albion CD English\dosbox.exe
Task: {31C68D58-AC39-4AF3-8080-45603F50948A} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-09-21] (Samsung Electronics. Co. Ltd.)
Task: {358CD9CF-1880-46B8-A72A-673DF4223E54} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {394F9CEE-D5BD-412A-9163-70118EA299A8} - System32\Tasks\{4D5F9680-E751-49BE-941E-C45512CE35F1} => E:\PLAYD2.EXE
Task: {39B300CD-719C-49C7-B8AC-260AC841FD9B} - System32\Tasks\{779B8943-B69E-4E4F-BF8A-65B34ADEFEA5} => C:\Program Files\Oldgames\Quake Shareware\dosbox.exe
Task: {3BFDC76E-8060-40EE-9551-73F88ACDC2A1} - System32\Tasks\{1140A744-0382-4E78-8B58-ED5AF3334361} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {3C13E7DD-64BE-4C46-8C96-E47C41484719} - System32\Tasks\{40708FCE-4E0F-4842-BF1D-DF405067FD7C} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {3FB3D3F4-2B40-436F-A697-DFB62C898DB5} - System32\Tasks\{88A05537-56D5-43A2-B21B-0CF5DB25DFD2} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {421B8321-2657-42D0-989F-C3D39F391099} - System32\Tasks\{0334F169-95B4-453C-895B-3D10CFA2E08F} => D:\games\ice2\setup_icewind_dale_2.exe [2010-12-13] (GOG.com )
Task: {48FF7814-963D-4F92-8835-4673C63315C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {4C08829E-A62F-48EE-B8A2-A8B5CD566452} - System32\Tasks\{E268C70C-CD56-45CA-8F98-DBEF27C0CB62} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {4E9E2068-4031-4AC0-97A2-839E39BFAD7E} - System32\Tasks\{044C55C6-CBC7-4CE9-92EB-8F0072705873} => E:\Autorun.exe
Task: {50FFF52D-F6F2-4606-BBA3-7F09952C6DDB} - System32\Tasks\{5ECBCD2A-8F57-45E3-AD10-6D9FB132AC07} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {518A6013-36CF-4683-9D6E-340EE2C831C0} - System32\Tasks\{63013C7B-F6CE-4470-AFEC-F0D10669EAE4} => C:\Program Files\Oldgames\Quake Shareware\dosbox.exe
Task: {568E6DE9-9CBC-47C0-AE17-7F928C70261C} - System32\Tasks\{C534239D-97AF-421D-B693-A7BC208340DA} => D:\games\App\Fallout\Falloutw.exe
Task: {59FFE40A-A0F5-4CB7-98BF-705DBB93D662} - System32\Tasks\{A05FB38E-93E5-4B6E-93C3-5DCF4BAF2B57} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {5BC0A524-7DEF-47AC-B6FC-90B9B0E17810} - System32\Tasks\{A2488BE6-5AB1-42DE-9AB1-AFDC23C1167A} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {5DB67C1D-10A6-4B4A-8A85-981D0A234167} - System32\Tasks\{757E2FEE-F022-4945-96E2-415FB3610580} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {5FE27452-E07F-44E5-900B-2703749BA3B9} - System32\Tasks\{2B83E6D8-6572-4F86-A78B-0543974ABE95} => D:\games\Albion.CD.English-www.oldgames.sk-Compilation.exe
Task: {6060DFF4-90BA-49CD-AA7E-228BE1AE6EB1} - System32\Tasks\{3F599AFA-AAE1-4611-9475-181D6F1BAB62} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {60B979E7-B5F7-4220-85E9-1989923D0364} - System32\Tasks\{1D855BA3-07DD-47C1-9753-5EB8812D7A39} => C:\WPIR\wp.exe
Task: {637B864A-1916-40C8-A271-22424AC63256} - System32\Tasks\{93C68D03-E656-4122-97DC-8ADF902CF026} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {65B1985D-A6B4-409E-AFD5-DE22B3623AD6} - System32\Tasks\{4B90D9C1-D531-4BD7-A8A9-8C20597C8335} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {66C32559-3BF4-4CDE-8292-CF653355C3C2} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {694B5F78-518B-45E7-A7F1-F4BF4773127D} - System32\Tasks\{7FBA864A-540A-4987-A584-F77CF1F074AA} => D:\games\fallout\Fallout\Falloutw.exe
Task: {6AA62FFB-806E-4CAB-8F22-FB2A5CE43619} - System32\Tasks\{4F415B48-F209-4B8F-AAAF-457AD2683C3F} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {71B11801-32B9-4DA5-95BC-100931CC4D79} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23] (Adobe Systems Incorporated)
Task: {7788BAD6-DF9D-4BA2-BD38-73BD3D1543F5} - System32\Tasks\{0A304364-B9A9-4AC6-9554-E827435E496B} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {8062AE3C-28DD-48D6-9CA3-24F7F956425F} - System32\Tasks\{B3EC30A9-97C1-4772-8E2F-3227322C6C2B} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {843876FD-17DE-43EC-BC4F-AD382CEFA703} - System32\Tasks\{A43C8EA7-92BF-4D23-AAB6-EED0B4BDD636} => D:\games\App\Fallout\Falloutw.exe
Task: {852BC1B9-C5CD-49CF-94E4-FBD172DB4A81} - System32\Tasks\{19C84C46-EB03-4F61-8FA5-F05ACE6A8F2C} => E:\INSTALL.EXE
Task: {8DCEAEB7-FC4C-4248-AF16-BA6C2C12911C} - System32\Tasks\{0535C30B-043F-45F7-A3CB-99DBB7B60699} => C:\Program Files\Oldgames\Quake Shareware\dosbox.exe
Task: {8EC9149A-AAFC-44ED-B4DB-F22B1361B003} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9059E508-43FB-4D32-8924-8141F6C7AEB9} - System32\Tasks\{A0694AB4-693E-46CA-BF0C-4B0FEBCFC042} => C:\Program Files\Oldgames\Wing Commander\dosbox.exe
Task: {91AAEE42-D4C8-4EDA-8578-98D6D329E084} - System32\Tasks\{E60D0CBF-80F1-4B6F-AEB1-D95D3CDBC289} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {9299FFD8-37CD-43EB-A004-D07279182044} - System32\Tasks\{E6179A5A-7747-40E3-AF0D-B1E80136C06A} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {93C827FE-2593-495B-8D4A-92DE8ED623A2} - System32\Tasks\{507FB20F-062B-4712-9C0E-8D71D4606835} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {94435206-BEAA-4242-BA8A-4D7F2F447CB5} - System32\Tasks\{45682AF1-193D-495A-A573-7A6D4BBCFE28} => C:\WPIR\wp.exe
Task: {95CE9878-2EAC-45A4-BD2D-31BBC14E886E} - System32\Tasks\{EF940902-B148-4F1A-A3C7-98CBF60B236F} => E:\PLAYD2.EXE
Task: {987099A3-64EF-4130-8E0D-F5297A5E7956} - System32\Tasks\{1832C78B-B95E-44BB-834E-0DF08F9078B0} => D:\games\gauntlet\gauntlet.exe
Task: {9ADF3464-41C6-441A-BDF1-1E68DE06B0EB} - System32\Tasks\{1FBB2D04-69CA-4143-9A06-279AA60F18BE} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {9B7504EC-5629-4164-AF96-7F50833B2084} - System32\Tasks\{57AD3EEE-AE8D-43D6-B2C5-44E48C661C1A} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {9CC6A6EF-7861-4F24-A29B-41AF02CD75E3} - System32\Tasks\{4BF26CAC-3FFF-4EAF-B077-30F37D468DDB} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {9EC22669-BE54-41E7-9C14-6455C47EBEAB} - System32\Tasks\{9A03A5B0-6EAD-48B3-8DAD-A595218B3FFB} => C:\Program Files\GOG.com\Painkiller Black\Bin\Painkiller.exe
Task: {9F2E32B0-4AA7-48F8-9E9C-DE36D482CFD7} - System32\Tasks\{A2F52AF0-41F6-4441-9296-C400D922C391} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {A16F8143-6362-4415-8E0F-481E6D085932} - System32\Tasks\{7C3AB17D-61A5-4BFA-8F77-3925C5C73701} => D:\games\cadaver\Cadaver-www.oldgames.sk-Compilation.exe
Task: {A2A49A4E-B5C4-47E7-9CD9-1A5F62DD1864} - System32\Tasks\{E903CD99-8247-489B-BE79-3E23BF911A20} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {A2B9B67E-A636-49DD-8D86-BDBEB96B7EF9} - System32\Tasks\{BB585DEE-381F-409D-B7A8-07C6329D64D7} => C:\Program Files\Oldgames\Wizardry 6\dosbox.exe
Task: {A4B1EAED-738C-43C4-AB01-24234C78313E} - System32\Tasks\{B7021DC9-FB52-4F8B-A32B-438DAA52B167} => D:\games\legend of kyrandia\1\Legend.of.Kyrandia-www.oldgames.sk-Compilation.exe
Task: {A6A4519F-ADA4-443A-82CC-276A5E3522DE} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-08-06] (SEC)
Task: {A79C8447-8800-436D-9A48-D88F5608BDB8} - System32\Tasks\{B94C9446-E80E-4EA5-8778-D911BB3CD043} => D:\comics\setup.exe
Task: {A8A09220-AD4B-4F59-887C-E5476D982E83} - System32\Tasks\{22A94F76-251B-44EF-BC6A-C1202EE76CFF} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {AC16710C-8B5F-483B-BFFE-6572DB3BE7E5} - System32\Tasks\{77DFEF48-1BD9-414D-93C2-49F13AEE78AA} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {ACD9134C-A7BC-4F24-9D06-2BD684ADFA8F} - System32\Tasks\{41C92353-DCFF-49ED-B393-F46A1B9BA783} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {AEDA5D1C-DAE9-4370-8D03-A1464BAF6283} - System32\Tasks\{17CA05A0-A3A4-4464-81E4-F645740F95DD} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {AFAFE9DC-FE2D-4857-91C3-07EFDF8AAAE1} - System32\Tasks\{D6BBC1EA-150A-4165-874A-5BF07AAA80C9} => C:\WPIR\wp.exe
Task: {B87DFAC2-77C4-480B-A301-DCCFBCD1F9E2} - System32\Tasks\{BAF9144E-BE75-4221-9207-D56FC6603C3B} => F:\DKII.exe
Task: {B9D3A2BD-0683-4878-8536-40ABCEBBAD3B} - System32\Tasks\{5EB61025-0E72-4519-870A-7F45508ABE47} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {BC8BB690-2283-47E7-BB6A-8FAC1BE98275} - System32\Tasks\{59F2047C-DFC5-4772-9FE2-384779D418AE} => C:\Program Files\Bullfrog\Keeper\keepd3d.exe
Task: {C027CD12-0BF7-4AAC-B846-8E0976663CCB} - System32\Tasks\{C8800DE2-2794-4138-8494-5F35CA2F3CDF} => E:\English_Autorun.exe
Task: {C1FCBC19-F0BF-4BF5-A053-F90C989066B7} - System32\Tasks\{ED421752-C5F2-4B29-925D-A18670F50862} => E:\Autorun.exe
Task: {C3B4B48D-A1A7-4726-ABA5-1889E4FB254F} - System32\Tasks\{A6471BA3-9971-479A-9E08-112A9C018A41} => C:\Program Files\Oldgames\Civilization\dosbox.exe
Task: {C4994877-5BF5-4EA6-982D-E8E19654C328} - System32\Tasks\{2044E554-DE69-4853-AE9A-04E4649BB4F9} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {C4C0CF59-AFD6-4E46-8F19-FECAF3AB6955} - System32\Tasks\{78182F41-D2A0-4450-919E-B76F1E472236} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {C548346D-4DBC-488E-A80F-31B079AA760E} - System32\Tasks\{D8479435-A79B-4F71-9705-E48D94D04274} => E:\Autorun.exe
Task: {C7AD6C6B-CB53-402E-BDED-3E55E922E51C} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {C81DC1D6-23EE-4F5E-B810-FFE52C15066A} - System32\Tasks\{3A86C937-6983-4336-8BAA-8F9D466B8F82} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {C884E929-BF72-4D6E-937A-292EDF949C9C} - System32\Tasks\{33841BB9-C0AA-4D7D-8048-CB70AAE7160D} => E:\LaunchEAWG.exe
Task: {C9A3991B-88AD-430A-94AF-579DF01E1D21} - System32\Tasks\{734270EF-7747-4F62-B9D0-E68BE01FF2E0} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {C9F080F0-A980-4244-ABA6-451616215971} - System32\Tasks\{1F9FA5AD-C4D0-43FA-8828-80042F35C351} => D:\games\App\Fallout\Falloutw.exe
Task: {CAFB7D56-FA3F-47C2-9D0D-0A2FF4E58CB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {D14D0B53-CBD7-4C2D-8026-413A04E463CD} - System32\Tasks\{DF6C123C-3DDD-47C4-AB3C-A4B76E63B56D} => D:\games\ice2\setup_icewind_dale_2.exe [2010-12-13] (GOG.com )
Task: {D439AAFA-8591-4859-9B96-678281819BDF} - System32\Tasks\{350D93FB-B1C8-4BEE-B15C-300370123EE3} => D:\games\App\Fallout\Falloutw.exe
Task: {DA0B4E71-BBF4-4D8F-8DAE-1D30FA4A9C48} - System32\Tasks\{608C0145-97EE-4134-ACBB-3AB8E2133FCE} => C:\Program Files\Oldgames\Quake Shareware\dosbox.exe
Task: {DB2E3726-A8E2-4743-8669-13387F7AECB0} - System32\Tasks\{F1F85CE7-203C-41AE-B2F8-71A22C9C7C3A} => C:\Program Files\Oldgames\Ultima 7 Complete\dosbox.exe
Task: {DE03E44A-10F9-4436-A333-10759A82C4EC} - System32\Tasks\{3A2ACB3A-AB3F-4702-8860-2D788B4FCDF0} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {DF1FAFBB-D2CC-4736-8C9C-1F2A2BAD7909} - System32\Tasks\{A1DACA33-6E62-4CBC-A097-545A30057CB0} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {DF494502-211B-4A1A-8E87-99EB35E7C8C9} - System32\Tasks\{CAA65B54-003E-4288-9E36-65A43CB52084} => C:\WPIR\wp.exe
Task: {E0190A46-DF2E-4555-86AF-7F1557CDC19D} - System32\Tasks\{D3B1CDC8-E918-4420-ACBF-58FF10C0601D} => D:\games\Albion.CD.English-www.oldgames.sk-Compilation.exe
Task: {E1944071-484B-46F4-A122-B10D39DB06A1} - System32\Tasks\{26433780-8208-4B92-A2A0-208655A23546} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {E39B7D1E-EB72-4456-A3FC-6B61C57132E0} - System32\Tasks\{7751D940-0824-4ED3-B0E7-9A8B2E2DF9FD} => C:\Program Files\Oldgames\Ultima Underworld CD\dosbox.exe
Task: {E458E79A-35CB-42DC-9826-87F5D9BC3C43} - System32\Tasks\{B7F4A197-F663-4501-A9AB-6122A2C10852} => D:\games\gauntlet\gauntlet.exe
Task: {E768B93B-0E22-4ED7-81B0-0A1E6BC305BA} - System32\Tasks\{EFB6D0A0-177C-4D87-8906-D1E7D55BB77F} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {E8E07382-D96D-478C-937F-C16C63B4B4EA} - System32\Tasks\{4BD47C97-A277-43F7-885A-65B45EBAC3B1} => C:\Program Files\GOG.com\Icewind Dale II\IWD2.exe
Task: {EE56097A-1951-40D6-808A-52DA884AA804} - System32\Tasks\{50773828-8FA4-46F5-AF73-E8F0C8CAE55E} => D:\games\heroes of might\Heroes of Might and Magic III - Complete Portable.exe
Task: {EE8EFE70-D3EE-4CAB-BE4D-BDA7BB0FA881} - System32\Tasks\{7556297C-F08A-4271-8EF3-9BF177D6678C} => D:\games\App\Fallout\Falloutw.exe
Task: {EED48309-89BF-4F8A-95C9-17F80EEE878F} - System32\Tasks\{98E079AB-812D-4BEB-978C-61C63A537C29} => C:\Program Files\Oldgames\Cadaver\dosbox.exe
Task: {F1363471-08F4-4B51-AC6C-0371E9A4EFAC} - System32\Tasks\{12F6AAB8-CCE7-433F-B3B2-71DE159CF185} => D:\comics\setup.exe
Task: {F7EB409F-A87B-4F72-B40E-F92CD3623086} - System32\Tasks\{E45EDA73-D4EC-461C-A69F-EC1F72AA6EA7} => D:\games\fallout\Fallout\Falloutw.exe
Task: {FCC85F9D-CE13-4427-ABDC-98A596891E6A} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {FF520546-9FBB-40D0-B9B4-CEE701894095} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-08] (Samsung Electronics Co., Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-22 06:26 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2010-05-05 15:09 - 2009-03-12 14:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2010-05-05 15:09 - 2008-11-21 12:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2009-10-20 20:02 - 2010-05-28 15:06 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-11-10 21:15 - 2014-11-10 21:15 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C5A503E
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-771618654-3341757510-301361698-500 - Administrator - Disabled)
Gast (S-1-5-21-771618654-3341757510-301361698-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-771618654-3341757510-301361698-1005 - Limited - Enabled)
timo (S-1-5-21-771618654-3341757510-301361698-1000 - Administrator - Enabled) => C:\Users\timo
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2014 00:44:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/10/2014 00:43:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/10/2014 10:31:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/10/2014 10:30:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/08/2014 07:07:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/07/2014 10:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sntrm.exe, Version: 0.0.0.0, Zeitstempel: 0x3586c914
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 8.16.11.8691, Zeitstempel: 0x4a9cdfac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0029faa7
ID des fehlerhaften Prozesses: 0x7a4
Startzeit der fehlerhaften Anwendung: 0xsntrm.exe0
Pfad der fehlerhaften Anwendung: sntrm.exe1
Pfad des fehlerhaften Moduls: sntrm.exe2
Berichtskennung: sntrm.exe3
Error: (11/07/2014 10:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sntrm.exe, Version: 0.0.0.0, Zeitstempel: 0x3586c914
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 8.16.11.8691, Zeitstempel: 0x4a9cdfac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0029faa7
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xsntrm.exe0
Pfad der fehlerhaften Anwendung: sntrm.exe1
Pfad des fehlerhaften Moduls: sntrm.exe2
Berichtskennung: sntrm.exe3
Error: (11/07/2014 10:58:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.2.5413, Zeitstempel: 0x544ef530
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.2.5413, Zeitstempel: 0x544ed089
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x6e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (11/07/2014 10:58:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 33.0.2.5413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 634
Startzeit: 01cffa6778d067c8
Endzeit: 11
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 56d7452e-6664-11e4-9fff-00245421c7e4
Error: (11/05/2014 07:28:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {851da704-56b2-4e09-a667-da7e8636aba9}
System errors:
=============
Error: (11/11/2014 09:56:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/11/2014 09:13:28 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/11/2014 08:28:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/11/2014 08:15:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.
Error: (11/10/2014 08:20:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/10/2014 06:50:21 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/10/2014 06:42:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/10/2014 06:42:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/10/2014 06:15:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/10/2014 03:27:10 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Microsoft Office Sessions:
=========================
Error: (03/14/2012 09:39:04 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1189 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 3036.61 MB
Available physical RAM: 1882.38 MB
Total Pagefile: 6069.46 MB
Available Pagefile: 4693.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:99.52 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:50.55 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:1862.55 GB) (Free:1381.59 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 031AA195)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 5D670B14)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-11 13:14:30
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298.09GB
Running: Gmer-19357.exe; Driver: C:\Users\timo\AppData\Local\Temp\kxldipog.sys
---- System - GMER 2.1 ----
SSDT 935BD3E6 ZwCreateSection
SSDT 935BD3F0 ZwRequestWaitReplyPort
SSDT 935BD3EB ZwSetContextThread
SSDT 935BD3F5 ZwSetSecurityObject
SSDT 935BD3FA ZwSystemDebugControl
SSDT 935BD387 ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!ZwRollbackEnlistment + 1409 82C6E9A5 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82C8E512 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14BF 82C95AB4 4 Bytes [E6, D3, 5B, 93] {OUT 0xd3, AL; POP EBX; XCHG EBX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 181B 82C95E10 4 Bytes [F0, D3, 5B, 93] {RCR [EBX-0x6d], CL}
.text ntoskrnl.exe!KeRemoveQueueEx + 185F 82C95E54 4 Bytes [EB, D3, 5B, 93] {JMP 0xffffffd5; POP EBX; XCHG EBX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 18DB 82C95ED0 4 Bytes [F5, D3, 5B, 93] {CMC ; RCR [EBX-0x6d], CL}
.text ntoskrnl.exe!KeRemoveQueueEx + 192F 82C95F24 4 Bytes [FA, D3, 5B, 93] {CLI ; RCR [EBX-0x6d], CL}
.text ...
.reloc C:\windows\system32\drivers\acedrv11.sys section is executable [0x9A1E0300, 0x25D4C, 0xE0000060]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtCreateFile 77B85608 5 Bytes JMP 5A44C6E0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtFlushBuffersFile 77B85998 5 Bytes JMP 5A14D3A3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtQueryFullAttributesFile 77B86028 5 Bytes JMP 5A14D620 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtReadFile 77B862F8 5 Bytes JMP 5A14D400 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtReadFileScatter 77B86308 5 Bytes JMP 5AD76F6A C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtWriteFile 77B86AA8 5 Bytes JMP 5A44D5B0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtWriteFileGather 77B86AB8 5 Bytes JMP 5AD76F19 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!LdrLoadDll 77BA22AE 5 Bytes JMP 73101F43 C:\Program Files\Mozilla Firefox\mozglue.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 77A394E6 7 Bytes JMP 5ACDEAD2 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!QueryPerformanceCounter + 13 77A3C4E5 7 Bytes JMP 5ACDEAF5 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!LoadAppInitDlls + 355 77A3F5A6 7 Bytes JMP 5A44913E C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] USER32.dll!GetWindowInfo 768F4B5E 5 Bytes JMP 5ABE5F20 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] GDI32.dll!GetViewportOrgEx + 26C 7689884B 7 Bytes JMP 5ACDEA53 C:\Program Files\Mozilla Firefox\xul.dll
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x50 0xE3 0x23 0x79 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x50 0xE3 0x23 0x79 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@4CB6F829 1002
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:28 on 11/11/2014 (timo)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014
Ran by timo (administrator) on TIMO-PC on 11-11-2014 12:48:07
Running from C:\Users\timo\Downloads
Loaded Profile: timo (Available profiles: timo)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(LULU SOFTWARE LIMITED) C:\Program Files\Soda PDF 6\creator-ws.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFBE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [84576 2013-07-23] (Nullsoft, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [EPSON SX110 Series] => C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [199680 2008-09-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
Startup: C:\Users\timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de
SearchScopes: HKCU - {78510FD7-AB37-41C8-B4FC-7218C4C04EDA} URL = hxxp://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Soda PDF 6 Helper -> {ACEC6276-3D7B-4AA9-BE79-23520A23026D} -> C:\Program Files\Soda PDF 6\creator-ie-helper.dll (LULU SOFTWARE LIMITED)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Soda PDF 6 Toolbar - {35251526-B7A4-44E4-8B2E-FD62AE267B82} - C:\Program Files\Soda PDF 6\creator-ie-plugin.dll (LULU SOFTWARE LIMITED)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\timo\AppData\Roaming\Mozilla\Firefox\Profiles\vr7udw99.default-1414134989753
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 -> C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Soda PDF 6 -> C:\Program Files\Soda PDF 6\np-previewer.dll (LULU SOFTWARE LIMITED)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\timo\AppData\Roaming\Mozilla\Firefox\Profiles\vr7udw99.default-1414134989753\searchplugins\goodreads.xml
FF SearchPlugin: C:\Users\timo\AppData\Roaming\Mozilla\Firefox\Profiles\vr7udw99.default-1414134989753\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\timo\AppData\Roaming\Mozilla\Firefox\Profiles\vr7udw99.default-1414134989753\Extensions\youtubeunblocker@unblocker.yt [2014-11-08]
FF Extension: Adblock Plus - C:\Users\timo\AppData\Roaming\Mozilla\Firefox\Profiles\vr7udw99.default-1414134989753\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [soda_pdf_6_conv@sodapdf.com] - C:\Program Files\Soda PDF 6\resources\firefoxextension
FF Extension: Soda PDF 6 Creator - C:\Program Files\Soda PDF 6\resources\firefoxextension [2014-04-27]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 LULU Software CrashHandler; C:\Program Files\Soda PDF 6\crash-handler-ws.exe [744800 2014-02-20] (LULU SOFTWARE LIMITED)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S3 Soda PDF 6; C:\Program Files\Soda PDF 6\ws.exe [1573728 2014-02-20] (LULU SOFTWARE LIMITED)
R2 Soda PDF 6 Creator; C:\Program Files\Soda PDF 6\creator-ws.exe [620384 2014-02-20] (LULU SOFTWARE LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 acedrv11; C:\windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-07] (Avira Operations GmbH & Co. KG)
S4 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-01-30] (Duplex Secure Ltd.)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-23] (Avira GmbH)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-11 12:48 - 2014-11-11 12:48 - 00012572 _____ () C:\Users\timo\Downloads\FRST.txt
2014-11-11 12:47 - 2014-11-11 12:48 - 00000000 ____D () C:\FRST
2014-11-11 12:46 - 2014-11-11 12:47 - 01107968 _____ (Farbar) C:\Users\timo\Downloads\FRST.exe
2014-11-11 12:28 - 2014-11-11 12:29 - 00000630 _____ () C:\Users\timo\Downloads\defogger_disable.log
2014-11-11 12:28 - 2014-11-11 12:29 - 00000020 _____ () C:\Users\timo\defogger_reenable
2014-11-11 12:27 - 2014-11-11 12:27 - 00050477 _____ () C:\Users\timo\Downloads\Defogger.exe
2014-11-10 21:15 - 2014-11-10 21:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-05 22:33 - 2014-11-05 22:33 - 00001665 _____ () C:\Users\Public\Desktop\Sanitarium.lnk
2014-11-05 19:28 - 2014-11-05 19:46 - 00000000 ____D () C:\Program Files\THQ
2014-11-05 15:04 - 2014-11-05 15:10 - 00204268 _____ () C:\AUTO.pat
2014-11-05 15:04 - 2014-11-05 15:10 - 00000020 _____ () C:\AUTO.pst
2014-11-03 21:10 - 2014-11-03 21:10 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-11-02 21:49 - 2014-11-02 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-02 21:47 - 2014-11-02 21:48 - 06958304 _____ (Microsoft Corporation) C:\Users\timo\Downloads\Silverlight.exe
2014-11-02 21:46 - 2014-11-02 21:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-02 21:46 - 2014-11-02 21:46 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-02 21:46 - 2014-11-02 21:46 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-02 21:46 - 2014-11-02 21:46 - 00000000 ____D () C:\Program Files\Adobe
2014-10-30 07:37 - 2014-10-30 07:37 - 00000000 __SHD () C:\Users\timo\AppData\Local\EmieUserList
2014-10-30 07:37 - 2014-10-30 07:37 - 00000000 __SHD () C:\Users\timo\AppData\Local\EmieSiteList
2014-10-28 21:37 - 2014-10-28 21:37 - 00000000 ____D () C:\Users\timo\AppData\Roaming\ScummVM
2014-10-28 13:06 - 2014-10-28 13:06 - 00011015 _____ () C:\Users\timo\Downloads\Schweigepflichtentbindung.html
2014-10-27 06:43 - 2014-10-27 06:46 - 00000000 ____D () C:\Users\timo\AppData\Local\AviraSpeedup
2014-10-24 08:06 - 2014-10-24 08:06 - 00541427 _____ () C:\Users\timo\Downloads\bookmarks.html
2014-10-18 08:41 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-18 08:41 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-18 08:41 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-18 08:41 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-18 08:41 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-18 08:41 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-18 08:41 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-18 08:41 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-18 08:41 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-18 08:41 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-18 08:41 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-18 08:41 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-18 08:41 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-18 08:41 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-18 08:41 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-18 08:41 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-18 08:41 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-18 08:41 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-18 08:41 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-18 08:41 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-18 08:41 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-18 08:41 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-18 08:41 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-18 08:41 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-18 08:41 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-18 08:41 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-18 08:41 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 08:41 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-18 08:41 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-18 08:41 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-18 08:41 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-18 08:41 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-18 08:41 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-18 08:41 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-18 08:41 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-18 08:38 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-18 08:38 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-18 08:38 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-18 08:37 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-18 08:37 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-18 08:37 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-18 08:37 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-18 08:37 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-18 08:37 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-18 08:37 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-18 08:37 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-18 08:37 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-18 08:37 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-18 08:37 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-18 08:37 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-18 08:37 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-18 08:37 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-17 20:05 - 2014-11-09 15:15 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-17 20:05 - 2014-10-17 20:06 - 00197066 _____ () C:\windows\system32\Avira_1_Id.Avira.OE.Setup.Msi.log
2014-10-17 18:00 - 2014-11-10 18:58 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 18:00 - 2014-10-29 06:10 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-10-17 18:00 - 2014-10-28 07:58 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-17 18:00 - 2014-10-28 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-17 18:00 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-17 18:00 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-15 00:32 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-10-15 00:31 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-10-15 00:31 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-10-15 00:31 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-10-15 00:31 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-10-15 00:27 - 2014-08-23 02:46 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-10-15 00:27 - 2014-07-14 02:42 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-10-15 00:27 - 2014-07-07 02:40 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-10-15 00:27 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-10-15 00:27 - 2014-06-16 02:44 - 00730048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-10-15 00:27 - 2014-06-16 02:44 - 00219072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-10-15 00:27 - 2014-06-16 02:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-10-15 00:25 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-14 19:46 - 2014-11-05 22:29 - 00000000 ____D () C:\GOG Games
2014-10-14 18:27 - 2014-11-08 15:48 - 00000000 ____D () C:\Users\timo\AppData\Local\GOG.com
2014-10-14 18:27 - 2014-11-05 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-10-13 14:02 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-13 08:01 - 2014-06-03 10:30 - 00101824 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-10-13 08:01 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-13 08:01 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-10-13 08:00 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-10-13 07:58 - 2014-10-14 17:31 - 00000000 ____D () C:\814f49f0e9648fc4b538
2014-10-13 07:56 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-13 07:56 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-11 12:38 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-11 12:38 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-11 12:34 - 2009-09-22 06:23 - 01102853 _____ () C:\windows\WindowsUpdate.log
2014-11-11 12:31 - 2010-04-08 15:30 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-11 12:30 - 2012-07-29 20:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-11 12:30 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-11 12:30 - 2009-07-14 05:39 - 00093393 _____ () C:\windows\setupact.log
2014-11-11 12:28 - 2010-01-23 15:43 - 00000000 ____D () C:\Users\timo
2014-11-11 12:16 - 2014-08-10 07:53 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 12:07 - 2010-04-08 15:30 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 16:11 - 2010-05-05 15:11 - 00000238 _____ () C:\windows\Tasks\Epson Printer Software Downloader.job
2014-11-09 15:15 - 2014-10-10 13:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 15:15 - 2013-10-23 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-09 15:15 - 2013-10-23 21:52 - 00000000 ____D () C:\Program Files\Avira
2014-11-09 15:13 - 2009-07-26 21:06 - 01768124 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-06 12:00 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\NDF
2014-11-05 22:33 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-05 19:46 - 2009-09-22 06:19 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-04 19:28 - 2010-01-23 16:24 - 00000000 ____D () C:\Users\timo\AppData\Roaming\Adobe
2014-11-03 08:03 - 2010-01-23 15:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-03 08:01 - 2010-01-23 15:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 08:01 - 2009-09-22 06:48 - 00824286 _____ () C:\windows\PFRO.log
2014-11-02 21:47 - 2010-01-23 15:44 - 00000000 ____D () C:\Users\timo\AppData\Local\Adobe
2014-10-28 17:09 - 2010-02-10 22:22 - 00000000 ____D () C:\Users\timo\AppData\Roaming\dvdcss
2014-10-28 17:09 - 2010-02-09 10:52 - 00000000 ____D () C:\Users\timo\AppData\Roaming\vlc
2014-10-28 11:35 - 2010-01-28 15:01 - 00000000 ____D () C:\Program Files\FLAC
2014-10-28 06:35 - 2014-02-26 22:34 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-24 08:44 - 2009-07-14 03:04 - 00000521 _____ () C:\windows\win.ini
2014-10-23 11:01 - 2014-02-26 19:59 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-10-23 11:01 - 2014-02-26 19:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-22 14:06 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-10-22 13:12 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-10-18 21:23 - 2009-07-14 05:33 - 00435632 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-18 21:19 - 2014-05-15 16:48 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-18 21:19 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-10-18 21:16 - 2013-10-23 23:47 - 00000000 ____D () C:\windows\system32\MRT
2014-10-18 08:59 - 2010-01-26 17:29 - 100290944 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-17 20:15 - 2010-01-30 22:34 - 00000000 ____D () C:\Users\timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-17 18:00 - 2014-02-26 19:41 - 00000000 ____D () C:\Users\timo\AppData\Roaming\Malwarebytes
2014-10-17 18:00 - 2014-02-26 19:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-17 17:41 - 2010-01-23 15:52 - 00115488 _____ () C:\Users\timo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 00:22 - 2009-09-22 06:20 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-10-14 18:27 - 2011-08-08 09:52 - 00000000 ____D () C:\Program Files\GOG.com
2014-10-14 17:40 - 2013-10-23 21:54 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-10-14 17:40 - 2013-10-23 21:52 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-10-14 17:40 - 2013-10-23 21:52 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
Some content of TEMP:
====================
C:\Users\timo\AppData\Local\Temp\avgnt.exe
C:\Users\timo\AppData\Local\Temp\drm_dyndata_7330006.dll
C:\Users\timo\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-08 19:06
==================== End Of Log ============================
Gmer : Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-11 13:59:29
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298.09GB
Running: Gmer-19357.exe; Driver: C:\Users\timo\AppData\Local\Temp\kxldipog.sys
---- System - GMER 2.1 ----
SSDT 935BD3E6 ZwCreateSection
SSDT 935BD3F0 ZwRequestWaitReplyPort
SSDT 935BD3EB ZwSetContextThread
SSDT 935BD3F5 ZwSetSecurityObject
SSDT 935BD3FA ZwSystemDebugControl
SSDT 935BD387 ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!ZwRollbackEnlistment + 1409 82C6E9A5 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82C8E512 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14BF 82C95AB4 4 Bytes [E6, D3, 5B, 93] {OUT 0xd3, AL; POP EBX; XCHG EBX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 181B 82C95E10 4 Bytes [F0, D3, 5B, 93] {RCR [EBX-0x6d], CL}
.text ntoskrnl.exe!KeRemoveQueueEx + 185F 82C95E54 4 Bytes [EB, D3, 5B, 93] {JMP 0xffffffd5; POP EBX; XCHG EBX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 18DB 82C95ED0 4 Bytes [F5, D3, 5B, 93] {CMC ; RCR [EBX-0x6d], CL}
.text ntoskrnl.exe!KeRemoveQueueEx + 192F 82C95F24 4 Bytes [FA, D3, 5B, 93] {CLI ; RCR [EBX-0x6d], CL}
.text ...
.reloc C:\windows\system32\drivers\acedrv11.sys section is executable [0x9A1E0300, 0x25D4C, 0xE0000060]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtCreateFile 77B85608 5 Bytes JMP 5A44C6E0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtFlushBuffersFile 77B85998 5 Bytes JMP 5A14D3A3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtQueryFullAttributesFile 77B86028 5 Bytes JMP 5A14D620 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtReadFile 77B862F8 5 Bytes JMP 5A14D400 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtReadFileScatter 77B86308 5 Bytes JMP 5AD76F6A C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtWriteFile 77B86AA8 5 Bytes JMP 5A44D5B0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!NtWriteFileGather 77B86AB8 5 Bytes JMP 5AD76F19 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] ntdll.dll!LdrLoadDll 77BA22AE 5 Bytes JMP 73101F43 C:\Program Files\Mozilla Firefox\mozglue.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 77A394E6 7 Bytes JMP 5ACDEAD2 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!QueryPerformanceCounter + 13 77A3C4E5 7 Bytes JMP 5ACDEAF5 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] kernel32.dll!LoadAppInitDlls + 355 77A3F5A6 7 Bytes JMP 5A44913E C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] USER32.dll!GetWindowInfo 768F4B5E 5 Bytes JMP 5ABE5F20 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2876] GDI32.dll!GetViewportOrgEx + 26C 7689884B 7 Bytes JMP 5ACDEA53 C:\Program Files\Mozilla Firefox\xul.dll
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x50 0xE3 0x23 0x79 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x50 0xE3 0x23 0x79 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@4CB6F829 1002
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Avira Free Antivirus Erstellungsdatum der Reportdatei: Dienstag, 11. November 2014 08:28 Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira Antivirus Free Seriennummer : 0000149996-AVHOE-0000001 Plattform : Windows 7 Home Premium Windowsversion : (Service Pack 1) [6.1.7601] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : TIMO-PC Versionsinformationen: BUILD.DAT : 14.0.7.342 92013 Bytes 10/23/2014 14:02:00 AVSCAN.EXE : 14.0.7.312 1015544 Bytes 11/6/2014 10:52:07 AVSCANRC.DLL : 14.0.7.308 64304 Bytes 11/6/2014 10:52:07 LUKE.DLL : 14.0.7.310 60664 Bytes 11/6/2014 10:54:25 AVSCPLR.DLL : 14.0.7.310 93488 Bytes 11/6/2014 10:52:07 REPAIR.DLL : 14.0.7.312 366328 Bytes 11/6/2014 10:52:00 REPAIR.RDF : 1.0.2.30 596694 Bytes 10/24/2014 07:07:50 AVREG.DLL : 14.0.7.310 264952 Bytes 11/6/2014 10:51:57 AVLODE.DLL : 14.0.7.312 563448 Bytes 11/6/2014 10:51:54 AVLODE.RDF : 14.0.4.46 64835 Bytes 10/10/2014 12:18:33 XBV00011.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00012.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00013.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00014.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00015.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00016.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:48 XBV00017.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00018.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00019.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00020.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00021.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00022.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00023.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00024.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00025.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00026.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:49 XBV00027.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00028.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00029.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00030.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00031.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00032.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00033.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00034.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00035.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:50 XBV00036.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00037.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00038.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00039.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00040.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00041.VDF : 8.11.165.190 2048 Bytes 8/7/2014 07:02:51 XBV00207.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00208.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00209.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00210.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00211.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00212.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00213.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:32 XBV00214.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00215.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00216.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00217.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00218.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00219.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:33 XBV00220.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00221.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00222.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00223.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00224.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00225.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:34 XBV00226.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00227.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00228.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00229.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00230.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00231.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00232.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:35 XBV00233.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00234.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00235.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00236.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00237.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00238.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00239.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:36 XBV00240.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00241.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00242.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00243.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00244.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00245.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00246.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:37 XBV00247.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00248.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00249.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00250.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00251.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00252.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:38 XBV00253.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:39 XBV00254.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:39 XBV00255.VDF : 8.11.183.62 2048 Bytes 11/5/2014 18:45:39 XBV00000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 13:39:06 XBV00001.VDF : 7.11.74.226 2201600 Bytes 4/30/2013 13:39:35 XBV00002.VDF : 7.11.80.60 2751488 Bytes 5/28/2013 13:40:01 XBV00003.VDF : 7.11.85.214 2162688 Bytes 6/21/2013 20:15:12 XBV00004.VDF : 7.11.91.176 3903488 Bytes 7/23/2013 20:15:14 XBV00005.VDF : 7.11.98.186 6822912 Bytes 8/29/2013 20:16:05 XBV00006.VDF : 7.11.139.38 15708672 Bytes 3/27/2014 06:31:33 XBV00007.VDF : 7.11.152.100 4193792 Bytes 6/2/2014 07:02:04 XBV00008.VDF : 8.11.165.192 4251136 Bytes 8/7/2014 07:02:47 XBV00009.VDF : 8.11.172.30 2094080 Bytes 9/15/2014 12:23:35 XBV00010.VDF : 8.11.178.32 1581056 Bytes 10/14/2014 16:43:09 XBV00042.VDF : 8.11.178.58 29696 Bytes 10/14/2014 16:43:10 XBV00043.VDF : 8.11.178.60 2048 Bytes 10/14/2014 16:43:10 XBV00044.VDF : 8.11.178.86 21504 Bytes 10/14/2014 22:31:35 XBV00045.VDF : 8.11.178.88 11776 Bytes 10/15/2014 16:44:27 XBV00046.VDF : 8.11.178.92 17408 Bytes 10/15/2014 16:44:28 XBV00047.VDF : 8.11.178.94 2048 Bytes 10/15/2014 16:44:28 XBV00048.VDF : 8.11.178.116 7680 Bytes 10/15/2014 16:44:28 XBV00049.VDF : 8.11.178.136 21504 Bytes 10/15/2014 16:44:28 XBV00050.VDF : 8.11.178.140 2048 Bytes 10/15/2014 16:44:28 XBV00051.VDF : 8.11.178.162 32768 Bytes 10/15/2014 16:44:29 XBV00052.VDF : 8.11.178.164 2048 Bytes 10/15/2014 16:44:29 XBV00053.VDF : 8.11.178.166 14336 Bytes 10/15/2014 16:44:29 XBV00054.VDF : 8.11.178.170 12800 Bytes 10/15/2014 16:44:29 XBV00055.VDF : 8.11.178.190 4608 Bytes 10/15/2014 16:44:29 XBV00056.VDF : 8.11.178.210 5120 Bytes 10/15/2014 16:44:30 XBV00057.VDF : 8.11.178.230 17920 Bytes 10/16/2014 16:44:30 XBV00058.VDF : 8.11.178.234 8704 Bytes 10/16/2014 16:44:30 XBV00059.VDF : 8.11.178.236 13312 Bytes 10/16/2014 16:44:30 XBV00060.VDF : 8.11.178.240 50176 Bytes 10/16/2014 16:44:31 XBV00061.VDF : 8.11.179.4 2048 Bytes 10/16/2014 16:44:31 XBV00062.VDF : 8.11.179.6 2048 Bytes 10/16/2014 16:44:31 XBV00063.VDF : 8.11.179.8 2048 Bytes 10/16/2014 16:44:31 XBV00064.VDF : 8.11.179.12 27136 Bytes 10/16/2014 16:44:31 XBV00065.VDF : 8.11.179.18 29696 Bytes 10/17/2014 16:44:32 XBV00066.VDF : 8.11.179.20 2048 Bytes 10/17/2014 16:44:32 XBV00067.VDF : 8.11.179.22 8192 Bytes 10/17/2014 16:44:32 XBV00068.VDF : 8.11.179.44 12800 Bytes 10/17/2014 16:44:32 XBV00069.VDF : 8.11.179.62 6656 Bytes 10/17/2014 16:44:32 XBV00070.VDF : 8.11.179.80 10752 Bytes 10/17/2014 16:44:32 XBV00071.VDF : 8.11.179.82 2048 Bytes 10/17/2014 16:44:32 XBV00072.VDF : 8.11.179.100 5632 Bytes 10/17/2014 16:44:32 XBV00073.VDF : 8.11.179.106 22528 Bytes 10/17/2014 07:27:42 XBV00074.VDF : 8.11.179.108 2560 Bytes 10/17/2014 07:27:42 XBV00075.VDF : 8.11.179.110 9216 Bytes 10/17/2014 07:27:42 XBV00076.VDF : 8.11.179.114 18432 Bytes 10/18/2014 20:07:24 XBV00077.VDF : 8.11.179.116 3072 Bytes 10/18/2014 20:07:24 XBV00078.VDF : 8.11.179.118 38912 Bytes 10/18/2014 20:07:24 XBV00079.VDF : 8.11.179.120 2048 Bytes 10/18/2014 20:07:24 XBV00080.VDF : 8.11.179.122 52224 Bytes 10/19/2014 11:32:03 XBV00081.VDF : 8.11.179.140 2048 Bytes 10/19/2014 11:32:03 XBV00082.VDF : 8.11.179.160 25600 Bytes 10/19/2014 11:32:03 XBV00083.VDF : 8.11.179.162 2048 Bytes 10/19/2014 11:32:03 XBV00084.VDF : 8.11.179.180 35328 Bytes 10/20/2014 11:32:04 XBV00085.VDF : 8.11.179.182 2048 Bytes 10/20/2014 11:32:04 XBV00086.VDF : 8.11.179.184 12800 Bytes 10/20/2014 11:32:04 XBV00087.VDF : 8.11.179.186 7168 Bytes 10/20/2014 11:32:04 XBV00088.VDF : 8.11.179.188 23040 Bytes 10/20/2014 11:32:05 XBV00089.VDF : 8.11.179.190 2048 Bytes 10/20/2014 11:32:05 XBV00090.VDF : 8.11.179.192 2048 Bytes 10/20/2014 11:32:05 XBV00091.VDF : 8.11.179.194 13312 Bytes 10/20/2014 11:32:05 XBV00092.VDF : 8.11.179.196 2048 Bytes 10/20/2014 11:32:05 XBV00093.VDF : 8.11.179.216 36352 Bytes 10/20/2014 11:32:06 XBV00094.VDF : 8.11.179.232 2048 Bytes 10/20/2014 11:32:06 XBV00095.VDF : 8.11.179.234 2048 Bytes 10/20/2014 11:32:06 XBV00096.VDF : 8.11.180.12 32256 Bytes 10/21/2014 11:32:06 XBV00097.VDF : 8.11.180.30 17408 Bytes 10/21/2014 11:32:06 XBV00098.VDF : 8.11.180.32 2048 Bytes 10/21/2014 11:32:06 XBV00099.VDF : 8.11.180.34 16384 Bytes 10/21/2014 11:32:07 XBV00100.VDF : 8.11.180.40 8704 Bytes 10/21/2014 11:32:07 XBV00101.VDF : 8.11.180.42 10240 Bytes 10/21/2014 11:32:07 XBV00102.VDF : 8.11.180.44 31744 Bytes 10/21/2014 11:32:07 XBV00103.VDF : 8.11.180.60 2048 Bytes 10/21/2014 11:32:08 XBV00104.VDF : 8.11.180.64 24576 Bytes 10/21/2014 11:32:08 XBV00105.VDF : 8.11.180.66 6144 Bytes 10/21/2014 11:32:08 XBV00106.VDF : 8.11.180.70 2560 Bytes 10/21/2014 11:32:08 XBV00107.VDF : 8.11.180.88 33280 Bytes 10/22/2014 11:32:08 XBV00108.VDF : 8.11.180.104 2560 Bytes 10/22/2014 11:32:09 XBV00109.VDF : 8.11.180.106 2048 Bytes 10/22/2014 11:32:09 XBV00110.VDF : 8.11.180.122 25600 Bytes 10/22/2014 11:32:09 XBV00111.VDF : 8.11.180.138 11264 Bytes 10/22/2014 11:32:09 XBV00112.VDF : 8.11.180.140 20992 Bytes 10/22/2014 10:00:53 XBV00113.VDF : 8.11.180.142 2048 Bytes 10/22/2014 10:00:54 XBV00114.VDF : 8.11.180.144 2048 Bytes 10/22/2014 10:00:54 XBV00115.VDF : 8.11.180.150 43520 Bytes 10/22/2014 10:00:55 XBV00116.VDF : 8.11.180.154 2048 Bytes 10/22/2014 10:00:56 XBV00117.VDF : 8.11.180.172 12288 Bytes 10/22/2014 10:00:56 XBV00118.VDF : 8.11.180.174 2048 Bytes 10/22/2014 10:00:57 XBV00119.VDF : 8.11.180.188 7168 Bytes 10/22/2014 10:00:57 XBV00120.VDF : 8.11.180.204 11776 Bytes 10/23/2014 10:00:58 XBV00121.VDF : 8.11.180.206 3584 Bytes 10/23/2014 10:00:58 XBV00122.VDF : 8.11.180.208 22016 Bytes 10/23/2014 10:00:59 XBV00123.VDF : 8.11.180.210 20992 Bytes 10/23/2014 07:07:44 XBV00124.VDF : 8.11.180.212 2048 Bytes 10/23/2014 07:07:44 XBV00125.VDF : 8.11.180.214 2560 Bytes 10/23/2014 07:07:44 XBV00126.VDF : 8.11.180.220 32768 Bytes 10/23/2014 07:07:45 XBV00127.VDF : 8.11.180.222 2048 Bytes 10/23/2014 07:07:45 XBV00128.VDF : 8.11.180.224 2048 Bytes 10/23/2014 07:07:45 XBV00129.VDF : 8.11.180.226 15872 Bytes 10/23/2014 07:07:45 XBV00130.VDF : 8.11.180.228 2048 Bytes 10/23/2014 07:07:46 XBV00131.VDF : 8.11.180.232 28672 Bytes 10/24/2014 07:07:46 XBV00132.VDF : 8.11.180.234 2048 Bytes 10/24/2014 07:07:46 XBV00133.VDF : 8.11.180.236 38912 Bytes 10/24/2014 13:24:00 XBV00134.VDF : 8.11.180.250 2048 Bytes 10/24/2014 13:24:00 XBV00135.VDF : 8.11.180.252 2048 Bytes 10/24/2014 13:24:00 XBV00136.VDF : 8.11.181.10 14336 Bytes 10/24/2014 18:56:05 XBV00137.VDF : 8.11.181.24 6144 Bytes 10/24/2014 18:56:06 XBV00138.VDF : 8.11.181.36 21504 Bytes 10/24/2014 18:56:06 XBV00139.VDF : 8.11.181.38 2048 Bytes 10/24/2014 18:56:06 XBV00140.VDF : 8.11.181.40 25088 Bytes 10/24/2014 18:56:06 XBV00141.VDF : 8.11.181.42 2048 Bytes 10/25/2014 18:56:06 XBV00142.VDF : 8.11.181.44 2048 Bytes 10/25/2014 18:56:06 XBV00143.VDF : 8.11.181.48 62976 Bytes 10/25/2014 18:56:07 XBV00144.VDF : 8.11.181.50 2048 Bytes 10/25/2014 18:56:07 XBV00145.VDF : 8.11.181.52 27136 Bytes 10/25/2014 18:56:07 XBV00146.VDF : 8.11.181.54 2048 Bytes 10/25/2014 18:56:08 XBV00147.VDF : 8.11.181.56 2048 Bytes 10/25/2014 18:56:08 XBV00148.VDF : 8.11.181.72 64000 Bytes 10/26/2014 05:46:29 XBV00149.VDF : 8.11.181.84 2048 Bytes 10/26/2014 05:46:29 XBV00150.VDF : 8.11.181.96 2048 Bytes 10/26/2014 05:46:29 XBV00151.VDF : 8.11.181.108 2048 Bytes 10/26/2014 05:46:29 XBV00152.VDF : 8.11.181.120 14336 Bytes 10/26/2014 05:46:29 XBV00153.VDF : 8.11.181.132 2048 Bytes 10/26/2014 05:46:29 XBV00154.VDF : 8.11.181.146 54272 Bytes 10/27/2014 17:17:14 XBV00155.VDF : 8.11.181.148 2048 Bytes 10/27/2014 17:17:14 XBV00156.VDF : 8.11.181.150 6656 Bytes 10/27/2014 17:17:15 XBV00157.VDF : 8.11.181.152 7680 Bytes 10/27/2014 17:17:15 XBV00158.VDF : 8.11.181.154 6656 Bytes 10/27/2014 17:17:15 XBV00159.VDF : 8.11.181.156 13824 Bytes 10/27/2014 17:17:15 XBV00160.VDF : 8.11.183.62 850944 Bytes 11/5/2014 18:45:24 XBV00161.VDF : 8.11.183.84 26112 Bytes 11/5/2014 10:54:37 XBV00162.VDF : 8.11.183.92 2048 Bytes 11/5/2014 10:54:37 XBV00163.VDF : 8.11.183.100 2048 Bytes 11/5/2014 10:54:37 XBV00164.VDF : 8.11.183.112 16896 Bytes 11/5/2014 10:54:38 XBV00165.VDF : 8.11.183.114 3584 Bytes 11/5/2014 10:54:38 XBV00166.VDF : 8.11.183.118 7168 Bytes 11/6/2014 10:54:38 XBV00167.VDF : 8.11.183.120 20992 Bytes 11/6/2014 10:54:38 XBV00168.VDF : 8.11.183.122 35840 Bytes 11/6/2014 08:52:36 XBV00169.VDF : 8.11.183.124 2048 Bytes 11/6/2014 08:52:36 XBV00170.VDF : 8.11.183.128 2048 Bytes 11/6/2014 08:52:36 XBV00171.VDF : 8.11.183.130 35328 Bytes 11/6/2014 08:52:37 XBV00172.VDF : 8.11.183.132 2048 Bytes 11/6/2014 08:52:37 XBV00173.VDF : 8.11.183.134 2048 Bytes 11/6/2014 08:52:37 XBV00174.VDF : 8.11.183.136 23552 Bytes 11/6/2014 08:52:37 XBV00175.VDF : 8.11.183.138 2048 Bytes 11/6/2014 08:52:37 XBV00176.VDF : 8.11.183.140 6656 Bytes 11/6/2014 08:52:37 XBV00177.VDF : 8.11.183.142 6144 Bytes 11/6/2014 08:52:37 XBV00178.VDF : 8.11.183.152 51200 Bytes 11/7/2014 08:52:38 XBV00179.VDF : 8.11.183.160 21504 Bytes 11/7/2014 14:52:05 XBV00180.VDF : 8.11.183.168 26624 Bytes 11/7/2014 14:52:05 XBV00181.VDF : 8.11.183.170 3584 Bytes 11/7/2014 14:52:05 XBV00182.VDF : 8.11.183.172 9216 Bytes 11/7/2014 20:52:12 XBV00183.VDF : 8.11.183.176 31232 Bytes 11/7/2014 20:52:13 XBV00184.VDF : 8.11.183.178 3584 Bytes 11/7/2014 07:21:45 XBV00185.VDF : 8.11.183.180 6656 Bytes 11/7/2014 07:21:45 XBV00186.VDF : 8.11.183.182 9216 Bytes 11/7/2014 07:21:45 XBV00187.VDF : 8.11.183.186 29184 Bytes 11/8/2014 13:21:46 XBV00188.VDF : 8.11.183.190 25088 Bytes 11/8/2014 19:22:17 XBV00189.VDF : 8.11.183.192 2048 Bytes 11/8/2014 19:22:18 XBV00190.VDF : 8.11.183.194 2048 Bytes 11/8/2014 19:22:19 XBV00191.VDF : 8.11.183.196 94720 Bytes 11/9/2014 10:35:38 XBV00192.VDF : 8.11.183.206 2048 Bytes 11/9/2014 10:35:39 XBV00193.VDF : 8.11.183.212 36864 Bytes 11/9/2014 16:35:42 XBV00194.VDF : 8.11.183.214 2048 Bytes 11/9/2014 16:35:42 XBV00195.VDF : 8.11.183.220 7680 Bytes 11/9/2014 08:02:12 XBV00196.VDF : 8.11.183.222 51200 Bytes 11/10/2014 08:02:14 XBV00197.VDF : 8.11.183.224 8704 Bytes 11/10/2014 08:02:15 XBV00198.VDF : 8.11.183.230 5632 Bytes 11/10/2014 14:02:24 XBV00199.VDF : 8.11.183.236 7680 Bytes 11/10/2014 14:02:24 XBV00200.VDF : 8.11.183.240 2048 Bytes 11/10/2014 14:02:24 XBV00201.VDF : 8.11.183.246 2048 Bytes 11/10/2014 14:02:24 XBV00202.VDF : 8.11.183.254 115712 Bytes 11/10/2014 20:02:28 XBV00203.VDF : 8.11.184.10 24576 Bytes 11/10/2014 07:18:54 XBV00204.VDF : 8.11.184.14 5632 Bytes 11/10/2014 07:18:54 XBV00205.VDF : 8.11.184.16 13312 Bytes 11/11/2014 07:18:54 XBV00206.VDF : 8.11.184.22 27136 Bytes 11/11/2014 07:18:55 LOCAL001.VDF : 8.11.184.22 114388480 Bytes 11/11/2014 07:19:15 Engineversion : 8.3.26.8 AEVDF.DLL : 8.3.1.6 133992 Bytes 10/10/2014 12:18:23 AESCRIPT.DLL : 8.2.2.12 527216 Bytes 11/7/2014 08:52:36 AESCN.DLL : 8.3.2.2 139456 Bytes 8/10/2014 06:57:56 AESBX.DLL : 8.2.20.24 1409224 Bytes 5/14/2014 13:08:35 AERDL.DLL : 8.2.1.16 743328 Bytes 10/29/2014 11:16:54 AEPACK.DLL : 8.4.0.54 788392 Bytes 10/10/2014 12:18:13 AEOFFICE.DLL : 8.3.0.38 224112 Bytes 10/31/2014 14:07:16 AEHEUR.DLL : 8.1.4.1384 7759784 Bytes 11/7/2014 08:52:34 AEHELP.DLL : 8.3.1.0 278728 Bytes 8/10/2014 06:57:24 AEGEN.DLL : 8.1.7.34 453480 Bytes 11/7/2014 08:52:08 AEEXP.DLL : 8.4.2.32 247712 Bytes 10/10/2014 12:18:27 AEEMU.DLL : 8.1.3.4 399264 Bytes 8/10/2014 06:57:21 AEDROID.DLL : 8.4.2.24 442568 Bytes 8/10/2014 06:58:01 AECORE.DLL : 8.3.2.6 243712 Bytes 8/10/2014 06:57:20 AEBB.DLL : 8.1.2.0 60448 Bytes 8/10/2014 06:57:18 AVWINLL.DLL : 14.0.7.308 25904 Bytes 11/6/2014 10:51:38 AVPREF.DLL : 14.0.7.308 52016 Bytes 11/6/2014 10:51:56 AVREP.DLL : 14.0.7.308 220976 Bytes 11/6/2014 10:51:58 AVARKT.DLL : 14.0.7.308 227632 Bytes 11/6/2014 10:51:40 AVEVTLOG.DLL : 14.0.7.310 184112 Bytes 11/6/2014 10:51:49 SQLITE3.DLL : 14.0.7.308 453936 Bytes 11/6/2014 10:54:36 AVSMTP.DLL : 14.0.7.308 79096 Bytes 11/6/2014 10:52:08 NETNT.DLL : 14.0.7.308 15152 Bytes 11/6/2014 10:54:26 RCIMAGE.DLL : 14.0.7.308 4865328 Bytes 11/6/2014 10:51:38 RCTEXT.DLL : 14.0.7.318 77048 Bytes 11/6/2014 10:51:38 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Vollständige Systemprüfung Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Protokollierung.......................: standard Primäre Aktion........................: Interaktiv Sekundäre Aktion......................: Ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, D:, F:, Durchsuche aktive Programme...........: ein Laufende Programme erweitert..........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: ein Integritätsprüfung von Systemdateien..: aus Prüfe alle Dateien....................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Dienstag, 11. November 2014 08:28 Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'HDD0(C:, D  '[INFO] Es wurde kein Virus gefunden! Bootsektor 'HDD1(F '[INFO] Es wurde kein Virus gefunden! Der Suchlauf nach versteckten Objekten wird begonnen. Versteckter Treiber [HINWEIS] Eine Speicherveränderung wurde entdeckt, die möglicherweise zur versteckten Dateizugriffen missbraucht werden könnte. Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'winamp.exe' - '158' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '120' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '115' Modul(e) wurden durchsucht Durchsuche Prozess 'wmpnetwk.exe' - '123' Modul(e) wurden durchsucht Durchsuche Prozess 'firefox.exe' - '125' Modul(e) wurden durchsucht Durchsuche Prozess 'SynTPHelper.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchIndexer.exe' - '51' Modul(e) wurden durchsucht Durchsuche Prozess 'avshadow.exe' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.bin' - '92' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'E_FATIFBE.EXE' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'Avira.OE.Systray.exe' - '113' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '99' Modul(e) wurden durchsucht Durchsuche Prozess 'EEventManager.exe' - '68' Modul(e) wurden durchsucht Durchsuche Prozess 'winampa.exe' - '20' Modul(e) wurden durchsucht Durchsuche Prozess 'SynTPEnh.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'RtHDVCpl.exe' - '46' Modul(e) wurden durchsucht Durchsuche Prozess 'Explorer.EXE' - '179' Modul(e) wurden durchsucht Durchsuche Prozess 'EasySpeedUpManager.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'dmhkcore.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'WCScheduler.exe' - '55' Modul(e) wurden durchsucht Durchsuche Prozess 'Dwm.exe' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'SSCKbdHk.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'taskhost.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '124' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'sqlwriter.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'creator-ws.exe' - '39' Modul(e) wurden durchsucht Durchsuche Prozess 'E_S40RP7.EXE' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'E_S40ST7.EXE' - '21' Modul(e) wurden durchsucht Durchsuche Prozess 'BcmSqlStartupSvc.exe' - '21' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '135' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '59' Modul(e) wurden durchsucht Durchsuche Prozess 'nvvsvc.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'spoolsv.exe' - '78' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '79' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '160' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht Durchsuche Prozess 'nvvsvc.exe' - '20' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht Durchsuche Prozess 'lsass.exe' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '1986' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' Beginne mit der Suche in 'D:\' Beginne mit der Suche in 'F:\' <INTENSO> Ende des Suchlaufs: Dienstag, 11. November 2014 12:23 Benötigte Zeit: 3:54:54 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 24925 Verzeichnisse wurden überprüft 1389297 Dateien wurden geprüft 0 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 1389297 Dateien ohne Befall 26027 Archive wurden durchsucht 0 Warnungen 1 Hinweise 658503 Objekte wurden beim Rootkitscan durchsucht 1 Versteckte Objekte wurden gefunden Soweit die Logfiles, hoffe ich hab alles richtig gemacht, ist das erste Mal, dass ich hier etwas poste.Würde mich freuen, wenn mir jemand helfen könnte.Mit freundlichen Grüssen |
|
11.11.2014, 14:27
| #2 |
| /// the machine /// TB-Ausbilder    | Avira hat unbekanntes Objekt gefunden hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
11.11.2014, 14:37
| #3 |
| | Avira hat unbekanntes Objekt gefunden Hat beim scannen nichts gefunden
__________________Logfile Code:
ATTFilter 14:31:48.0757 0x1620 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:32:00.0732 0x1620 ============================================================
14:32:00.0732 0x1620 Current date / time: 2014/11/11 14:32:00.0732
14:32:00.0732 0x1620 SystemInfo:
14:32:00.0732 0x1620
14:32:00.0732 0x1620 OS Version: 6.1.7601 ServicePack: 1.0
14:32:00.0732 0x1620 Product type: Workstation
14:32:00.0732 0x1620 ComputerName: TIMO-PC
14:32:00.0733 0x1620 UserName: timo
14:32:00.0733 0x1620 Windows directory: C:\windows
14:32:00.0733 0x1620 System windows directory: C:\windows
14:32:00.0733 0x1620 Processor architecture: Intel x86
14:32:00.0733 0x1620 Number of processors: 2
14:32:00.0733 0x1620 Page size: 0x1000
14:32:00.0733 0x1620 Boot type: Normal boot
14:32:00.0733 0x1620 ============================================================
14:32:00.0903 0x1620 KLMD registered as C:\windows\system32\drivers\99608382.sys
14:32:01.0853 0x1620 System UUID: {983CF3E4-7434-A9F4-AE89-6622E3A3B669}
14:32:03.0196 0x1620 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:32:03.0215 0x1620 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1100000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:32:19.0224 0x1620 ============================================================
14:32:19.0224 0x1620 \Device\Harddisk0\DR0:
14:32:19.0240 0x1620 MBR partitions:
14:32:19.0240 0x1620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
14:32:19.0240 0x1620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x11AFD000
14:32:19.0240 0x1620 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1392F800, BlocksNum 0x11AFE800
14:32:19.0240 0x1620 \Device\Harddisk1\DR1:
14:32:19.0255 0x1620 MBR partitions:
14:32:19.0256 0x1620 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0xE8E06CC1
14:32:19.0256 0x1620 ============================================================
14:32:19.0285 0x1620 C: <-> \Device\Harddisk0\DR0\Partition2
14:32:19.0351 0x1620 D: <-> \Device\Harddisk0\DR0\Partition3
14:32:19.0353 0x1620 F: <-> \Device\Harddisk1\DR1\Partition1
14:32:19.0354 0x1620 ============================================================
14:32:19.0354 0x1620 Initialize success
14:32:19.0354 0x1620 ============================================================
14:33:43.0126 0x08f8 ============================================================
14:33:43.0126 0x08f8 Scan started
14:33:43.0126 0x08f8 Mode: Manual; SigCheck; TDLFS;
14:33:43.0126 0x08f8 ============================================================
14:33:43.0126 0x08f8 KSN ping started
14:33:45.0747 0x08f8 KSN ping finished: true
14:33:46.0480 0x08f8 ================ Scan system memory ========================
14:33:46.0480 0x08f8 System memory - ok
14:33:46.0480 0x08f8 ================ Scan services =============================
14:33:46.0652 0x08f8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:33:46.0777 0x08f8 1394ohci - ok
14:33:46.0855 0x08f8 [ A6FE70357A68AD1E279CD1012419CCE6, 561B0E21383600F9A0BFB8562AAE648BBC48A320F58E4189C508123B8F106A29 ] acedrv11 C:\windows\system32\drivers\acedrv11.sys
14:33:46.0933 0x08f8 acedrv11 - ok
14:33:46.0995 0x08f8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
14:33:47.0011 0x08f8 ACPI - ok
14:33:47.0058 0x08f8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:33:47.0073 0x08f8 AcpiPmi - ok
14:33:47.0167 0x08f8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:33:47.0182 0x08f8 AdobeARMservice - ok
14:33:47.0260 0x08f8 [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:33:47.0292 0x08f8 AdobeFlashPlayerUpdateSvc - ok
14:33:47.0370 0x08f8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
14:33:47.0416 0x08f8 adp94xx - ok
14:33:47.0432 0x08f8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
14:33:47.0463 0x08f8 adpahci - ok
14:33:47.0479 0x08f8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
14:33:47.0510 0x08f8 adpu320 - ok
14:33:47.0541 0x08f8 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:33:47.0588 0x08f8 AeLookupSvc - ok
14:33:47.0635 0x08f8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
14:33:47.0682 0x08f8 AFD - ok
14:33:47.0728 0x08f8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
14:33:47.0760 0x08f8 agp440 - ok
14:33:47.0791 0x08f8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
14:33:47.0822 0x08f8 aic78xx - ok
14:33:47.0853 0x08f8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
14:33:47.0884 0x08f8 ALG - ok
14:33:47.0916 0x08f8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
14:33:47.0931 0x08f8 aliide - ok
14:33:47.0947 0x08f8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
14:33:47.0978 0x08f8 amdagp - ok
14:33:48.0009 0x08f8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
14:33:48.0025 0x08f8 amdide - ok
14:33:48.0056 0x08f8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
14:33:48.0103 0x08f8 AmdK8 - ok
14:33:48.0118 0x08f8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
14:33:48.0134 0x08f8 AmdPPM - ok
14:33:48.0181 0x08f8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:33:48.0212 0x08f8 amdsata - ok
14:33:48.0228 0x08f8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
14:33:48.0259 0x08f8 amdsbs - ok
14:33:48.0274 0x08f8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:33:48.0290 0x08f8 amdxata - ok
14:33:48.0384 0x08f8 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:33:48.0430 0x08f8 AntiVirSchedulerService - ok
14:33:48.0462 0x08f8 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:33:48.0493 0x08f8 AntiVirService - ok
14:33:48.0555 0x08f8 [ 323EC9754AEBCD922B0D80D49419B000, 74C060FEBDA551C9AC5CB5E5FD42E0092E01BC07AE636BD85E38D49196A92147 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:33:48.0618 0x08f8 AntiVirWebService - ok
14:33:48.0664 0x08f8 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\windows\system32\drivers\appid.sys
14:33:48.0696 0x08f8 AppID - ok
14:33:48.0727 0x08f8 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\windows\System32\appidsvc.dll
14:33:48.0774 0x08f8 AppIDSvc - ok
14:33:48.0805 0x08f8 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
14:33:48.0836 0x08f8 Appinfo - ok
14:33:48.0883 0x08f8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
14:33:48.0898 0x08f8 arc - ok
14:33:48.0914 0x08f8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
14:33:48.0945 0x08f8 arcsas - ok
14:33:49.0070 0x08f8 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:33:49.0117 0x08f8 aspnet_state - ok
14:33:49.0132 0x08f8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:33:49.0179 0x08f8 AsyncMac - ok
14:33:49.0195 0x08f8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
14:33:49.0226 0x08f8 atapi - ok
14:33:49.0320 0x08f8 [ 2EB96571FE865F07ED1FD6017575026F, A8D20514C7AE3A5199F7FFB87F45A1BBAF98E66976CF62D6B8A2A8D5319E31D0 ] athr C:\windows\system32\DRIVERS\athr.sys
14:33:49.0382 0x08f8 athr - ok
14:33:49.0460 0x08f8 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:33:49.0554 0x08f8 AudioEndpointBuilder - ok
14:33:49.0569 0x08f8 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\windows\System32\Audiosrv.dll
14:33:49.0616 0x08f8 Audiosrv - ok
14:33:49.0647 0x08f8 [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
14:33:49.0678 0x08f8 avgntflt - ok
14:33:49.0694 0x08f8 [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
14:33:49.0710 0x08f8 avipbb - ok
14:33:49.0834 0x08f8 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
14:33:49.0866 0x08f8 Avira.OE.ServiceHost - ok
14:33:49.0912 0x08f8 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
14:33:49.0944 0x08f8 avkmgr - ok
14:33:49.0990 0x08f8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
14:33:50.0037 0x08f8 AxInstSV - ok
14:33:50.0084 0x08f8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
14:33:50.0131 0x08f8 b06bdrv - ok
14:33:50.0162 0x08f8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
14:33:50.0193 0x08f8 b57nd60x - ok
14:33:50.0271 0x08f8 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:33:50.0302 0x08f8 BcmSqlStartupSvc - ok
14:33:50.0334 0x08f8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
14:33:50.0365 0x08f8 BDESVC - ok
14:33:50.0396 0x08f8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
14:33:50.0427 0x08f8 Beep - ok
14:33:50.0490 0x08f8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
14:33:50.0536 0x08f8 BFE - ok
14:33:50.0599 0x08f8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
14:33:50.0661 0x08f8 BITS - ok
14:33:50.0677 0x08f8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:33:50.0692 0x08f8 blbdrive - ok
14:33:50.0739 0x08f8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:33:50.0770 0x08f8 bowser - ok
14:33:50.0786 0x08f8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
14:33:50.0802 0x08f8 BrFiltLo - ok
14:33:50.0833 0x08f8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
14:33:50.0848 0x08f8 BrFiltUp - ok
14:33:50.0895 0x08f8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
14:33:50.0926 0x08f8 Browser - ok
14:33:50.0942 0x08f8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:33:51.0004 0x08f8 Brserid - ok
14:33:51.0020 0x08f8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:33:51.0051 0x08f8 BrSerWdm - ok
14:33:51.0067 0x08f8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:33:51.0082 0x08f8 BrUsbMdm - ok
14:33:51.0114 0x08f8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:33:51.0145 0x08f8 BrUsbSer - ok
14:33:51.0160 0x08f8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
14:33:51.0192 0x08f8 BTHMODEM - ok
14:33:51.0223 0x08f8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
14:33:51.0270 0x08f8 bthserv - ok
14:33:51.0285 0x08f8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:33:51.0332 0x08f8 cdfs - ok
14:33:51.0363 0x08f8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\drivers\cdrom.sys
14:33:51.0394 0x08f8 cdrom - ok
14:33:51.0441 0x08f8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
14:33:51.0472 0x08f8 CertPropSvc - ok
14:33:51.0488 0x08f8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
14:33:51.0519 0x08f8 circlass - ok
14:33:51.0550 0x08f8 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\windows\system32\CLFS.sys
14:33:51.0582 0x08f8 CLFS - ok
14:33:51.0628 0x08f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:33:51.0660 0x08f8 clr_optimization_v2.0.50727_32 - ok
14:33:51.0691 0x08f8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:33:51.0722 0x08f8 clr_optimization_v4.0.30319_32 - ok
14:33:51.0738 0x08f8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:33:51.0753 0x08f8 CmBatt - ok
14:33:51.0784 0x08f8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
14:33:51.0800 0x08f8 cmdide - ok
14:33:51.0831 0x08f8 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\windows\system32\Drivers\cng.sys
14:33:51.0878 0x08f8 CNG - ok
14:33:51.0909 0x08f8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
14:33:51.0925 0x08f8 Compbatt - ok
14:33:51.0987 0x08f8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
14:33:52.0018 0x08f8 CompositeBus - ok
14:33:52.0034 0x08f8 COMSysApp - ok
14:33:52.0050 0x08f8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
14:33:52.0065 0x08f8 crcdisk - ok
14:33:52.0096 0x08f8 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\windows\system32\cryptsvc.dll
14:33:52.0143 0x08f8 CryptSvc - ok
14:33:52.0190 0x08f8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
14:33:52.0252 0x08f8 DcomLaunch - ok
14:33:52.0284 0x08f8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
14:33:52.0330 0x08f8 defragsvc - ok
14:33:52.0393 0x08f8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:33:52.0424 0x08f8 DfsC - ok
14:33:52.0486 0x08f8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
14:33:52.0533 0x08f8 Dhcp - ok
14:33:52.0549 0x08f8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
14:33:52.0580 0x08f8 discache - ok
14:33:52.0627 0x08f8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
14:33:52.0642 0x08f8 Disk - ok
14:33:52.0689 0x08f8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
14:33:52.0720 0x08f8 Dnscache - ok
14:33:52.0752 0x08f8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
14:33:52.0798 0x08f8 dot3svc - ok
14:33:52.0845 0x08f8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
14:33:52.0892 0x08f8 DPS - ok
14:33:52.0923 0x08f8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:33:52.0939 0x08f8 drmkaud - ok
14:33:52.0986 0x08f8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:33:53.0032 0x08f8 DXGKrnl - ok
14:33:53.0064 0x08f8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
14:33:53.0126 0x08f8 EapHost - ok
14:33:53.0282 0x08f8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
14:33:53.0454 0x08f8 ebdrv - ok
14:33:53.0500 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\windows\System32\lsass.exe
14:33:53.0532 0x08f8 EFS - ok
14:33:53.0610 0x08f8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:33:53.0672 0x08f8 ehRecvr - ok
14:33:53.0703 0x08f8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
14:33:53.0766 0x08f8 ehSched - ok
14:33:53.0828 0x08f8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
14:33:53.0859 0x08f8 elxstor - ok
14:33:53.0953 0x08f8 [ EC6A73CD8413F68655E5E0B99C415A21, 5F56B211E854B316A0512091D9EE5A10199EEF619712B8645A2034165253F2A0 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
14:33:54.0000 0x08f8 EPSON_EB_RPCV4_01 - ok
14:33:54.0015 0x08f8 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7, 539C4257DE460F881DAFAD4FD83C216363B558FDD06AE6779FBBCC2B84BCCF56 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
14:33:54.0031 0x08f8 EPSON_PM_RPCV4_01 - ok
14:33:54.0062 0x08f8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
14:33:54.0078 0x08f8 ErrDev - ok
14:33:54.0140 0x08f8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
14:33:54.0187 0x08f8 EventSystem - ok
14:33:54.0218 0x08f8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
14:33:54.0265 0x08f8 exfat - ok
14:33:54.0280 0x08f8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
14:33:54.0327 0x08f8 fastfat - ok
14:33:54.0405 0x08f8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
14:33:54.0468 0x08f8 Fax - ok
14:33:54.0499 0x08f8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
14:33:54.0530 0x08f8 fdc - ok
14:33:54.0561 0x08f8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
14:33:54.0592 0x08f8 fdPHost - ok
14:33:54.0608 0x08f8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
14:33:54.0655 0x08f8 FDResPub - ok
14:33:54.0670 0x08f8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:33:54.0702 0x08f8 FileInfo - ok
14:33:54.0717 0x08f8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:33:54.0764 0x08f8 Filetrace - ok
14:33:54.0780 0x08f8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
14:33:54.0795 0x08f8 flpydisk - ok
14:33:54.0842 0x08f8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:33:54.0858 0x08f8 FltMgr - ok
14:33:54.0936 0x08f8 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
14:33:55.0029 0x08f8 FontCache - ok
14:33:55.0092 0x08f8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:33:55.0107 0x08f8 FontCache3.0.0.0 - ok
14:33:55.0138 0x08f8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:33:55.0170 0x08f8 FsDepends - ok
14:33:55.0201 0x08f8 [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
14:33:55.0216 0x08f8 fssfltr - ok
14:33:55.0310 0x08f8 [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:33:55.0357 0x08f8 fsssvc - ok
14:33:55.0388 0x08f8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:33:55.0404 0x08f8 Fs_Rec - ok
14:33:55.0450 0x08f8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:33:55.0482 0x08f8 fvevol - ok
14:33:55.0528 0x08f8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
14:33:55.0544 0x08f8 gagp30kx - ok
14:33:55.0606 0x08f8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
14:33:55.0684 0x08f8 gpsvc - ok
14:33:55.0794 0x08f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:33:55.0840 0x08f8 gupdate - ok
14:33:55.0856 0x08f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:33:55.0872 0x08f8 gupdatem - ok
14:33:55.0887 0x08f8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:33:55.0934 0x08f8 hcw85cir - ok
14:33:55.0996 0x08f8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:33:56.0059 0x08f8 HdAudAddService - ok
14:33:56.0090 0x08f8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
14:33:56.0121 0x08f8 HDAudBus - ok
14:33:56.0121 0x08f8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
14:33:56.0152 0x08f8 HidBatt - ok
14:33:56.0168 0x08f8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
14:33:56.0199 0x08f8 HidBth - ok
14:33:56.0230 0x08f8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
14:33:56.0262 0x08f8 HidIr - ok
14:33:56.0308 0x08f8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
14:33:56.0371 0x08f8 hidserv - ok
14:33:56.0402 0x08f8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:33:56.0418 0x08f8 HidUsb - ok
14:33:56.0464 0x08f8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
14:33:56.0511 0x08f8 hkmsvc - ok
14:33:56.0542 0x08f8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:33:56.0589 0x08f8 HomeGroupListener - ok
14:33:56.0636 0x08f8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:33:56.0683 0x08f8 HomeGroupProvider - ok
14:33:56.0730 0x08f8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:33:56.0745 0x08f8 HpSAMD - ok
14:33:56.0823 0x08f8 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:33:56.0886 0x08f8 HTTP - ok
14:33:56.0932 0x08f8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:33:56.0948 0x08f8 hwpolicy - ok
14:33:56.0995 0x08f8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
14:33:57.0042 0x08f8 i8042prt - ok
14:33:57.0073 0x08f8 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
14:33:57.0088 0x08f8 iaStor - ok
14:33:57.0135 0x08f8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:33:57.0182 0x08f8 iaStorV - ok
14:33:57.0260 0x08f8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:33:57.0322 0x08f8 idsvc - ok
14:33:57.0338 0x08f8 IEEtwCollectorService - ok
14:33:57.0556 0x08f8 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
14:33:57.0822 0x08f8 igfx - ok
14:33:57.0946 0x08f8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
14:33:57.0993 0x08f8 iirsp - ok
14:33:58.0040 0x08f8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
14:33:58.0102 0x08f8 IKEEXT - ok
14:33:58.0258 0x08f8 [ 5CEEF2CCCB4FE00D3FFBFEB12BCFA07F, D5533A7BA7BE65D5D5CE137795419E6C49B51B15B7450C319EE0EA9A83AC73E0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
14:33:58.0352 0x08f8 IntcAzAudAddService - ok
14:33:58.0446 0x08f8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
14:33:58.0477 0x08f8 intelide - ok
14:33:58.0524 0x08f8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
14:33:58.0555 0x08f8 intelppm - ok
14:33:58.0586 0x08f8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:33:58.0617 0x08f8 IPBusEnum - ok
14:33:58.0648 0x08f8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:33:58.0695 0x08f8 IpFilterDriver - ok
14:33:58.0758 0x08f8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:33:58.0804 0x08f8 iphlpsvc - ok
14:33:58.0836 0x08f8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:33:58.0867 0x08f8 IPMIDRV - ok
14:33:58.0882 0x08f8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:33:58.0914 0x08f8 IPNAT - ok
14:33:58.0960 0x08f8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
14:33:58.0992 0x08f8 IRENUM - ok
14:33:58.0992 0x08f8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
14:33:59.0007 0x08f8 isapnp - ok
14:33:59.0038 0x08f8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:33:59.0070 0x08f8 iScsiPrt - ok
14:33:59.0101 0x08f8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
14:33:59.0132 0x08f8 kbdclass - ok
14:33:59.0163 0x08f8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
14:33:59.0194 0x08f8 kbdhid - ok
14:33:59.0210 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\windows\system32\lsass.exe
14:33:59.0241 0x08f8 KeyIso - ok
14:33:59.0272 0x08f8 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:33:59.0288 0x08f8 KSecDD - ok
14:33:59.0319 0x08f8 [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:33:59.0335 0x08f8 KSecPkg - ok
14:33:59.0366 0x08f8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
14:33:59.0413 0x08f8 KtmRm - ok
14:33:59.0444 0x08f8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
14:33:59.0491 0x08f8 LanmanServer - ok
14:33:59.0538 0x08f8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:33:59.0584 0x08f8 LanmanWorkstation - ok
14:33:59.0616 0x08f8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:33:59.0662 0x08f8 lltdio - ok
14:33:59.0678 0x08f8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:33:59.0725 0x08f8 lltdsvc - ok
14:33:59.0756 0x08f8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
14:33:59.0803 0x08f8 lmhosts - ok
14:33:59.0818 0x08f8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
14:33:59.0850 0x08f8 LSI_FC - ok
14:33:59.0865 0x08f8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
14:33:59.0881 0x08f8 LSI_SAS - ok
14:33:59.0896 0x08f8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
14:33:59.0928 0x08f8 LSI_SAS2 - ok
14:33:59.0943 0x08f8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
14:33:59.0974 0x08f8 LSI_SCSI - ok
14:34:00.0006 0x08f8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
14:34:00.0052 0x08f8 luafv - ok
14:34:00.0162 0x08f8 [ 543F10EDADC7939B71C4ED18C97BBE02, D148F98083DE59C239313FE82C4B1DD5DEAD7AB5FDA6DDCCF11C27E56FA7A195 ] LULU Software CrashHandler C:\Program Files\Soda PDF 6\crash-handler-ws.exe
14:34:00.0208 0x08f8 LULU Software CrashHandler - ok
14:34:00.0255 0x08f8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:34:00.0286 0x08f8 Mcx2Svc - ok
14:34:00.0318 0x08f8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
14:34:00.0349 0x08f8 megasas - ok
14:34:00.0364 0x08f8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
14:34:00.0396 0x08f8 MegaSR - ok
14:34:00.0411 0x08f8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
14:34:00.0458 0x08f8 MMCSS - ok
14:34:00.0474 0x08f8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
14:34:00.0505 0x08f8 Modem - ok
14:34:00.0536 0x08f8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:34:00.0567 0x08f8 monitor - ok
14:34:00.0614 0x08f8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:34:00.0630 0x08f8 mouclass - ok
14:34:00.0661 0x08f8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:34:00.0676 0x08f8 mouhid - ok
14:34:00.0723 0x08f8 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:34:00.0754 0x08f8 mountmgr - ok
14:34:00.0848 0x08f8 [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:34:00.0879 0x08f8 MozillaMaintenance - ok
14:34:00.0910 0x08f8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
14:34:00.0942 0x08f8 mpio - ok
14:34:00.0973 0x08f8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:34:01.0020 0x08f8 mpsdrv - ok
14:34:01.0082 0x08f8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
14:34:01.0144 0x08f8 MpsSvc - ok
14:34:01.0176 0x08f8 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:34:01.0222 0x08f8 MRxDAV - ok
14:34:01.0269 0x08f8 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:34:01.0301 0x08f8 mrxsmb - ok
14:34:01.0347 0x08f8 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:34:01.0379 0x08f8 mrxsmb10 - ok
14:34:01.0394 0x08f8 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:34:01.0425 0x08f8 mrxsmb20 - ok
14:34:01.0441 0x08f8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
14:34:01.0472 0x08f8 msahci - ok
14:34:01.0488 0x08f8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:34:01.0519 0x08f8 msdsm - ok
14:34:01.0535 0x08f8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
14:34:01.0566 0x08f8 MSDTC - ok
14:34:01.0597 0x08f8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
14:34:01.0628 0x08f8 Msfs - ok
14:34:01.0644 0x08f8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:34:01.0675 0x08f8 mshidkmdf - ok
14:34:01.0706 0x08f8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:34:01.0722 0x08f8 msisadrv - ok
14:34:01.0753 0x08f8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:34:01.0800 0x08f8 MSiSCSI - ok
14:34:01.0800 0x08f8 msiserver - ok
14:34:01.0831 0x08f8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:34:01.0862 0x08f8 MSKSSRV - ok
14:34:01.0878 0x08f8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:34:01.0909 0x08f8 MSPCLOCK - ok
14:34:01.0925 0x08f8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:34:01.0956 0x08f8 MSPQM - ok
14:34:01.0971 0x08f8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:34:02.0003 0x08f8 MsRPC - ok
14:34:02.0065 0x08f8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
14:34:02.0096 0x08f8 mssmbios - ok
14:34:02.0127 0x08f8 MSSQL$MSSMLBIZ - ok
14:34:02.0174 0x08f8 [ ADAF062116B4E6D96E44D26486A87AF6, 1A2EE7C4598E8442F24A5C97FEBF7AC6A20703F7EA9097B6E48BE4A05E231D8C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:34:02.0190 0x08f8 MSSQLServerADHelper - ok
14:34:02.0237 0x08f8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:34:02.0268 0x08f8 MSTEE - ok
14:34:02.0283 0x08f8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
14:34:02.0315 0x08f8 MTConfig - ok
14:34:02.0330 0x08f8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
14:34:02.0361 0x08f8 Mup - ok
14:34:02.0393 0x08f8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
14:34:02.0439 0x08f8 napagent - ok
14:34:02.0486 0x08f8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:34:02.0517 0x08f8 NativeWifiP - ok
14:34:02.0580 0x08f8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
14:34:02.0642 0x08f8 NDIS - ok
14:34:02.0673 0x08f8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:34:02.0705 0x08f8 NdisCap - ok
14:34:02.0736 0x08f8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:34:02.0767 0x08f8 NdisTapi - ok
14:34:02.0798 0x08f8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:34:02.0829 0x08f8 Ndisuio - ok
14:34:02.0876 0x08f8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:34:02.0923 0x08f8 NdisWan - ok
14:34:02.0954 0x08f8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:34:02.0985 0x08f8 NDProxy - ok
14:34:03.0032 0x08f8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:34:03.0079 0x08f8 NetBIOS - ok
14:34:03.0110 0x08f8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:34:03.0173 0x08f8 NetBT - ok
14:34:03.0188 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\windows\system32\lsass.exe
14:34:03.0219 0x08f8 Netlogon - ok
14:34:03.0251 0x08f8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
14:34:03.0297 0x08f8 Netman - ok
14:34:03.0391 0x08f8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:34:03.0453 0x08f8 NetMsmqActivator - ok
14:34:03.0469 0x08f8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:34:03.0500 0x08f8 NetPipeActivator - ok
14:34:03.0531 0x08f8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
14:34:03.0625 0x08f8 netprofm - ok
14:34:03.0656 0x08f8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:34:03.0672 0x08f8 NetTcpActivator - ok
14:34:03.0672 0x08f8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:34:03.0703 0x08f8 NetTcpPortSharing - ok
14:34:03.0734 0x08f8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
14:34:03.0750 0x08f8 nfrd960 - ok
14:34:03.0797 0x08f8 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\windows\System32\nlasvc.dll
14:34:03.0828 0x08f8 NlaSvc - ok
14:34:03.0859 0x08f8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:34:03.0890 0x08f8 Npfs - ok
14:34:03.0921 0x08f8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
14:34:03.0968 0x08f8 nsi - ok
14:34:03.0999 0x08f8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:34:04.0031 0x08f8 nsiproxy - ok
14:34:04.0124 0x08f8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:34:04.0187 0x08f8 Ntfs - ok
14:34:04.0218 0x08f8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
14:34:04.0265 0x08f8 Null - ok
14:34:04.0639 0x08f8 [ 2713392707E515EFB671751FA767EBD2, A29F9F84A5C4D74DE53A975DA339217542636DF8DE4C336CFDEA117DE5724280 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:34:04.0967 0x08f8 nvlddmkm - ok
14:34:05.0045 0x08f8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
14:34:05.0076 0x08f8 nvraid - ok
14:34:05.0091 0x08f8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
14:34:05.0123 0x08f8 nvstor - ok
14:34:05.0154 0x08f8 [ D445466C0A10536486FBEBBC271D6E34, 0A20C185C18DB4BAD42B76A1C1196764AC3CC439462EEC0338377B4662B608F4 ] nvsvc C:\windows\system32\nvvsvc.exe
14:34:05.0185 0x08f8 nvsvc - ok
14:34:05.0232 0x08f8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:34:05.0263 0x08f8 nv_agp - ok
14:34:05.0372 0x08f8 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:34:05.0403 0x08f8 odserv - ok
14:34:05.0435 0x08f8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:34:05.0497 0x08f8 ohci1394 - ok
14:34:05.0544 0x08f8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:34:05.0575 0x08f8 ose - ok
14:34:05.0622 0x08f8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:34:05.0669 0x08f8 p2pimsvc - ok
14:34:05.0700 0x08f8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
14:34:05.0747 0x08f8 p2psvc - ok
14:34:05.0762 0x08f8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
14:34:05.0793 0x08f8 Parport - ok
14:34:05.0825 0x08f8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
14:34:05.0840 0x08f8 partmgr - ok
14:34:05.0871 0x08f8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
14:34:05.0887 0x08f8 Parvdm - ok
14:34:05.0918 0x08f8 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\windows\System32\pcasvc.dll
14:34:05.0965 0x08f8 PcaSvc - ok
14:34:05.0996 0x08f8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
14:34:06.0027 0x08f8 pci - ok
14:34:06.0059 0x08f8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
14:34:06.0074 0x08f8 pciide - ok
14:34:06.0105 0x08f8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
14:34:06.0137 0x08f8 pcmcia - ok
14:34:06.0152 0x08f8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
14:34:06.0183 0x08f8 pcw - ok
14:34:06.0215 0x08f8 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:34:06.0277 0x08f8 PEAUTH - ok
14:34:06.0371 0x08f8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
14:34:06.0464 0x08f8 pla - ok
14:34:06.0511 0x08f8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:34:06.0558 0x08f8 PlugPlay - ok
14:34:06.0589 0x08f8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:34:06.0620 0x08f8 PNRPAutoReg - ok
14:34:06.0636 0x08f8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:34:06.0667 0x08f8 PNRPsvc - ok
14:34:06.0729 0x08f8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:34:06.0776 0x08f8 PolicyAgent - ok
14:34:06.0823 0x08f8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
14:34:06.0870 0x08f8 Power - ok
14:34:06.0901 0x08f8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:34:06.0948 0x08f8 PptpMiniport - ok
14:34:06.0963 0x08f8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
14:34:06.0995 0x08f8 Processor - ok
14:34:07.0057 0x08f8 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\windows\system32\profsvc.dll
14:34:07.0104 0x08f8 ProfSvc - ok
14:34:07.0135 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\windows\system32\lsass.exe
14:34:07.0151 0x08f8 ProtectedStorage - ok
14:34:07.0182 0x08f8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:34:07.0229 0x08f8 Psched - ok
14:34:07.0291 0x08f8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
14:34:07.0353 0x08f8 ql2300 - ok
14:34:07.0385 0x08f8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
14:34:07.0400 0x08f8 ql40xx - ok
14:34:07.0447 0x08f8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
14:34:07.0509 0x08f8 QWAVE - ok
14:34:07.0541 0x08f8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:34:07.0572 0x08f8 QWAVEdrv - ok
14:34:07.0587 0x08f8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:34:07.0650 0x08f8 RasAcd - ok
14:34:07.0697 0x08f8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:34:07.0728 0x08f8 RasAgileVpn - ok
14:34:07.0759 0x08f8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
14:34:07.0790 0x08f8 RasAuto - ok
14:34:07.0806 0x08f8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:34:07.0837 0x08f8 Rasl2tp - ok
14:34:07.0884 0x08f8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
14:34:07.0946 0x08f8 RasMan - ok
14:34:07.0962 0x08f8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:34:08.0009 0x08f8 RasPppoe - ok
14:34:08.0040 0x08f8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:34:08.0087 0x08f8 RasSstp - ok
14:34:08.0133 0x08f8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:34:08.0180 0x08f8 rdbss - ok
14:34:08.0211 0x08f8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
14:34:08.0243 0x08f8 rdpbus - ok
14:34:08.0274 0x08f8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:34:08.0305 0x08f8 RDPCDD - ok
14:34:08.0321 0x08f8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:34:08.0352 0x08f8 RDPENCDD - ok
14:34:08.0383 0x08f8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:34:08.0414 0x08f8 RDPREFMP - ok
14:34:08.0461 0x08f8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:34:08.0477 0x08f8 RDPWD - ok
14:34:08.0539 0x08f8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:34:08.0570 0x08f8 rdyboost - ok
14:34:08.0601 0x08f8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
14:34:08.0648 0x08f8 RemoteAccess - ok
14:34:08.0695 0x08f8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
14:34:08.0726 0x08f8 RemoteRegistry - ok
14:34:08.0742 0x08f8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:34:08.0804 0x08f8 RpcEptMapper - ok
14:34:08.0820 0x08f8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
14:34:08.0835 0x08f8 RpcLocator - ok
14:34:08.0867 0x08f8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
14:34:08.0898 0x08f8 RpcSs - ok
14:34:08.0945 0x08f8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:34:08.0991 0x08f8 rspndr - ok
14:34:09.0023 0x08f8 [ 6465166DD9B2F841DABAD16ABDADBE98, C5E93E9739A14375A8242D11F3661A2D069DC0F88DD13C869F525E19808A362E ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
14:34:09.0054 0x08f8 RTL8167 - ok
14:34:09.0085 0x08f8 [ 6E5FBB7CBAEC47038B945D5E9B144A64, B2AA2F39DAA841FCA470846CC07C580464E2F07C3EFAA64AF783144718F09C13 ] SABI C:\windows\system32\Drivers\SABI.sys
14:34:09.0101 0x08f8 SABI - ok
14:34:09.0116 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\windows\system32\lsass.exe
14:34:09.0147 0x08f8 SamSs - ok
14:34:09.0179 0x08f8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:34:09.0210 0x08f8 sbp2port - ok
14:34:09.0257 0x08f8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
14:34:09.0288 0x08f8 SCardSvr - ok
14:34:09.0335 0x08f8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:34:09.0366 0x08f8 scfilter - ok
14:34:09.0428 0x08f8 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
14:34:09.0506 0x08f8 Schedule - ok
14:34:09.0537 0x08f8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
14:34:09.0569 0x08f8 SCPolicySvc - ok
14:34:09.0584 0x08f8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:34:09.0631 0x08f8 SDRSVC - ok
14:34:09.0678 0x08f8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:34:09.0709 0x08f8 secdrv - ok
14:34:09.0740 0x08f8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
14:34:09.0787 0x08f8 seclogon - ok
14:34:09.0803 0x08f8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
14:34:09.0849 0x08f8 SENS - ok
14:34:09.0865 0x08f8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:34:09.0896 0x08f8 SensrSvc - ok
14:34:09.0912 0x08f8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
14:34:09.0943 0x08f8 Serenum - ok
14:34:09.0959 0x08f8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
14:34:10.0005 0x08f8 Serial - ok
14:34:10.0021 0x08f8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
14:34:10.0052 0x08f8 sermouse - ok
14:34:10.0099 0x08f8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
14:34:10.0146 0x08f8 SessionEnv - ok
14:34:10.0177 0x08f8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:34:10.0208 0x08f8 sffdisk - ok
14:34:10.0224 0x08f8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:34:10.0239 0x08f8 sffp_mmc - ok
14:34:10.0255 0x08f8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:34:10.0286 0x08f8 sffp_sd - ok
14:34:10.0317 0x08f8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
14:34:10.0333 0x08f8 sfloppy - ok
14:34:10.0364 0x08f8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
14:34:10.0411 0x08f8 SharedAccess - ok
14:34:10.0458 0x08f8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:34:10.0520 0x08f8 ShellHWDetection - ok
14:34:10.0536 0x08f8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
14:34:10.0551 0x08f8 sisagp - ok
14:34:10.0583 0x08f8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
14:34:10.0614 0x08f8 SiSRaid2 - ok
14:34:10.0614 0x08f8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
14:34:10.0645 0x08f8 SiSRaid4 - ok
14:34:10.0645 0x08f8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:34:10.0692 0x08f8 Smb - ok
14:34:10.0739 0x08f8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:34:10.0754 0x08f8 SNMPTRAP - ok
14:34:10.0848 0x08f8 [ 8AF23779B8DFD9DEEE93DCF73315A744, FE61BEC9764ED93E54D022A60BC12CC3181A4E2ABCA2D3D1A800F04026A0384B ] Soda PDF 6 C:\Program Files\Soda PDF 6\ws.exe
14:34:10.0926 0x08f8 Soda PDF 6 - ok
14:34:10.0988 0x08f8 [ 213491A1F522B6FB10074CB8CAD4644E, DE02CED05DBE4B78C1F8288888D448E0666DC54815029DF5B7B9FD77196A9E72 ] Soda PDF 6 Creator C:\Program Files\Soda PDF 6\creator-ws.exe
14:34:11.0035 0x08f8 Soda PDF 6 Creator - ok
14:34:11.0066 0x08f8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
14:34:11.0097 0x08f8 spldr - ok
14:34:11.0144 0x08f8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
14:34:11.0238 0x08f8 Spooler - ok
14:34:11.0409 0x08f8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
14:34:11.0597 0x08f8 sppsvc - ok
14:34:11.0659 0x08f8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
14:34:11.0706 0x08f8 sppuinotify - ok
14:34:11.0831 0x08f8 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\windows\System32\Drivers\sptd.sys
14:34:11.0893 0x08f8 sptd - ok
14:34:11.0955 0x08f8 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8, FD904FBB36ED60AE084F86F7196FCE48F798CF720DB1677C307059E45497E140 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:34:11.0987 0x08f8 SQLBrowser - ok
14:34:12.0002 0x08f8 [ 54902536AAD0E9B99BC65F89C0CAF93F, 312B6F1ECBAA42EA8FAC374E446FC6B686F747B38D903E1B181F95AECCB2BFD1 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:34:12.0033 0x08f8 SQLWriter - ok
14:34:12.0096 0x08f8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
14:34:12.0127 0x08f8 srv - ok
14:34:12.0158 0x08f8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:34:12.0189 0x08f8 srv2 - ok
14:34:12.0205 0x08f8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:34:12.0236 0x08f8 srvnet - ok
14:34:12.0267 0x08f8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:34:12.0314 0x08f8 SSDPSRV - ok
14:34:12.0345 0x08f8 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
14:34:12.0361 0x08f8 ssmdrv - ok
14:34:12.0377 0x08f8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
14:34:12.0408 0x08f8 SstpSvc - ok
14:34:12.0439 0x08f8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
14:34:12.0455 0x08f8 stexstor - ok
14:34:12.0517 0x08f8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
14:34:12.0564 0x08f8 StiSvc - ok
14:34:12.0595 0x08f8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
14:34:12.0611 0x08f8 swenum - ok
14:34:12.0642 0x08f8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
14:34:12.0689 0x08f8 swprv - ok
14:34:12.0735 0x08f8 [ 7A9025D8F7852B06D6D08ED536135E7E, 814153517841D316AA44D59F31B3C6DAD09DE688AF6B946D9B0970EAE815CAAD ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:34:12.0767 0x08f8 SynTP - ok
14:34:12.0845 0x08f8 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
14:34:12.0938 0x08f8 SysMain - ok
14:34:12.0969 0x08f8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
14:34:13.0001 0x08f8 TabletInputService - ok
14:34:13.0047 0x08f8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
14:34:13.0110 0x08f8 TapiSrv - ok
14:34:13.0125 0x08f8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
14:34:13.0188 0x08f8 TBS - ok
14:34:13.0266 0x08f8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:34:13.0328 0x08f8 Tcpip - ok
14:34:13.0406 0x08f8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:34:13.0453 0x08f8 TCPIP6 - ok
14:34:13.0500 0x08f8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:34:13.0515 0x08f8 tcpipreg - ok
14:34:13.0562 0x08f8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:34:13.0593 0x08f8 TDPIPE - ok
14:34:13.0625 0x08f8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:34:13.0656 0x08f8 TDTCP - ok
14:34:13.0687 0x08f8 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:34:13.0718 0x08f8 tdx - ok
14:34:13.0749 0x08f8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
14:34:13.0765 0x08f8 TermDD - ok
14:34:13.0812 0x08f8 [ E05E31F7BF577228E27CFFCA5B54ABBD, BF053DE7FA6DF33E15D0DD421F34962D92575ED163E4A605FE6B8DA9CEA5CF55 ] TermService C:\windows\System32\termsrv.dll
14:34:13.0874 0x08f8 TermService - ok
14:34:13.0905 0x08f8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
14:34:13.0937 0x08f8 Themes - ok
14:34:13.0952 0x08f8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
14:34:13.0983 0x08f8 THREADORDER - ok
14:34:13.0999 0x08f8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
14:34:14.0046 0x08f8 TrkWks - ok
14:34:14.0093 0x08f8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:34:14.0155 0x08f8 TrustedInstaller - ok
14:34:14.0202 0x08f8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:34:14.0217 0x08f8 tssecsrv - ok
14:34:14.0264 0x08f8 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:34:14.0295 0x08f8 TsUsbFlt - ok
14:34:14.0342 0x08f8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:34:14.0373 0x08f8 tunnel - ok
14:34:14.0405 0x08f8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
14:34:14.0420 0x08f8 uagp35 - ok
14:34:14.0451 0x08f8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:34:14.0514 0x08f8 udfs - ok
14:34:14.0545 0x08f8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
14:34:14.0576 0x08f8 UI0Detect - ok
14:34:14.0623 0x08f8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:34:14.0639 0x08f8 uliagpkx - ok
14:34:14.0685 0x08f8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\drivers\umbus.sys
14:34:14.0701 0x08f8 umbus - ok
14:34:14.0748 0x08f8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
14:34:14.0763 0x08f8 UmPass - ok
14:34:14.0795 0x08f8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
14:34:14.0857 0x08f8 upnphost - ok
14:34:14.0873 0x08f8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:34:14.0904 0x08f8 usbccgp - ok
14:34:14.0935 0x08f8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
14:34:14.0966 0x08f8 usbcir - ok
14:34:14.0982 0x08f8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
14:34:15.0013 0x08f8 usbehci - ok
14:34:15.0060 0x08f8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:34:15.0091 0x08f8 usbhub - ok
14:34:15.0122 0x08f8 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:34:15.0153 0x08f8 usbohci - ok
14:34:15.0185 0x08f8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
14:34:15.0231 0x08f8 usbprint - ok
14:34:15.0247 0x08f8 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\windows\system32\drivers\usbscan.sys
14:34:15.0294 0x08f8 usbscan - ok
14:34:15.0325 0x08f8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:34:15.0341 0x08f8 USBSTOR - ok
14:34:15.0372 0x08f8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
14:34:15.0387 0x08f8 usbuhci - ok
14:34:15.0419 0x08f8 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
14:34:15.0434 0x08f8 usbvideo - ok
14:34:15.0465 0x08f8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
14:34:15.0528 0x08f8 UxSms - ok
14:34:15.0559 0x08f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\windows\system32\lsass.exe
14:34:15.0575 0x08f8 VaultSvc - ok
14:34:15.0590 0x08f8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:34:15.0621 0x08f8 vdrvroot - ok
14:34:15.0668 0x08f8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
14:34:15.0731 0x08f8 vds - ok
14:34:15.0777 0x08f8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:34:15.0824 0x08f8 vga - ok
14:34:15.0840 0x08f8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
14:34:15.0887 0x08f8 VgaSave - ok
14:34:15.0933 0x08f8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:34:15.0965 0x08f8 vhdmp - ok
14:34:15.0996 0x08f8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
14:34:16.0027 0x08f8 viaagp - ok
14:34:16.0043 0x08f8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
14:34:16.0074 0x08f8 ViaC7 - ok
14:34:16.0105 0x08f8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
14:34:16.0136 0x08f8 viaide - ok
14:34:16.0152 0x08f8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:34:16.0183 0x08f8 volmgr - ok
14:34:16.0214 0x08f8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:34:16.0245 0x08f8 volmgrx - ok
14:34:16.0261 0x08f8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:34:16.0292 0x08f8 volsnap - ok
14:34:16.0323 0x08f8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
14:34:16.0339 0x08f8 vsmraid - ok
14:34:16.0433 0x08f8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
14:34:16.0526 0x08f8 VSS - ok
14:34:16.0542 0x08f8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:34:16.0557 0x08f8 vwifibus - ok
14:34:16.0589 0x08f8 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:34:16.0604 0x08f8 vwififlt - ok
14:34:16.0620 0x08f8 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
14:34:16.0651 0x08f8 vwifimp - ok
14:34:16.0713 0x08f8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
14:34:16.0776 0x08f8 W32Time - ok
14:34:16.0791 0x08f8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
14:34:16.0807 0x08f8 WacomPen - ok
14:34:16.0838 0x08f8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:34:16.0869 0x08f8 WANARP - ok
14:34:16.0885 0x08f8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:34:16.0916 0x08f8 Wanarpv6 - ok
14:34:16.0994 0x08f8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
14:34:17.0103 0x08f8 wbengine - ok
14:34:17.0119 0x08f8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:34:17.0166 0x08f8 WbioSrvc - ok
14:34:17.0197 0x08f8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
14:34:17.0244 0x08f8 wcncsvc - ok
14:34:17.0259 0x08f8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:34:17.0291 0x08f8 WcsPlugInService - ok
14:34:17.0322 0x08f8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
14:34:17.0337 0x08f8 Wd - ok
14:34:17.0384 0x08f8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:34:17.0431 0x08f8 Wdf01000 - ok
14:34:17.0462 0x08f8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\windows\system32\wdi.dll
14:34:17.0525 0x08f8 WdiServiceHost - ok
14:34:17.0525 0x08f8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\windows\system32\wdi.dll
14:34:17.0556 0x08f8 WdiSystemHost - ok
14:34:17.0587 0x08f8 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
14:34:17.0634 0x08f8 WebClient - ok
14:34:17.0665 0x08f8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
14:34:17.0712 0x08f8 Wecsvc - ok
14:34:17.0727 0x08f8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:34:17.0774 0x08f8 wercplsupport - ok
14:34:17.0790 0x08f8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
14:34:17.0837 0x08f8 WerSvc - ok
14:34:17.0868 0x08f8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:34:17.0899 0x08f8 WfpLwf - ok
14:34:17.0915 0x08f8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:34:17.0930 0x08f8 WIMMount - ok
14:34:18.0008 0x08f8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:34:18.0086 0x08f8 WinDefend - ok
14:34:18.0102 0x08f8 WinHttpAutoProxySvc - ok
14:34:18.0164 0x08f8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:34:18.0211 0x08f8 Winmgmt - ok
14:34:18.0289 0x08f8 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\windows\system32\WsmSvc.dll
14:34:18.0383 0x08f8 WinRM - ok
14:34:18.0461 0x08f8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
14:34:18.0523 0x08f8 Wlansvc - ok
14:34:18.0554 0x08f8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
14:34:18.0601 0x08f8 WmiAcpi - ok
14:34:18.0632 0x08f8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:34:18.0648 0x08f8 wmiApSrv - ok
14:34:18.0773 0x08f8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:34:18.0866 0x08f8 WMPNetworkSvc - ok
14:34:18.0897 0x08f8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
14:34:18.0944 0x08f8 WPCSvc - ok
14:34:18.0975 0x08f8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:34:19.0007 0x08f8 WPDBusEnum - ok
14:34:19.0038 0x08f8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:34:19.0069 0x08f8 ws2ifsl - ok
14:34:19.0085 0x08f8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
14:34:19.0131 0x08f8 wscsvc - ok
14:34:19.0147 0x08f8 WSearch - ok
14:34:19.0256 0x08f8 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\windows\system32\wuaueng.dll
14:34:19.0350 0x08f8 wuauserv - ok
14:34:19.0381 0x08f8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:34:19.0412 0x08f8 WudfPf - ok
14:34:19.0459 0x08f8 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:34:19.0506 0x08f8 WUDFRd - ok
14:34:19.0553 0x08f8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:34:19.0584 0x08f8 wudfsvc - ok
14:34:19.0631 0x08f8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
14:34:19.0677 0x08f8 WwanSvc - ok
14:34:19.0740 0x08f8 [ C26C68BCBAC1F33F890C226769759209, 15FCBDF391C68D440A61512CF236C328A540DBC155D252FB7E97E14D0E99AA40 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
14:34:19.0771 0x08f8 xusb21 - ok
14:34:19.0787 0x08f8 ================ Scan global ===============================
14:34:19.0818 0x08f8 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
14:34:19.0865 0x08f8 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:34:19.0880 0x08f8 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
14:34:19.0911 0x08f8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
14:34:19.0974 0x08f8 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
14:34:19.0989 0x08f8 [ Global ] - ok
14:34:19.0989 0x08f8 ================ Scan MBR ==================================
14:34:20.0005 0x08f8 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
14:34:20.0348 0x08f8 \Device\Harddisk0\DR0 - ok
14:34:20.0348 0x08f8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
14:34:20.0738 0x08f8 \Device\Harddisk1\DR1 - ok
14:34:20.0738 0x08f8 ================ Scan VBR ==================================
14:34:20.0738 0x08f8 [ FFCF558F995DC6506B87E0580F61DA7E ] \Device\Harddisk0\DR0\Partition1
14:34:20.0738 0x08f8 \Device\Harddisk0\DR0\Partition1 - ok
14:34:20.0754 0x08f8 [ 1FC161B5AC31634E8CC59E6A45853EBB ] \Device\Harddisk0\DR0\Partition2
14:34:20.0754 0x08f8 \Device\Harddisk0\DR0\Partition2 - ok
14:34:20.0769 0x08f8 [ 1C5C97F61B455CE0A46ED9F63F86257F ] \Device\Harddisk0\DR0\Partition3
14:34:20.0769 0x08f8 \Device\Harddisk0\DR0\Partition3 - ok
14:34:20.0769 0x08f8 [ A8FC47FCDA8630BE1B55F486249990BF ] \Device\Harddisk1\DR1\Partition1
14:34:20.0769 0x08f8 \Device\Harddisk1\DR1\Partition1 - ok
14:34:20.0769 0x08f8 ================ Scan generic autorun ======================
14:34:20.0769 0x08f8 NvCplDaemon - ok
14:34:21.0113 0x08f8 [ F50CA00F1929D9294FE01894D0168A7F, 197B7402215422B05837439E6973FD76F8C052A089DB61AA75CF8082A8389344 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
14:34:21.0534 0x08f8 RtHDVCpl - ok
14:34:21.0643 0x08f8 [ 934DE0EDBED59940A2725050DA13A066, CB231A76001E380EDEDE8DE3A1713CC87D95D96EF7E757D18C6B6B209C215C6F ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:34:21.0690 0x08f8 SynTPEnh - ok
14:34:21.0752 0x08f8 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
14:34:21.0783 0x08f8 UCam_Menu - ok
14:34:21.0799 0x08f8 [ BEAE23E7FC6DCC19E9B0F1811F02834F, AF0C770CA1E239EC700CB260BC9CD6586034225ACA2F8966BC1A4D6BAA5ACC9E ] C:\Program Files\Winamp\winampa.exe
14:34:21.0830 0x08f8 WinampAgent - ok
14:34:21.0893 0x08f8 [ 90A3525C7399B7784D28F99EA1A51C4C, EFECE6A0A66ED3166197C3D90E1787D695BBA388E7BD344520597A115969C266 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
14:34:21.0939 0x08f8 EEventManager - ok
14:34:22.0017 0x08f8 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:34:22.0064 0x08f8 avgnt - ok
14:34:22.0158 0x08f8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:34:22.0220 0x08f8 Adobe ARM - ok
14:34:22.0314 0x08f8 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
14:34:22.0361 0x08f8 Avira Systray - ok
14:34:22.0470 0x08f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:34:22.0563 0x08f8 Sidebar - ok
14:34:22.0579 0x08f8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:34:22.0610 0x08f8 mctadmin - ok
14:34:22.0673 0x08f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:34:22.0719 0x08f8 Sidebar - ok
14:34:22.0735 0x08f8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:34:22.0751 0x08f8 mctadmin - ok
14:34:22.0813 0x08f8 [ 7AC2182FA963EFD2F72E8399BF0E67F9, B4E84E7DDB1D614A24F89205201C049969DBD60D9D7ACC747A0B443B08167E13 ] C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE
14:34:22.0844 0x08f8 EPSON SX110 Series - ok
14:34:22.0844 0x08f8 Waiting for KSN requests completion. In queue: 57
14:34:23.0858 0x08f8 Waiting for KSN requests completion. In queue: 57
14:34:24.0872 0x08f8 Waiting for KSN requests completion. In queue: 57
14:34:26.0011 0x08f8 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
14:34:26.0042 0x08f8 Win FW state via NFP2: enabled
14:34:28.0647 0x08f8 ============================================================
14:34:28.0647 0x08f8 Scan finished
14:34:28.0647 0x08f8 ============================================================
14:34:28.0663 0x10dc Detected object count: 0
14:34:28.0663 0x10dc Actual detected object count: 0
|
|
12.11.2014, 10:38
| #4 |
| /// the machine /// TB-Ausbilder | Avira hat unbekanntes Objekt gefunden Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2014, 13:10
| #5 |
| | Avira hat unbekanntes Objekt gefunden Morgen Schrauber, Anbei das Zipfile und die Textdatei. HTML-Code: Detected Windows version: 6.1 Build 7601 Service Pack 1
Installing direct disk access driver ...
Driver connection handle: 0x000000F8
1 valid drive(s) found.
Details for Disk 0 - Hitachi HTS545032B9A Rev PB3O:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 38913/255/63
Boot loader reputation : Unknown
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : F5C09ACABD4A5370BDD907E8EDFE0C1DA0F9D3F5
MD5 : 2E5DEBB2116B3417023E0D6562D7ED07
|
|
13.11.2014, 07:26
| #6 |
| /// the machine /// TB-Ausbilder | Avira hat unbekanntes Objekt gefunden Bitte die emsi.zip mal bei virustotal.com scannen lassen, Ergebnis hier posten.
__________________ --> Avira hat unbekanntes Objekt gefunden |
|
13.11.2014, 08:08
| #7 |
| | Avira hat unbekanntes Objekt gefunden Moin, hier der Scan der Datei von virustotal.com Code:
ATTFilter SHA256: 76c89830fd46515e03f40a21c2e5cef1986754c829cac4d98684b7b1b2814c18
Dateiname: emsi.zip
Erkennungsrate: 1 / 53
Analyse-Datum: 2014-11-13 07:05:29 UTC ( vor 0 Minuten )
0
0
Analyse
Zusätzliche Informationen
Kommentare
Bewertungen
Antivirus Ergebnis Aktualisierung
VBA32 suspected of Unknown.BootVirus.I 20141112
AVG 20141113
AVware 20141113
Ad-Aware 20141113
AegisLab 20141113
Agnitum 20141112
AhnLab-V3 20141112
Antiy-AVL 20141112
Avast 20141113
Avira 20141113
Baidu-International 20141107
BitDefender 20141113
Bkav 20141112
ByteHero 20141113
CAT-QuickHeal 20141113
CMC 20141110
ClamAV 20141113
Comodo 20141113
Cyren 20141113
DrWeb 20141113
ESET-NOD32 20141113
Emsisoft 20141113
F-Prot 20141113
F-Secure 20141113
Fortinet 20141113
GData 20141113
Ikarus 20141113
Jiangmin 20141112
K7AntiVirus 20141112
K7GW 20141112
Kaspersky 20141113
Kingsoft 20141113
Malwarebytes 20141113
McAfee 20141113
McAfee-GW-Edition 20141113
MicroWorld-eScan 20141113
Microsoft 20141113
NANO-Antivirus 20141113
Norman 20141112
Panda 20141110
Qihoo-360 20141113
Rising 20141112
SUPERAntiSpyware 20141113
Sophos 20141113
Symantec 20141113
Tencent 20141113
TheHacker 20141111
TotalDefense 20141112
TrendMicro-HouseCall 20141113
ViRobot 20141113
Zillya 20141111
Zoner 20141112
nProtect 20141112
|
|
14.11.2014, 07:02
| #8 |
| /// the machine /// TB-Ausbilder | Avira hat unbekanntes Objekt gefunden Sieht alles gut aus
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.11.2014, 11:25
| #9 |
| | Avira hat unbekanntes Objekt gefunden Moin Schrauber, erstmal ganz herzlichen Dank für die schnelle und gut verständliche Hilfe. Darf ich noch fragen um was es sich bei dem versteckten Objekt handelt, und warum Avira damit Probleme hatte. Oder soll ich das jetzt einfach bei jedem Aviradurchlauf ignorieren? Und deutet das nicht auf eine Unregelmässigkeit hin :VBA32 suspected of Unknown.BootVirus.I ? Ansonsten nochmal herzlichen Dank, hab noch nen Paar Taler ins Spendenglas geschmissen. Schönes Wochenende |
|
15.11.2014, 11:33
| #10 |
| /// the machine /// TB-Ausbilder | Avira hat unbekanntes Objekt gefunden Keine Ahnung was Avira da wieder hat, aber versteckt ist da nix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Avira hat unbekanntes Objekt gefunden |
| adware, antivirus, browser, cpu, defender, desktop, device driver, downloader, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode detected, firefox, firefox 33.1, flash player, hdd0(c:, installation, problem, programm, required, rundll, scan, security, server, services.exe, software, svchost.exe, system, windows |
Linear-Darstellung
