|
Plagegeister aller Art und deren Bekämpfung: Boo/Cidox.B auf Lappy von Freundin TDSS Log InsideWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.12.2014, 17:11 | #1 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Hallo liebe Mitmenschen. Der Lappy meiner Freundin hat sich beim Festplattenzugriff immer verabschiedet und startete immer Neu.(Kam nie in Windows) Sie hatte Windows 7 drauf. Nun habe ich die HDD an meinem PC Per SATA USB Adapter und Antivir hat sofort Alarm geschlagen. Btw: Ist mein PC nun auch akut Infektionsgefährdet ? Habe nun mal TDSSKiller drüberlaufen lassen. Habe nix gemacht Skip und weiter. Was soll ich damit nun anstellen eurer Meinung nach ? Über ein paar Tips wäre ich dankbar. Mit freundlichen Grüßen RBMK |
02.12.2014, 17:34 | #2 |
/// the machine /// TB-Ausbilder | Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
02.12.2014, 17:52 | #3 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside 16:56:43.0323 0x1a48 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
__________________16:56:46.0601 0x1a48 ============================================================ 16:56:46.0601 0x1a48 Current date / time: 2014/12/02 16:56:46.0601 16:56:46.0601 0x1a48 SystemInfo: 16:56:46.0602 0x1a48 16:56:46.0602 0x1a48 OS Version: 6.1.7601 ServicePack: 1.0 16:56:46.0602 0x1a48 Product type: Workstation 16:56:46.0602 0x1a48 ComputerName: AMDFXCROSSFIRE 16:56:46.0602 0x1a48 UserName: --- 16:56:46.0602 0x1a48 Windows directory: C:\Windows 16:56:46.0602 0x1a48 System windows directory: C:\Windows 16:56:46.0602 0x1a48 Running under WOW64 16:56:46.0602 0x1a48 Processor architecture: Intel x64 16:56:46.0602 0x1a48 Number of processors: 8 16:56:46.0602 0x1a48 Page size: 0x1000 16:56:46.0602 0x1a48 Boot type: Normal boot 16:56:46.0602 0x1a48 ============================================================ 16:56:48.0610 0x1a48 KLMD registered as C:\Windows\system32\drivers\41781364.sys 16:56:48.0889 0x1a48 System UUID: {144609C6-277B-040E-AC59-F06BF1D25E5F} 16:56:49.0387 0x1a48 Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:56:50.0105 0x1a48 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:56:50.0118 0x1a48 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:56:50.0758 0x1a48 Drive \Device\Harddisk3\DR3 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:56:50.0758 0x1a48 Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:56:50.0778 0x1a48 Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 16:56:50.0785 0x1a48 ============================================================ 16:56:50.0785 0x1a48 \Device\Harddisk0\DR0: 16:56:50.0785 0x1a48 GPT partitions: 16:56:50.0785 0x1a48 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8364E391-EF97-4689-BBB3-F7AC411295F6}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000 16:56:50.0785 0x1a48 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0773DDDA-7FC5-4838-D299-65E7B62441F4}, Name: Basic data partition, StartLBA 0x41000, BlocksNum 0x71853000 16:56:50.0785 0x1a48 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {07AAE340-91A7-4E95-EAB0-0EFD4A31D1FD}, Name: Basic data partition, StartLBA 0x71894000, BlocksNum 0x71853000 16:56:50.0785 0x1a48 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5FCE86C3-D3E4-454B-55D8-C08005033E56}, Name: Basic data partition, StartLBA 0xE30E7000, BlocksNum 0x7A423000 16:56:50.0785 0x1a48 MBR partitions: 16:56:50.0785 0x1a48 \Device\Harddisk1\DR1: 16:56:50.0786 0x1a48 GPT partitions: 16:56:50.0817 0x1a48 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6D65002A-B863-4D54-9EF5-E0387371494F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71B81800 16:56:50.0817 0x1a48 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E0E7C3B6-89C8-43B7-A1C3-1882F1A5A3DD}, Name: Basic data partition, StartLBA 0x71B82000, BlocksNum 0x71C4F800 16:56:50.0817 0x1a48 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F0B8BAC-A2C5-4CCA-8228-DC243D0FCA1C}, Name: Basic data partition, StartLBA 0xE37D1800, BlocksNum 0x79D38000 16:56:50.0817 0x1a48 MBR partitions: 16:56:50.0817 0x1a48 \Device\Harddisk2\DR2: 16:56:50.0817 0x1a48 MBR partitions: 16:56:50.0817 0x1a48 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:56:50.0817 0x1a48 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x21CB3000 16:56:50.0817 0x1a48 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x21CE5800, BlocksNum 0x182B8000 16:56:50.0817 0x1a48 \Device\Harddisk3\DR3: 16:56:50.0817 0x1a48 GPT partitions: 16:56:50.0847 0x1a48 \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {283654C3-1EDF-4DFC-985C-68EE18B8396C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x7198D800 16:56:50.0847 0x1a48 \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {64448BDE-9715-4BBE-AA2B-4979E40FA37C}, Name: Basic data partition, StartLBA 0x7198E000, BlocksNum 0x71A5B800 16:56:50.0847 0x1a48 \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {154B5B89-618D-4086-9455-90677718D689}, Name: Basic data partition, StartLBA 0xE33E9800, BlocksNum 0x7A120000 16:56:50.0847 0x1a48 MBR partitions: 16:56:50.0847 0x1a48 \Device\Harddisk4\DR4: 16:56:50.0847 0x1a48 GPT partitions: 16:56:50.0848 0x1a48 \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B67E26B0-97B6-4911-CE13-C2A37AD68D0B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x81969800 16:56:50.0848 0x1a48 \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0A330361-6241-4614-8E52-0BA87BB7D564}, Name: Basic data partition, StartLBA 0x8196A000, BlocksNum 0x7DBB8000 16:56:50.0848 0x1a48 \Device\Harddisk4\DR4\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {11333C85-0799-4CDE-5B10-1623ED381EAF}, Name: Basic data partition, StartLBA 0xFF522000, BlocksNum 0x5DFE8000 16:56:50.0848 0x1a48 MBR partitions: 16:56:50.0848 0x1a48 \Device\Harddisk5\DR5: 16:56:50.0848 0x1a48 MBR partitions: 16:56:50.0848 0x1a48 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1B00800 16:56:50.0848 0x1a48 \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0x1B01800, BlocksNum 0x32000 16:56:50.0848 0x1a48 \Device\Harddisk5\DR5\Partition3: MBR, Type 0x7, StartLBA 0x1B33800, BlocksNum 0x3884B800 16:56:50.0848 0x1a48 \Device\Harddisk5\DR5\Partition4: MBR, Type 0x7, StartLBA 0x3A37F000, BlocksNum 0x5000 16:56:50.0849 0x1a48 ============================================================ 16:56:50.0876 0x1a48 C: <-> \Device\Harddisk2\DR2\Partition2 16:56:50.0908 0x1a48 G: <-> \Device\Harddisk2\DR2\Partition3 16:56:50.0944 0x1a48 Z: <-> \Device\Harddisk3\DR3\Partition3 16:56:50.0971 0x1a48 Y: <-> \Device\Harddisk3\DR3\Partition2 16:56:50.0993 0x1a48 X: <-> \Device\Harddisk3\DR3\Partition1 16:56:51.0033 0x1a48 W: <-> \Device\Harddisk1\DR1\Partition3 16:56:51.0058 0x1a48 V: <-> \Device\Harddisk1\DR1\Partition2 16:56:51.0073 0x1a48 U: <-> \Device\Harddisk1\DR1\Partition1 16:56:51.0074 0x1a48 T: <-> \Device\Harddisk0\DR0\Partition4 16:56:51.0075 0x1a48 S: <-> \Device\Harddisk0\DR0\Partition3 16:56:51.0076 0x1a48 R: <-> \Device\Harddisk0\DR0\Partition2 16:56:51.0076 0x1a48 P: <-> \Device\Harddisk4\DR4\Partition2 16:56:51.0101 0x1a48 F: <-> \Device\Harddisk4\DR4\Partition1 16:56:51.0185 0x1a48 H: <-> \Device\Harddisk5\DR5\Partition2 16:56:51.0206 0x1a48 I: <-> \Device\Harddisk5\DR5\Partition1 16:56:51.0224 0x1a48 D: <-> \Device\Harddisk5\DR5\Partition3 16:56:51.0226 0x1a48 ============================================================ 16:56:51.0226 0x1a48 Initialize success 16:56:51.0226 0x1a48 ============================================================ 16:57:14.0863 0x17d4 ============================================================ 16:57:14.0863 0x17d4 Scan started 16:57:14.0863 0x17d4 Mode: Manual; 16:57:14.0863 0x17d4 ============================================================ 16:57:14.0863 0x17d4 KSN ping started 16:57:17.0330 0x17d4 KSN ping finished: true 16:57:19.0126 0x17d4 ================ Scan system memory ======================== 16:57:19.0126 0x17d4 System memory - ok 16:57:19.0126 0x17d4 ================ Scan services ============================= 16:57:19.0328 0x17d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 16:57:19.0375 0x17d4 1394ohci - ok 16:57:19.0469 0x17d4 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 16:57:19.0500 0x17d4 ACDaemon - ok 16:57:19.0531 0x17d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:57:19.0547 0x17d4 ACPI - ok 16:57:19.0578 0x17d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 16:57:19.0594 0x17d4 AcpiPmi - ok 16:57:19.0687 0x17d4 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:57:19.0687 0x17d4 AdobeARMservice - ok 16:57:19.0843 0x17d4 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:57:19.0843 0x17d4 AdobeFlashPlayerUpdateSvc - ok 16:57:19.0906 0x17d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:57:19.0952 0x17d4 adp94xx - ok 16:57:19.0999 0x17d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:57:20.0030 0x17d4 adpahci - ok 16:57:20.0046 0x17d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:57:20.0077 0x17d4 adpu320 - ok 16:57:20.0108 0x17d4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:57:20.0108 0x17d4 AeLookupSvc - ok 16:57:20.0171 0x17d4 [ 4AD765ED1F6B2BA2F65CD898EC33AF44, 409A1EED520165BD4AD70ADFD8AC7B42B9E1E17AC1F23572DEE5F70019D5C508 ] AF9035BDA C:\Windows\system32\Drivers\AF9035BDA.sys 16:57:20.0233 0x17d4 AF9035BDA - ok 16:57:20.0264 0x17d4 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys 16:57:20.0280 0x17d4 Afc - ok 16:57:20.0327 0x17d4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 16:57:20.0593 0x17d4 AFD - ok 16:57:20.0624 0x17d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 16:57:20.0624 0x17d4 agp440 - ok 16:57:20.0640 0x17d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 16:57:20.0640 0x17d4 ALG - ok 16:57:20.0671 0x17d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 16:57:20.0687 0x17d4 aliide - ok 16:57:20.0718 0x17d4 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 16:57:20.0749 0x17d4 AMD External Events Utility - ok 16:57:20.0827 0x17d4 AMD FUEL Service - ok 16:57:20.0858 0x17d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 16:57:20.0874 0x17d4 amdide - ok 16:57:20.0889 0x17d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:57:20.0889 0x17d4 AmdK8 - ok 16:57:21.0342 0x17d4 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 16:57:21.0794 0x17d4 amdkmdag - ok 16:57:21.0857 0x17d4 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 16:57:21.0888 0x17d4 amdkmdap - ok 16:57:21.0919 0x17d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 16:57:21.0919 0x17d4 AmdPPM - ok 16:57:21.0981 0x17d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:57:21.0997 0x17d4 amdsata - ok 16:57:22.0045 0x17d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:57:22.0341 0x17d4 amdsbs - ok 16:57:22.0357 0x17d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:57:22.0357 0x17d4 amdxata - ok 16:57:22.0419 0x17d4 [ 208D5E390FE712A826A1D26397E533E2, 935336D0BAB0E4E88A25E8887CC10650ED195AF022D50EA0B392FAB84245CD9A ] AmFSM C:\Windows\system32\DRIVERS\amm6460.sys 16:57:22.0450 0x17d4 AmFSM - ok 16:57:22.0560 0x17d4 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 16:57:22.0591 0x17d4 AntiVirSchedulerService - ok 16:57:22.0638 0x17d4 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 16:57:22.0653 0x17d4 AntiVirService - ok 16:57:22.0716 0x17d4 [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 16:57:22.0809 0x17d4 AntiVirWebService - ok 16:57:22.0856 0x17d4 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 16:57:23.0043 0x17d4 AODDriver4.3 - ok 16:57:23.0074 0x17d4 [ B1A935537BE5C168C223946572E2EDD1, 8F41AD100A7A07500A27DBE0D2E6B81395E4B151950C53B5C659AA9F6982DC9F ] APPFLT C:\Windows\system32\Drivers\APPFLT64.SYS 16:57:23.0106 0x17d4 APPFLT - ok 16:57:23.0152 0x17d4 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys 16:57:23.0168 0x17d4 AppID - ok 16:57:23.0168 0x17d4 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:57:23.0184 0x17d4 AppIDSvc - ok 16:57:23.0215 0x17d4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 16:57:23.0215 0x17d4 Appinfo - ok 16:57:23.0262 0x17d4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 16:57:23.0293 0x17d4 AppMgmt - ok 16:57:23.0324 0x17d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 16:57:23.0340 0x17d4 arc - ok 16:57:23.0355 0x17d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:57:23.0371 0x17d4 arcsas - ok 16:57:23.0402 0x17d4 [ 6D9C024AA8F24065A6DBEAB1F431D854, 1A3CA36F7321130924171967228F304E8B5FCAD624B6078877A44616BE186E9A ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 16:57:23.0433 0x17d4 asmthub3 - ok 16:57:23.0480 0x17d4 [ ECAD22F15D8F17CC04F24E9A6FB00F2F, DAE3042C7C0DC96D3EEF6AC763B57C729CE3557D740A3D2952B6EB7964F4AA45 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 16:57:23.0496 0x17d4 asmtxhci - ok 16:57:23.0621 0x17d4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:57:23.0668 0x17d4 aspnet_state - ok 16:57:23.0684 0x17d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:57:23.0699 0x17d4 AsyncMac - ok 16:57:23.0731 0x17d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 16:57:23.0731 0x17d4 atapi - ok 16:57:23.0793 0x17d4 [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 16:57:23.0793 0x17d4 AtiHDAudioService - ok 16:57:23.0855 0x17d4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:57:23.0871 0x17d4 AudioEndpointBuilder - ok 16:57:23.0902 0x17d4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:57:23.0902 0x17d4 AudioSrv - ok 16:57:23.0980 0x17d4 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 16:57:23.0996 0x17d4 avgntflt - ok 16:57:24.0058 0x17d4 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 16:57:24.0089 0x17d4 avipbb - ok 16:57:24.0167 0x17d4 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 16:57:24.0183 0x17d4 Avira.OE.ServiceHost - ok 16:57:24.0230 0x17d4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 16:57:24.0245 0x17d4 avkmgr - ok 16:57:24.0292 0x17d4 [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 16:57:24.0308 0x17d4 avnetflt - ok 16:57:24.0355 0x17d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:57:24.0386 0x17d4 AxInstSV - ok 16:57:24.0433 0x17d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:57:24.0682 0x17d4 b06bdrv - ok 16:57:24.0713 0x17d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 16:57:24.0729 0x17d4 b57nd60a - ok 16:57:24.0745 0x17d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 16:57:24.0760 0x17d4 BDESVC - ok 16:57:24.0776 0x17d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 16:57:24.0776 0x17d4 Beep - ok 16:57:24.0823 0x17d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 16:57:24.0838 0x17d4 BFE - ok 16:57:24.0901 0x17d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 16:57:24.0901 0x17d4 BITS - ok 16:57:24.0916 0x17d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 16:57:24.0932 0x17d4 blbdrive - ok 16:57:24.0979 0x17d4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:57:24.0979 0x17d4 bowser - ok 16:57:24.0994 0x17d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 16:57:24.0994 0x17d4 BrFiltLo - ok 16:57:25.0010 0x17d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 16:57:25.0010 0x17d4 BrFiltUp - ok 16:57:25.0041 0x17d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 16:57:25.0041 0x17d4 Browser - ok 16:57:25.0057 0x17d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 16:57:25.0073 0x17d4 Brserid - ok 16:57:25.0089 0x17d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 16:57:25.0089 0x17d4 BrSerWdm - ok 16:57:25.0104 0x17d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 16:57:25.0104 0x17d4 BrUsbMdm - ok 16:57:25.0120 0x17d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 16:57:25.0120 0x17d4 BrUsbSer - ok 16:57:25.0182 0x17d4 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 16:57:25.0214 0x17d4 BrYNSvc - ok 16:57:25.0260 0x17d4 [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys 16:57:25.0260 0x17d4 BTCFilterService - ok 16:57:25.0276 0x17d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:57:25.0292 0x17d4 BTHMODEM - ok 16:57:25.0323 0x17d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 16:57:25.0338 0x17d4 bthserv - ok 16:57:25.0370 0x17d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:57:25.0370 0x17d4 cdfs - ok 16:57:25.0432 0x17d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:57:25.0432 0x17d4 cdrom - ok 16:57:25.0463 0x17d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 16:57:25.0479 0x17d4 CertPropSvc - ok 16:57:25.0479 0x17d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 16:57:25.0479 0x17d4 circlass - ok 16:57:25.0494 0x17d4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 16:57:25.0510 0x17d4 CLFS - ok 16:57:25.0572 0x17d4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:57:25.0588 0x17d4 clr_optimization_v2.0.50727_32 - ok 16:57:25.0635 0x17d4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:57:25.0650 0x17d4 clr_optimization_v2.0.50727_64 - ok 16:57:25.0713 0x17d4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:57:25.0775 0x17d4 clr_optimization_v4.0.30319_32 - ok 16:57:25.0806 0x17d4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:57:25.0806 0x17d4 clr_optimization_v4.0.30319_64 - ok 16:57:25.0822 0x17d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 16:57:25.0838 0x17d4 CmBatt - ok 16:57:25.0838 0x17d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:57:25.0853 0x17d4 cmdide - ok 16:57:25.0916 0x17d4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 16:57:25.0962 0x17d4 CNG - ok 16:57:25.0994 0x17d4 [ 8A64C45F467FB30C47A30AE2819DDD62, 667C28C8AFDA07BC9537BE214CCF2F29D0E4C6916D832DF2738907F3AC4A6971 ] ComFiltr C:\Windows\system32\DRIVERS\COMFiltr.sys 16:57:26.0009 0x17d4 ComFiltr - ok 16:57:26.0056 0x17d4 [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS 16:57:26.0087 0x17d4 COMMONFX - ok 16:57:26.0118 0x17d4 [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS 16:57:26.0118 0x17d4 COMMONFX.SYS - ok 16:57:26.0134 0x17d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:57:26.0134 0x17d4 Compbatt - ok 16:57:26.0165 0x17d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 16:57:26.0165 0x17d4 CompositeBus - ok 16:57:26.0181 0x17d4 COMSysApp - ok 16:57:26.0228 0x17d4 cpuz136 - ok 16:57:26.0228 0x17d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:57:26.0243 0x17d4 crcdisk - ok 16:57:26.0274 0x17d4 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 16:57:26.0306 0x17d4 Creative Audio Engine Licensing Service - ok 16:57:26.0337 0x17d4 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:57:26.0337 0x17d4 CryptSvc - ok 16:57:26.0384 0x17d4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 16:57:26.0415 0x17d4 CSC - ok 16:57:26.0446 0x17d4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 16:57:26.0462 0x17d4 CscService - ok 16:57:26.0493 0x17d4 [ 01BBD5CB85423B12E445209D243A49A9, 3E223E76ED97EB6A13E4A9957C564D2E5B1979ED1C3CCFBE687C18452C3EA3CD ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL 16:57:26.0508 0x17d4 CT20XUT.DLL - ok 16:57:26.0587 0x17d4 [ 095C566746217CD1482EDE40A70D87D2, FE8F9505C15E85222EC2DC21F239D9613EDB1E07FF4EE33A931AC0271A35B5B7 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys 16:57:26.0837 0x17d4 ctac32k - ok 16:57:26.0868 0x17d4 [ 157E2196FCCD002A2EDF3B06DF7B0C9A, 54FCAE9C37D64B66D0339B397F2C270095FCC47A33F0D59A3077E5DC37475796 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys 16:57:26.0946 0x17d4 ctaud2k - ok 16:57:26.0993 0x17d4 [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS 16:57:27.0024 0x17d4 CTAUDFX - ok 16:57:27.0040 0x17d4 CTAUDFX.DLL - ok 16:57:27.0102 0x17d4 [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS 16:57:27.0133 0x17d4 CTAUDFX.SYS - ok 16:57:27.0227 0x17d4 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA, 6B9DB2C350140ED547C7A96DB0EAD812E8987176B312C79AF52FC9B23EEEB8C4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 16:57:27.0243 0x17d4 CTAudSvcService - ok 16:57:27.0258 0x17d4 [ 06300545BEDF49B6A51FDFE1861F9CAF, EA1FF3A67DE3AAFD8A2F542B681FCD0720C4995C0FDB1E0ADF02203B45083F75 ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL 16:57:27.0274 0x17d4 CTEAPSFX.DLL - ok 16:57:27.0305 0x17d4 [ 2D902F8EC247F0ED0D458CDCAF786544, F027D63849C88A4714F391F0DFCFB56B36599BE410F53636457A3D6323AF6C6E ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL 16:57:27.0321 0x17d4 CTEDSPFX.DLL - ok 16:57:27.0336 0x17d4 [ 0D3F99CDA2BEA14E4911A698441F1A29, BEB89B59B241482B8771016F952DBE2553414F3BB1BAA5CBB3E464BE38401F7F ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL 16:57:27.0352 0x17d4 CTEDSPIO.DLL - ok 16:57:27.0383 0x17d4 [ 9D26AA450AC1CAADDE25F1621BA89842, 8C3316CE5BC1377FFB2D4378A4AA5D1979D96BBFBF6534A1EFDB966C34A47D25 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL 16:57:27.0399 0x17d4 CTEDSPSY.DLL - ok 16:57:27.0414 0x17d4 [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS 16:57:27.0430 0x17d4 CTERFXFX - ok 16:57:27.0430 0x17d4 CTERFXFX.DLL - ok 16:57:27.0445 0x17d4 [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS 16:57:27.0445 0x17d4 CTERFXFX.SYS - ok 16:57:27.0492 0x17d4 [ FA6DCA331835997D2F7C83B9AAABC4BB, 47014DC40220461E4CA268C30AD4126226E9E4E1CF7818E7D11C7C5D154BB430 ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL 16:57:27.0617 0x17d4 CTEXFIFX.DLL - ok 16:57:27.0617 0x17d4 [ 9E6A0A3CA3825BB568D42F5F3CB09453, 0C2A69AAFF1841C81942E2A252F220F18EBE27E5E9D9619C3EB876C29854B1C0 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL 16:57:27.0633 0x17d4 CTHWIUT.DLL - ok 16:57:27.0648 0x17d4 [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C, 59DA2CAF7E4DF97072E71BCE29DEEA764E7552E7539B25BB38FBF9A9CDB0CFEC ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys 16:57:27.0648 0x17d4 ctprxy2k - ok 16:57:27.0679 0x17d4 [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS 16:57:27.0711 0x17d4 CTSBLFX - ok 16:57:27.0711 0x17d4 CTSBLFX.DLL - ok 16:57:27.0742 0x17d4 [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS 16:57:27.0757 0x17d4 CTSBLFX.SYS - ok 16:57:27.0773 0x17d4 [ 065ADE032A044D518AB1407D3586B7D5, 09BA9FB3B5685775811C95A4C09EE9DF770AB6DC497211C99EC9A6216119CC9E ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys 16:57:27.0789 0x17d4 ctsfm2k - ok 16:57:27.0835 0x17d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:57:27.0851 0x17d4 DcomLaunch - ok 16:57:27.0898 0x17d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 16:57:27.0929 0x17d4 defragsvc - ok 16:57:28.0007 0x17d4 [ 59D90B6A7FBC4CC712DD7C5868618480, ED7D7052D50B346CD1624D05ADDC33E030008D7EEE3AEDBA267F583BE51D859B ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe 16:57:28.0023 0x17d4 DeviceMonitorService - ok 16:57:28.0085 0x17d4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:57:28.0101 0x17d4 DfsC - ok 16:57:28.0148 0x17d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 16:57:28.0164 0x17d4 Dhcp - ok 16:57:28.0180 0x17d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 16:57:28.0180 0x17d4 discache - ok 16:57:28.0211 0x17d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 16:57:28.0211 0x17d4 Disk - ok 16:57:28.0226 0x17d4 DisplayLinkUsbIo_x64 - ok 16:57:28.0258 0x17d4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 16:57:28.0289 0x17d4 dmvsc - ok 16:57:28.0336 0x17d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:57:28.0351 0x17d4 Dnscache - ok 16:57:28.0398 0x17d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 16:57:28.0414 0x17d4 dot3svc - ok 16:57:28.0445 0x17d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 16:57:28.0445 0x17d4 DPS - ok 16:57:28.0492 0x17d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:57:28.0492 0x17d4 drmkaud - ok 16:57:28.0523 0x17d4 [ 64648B677D5005749F2FE412254512B7, 3393EB54AF087ED480F1369A0E0959450207DE6D5EB74DDC33A5EAD338BA18AF ] DSAFLT C:\Windows\system32\Drivers\DSAFLT64.SYS 16:57:28.0538 0x17d4 DSAFLT - ok 16:57:28.0601 0x17d4 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 16:57:28.0601 0x17d4 dtsoftbus01 - ok 16:57:28.0663 0x17d4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:57:28.0679 0x17d4 DXGKrnl - ok 16:57:28.0694 0x17d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 16:57:28.0694 0x17d4 EapHost - ok 16:57:28.0835 0x17d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:57:28.0960 0x17d4 ebdrv - ok 16:57:28.0991 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 16:57:28.0991 0x17d4 EFS - ok 16:57:29.0069 0x17d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:57:29.0131 0x17d4 ehRecvr - ok 16:57:29.0131 0x17d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 16:57:29.0147 0x17d4 ehSched - ok 16:57:29.0178 0x17d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:57:29.0225 0x17d4 elxstor - ok 16:57:29.0225 0x17d4 [ F380FF5D6D80CECC6DBBC15569757613, D882947D41396DB6E57691A7971B27664E7CB14475B48A37FC63D0BA3C908112 ] emupia C:\Windows\system32\drivers\emupia2k.sys 16:57:29.0428 0x17d4 emupia - ok 16:57:29.0443 0x17d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:57:29.0443 0x17d4 ErrDev - ok 16:57:29.0474 0x17d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 16:57:29.0474 0x17d4 EventSystem - ok 16:57:29.0490 0x17d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 16:57:29.0506 0x17d4 exfat - ok 16:57:29.0521 0x17d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:57:29.0537 0x17d4 fastfat - ok 16:57:29.0615 0x17d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 16:57:29.0631 0x17d4 Fax - ok 16:57:29.0631 0x17d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 16:57:29.0647 0x17d4 fdc - ok 16:57:29.0678 0x17d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 16:57:29.0694 0x17d4 fdPHost - ok 16:57:29.0694 0x17d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 16:57:29.0709 0x17d4 FDResPub - ok 16:57:29.0709 0x17d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:57:29.0725 0x17d4 FileInfo - ok 16:57:29.0725 0x17d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:57:29.0741 0x17d4 Filetrace - ok 16:57:29.0741 0x17d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 16:57:29.0756 0x17d4 flpydisk - ok 16:57:29.0772 0x17d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:57:29.0787 0x17d4 FltMgr - ok 16:57:29.0819 0x17d4 [ 50C6C310A98108A94E985FD46B4E150C, BFBE859FA74EAF7C2B3B771FBBA642AEF33FB9FE2FBCB08A15D7DA80C89EFFA6 ] FNETMON C:\Windows\system32\Drivers\fnetm64.SYS 16:57:29.0834 0x17d4 FNETMON - ok 16:57:29.0943 0x17d4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 16:57:29.0990 0x17d4 FontCache - ok 16:57:30.0037 0x17d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:57:30.0068 0x17d4 FontCache3.0.0.0 - ok 16:57:30.0084 0x17d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:57:30.0084 0x17d4 FsDepends - ok 16:57:30.0131 0x17d4 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 16:57:30.0146 0x17d4 fssfltr - ok 16:57:30.0287 0x17d4 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:57:30.0427 0x17d4 fsssvc - ok 16:57:30.0443 0x17d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:57:30.0458 0x17d4 Fs_Rec - ok 16:57:30.0536 0x17d4 [ DA3973288935149A6EF1C45BF1B39B98, D02D0BFEC8AF504FD69871DFF7BE70DB6C5AFC2F585EA850B68CCBFC78EA36C0 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe 16:57:30.0833 0x17d4 Futuremark SystemInfo Service - ok 16:57:30.0879 0x17d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:57:30.0926 0x17d4 fvevol - ok 16:57:30.0957 0x17d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:57:30.0973 0x17d4 gagp30kx - ok 16:57:31.0067 0x17d4 [ D19247FC720233111B68409891D907D2, EECEA7CDE335BC046F845A0995DACCDCC663B9973113949C405A2D115DE40895 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 16:57:31.0082 0x17d4 Garmin Core Update Service - ok 16:57:31.0129 0x17d4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 16:57:31.0161 0x17d4 gpsvc - ok 16:57:31.0208 0x17d4 [ B785CE102259D0FDE230211FC10AC624, C1D22B13A58A69A0521DC4DB131136F25B1ADFA8F162F4F6CCC609FD2D695903 ] gpt_loader C:\Windows\system32\DRIVERS\gpt_loader.sys 16:57:31.0224 0x17d4 gpt_loader - ok 16:57:31.0239 0x17d4 GPUZ - ok 16:57:31.0348 0x17d4 [ 82B68F585110AE8500A6D23623AE1F74, 1ADCFA2D77E3BB9BDCDD15DC21E7F6707823788A1CFB31ED959BC470595EE89B ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys 16:57:31.0660 0x17d4 ha10kx2k - ok 16:57:31.0692 0x17d4 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 16:57:31.0707 0x17d4 hamachi - ok 16:57:31.0863 0x17d4 [ 1908A2C4593905FC16400A5AD30AC9F5, 261CA6FC8EEEDC8EB4DE94EF78261D89A2670B7BED0B5F7BB21756FB529F43FD ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 16:57:32.0128 0x17d4 Hamachi2Svc - ok 16:57:32.0128 0x17d4 [ 83F647F9ACE9192556F758E528024F68, 1007C2E3C8FDB3CB5FB3C336F9904AD076DC31BB263E633EF17E3813B9ED6EF6 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys 16:57:32.0144 0x17d4 hap16v2k - ok 16:57:32.0160 0x17d4 [ E815D29361DE89D24C8DBE3E5A7006C9, 2B9075CC6A2425D06E6C3CB77E0755727F8B0920575C660CF261981464D190F0 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys 16:57:32.0175 0x17d4 hap17v2k - ok 16:57:32.0191 0x17d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 16:57:32.0191 0x17d4 hcw85cir - ok 16:57:32.0238 0x17d4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:57:32.0269 0x17d4 HdAudAddService - ok 16:57:32.0284 0x17d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:57:32.0300 0x17d4 HDAudBus - ok 16:57:32.0316 0x17d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 16:57:32.0316 0x17d4 HidBatt - ok 16:57:32.0331 0x17d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:57:32.0347 0x17d4 HidBth - ok 16:57:32.0347 0x17d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 16:57:32.0362 0x17d4 HidIr - ok 16:57:32.0378 0x17d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 16:57:32.0378 0x17d4 hidserv - ok 16:57:32.0425 0x17d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:57:32.0425 0x17d4 HidUsb - ok 16:57:32.0472 0x17d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:57:32.0472 0x17d4 hkmsvc - ok 16:57:32.0487 0x17d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:57:32.0518 0x17d4 HomeGroupListener - ok 16:57:32.0550 0x17d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:57:32.0550 0x17d4 HomeGroupProvider - ok 16:57:32.0596 0x17d4 [ 047F4C56DDBE001043B8EC6F2287A5DA, 9C1FCE9B90A9FA4E603DC7F03BE778B4815E78A1F498782834A9A96074740656 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys 16:57:32.0612 0x17d4 hotcore3 - ok 16:57:32.0643 0x17d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:57:32.0643 0x17d4 HpSAMD - ok 16:57:32.0707 0x17d4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:57:32.0925 0x17d4 HTTP - ok 16:57:32.0941 0x17d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:57:32.0941 0x17d4 hwpolicy - ok 16:57:32.0956 0x17d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 16:57:32.0972 0x17d4 i8042prt - ok 16:57:33.0003 0x17d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:57:33.0221 0x17d4 iaStorV - ok 16:57:33.0253 0x17d4 [ E3FC339DAC4DDF4A12188313DC4DA94F, B1C032FC24DF7938196198641C375C5A8E9C586BFB15E51C843258D6307DBFFC ] IDSFLT C:\Windows\system32\Drivers\IDSFLT64.SYS 16:57:33.0424 0x17d4 IDSFLT - ok 16:57:33.0487 0x17d4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:57:33.0533 0x17d4 idsvc - ok 16:57:33.0565 0x17d4 IEEtwCollectorService - ok 16:57:33.0580 0x17d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:57:33.0783 0x17d4 iirsp - ok 16:57:33.0845 0x17d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 16:57:33.0861 0x17d4 IKEEXT - ok 16:57:33.0892 0x17d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 16:57:33.0892 0x17d4 intelide - ok 16:57:33.0908 0x17d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 16:57:33.0923 0x17d4 intelppm - ok 16:57:33.0955 0x17d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:57:33.0970 0x17d4 IPBusEnum - ok 16:57:33.0970 0x17d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:57:34.0205 0x17d4 IpFilterDriver - ok 16:57:34.0236 0x17d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:57:34.0252 0x17d4 iphlpsvc - ok 16:57:34.0283 0x17d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 16:57:34.0299 0x17d4 IPMIDRV - ok 16:57:34.0330 0x17d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:57:34.0517 0x17d4 IPNAT - ok 16:57:34.0533 0x17d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:57:34.0533 0x17d4 IRENUM - ok 16:57:34.0548 0x17d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:57:34.0564 0x17d4 isapnp - ok 16:57:34.0580 0x17d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 16:57:34.0611 0x17d4 iScsiPrt - ok 16:57:34.0704 0x17d4 [ E712A6B57943D65AA587655335EF9DAD, 8F3D46C1BA612EA845722B2D7C568BFE3AB00763094AE163EE8B5672D9D3B071 ] jswpsapi C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe 16:57:34.0970 0x17d4 jswpsapi - ok 16:57:35.0016 0x17d4 [ 5BE640E88814B77A9E84B4549B5DCC2C, 2ECF73254D701EFCC135B81EC951A76BCE5E74435521A061B05E9445C8D3C843 ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys 16:57:35.0016 0x17d4 JSWPSLWF - ok 16:57:35.0032 0x17d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:57:35.0048 0x17d4 kbdclass - ok 16:57:35.0048 0x17d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:57:35.0063 0x17d4 kbdhid - ok 16:57:35.0063 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 16:57:35.0063 0x17d4 KeyIso - ok 16:57:35.0141 0x17d4 [ 72ED0AA65F63047445943B1A4275FE83, C572DEF549F0C71EF0415B290138D616F9C5AC832C443787E73BCDB718028C7C ] ksaud C:\Windows\system32\drivers\ksaud.sys 16:57:35.0219 0x17d4 ksaud - ok 16:57:35.0266 0x17d4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:57:35.0266 0x17d4 KSecDD - ok 16:57:35.0297 0x17d4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:57:35.0313 0x17d4 KSecPkg - ok 16:57:35.0313 0x17d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:57:35.0328 0x17d4 ksthunk - ok 16:57:35.0360 0x17d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 16:57:35.0391 0x17d4 KtmRm - ok 16:57:35.0422 0x17d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:57:35.0422 0x17d4 LanmanServer - ok 16:57:35.0469 0x17d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:57:35.0469 0x17d4 LanmanWorkstation - ok 16:57:35.0500 0x17d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:57:35.0500 0x17d4 lltdio - ok 16:57:35.0531 0x17d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:57:35.0562 0x17d4 lltdsvc - ok 16:57:35.0594 0x17d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:57:35.0594 0x17d4 lmhosts - ok 16:57:35.0625 0x17d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:57:35.0625 0x17d4 LSI_FC - ok 16:57:35.0640 0x17d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:57:35.0656 0x17d4 LSI_SAS - ok 16:57:35.0672 0x17d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:57:35.0672 0x17d4 LSI_SAS2 - ok 16:57:35.0687 0x17d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:57:35.0703 0x17d4 LSI_SCSI - ok 16:57:35.0719 0x17d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 16:57:35.0719 0x17d4 luafv - ok 16:57:35.0751 0x17d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:57:35.0766 0x17d4 Mcx2Svc - ok 16:57:35.0782 0x17d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 16:57:35.0782 0x17d4 megasas - ok 16:57:35.0813 0x17d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 16:57:36.0000 0x17d4 MegaSR - ok 16:57:36.0047 0x17d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 16:57:36.0047 0x17d4 MMCSS - ok 16:57:36.0063 0x17d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 16:57:36.0063 0x17d4 Modem - ok 16:57:36.0078 0x17d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:57:36.0078 0x17d4 monitor - ok 16:57:36.0094 0x17d4 motandroidusb - ok 16:57:36.0141 0x17d4 [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 16:57:36.0156 0x17d4 motccgp - ok 16:57:36.0156 0x17d4 motccgpfl - ok 16:57:36.0234 0x17d4 [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 16:57:36.0234 0x17d4 Motorola Device Manager - ok 16:57:36.0265 0x17d4 [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 16:57:36.0265 0x17d4 MotoSwitchService - ok 16:57:36.0312 0x17d4 [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys 16:57:36.0312 0x17d4 Motousbnet - ok 16:57:36.0343 0x17d4 [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys 16:57:36.0359 0x17d4 motusbdevice - ok 16:57:36.0375 0x17d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:57:36.0375 0x17d4 mouclass - ok 16:57:36.0390 0x17d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:57:36.0390 0x17d4 mouhid - ok 16:57:36.0421 0x17d4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:57:36.0437 0x17d4 mountmgr - ok 16:57:36.0499 0x17d4 [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:57:36.0499 0x17d4 MozillaMaintenance - ok 16:57:36.0499 0x17d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 16:57:36.0515 0x17d4 mpio - ok 16:57:36.0531 0x17d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:57:36.0546 0x17d4 mpsdrv - ok 16:57:36.0593 0x17d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:57:36.0624 0x17d4 MpsSvc - ok 16:57:36.0671 0x17d4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys |
02.12.2014, 17:54 | #4 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside 16:57:36.0671 0x17d4 MRxDAV - ok 16:57:36.0718 0x17d4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:57:36.0718 0x17d4 mrxsmb - ok 16:57:36.0749 0x17d4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:57:36.0765 0x17d4 mrxsmb10 - ok 16:57:36.0780 0x17d4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:57:36.0780 0x17d4 mrxsmb20 - ok 16:57:36.0811 0x17d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 16:57:36.0827 0x17d4 msahci - ok 16:57:36.0905 0x17d4 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 16:57:36.0921 0x17d4 MSCamSvc - ok 16:57:36.0936 0x17d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:57:36.0952 0x17d4 msdsm - ok 16:57:36.0967 0x17d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 16:57:36.0983 0x17d4 MSDTC - ok 16:57:36.0983 0x17d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:57:36.0999 0x17d4 Msfs - ok 16:57:37.0014 0x17d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:57:37.0014 0x17d4 mshidkmdf - ok 16:57:37.0061 0x17d4 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 16:57:37.0077 0x17d4 MSHUSBVideo - ok 16:57:37.0077 0x17d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:57:37.0092 0x17d4 msisadrv - ok 16:57:37.0123 0x17d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:57:37.0139 0x17d4 MSiSCSI - ok 16:57:37.0139 0x17d4 msiserver - ok 16:57:37.0170 0x17d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:57:37.0170 0x17d4 MSKSSRV - ok 16:57:37.0186 0x17d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:57:37.0186 0x17d4 MSPCLOCK - ok 16:57:37.0201 0x17d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:57:37.0201 0x17d4 MSPQM - ok 16:57:37.0217 0x17d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:57:37.0249 0x17d4 MsRPC - ok 16:57:37.0265 0x17d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:57:37.0265 0x17d4 mssmbios - ok 16:57:37.0280 0x17d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:57:37.0280 0x17d4 MSTEE - ok 16:57:37.0296 0x17d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 16:57:37.0296 0x17d4 MTConfig - ok 16:57:37.0312 0x17d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 16:57:37.0327 0x17d4 Mup - ok 16:57:37.0374 0x17d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 16:57:37.0374 0x17d4 napagent - ok 16:57:37.0421 0x17d4 NasPmService - ok 16:57:37.0436 0x17d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:57:37.0452 0x17d4 NativeWifiP - ok 16:57:37.0514 0x17d4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 16:57:37.0530 0x17d4 NDIS - ok 16:57:37.0561 0x17d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:57:37.0561 0x17d4 NdisCap - ok 16:57:37.0592 0x17d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:57:37.0639 0x17d4 NdisTapi - ok 16:57:37.0717 0x17d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:57:37.0780 0x17d4 Ndisuio - ok 16:57:37.0842 0x17d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:57:37.0904 0x17d4 NdisWan - ok 16:57:37.0920 0x17d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:57:37.0920 0x17d4 NDProxy - ok 16:57:37.0967 0x17d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:57:37.0967 0x17d4 NetBIOS - ok 16:57:37.0998 0x17d4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:57:38.0029 0x17d4 NetBT - ok 16:57:38.0154 0x17d4 [ BA99A34A9B5EB737CE54BC0A7C596609, 580A0ED7BEBC77E62D7F21D2089950C63544C9A954F868B73D27D8D943D1661D ] NETFLTDI C:\Windows\system32\Drivers\NETTDI64.SYS 16:57:38.0357 0x17d4 NETFLTDI - ok 16:57:38.0419 0x17d4 [ FD0BFED656D9B26C22E439CC0EF5C771, CAA02795981EDD18985580C5C32FB4513B91149D73BD4625EDDEA59687A8387D ] NETIMFLT01060044 C:\Windows\system32\DRIVERS\n64i1644.sys 16:57:38.0435 0x17d4 NETIMFLT01060044 - ok 16:57:38.0497 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 16:57:38.0497 0x17d4 Netlogon - ok 16:57:38.0544 0x17d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 16:57:38.0560 0x17d4 Netman - ok 16:57:38.0606 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:57:38.0653 0x17d4 NetMsmqActivator - ok 16:57:38.0700 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:57:38.0716 0x17d4 NetPipeActivator - ok 16:57:38.0810 0x17d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 16:57:38.0826 0x17d4 netprofm - ok 16:57:39.0013 0x17d4 [ 6193669D716B17F35BE1C80C675CAAD8, 4BF096FF7CEA6E36E241407048E75F2399F07BA39E0EF7D2F99AF9A849895728 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys 16:57:39.0216 0x17d4 netr28ux - ok 16:57:39.0278 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:57:39.0278 0x17d4 NetTcpActivator - ok 16:57:39.0309 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:57:39.0325 0x17d4 NetTcpPortSharing - ok 16:57:39.0387 0x17d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:57:39.0403 0x17d4 nfrd960 - ok 16:57:39.0497 0x17d4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:57:39.0512 0x17d4 NlaSvc - ok 16:57:39.0621 0x17d4 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys 16:57:39.0637 0x17d4 npf - ok 16:57:39.0668 0x17d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:57:39.0668 0x17d4 Npfs - ok 16:57:39.0699 0x17d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 16:57:39.0699 0x17d4 nsi - ok 16:57:39.0731 0x17d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:57:39.0731 0x17d4 nsiproxy - ok 16:57:39.0824 0x17d4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:57:40.0309 0x17d4 Ntfs - ok 16:57:40.0356 0x17d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 16:57:40.0356 0x17d4 Null - ok 16:57:40.0387 0x17d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:57:40.0402 0x17d4 nvraid - ok 16:57:40.0496 0x17d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:57:40.0496 0x17d4 nvstor - ok 16:57:40.0527 0x17d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:57:40.0543 0x17d4 nv_agp - ok 16:57:40.0574 0x17d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:57:40.0590 0x17d4 ohci1394 - ok 16:57:40.0621 0x17d4 [ 85EA378116E2C4385993BA5124536FFC, C641A62375F846839ED2CDFDF09D2E3CE393AAEE99490B1E1338C81B6F4D7257 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys 16:57:40.0636 0x17d4 ossrv - ok 16:57:40.0683 0x17d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:57:40.0699 0x17d4 p2pimsvc - ok 16:57:40.0730 0x17d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 16:57:40.0761 0x17d4 p2psvc - ok 16:57:40.0855 0x17d4 [ 54F00466439F749EDDF29CBA0BC1A28A, AFEFD02CDC8508E26641CB11FC0E6A674F9FD50233D621CF6DAD7A7C819971AC ] Panda Software Controller C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe 16:57:40.0855 0x17d4 Panda Software Controller - ok 16:57:40.0870 0x17d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 16:57:40.0870 0x17d4 Parport - ok 16:57:40.0948 0x17d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:57:40.0948 0x17d4 partmgr - ok 16:57:40.0980 0x17d4 [ 337A81B3FF34F9851D245D42A725FC22, D80AD090EDC3A80EB29A9105E98546EDF3DA22A8763EB0B8D037A9A85CE08C48 ] pavboot C:\Windows\system32\Drivers\pavboot64.sys 16:57:40.0995 0x17d4 pavboot - ok 16:57:41.0026 0x17d4 [ F458128A5321BB48DF7B3D8E279F6393, BD5E2A16A801049E326D54DDB3FC27E8B6DBB7FBB8DE02BFCD4F55B24DFB3D4F ] PAVFNSVR C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe 16:57:41.0026 0x17d4 PAVFNSVR - ok 16:57:41.0073 0x17d4 [ 2AE3F6B23448443BBEF5DE207159213B, 86FE0D23B49874864E0E2996C5DC0B4F13BF77FAB4F3F55F165EE9AA73A3A14F ] PavPrSrv C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe 16:57:41.0089 0x17d4 PavPrSrv - ok 16:57:41.0120 0x17d4 [ 4D8C2645A12FDDF9CD4A68DDE8496BEF, 4A2BD0A23CF342B6918A3950946CC574346E2A09C9DE93B235D3B99B8E4CB4FF ] PAVSRV C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe 16:57:41.0120 0x17d4 PAVSRV - ok 16:57:41.0120 0x17d4 PavTPK.sys - ok 16:57:41.0229 0x17d4 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll 16:57:41.0229 0x17d4 PcaSvc - ok 16:57:41.0245 0x17d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 16:57:41.0245 0x17d4 pci - ok 16:57:41.0276 0x17d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 16:57:41.0276 0x17d4 pciide - ok 16:57:41.0292 0x17d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:57:41.0307 0x17d4 pcmcia - ok 16:57:41.0323 0x17d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 16:57:41.0323 0x17d4 pcw - ok 16:57:41.0401 0x17d4 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe 16:57:41.0432 0x17d4 PDF Architect Helper Service - ok 16:57:41.0479 0x17d4 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe 16:57:41.0494 0x17d4 PDF Architect Service - ok 16:57:41.0541 0x17d4 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:57:41.0572 0x17d4 PEAUTH - ok 16:57:41.0650 0x17d4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 16:57:41.0666 0x17d4 PeerDistSvc - ok 16:57:41.0760 0x17d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:57:41.0775 0x17d4 PerfHost - ok 16:57:41.0839 0x17d4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 16:57:41.0932 0x17d4 pla - ok 16:57:42.0010 0x17d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:57:42.0026 0x17d4 PlugPlay - ok 16:57:42.0057 0x17d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:57:42.0073 0x17d4 PNRPAutoReg - ok 16:57:42.0119 0x17d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:57:42.0119 0x17d4 PNRPsvc - ok 16:57:42.0182 0x17d4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:57:42.0197 0x17d4 PolicyAgent - ok 16:57:42.0244 0x17d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 16:57:42.0260 0x17d4 Power - ok 16:57:42.0291 0x17d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:57:42.0291 0x17d4 PptpMiniport - ok 16:57:42.0353 0x17d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 16:57:42.0353 0x17d4 Processor - ok 16:57:42.0416 0x17d4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 16:57:42.0416 0x17d4 ProfSvc - ok 16:57:42.0431 0x17d4 Prot6Flt - ok 16:57:42.0447 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:57:42.0447 0x17d4 ProtectedStorage - ok 16:57:42.0463 0x17d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:57:42.0478 0x17d4 Psched - ok 16:57:42.0509 0x17d4 [ 532053E8E3BB8FA7166AB4E7685FDDCC, 30792CF8FE44F86583D28886829C6D4CCF302AC6AFE277787A52B7B1319F40FF ] PSHost c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.EXE 16:57:42.0509 0x17d4 PSHost - ok 16:57:42.0587 0x17d4 [ 196C450F2779D0B462C444DA4906EA7F, 405F801DD9AEB9D59B661F296626CE9955B7F3D6917BFC56566BD0C910948971 ] PSIMSVC C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe 16:57:42.0587 0x17d4 PSIMSVC - ok 16:57:42.0650 0x17d4 [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys 16:57:42.0665 0x17d4 PSKMAD - ok 16:57:42.0728 0x17d4 [ 341457B79B3FC31A80C346C767045879, 879C18AA177E7B72392BA46D0CB5691C7C5842C21A28AF79918DA807DEDAD30F ] PskSvcRetail C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe 16:57:42.0728 0x17d4 PskSvcRetail - ok 16:57:42.0759 0x17d4 [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe 16:57:42.0775 0x17d4 PST Service - ok 16:57:42.0821 0x17d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:57:43.0133 0x17d4 ql2300 - ok 16:57:43.0149 0x17d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:57:43.0322 0x17d4 ql40xx - ok 16:57:43.0353 0x17d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 16:57:43.0368 0x17d4 QWAVE - ok 16:57:43.0384 0x17d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:57:43.0384 0x17d4 QWAVEdrv - ok 16:57:43.0400 0x17d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:57:43.0400 0x17d4 RasAcd - ok 16:57:43.0446 0x17d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 16:57:43.0462 0x17d4 RasAgileVpn - ok 16:57:43.0478 0x17d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 16:57:43.0478 0x17d4 RasAuto - ok 16:57:43.0493 0x17d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:57:43.0509 0x17d4 Rasl2tp - ok 16:57:43.0524 0x17d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 16:57:43.0524 0x17d4 RasMan - ok 16:57:43.0540 0x17d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:57:43.0556 0x17d4 RasPppoe - ok 16:57:43.0571 0x17d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:57:43.0587 0x17d4 RasSstp - ok 16:57:43.0649 0x17d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:57:43.0665 0x17d4 rdbss - ok 16:57:43.0680 0x17d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 16:57:43.0680 0x17d4 rdpbus - ok 16:57:43.0696 0x17d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:57:43.0696 0x17d4 RDPCDD - ok 16:57:43.0727 0x17d4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 16:57:43.0743 0x17d4 RDPDR - ok 16:57:43.0758 0x17d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:57:43.0758 0x17d4 RDPENCDD - ok 16:57:43.0774 0x17d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 16:57:43.0774 0x17d4 RDPREFMP - ok 16:57:43.0821 0x17d4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 16:57:43.0821 0x17d4 RdpVideoMiniport - ok 16:57:43.0868 0x17d4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:57:43.0883 0x17d4 RDPWD - ok 16:57:43.0883 0x17d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:57:43.0899 0x17d4 rdyboost - ok 16:57:43.0946 0x17d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:57:43.0977 0x17d4 RemoteAccess - ok 16:57:44.0008 0x17d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:57:44.0024 0x17d4 RemoteRegistry - ok 16:57:44.0055 0x17d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:57:44.0055 0x17d4 RpcEptMapper - ok 16:57:44.0086 0x17d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 16:57:44.0086 0x17d4 RpcLocator - ok 16:57:44.0117 0x17d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 16:57:44.0117 0x17d4 RpcSs - ok 16:57:44.0164 0x17d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:57:44.0164 0x17d4 rspndr - ok 16:57:44.0226 0x17d4 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 16:57:44.0226 0x17d4 RTL8167 - ok 16:57:44.0289 0x17d4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 16:57:44.0289 0x17d4 s3cap - ok 16:57:44.0304 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 16:57:44.0304 0x17d4 SamSs - ok 16:57:44.0320 0x17d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:57:44.0336 0x17d4 sbp2port - ok 16:57:44.0398 0x17d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:57:44.0414 0x17d4 SCardSvr - ok 16:57:44.0445 0x17d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:57:44.0445 0x17d4 scfilter - ok 16:57:44.0507 0x17d4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 16:57:44.0523 0x17d4 Schedule - ok 16:57:44.0570 0x17d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:57:44.0585 0x17d4 SCPolicySvc - ok 16:57:44.0601 0x17d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:57:44.0616 0x17d4 SDRSVC - ok 16:57:44.0663 0x17d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:57:44.0663 0x17d4 secdrv - ok 16:57:44.0679 0x17d4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 16:57:44.0679 0x17d4 seclogon - ok 16:57:44.0710 0x17d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 16:57:44.0710 0x17d4 SENS - ok 16:57:44.0710 0x17d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:57:44.0726 0x17d4 SensrSvc - ok 16:57:44.0757 0x17d4 [ D666EBEC6374B2018CF61EE204C3CF50, 4BA0C0370F0C13AADBAE9724660F13210554B0B84C405494521502C2F6DEF27E ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys 16:57:44.0772 0x17d4 Ser2pl - ok 16:57:44.0788 0x17d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 16:57:44.0788 0x17d4 Serenum - ok 16:57:44.0819 0x17d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 16:57:44.0819 0x17d4 Serial - ok 16:57:44.0836 0x17d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:57:44.0836 0x17d4 sermouse - ok 16:57:44.0867 0x17d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 16:57:44.0867 0x17d4 SessionEnv - ok 16:57:44.0883 0x17d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:57:44.0883 0x17d4 sffdisk - ok 16:57:44.0883 0x17d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:57:44.0883 0x17d4 sffp_mmc - ok 16:57:44.0898 0x17d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:57:44.0898 0x17d4 sffp_sd - ok 16:57:44.0914 0x17d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:57:44.0914 0x17d4 sfloppy - ok 16:57:44.0961 0x17d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:57:44.0976 0x17d4 SharedAccess - ok 16:57:45.0023 0x17d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:57:45.0039 0x17d4 ShellHWDetection - ok 16:57:45.0085 0x17d4 [ 03639A3B26AA808BAE79D89FDB4B151C, CE77E201541E9BECE6DF4F63F2F4269D561DD9D32275902F1ADE57EA19A57A13 ] ShldFlt C:\Windows\system32\DRIVERS\ShldFlt.sys 16:57:45.0101 0x17d4 ShldFlt - ok 16:57:45.0117 0x17d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:57:45.0132 0x17d4 SiSRaid2 - ok 16:57:45.0148 0x17d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:57:45.0148 0x17d4 SiSRaid4 - ok 16:57:45.0179 0x17d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:57:45.0179 0x17d4 Smb - ok 16:57:45.0210 0x17d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:57:45.0210 0x17d4 SNMPTRAP - ok 16:57:45.0288 0x17d4 [ 52721183C4CD1BED92C0E7430134A2E4, 2EF0C1A21C36F2FD4D0E2266233770E0A3C88F02DA5056B2B854723AAB403192 ] SolarWinds TFTP Server C:\Program Files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe 16:57:45.0288 0x17d4 SolarWinds TFTP Server - ok 16:57:45.0288 0x17d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 16:57:45.0304 0x17d4 spldr - ok 16:57:45.0335 0x17d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 16:57:45.0351 0x17d4 Spooler - ok 16:57:45.0444 0x17d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 16:57:45.0507 0x17d4 sppsvc - ok 16:57:45.0522 0x17d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 16:57:45.0538 0x17d4 sppuinotify - ok 16:57:45.0569 0x17d4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:57:45.0772 0x17d4 srv - ok 16:57:45.0803 0x17d4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:57:45.0819 0x17d4 srv2 - ok 16:57:45.0865 0x17d4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:57:45.0865 0x17d4 srvnet - ok 16:57:45.0912 0x17d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:57:45.0912 0x17d4 SSDPSRV - ok 16:57:45.0928 0x17d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:57:45.0928 0x17d4 SstpSvc - ok 16:57:46.0037 0x17d4 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 16:57:46.0662 0x17d4 Steam Client Service - ok 16:57:46.0693 0x17d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:57:46.0693 0x17d4 stexstor - ok 16:57:46.0740 0x17d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 16:57:46.0756 0x17d4 stisvc - ok 16:57:46.0802 0x17d4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 16:57:46.0802 0x17d4 storflt - ok 16:57:46.0834 0x17d4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 16:57:46.0834 0x17d4 storvsc - ok 16:57:46.0849 0x17d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:57:46.0865 0x17d4 swenum - ok 16:57:46.0880 0x17d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 16:57:46.0912 0x17d4 swprv - ok 16:57:46.0943 0x17d4 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys 16:57:46.0958 0x17d4 Synth3dVsc - ok 16:57:47.0021 0x17d4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 16:57:47.0052 0x17d4 SysMain - ok 16:57:47.0083 0x17d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:57:47.0083 0x17d4 TabletInputService - ok 16:57:47.0083 0x17d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 16:57:47.0099 0x17d4 TapiSrv - ok 16:57:47.0130 0x17d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 16:57:47.0130 0x17d4 TBS - ok 16:57:47.0208 0x17d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:57:47.0504 0x17d4 Tcpip - ok 16:57:47.0567 0x17d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:57:47.0598 0x17d4 TCPIP6 - ok 16:57:47.0629 0x17d4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:57:47.0629 0x17d4 tcpipreg - ok 16:57:47.0645 0x17d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:57:47.0645 0x17d4 TDPIPE - ok 16:57:47.0660 0x1b64 Object required for P2P: [ 72ED0AA65F63047445943B1A4275FE83 ] ksaud 16:57:47.0692 0x17d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:57:47.0692 0x17d4 TDTCP - ok 16:57:47.0707 0x17d4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:57:47.0707 0x17d4 tdx - ok 16:57:47.0927 0x17d4 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 16:57:48.0005 0x17d4 TeamViewer9 - ok 16:57:48.0129 0x17d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:57:48.0129 0x17d4 TermDD - ok 16:57:48.0223 0x17d4 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys 16:57:48.0239 0x17d4 terminpt - ok 16:57:48.0301 0x17d4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 16:57:48.0317 0x17d4 TermService - ok 16:57:48.0317 0x17d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 16:57:48.0332 0x17d4 Themes - ok 16:57:48.0363 0x17d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 16:57:48.0363 0x17d4 THREADORDER - ok 16:57:48.0395 0x17d4 [ 71D19B5D542B6EEA00C99D9984DC901F, 5AD751826B52646BBC2C1CE7085B74B964E858F745AFA8CDD8860882346B225A ] TPSrv C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe 16:57:48.0395 0x17d4 TPSrv - ok 16:57:48.0410 0x17d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 16:57:48.0426 0x17d4 TrkWks - ok 16:57:48.0473 0x17d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:57:48.0488 0x17d4 TrustedInstaller - ok 16:57:48.0519 0x17d4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:57:48.0519 0x17d4 tssecsrv - ok 16:57:48.0566 0x17d4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:57:48.0582 0x17d4 TsUsbFlt - ok 16:57:48.0629 0x17d4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 16:57:48.0629 0x17d4 TsUsbGD - ok 16:57:48.0675 0x17d4 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 16:57:48.0675 0x17d4 tsusbhub - ok 16:57:48.0691 0x17d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:57:48.0878 0x17d4 tunnel - ok 16:57:48.0894 0x17d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:57:48.0894 0x17d4 uagp35 - ok 16:57:48.0925 0x17d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:57:48.0941 0x17d4 udfs - ok 16:57:48.0972 0x17d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:57:48.0987 0x17d4 UI0Detect - ok 16:57:49.0003 0x17d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:57:49.0019 0x17d4 uliagpkx - ok 16:57:49.0034 0x17d4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:57:49.0034 0x17d4 umbus - ok 16:57:49.0050 0x17d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 16:57:49.0050 0x17d4 UmPass - ok 16:57:49.0097 0x17d4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 16:57:49.0097 0x17d4 UmRdpService - ok 16:57:49.0112 0x17d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 16:57:49.0143 0x17d4 upnphost - ok 16:57:49.0190 0x17d4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 16:57:49.0190 0x17d4 usbaudio - ok 16:57:49.0221 0x17d4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:57:49.0237 0x17d4 usbccgp - ok 16:57:49.0268 0x17d4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:57:49.0284 0x17d4 usbcir - ok 16:57:49.0299 0x17d4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:57:49.0299 0x17d4 usbehci - ok 16:57:49.0331 0x17d4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:57:49.0346 0x17d4 usbhub - ok 16:57:49.0362 0x17d4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 16:57:49.0362 0x17d4 usbohci - ok 16:57:49.0393 0x17d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 16:57:49.0410 0x17d4 usbprint - ok 16:57:49.0441 0x17d4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:57:49.0441 0x17d4 USBSTOR - ok 16:57:49.0456 0x17d4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 16:57:49.0456 0x17d4 usbuhci - ok 16:57:49.0503 0x17d4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 16:57:49.0519 0x17d4 usbvideo - ok 16:57:49.0550 0x17d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 16:57:49.0566 0x17d4 UxSms - ok 16:57:49.0581 0x17d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 16:57:49.0581 0x17d4 VaultSvc - ok 16:57:49.0581 0x17d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:57:49.0597 0x17d4 vdrvroot - ok 16:57:49.0644 0x17d4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 16:57:49.0659 0x17d4 vds - ok 16:57:49.0675 0x17d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:57:49.0675 0x17d4 vga - ok 16:57:49.0690 0x17d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:57:49.0690 0x17d4 VgaSave - ok 16:57:49.0690 0x17d4 VGPU - ok 16:57:49.0722 0x17d4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 16:57:49.0722 0x17d4 vhdmp - ok 16:57:49.0753 0x17d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 16:57:49.0768 0x17d4 viaide - ok 16:57:49.0800 0x17d4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 16:57:49.0956 0x17d4 vmbus - ok 16:57:50.0018 0x17d4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 16:57:50.0018 0x17d4 VMBusHID - ok 16:57:50.0049 0x17d4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:57:50.0065 0x17d4 volmgr - ok 16:57:50.0112 0x17d4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:57:50.0143 0x17d4 volmgrx - ok 16:57:50.0158 0x17d4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:57:50.0174 0x17d4 volsnap - ok 16:57:50.0190 0x17d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:57:50.0205 0x17d4 vsmraid - ok 16:57:50.0205 0x1b64 Object send P2P result: true 16:57:50.0283 0x17d4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 16:57:50.0361 0x17d4 VSS - ok 16:57:50.0377 0x17d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 16:57:50.0377 0x17d4 vwifibus - ok 16:57:50.0408 0x17d4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys 16:57:50.0424 0x17d4 VWiFiFlt - ok 16:57:50.0439 0x17d4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 16:57:50.0439 0x17d4 vwifimp - ok 16:57:50.0486 0x17d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 16:57:50.0517 0x17d4 W32Time - ok 16:57:50.0548 0x17d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:57:50.0564 0x17d4 WacomPen - ok 16:57:50.0611 0x17d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 16:57:50.0626 0x17d4 WANARP - ok 16:57:50.0626 0x17d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:57:50.0642 0x17d4 Wanarpv6 - ok 16:57:50.0689 0x17d4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 16:57:50.0767 0x17d4 wbengine - ok 16:57:50.0782 0x17d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:57:50.0814 0x17d4 WbioSrvc - ok 16:57:50.0829 0x17d4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:57:50.0829 0x17d4 wcncsvc - ok 16:57:50.0845 0x17d4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:57:50.0860 0x17d4 WcsPlugInService - ok 16:57:50.0876 0x17d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 16:57:50.0876 0x17d4 Wd - ok 16:57:50.0939 0x17d4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:57:50.0986 0x17d4 Wdf01000 - ok 16:57:51.0002 0x17d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:57:51.0002 0x17d4 WdiServiceHost - ok 16:57:51.0017 0x17d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:57:51.0017 0x17d4 WdiSystemHost - ok 16:57:51.0049 0x17d4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 16:57:51.0080 0x17d4 WebClient - ok 16:57:51.0095 0x17d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:57:51.0111 0x17d4 Wecsvc - ok 16:57:51.0127 0x17d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:57:51.0127 0x17d4 wercplsupport - ok 16:57:51.0158 0x17d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 16:57:51.0158 0x17d4 WerSvc - ok 16:57:51.0173 0x17d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 16:57:51.0189 0x17d4 WfpLwf - ok 16:57:51.0189 0x17d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:57:51.0205 0x17d4 WIMMount - ok 16:57:51.0236 0x17d4 WinDefend - ok 16:57:51.0251 0x17d4 WinHttpAutoProxySvc - ok 16:57:51.0314 0x17d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:57:51.0329 0x17d4 Winmgmt - ok 16:57:51.0392 0x17d4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 16:57:51.0501 0x17d4 WinRM - ok 16:57:51.0548 0x17d4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 16:57:51.0563 0x17d4 WinUsb - ok 16:57:51.0595 0x17d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 16:57:51.0626 0x17d4 Wlansvc - ok 16:57:51.0797 0x17d4 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:57:51.0829 0x17d4 wlidsvc - ok 16:57:51.0844 0x17d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 16:57:51.0860 0x17d4 WmiAcpi - ok 16:57:51.0891 0x17d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:57:51.0922 0x17d4 wmiApSrv - ok 16:57:51.0938 0x17d4 WMPNetworkSvc - ok 16:57:51.0985 0x17d4 [ C1B61612FCCC6E750AD0A6E19C77EE85, 9B99E52B1D74BAC34A338681689A18C8E6C57F6AE9C5E52B7BF5561B0867CD74 ] WNMFLT C:\Windows\system32\Drivers\WNMFLT64.SYS 16:57:52.0000 0x17d4 WNMFLT - ok 16:57:52.0031 0x17d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:57:52.0031 0x17d4 WPCSvc - ok 16:57:52.0063 0x17d4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:57:52.0078 0x17d4 WPDBusEnum - ok 16:57:52.0124 0x17d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:57:52.0136 0x17d4 ws2ifsl - ok 16:57:52.0151 0x17d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 16:57:52.0154 0x17d4 wscsvc - ok 16:57:52.0159 0x17d4 WSearch - ok 16:57:52.0257 0x17d4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 16:57:52.0296 0x17d4 wuauserv - ok 16:57:52.0324 0x17d4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:57:52.0324 0x17d4 WudfPf - ok 16:57:52.0349 0x17d4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:57:52.0365 0x17d4 WUDFRd - ok 16:57:52.0398 0x17d4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:57:52.0398 0x17d4 wudfsvc - ok 16:57:52.0443 0x17d4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 16:57:52.0454 0x17d4 WwanSvc - ok 16:57:52.0508 0x17d4 ================ Scan global =============================== 16:57:52.0531 0x17d4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 16:57:52.0563 0x17d4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 16:57:52.0573 0x17d4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 16:57:52.0620 0x17d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 16:57:52.0660 0x17d4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 16:57:52.0667 0x17d4 [ Global ] - ok 16:57:52.0667 0x17d4 ================ Scan MBR ================================== 16:57:52.0668 0x17d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 16:57:52.0673 0x17d4 \Device\Harddisk0\DR0 - ok 16:57:52.0674 0x17d4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 16:57:52.0679 0x17d4 \Device\Harddisk1\DR1 - ok 16:57:52.0682 0x17d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 16:57:52.0876 0x17d4 \Device\Harddisk2\DR2 - ok 16:57:52.0876 0x17d4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 16:57:52.0893 0x17d4 \Device\Harddisk3\DR3 - ok 16:57:52.0893 0x17d4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4 16:57:53.0595 0x17d4 \Device\Harddisk4\DR4 - ok 16:57:53.0650 0x17d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5 16:57:53.0742 0x17d4 \Device\Harddisk5\DR5 - detected Rootkit.Boot.SST.b ( 0 ) 16:57:53.0742 0x17d4 \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - infected 16:57:56.0224 0x17d4 ================ Scan VBR ================================== 16:57:56.0224 0x17d4 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1 16:57:56.0224 0x17d4 \Device\Harddisk0\DR0\Partition1 - ok 16:57:56.0224 0x17d4 [ 4E5A47B84A1239387D669885C7827CC8 ] \Device\Harddisk0\DR0\Partition2 16:57:56.0911 0x17d4 \Device\Harddisk0\DR0\Partition2 - ok 16:57:56.0911 0x17d4 [ 6F9F84AB1878B8A871345C498291C159 ] \Device\Harddisk0\DR0\Partition3 16:57:56.0958 0x17d4 \Device\Harddisk0\DR0\Partition3 - ok 16:57:56.0958 0x17d4 [ 845321655D80268BD1D82FCD9D8E3D2C ] \Device\Harddisk0\DR0\Partition4 16:57:57.0005 0x17d4 \Device\Harddisk0\DR0\Partition4 - ok 16:57:57.0005 0x17d4 [ FB945DD791BFE566800D6A2B0A4D3E3A ] \Device\Harddisk1\DR1\Partition1 16:57:57.0817 0x17d4 \Device\Harddisk1\DR1\Partition1 - ok 16:57:57.0833 0x17d4 [ CFFEE9CE09946EBF82E3F72635A4EF4B ] \Device\Harddisk1\DR1\Partition2 16:57:57.0895 0x17d4 \Device\Harddisk1\DR1\Partition2 - ok 16:57:57.0895 0x17d4 [ C42CF0781D12937FB2EB63567D450101 ] \Device\Harddisk1\DR1\Partition3 16:57:57.0958 0x17d4 \Device\Harddisk1\DR1\Partition3 - ok 16:57:57.0958 0x17d4 [ 3D79E7F9772019C5CA4D0EB412F6C4CB ] \Device\Harddisk2\DR2\Partition1 16:57:57.0973 0x17d4 \Device\Harddisk2\DR2\Partition1 - ok 16:57:57.0973 0x17d4 [ CB17264DFFEF8A045B19F64B9DD3B19F ] \Device\Harddisk2\DR2\Partition2 16:57:57.0973 0x17d4 \Device\Harddisk2\DR2\Partition2 - ok 16:57:57.0973 0x17d4 [ 7EE1EF8432962E1703DE5E005F067647 ] \Device\Harddisk2\DR2\Partition3 16:57:57.0973 0x17d4 \Device\Harddisk2\DR2\Partition3 - ok 16:57:57.0989 0x17d4 [ 4DA69DC166266ADF8DF099EAAA49F585 ] \Device\Harddisk3\DR3\Partition1 16:57:58.0675 0x17d4 \Device\Harddisk3\DR3\Partition1 - ok 16:57:58.0691 0x17d4 [ 85F66079C7644EEAEFA95DE2A1305C2A ] \Device\Harddisk3\DR3\Partition2 16:57:58.0753 0x17d4 \Device\Harddisk3\DR3\Partition2 - ok 16:57:58.0769 0x17d4 [ 8011BE736890ABFA6FBC1F982F14CCFE ] \Device\Harddisk3\DR3\Partition3 16:57:58.0831 0x17d4 \Device\Harddisk3\DR3\Partition3 - ok 16:57:58.0831 0x17d4 [ C2BDA3BFE14B6909D193978F0339F9F3 ] \Device\Harddisk4\DR4\Partition1 16:57:59.0331 0x17d4 \Device\Harddisk4\DR4\Partition1 - ok 16:57:59.0347 0x17d4 [ D5D5C85638A3BEDAD379ECC51F2EDB93 ] \Device\Harddisk4\DR4\Partition2 16:57:59.0425 0x17d4 \Device\Harddisk4\DR4\Partition2 - ok 16:57:59.0425 0x17d4 [ D5F057BA1333A4CE1EC319B900E6674E ] \Device\Harddisk4\DR4\Partition3 16:57:59.0425 0x17d4 \Device\Harddisk4\DR4\Partition3 - ok 16:57:59.0425 0x17d4 [ 02B47C5D76273CDED1C12A459BFE3080 ] \Device\Harddisk5\DR5\Partition1 16:57:59.0441 0x17d4 \Device\Harddisk5\DR5\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 ) 16:57:59.0441 0x17d4 \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - infected 16:58:19.0515 0x17d4 [ 0FD1B24EED5EE77991202DC2534D943B ] \Device\Harddisk5\DR5\Partition2 16:58:19.0515 0x17d4 \Device\Harddisk5\DR5\Partition2 - ok 16:58:19.0531 0x17d4 [ 26F016019ED598CA7DE39D870D309E5A ] \Device\Harddisk5\DR5\Partition3 16:58:19.0531 0x17d4 \Device\Harddisk5\DR5\Partition3 - ok 16:58:19.0531 0x17d4 [ AEFCDB447FA584BBC3D2BC0D75FBF72B ] \Device\Harddisk5\DR5\Partition4 16:58:19.0531 0x17d4 \Device\Harddisk5\DR5\Partition4 - ok 16:58:19.0531 0x17d4 ================ Scan generic autorun ====================== 16:58:19.0531 0x17d4 Creative SB Monitoring Utility - ok 16:58:19.0609 0x17d4 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 16:58:19.0609 0x17d4 ArcSoft Connection Service - ok 16:58:19.0687 0x17d4 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 16:58:19.0718 0x17d4 Adobe ARM - ok 16:58:19.0780 0x17d4 [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe 16:58:19.0827 0x17d4 LifeCam - ok 16:58:19.0890 0x17d4 [ F9413654DBA2F81CA2FDC827C41BDF6E, 3C8FBD4813371AB372BF05E0D56B9949216302C07EF954C1777A4A35623D819F ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE 16:58:19.0890 0x17d4 APVXDWIN - ok 16:58:19.0921 0x17d4 [ 1CB26EC6478D64AA834802C74518561B, FB222950869236B66F6E7DD987AFC8688F59B0D0FC5B060B07FBEF003BCF0709 ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe 16:58:19.0921 0x17d4 SCANINICIO - ok 16:58:20.0077 0x17d4 [ 1B22422DC7EAA39E86820387C5AA1CB4, 365F4E690EDCF1FB86D88858456997E8433D6FDBEC384853D866EEA91F3ACE77 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe 16:58:20.0108 0x17d4 DivXMediaServer - ok 16:58:20.0202 0x17d4 [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 16:58:20.0217 0x17d4 DivXUpdate - ok 16:58:20.0342 0x17d4 [ 3CD9C60B23D870700F63AD4755364902, 0E02E5AAE14613286F486DB1F1F257E047B9F3FDF18480869274C1C1A2C735AF ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 16:58:20.0420 0x17d4 LogMeIn Hamachi Ui - ok 16:58:20.0420 0x17d4 AsioThk32Reg - ok 16:58:20.0498 0x17d4 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 16:58:20.0529 0x17d4 avgnt - ok 16:58:20.0639 0x17d4 [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 16:58:20.0671 0x17d4 StartCCC - ok 16:58:20.0827 0x17d4 [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 16:58:20.0905 0x17d4 BrStsMon00 - ok 16:58:20.0967 0x17d4 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 16:58:20.0983 0x17d4 Avira Systray - ok 16:58:21.0014 0x17d4 [ 38429BDE3F544D3B38CF3DFE4691688B, E0D2E93156C4A0ACD6B0AD833834F92520CE0935F8C864D5719EBC0582C0C3BE ] C:\Program Files (x86)\Raptr\raptrstub.exe 16:58:21.0029 0x17d4 Raptr - ok 16:58:21.0076 0x17d4 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 16:58:21.0092 0x17d4 SunJavaUpdateSched - ok 16:58:21.0185 0x17d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:58:21.0263 0x17d4 Sidebar - ok 16:58:21.0295 0x17d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:58:21.0326 0x17d4 mctadmin - ok 16:58:21.0373 0x17d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:58:21.0388 0x17d4 Sidebar - ok 16:58:21.0388 0x17d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:58:21.0388 0x17d4 mctadmin - ok 16:58:21.0482 0x17d4 [ 5224410189A80F65C4C5841311603350, 146F417791ED827CBD848C08DDB00EB22D3F8CAC7DC24F3CB27F34E9C1A0913C ] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk 16:58:21.0482 0x17d4 MotoCast - ok 16:58:21.0607 0x17d4 [ 4D2D5A2F86ED8E0DA5E63747F6AA6D8D, 9EF811C475BD08459CFE8A2B3277995CF5F6B673EF2F734D09CBDA952FC7479C ] C:\Program Files (x86)\Evaer\videochannel.exe 16:58:21.0638 0x17d4 avichannel - ok 16:58:21.0794 0x17d4 [ AFE3883FB37A5567C913E7DFCF2924A5, 3CA38EE302E0FF343DB87AE90DA868DCE5B7B490C2AA32164AF8DD4773482265 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 16:58:22.0075 0x17d4 DAEMON Tools Lite - ok 16:58:22.0200 0x17d4 [ F922C7051474DF6A41770D8C6C90A97C, 558F009485C04B531E08C144612C32DA4AF3A960BB7442E712F2687A546D05B4 ] C:\Users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 16:58:22.0466 0x17d4 AmazonMP3DownloaderHelper - ok 16:58:22.0575 0x17d4 [ 67532439BB1556CC64A551FDC4CD881E, 31841C350C6247F31D0FF61B6F70B4D713FBAB59AD7927F497014D1AF2B7FE98 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 16:58:22.0590 0x17d4 GarminExpressTrayApp - ok 16:58:22.0856 0x17d4 [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe 16:58:22.0934 0x17d4 Amazon Music - ok 16:58:22.0949 0x17d4 Waiting for KSN requests completion. In queue: 24 16:58:23.0963 0x17d4 Waiting for KSN requests completion. In queue: 24 16:58:24.0978 0x17d4 Waiting for KSN requests completion. In queue: 24 16:58:26.0368 0x17d4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x40000 ( disabled : updated ) 16:58:26.0368 0x17d4 AV detected via SS2: Panda Global Protection 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x51000 ( enabled : updated ) 16:58:26.0368 0x17d4 FW detected via SS2: Panda Personal Firewall 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x50010 ( disabled ) 16:58:26.0368 0x17d4 Win FW state via NFP2: enabled 16:58:28.0849 0x17d4 ============================================================ 16:58:28.0849 0x17d4 Scan finished 16:58:28.0849 0x17d4 ============================================================ 16:58:28.0849 0x17a4 Detected object count: 2 16:58:28.0849 0x17a4 Actual detected object count: 2 17:00:20.0105 0x17a4 \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - skipped by user 17:00:20.0105 0x17a4 \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - User select action: Skip 17:00:20.0105 0x17a4 \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user 17:00:20.0105 0x17a4 \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip Ok gleich kommen die nächsten Logs , das warn erstmal die TDSS. Danke für die schnelle Antwort |
02.12.2014, 18:07 | #5 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Nun die FRST.txt ... aber ich wollts nochmal erwähnen. Ich scanne grade an einem gesunden PC. Und die Infizierte Platte is nur als Wechseldatenträger drann.(Aber wenn euch da was zusätzlich verdächtigt vorkommt , gerne mich drauf Hinweisen ) FRST.txt : FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014 Ran by Jan (administrator) on AMDFXCROSSFIRE on 02-12-2014 18:00:23 Running from C:\Users\Jan\Desktop Loaded Profile: Jan (Available profiles: Jan) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe (AMD) C:\Windows\System32\atiesrxx.exe (Panda Security) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\WebProxy.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrlS.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe (Panda Security, S.L.) C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\AVENGINE.EXE (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Panda Security International) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe (Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (SolarWinds) C:\Program Files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Evaer Technology) C:\Program Files (x86)\Evaer\videochannel.exe (Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe () C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\ApVxdWin.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\SrvLoad.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavBckPT.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation) HKLM-x32\...\Run: [APVXDWIN] => C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE [1038192 2012-12-12] (Panda Security, S.L.) HKLM-x32\...\Run: [SCANINICIO] => C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe [70432 2012-11-08] (Panda Security, S.L.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] () HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.) HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-11-21] (Raptr, Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) Winlogon\Notify\avldr: C:\Windows\system32\avldr64.dll (On-Access Anti-Malware Scanner Sync) HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2051 2013-03-30] () HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1691136 2012-10-25] (Evaer Technology) HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-09-18] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Run: [Amazon Music] => C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281024 2014-10-15] () HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\MountPoints2: {08749b1d-2364-11e3-9404-14dae9221fc1} - I:\CD_Start.exe HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\MountPoints2: {63cb67b1-96bd-11e2-8d00-806e6f6e6963} - H:\Autorun.exe HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\MountPoints2: {f2609f02-9928-11e2-b804-14dae9221fc1} - J:\MotoCastSetup.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-441872813-2357865288-1052857262-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKU\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDC7CFDACE62ACE01 HKU\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://foxymethoxy.no-ip.org/codebase/DVM_IPCam2.ocx DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-441872813-2357865288-1052857262-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default\Extensions\abs@avira.com [2014-11-19] FF Extension: Vlc Kontextmenü - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2013-07-07] FF Extension: VLCWatcha - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default\Extensions\xxxxx@xxxxx.xxxx.xpi [2013-07-07] FF Extension: DownThemAll! - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-04-21] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-03-30] FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-04-17] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-04-17] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-18] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-03-28] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries) S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2012-12-27] (Wireless) [File not signed] R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC) R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.) R2 Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe [177440 2012-11-19] (Panda Security, S.L.) R2 PAVFNSVR; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe [202016 2012-09-21] (Panda Security, S.L.) R2 PavPrSrv; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768 2008-02-04] (Panda Security, S.L.) R2 PAVSRV; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe [313664 2011-04-13] (Panda Security, S.L.) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR) R2 PSHost; c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.EXE [226560 2009-11-26] (Panda Security International) R2 PSIMSVC; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe [108288 2008-06-19] (Panda Security S.L.) R2 PskSvcRetail; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe [28992 2010-08-16] (Panda Security, S.L.) R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] R2 SolarWinds TFTP Server; C:\Program Files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe [60928 2012-12-10] (SolarWinds) [File not signed] R2 TPSrv; C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe [173344 2012-11-16] (Panda Security, S.L.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [395520 2013-03-28] (AfaTech ) R2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [71432 2012-03-26] (Panda Security, S.L.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 APPFLT; C:\Windows\system32\Drivers\APPFLT64.SYS [129096 2011-01-31] (Panda Security, S.L.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG) R2 ComFiltr; C:\Windows\system32\DRIVERS\COMFiltr.sys [15928 2013-06-05] () S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.) S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd) S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd) S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd) S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd) S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.) S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.) R2 DSAFLT; C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-22] (DT Soft Ltd) R2 FNETMON; C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.) R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [68176 2011-02-15] (Paragon Software Group) R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2011-03-04] (Paragon Software Group) R2 IDSFLT; C:\Windows\system32\Drivers\IDSFLT64.SYS [78920 2010-09-09] (Panda Security, S.L.) R3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1558528 2013-03-26] (Creative Technology Ltd.) R2 NETFLTDI; C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.) R3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\n64i1644.sys [216648 2010-09-01] (Panda Security, S.L.) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) R1 ShldFlt; C:\Windows\System32\DRIVERS\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.) R2 WNMFLT; C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.) S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X] S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X] S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X] S3 DisplayLinkUsbIo_x64; system32\DRIVERS\DisplayLinkUsbIo_x64_7.2.47157.0.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 motandroidusb; System32\Drivers\motoandroid.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] R3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [X] S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-02 18:00 - 2014-12-02 18:00 - 00025926 _____ () C:\Users\Jan\Desktop\FRST.txt 2014-12-02 17:56 - 2014-12-02 18:00 - 00000000 ____D () C:\FRST 2014-12-02 17:54 - 2014-12-02 17:55 - 02117120 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe 2014-12-02 17:13 - 2014-12-02 17:13 - 02154496 _____ () C:\Users\Jan\Downloads\adwcleaner_4.103.exe 2014-12-02 17:09 - 2014-12-02 17:09 - 00056738 _____ () C:\Users\Jan\Desktop\TDSSKiller.3.0.0.41_02.12.2014_16.56.43_log.zip 2014-12-02 16:56 - 2014-12-02 16:56 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Jan\Desktop\TDSSKiller30041.exe 2014-12-02 16:55 - 2014-12-02 16:55 - 01174352 _____ () C:\Users\Jan\Downloads\TDSSKiller - CHIP-Installer.exe 2014-12-02 16:51 - 2014-12-02 16:51 - 00000022 _____ () C:\Users\Jan\Desktop\TDSSKiller.2.8.16.0_04.04.2014_19.58.37_log.zip 2014-12-01 21:56 - 2014-12-01 21:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-30 23:04 - 2014-11-30 23:04 - 00000000 ____D () C:\Windows\Sun 2014-11-30 23:03 - 2014-11-30 23:03 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-11-30 23:03 - 2014-11-30 23:03 - 00001346 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk 2014-11-30 23:03 - 2014-11-30 23:03 - 00001342 _____ () C:\Users\Jan\Desktop\Knuddels.de.lnk 2014-11-30 23:03 - 2014-11-30 23:03 - 00000000 ____D () C:\Program Files (x86)\Knuddels 2014-11-30 23:02 - 2014-11-30 23:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-30 23:02 - 2014-11-30 23:02 - 00000000 ____D () C:\Program Files\Java 2014-11-30 23:01 - 2014-11-30 23:01 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-30 22:57 - 2014-11-30 22:58 - 75085992 _____ () C:\Users\Jan\Downloads\KnuddelsJavaUpdater(1).exe 2014-11-30 21:19 - 2014-11-30 21:22 - 75085992 _____ () C:\Users\Jan\Downloads\KnuddelsJavaUpdater.exe 2014-11-26 18:44 - 2014-11-26 18:44 - 05770133 _____ () C:\Users\Jan\Desktop\Hermes.wma 2014-11-26 18:36 - 2014-11-26 18:36 - 32175823 _____ () C:\Users\Jan\Desktop\Unbenannt.wma 2014-11-24 17:50 - 2014-11-29 23:51 - 00000000 ____D () C:\Users\Jan\Desktop\Hörner 2014-11-20 17:25 - 2014-11-20 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2014-11-20 17:16 - 2014-11-20 17:16 - 00000000 ____D () C:\Users\Jan\Desktop\TS-HTGL_1.35_1.39 2014-11-19 22:16 - 2014-11-19 22:16 - 00000000 ____D () C:\ProgramData\Samsung 2014-11-19 22:16 - 2014-11-19 22:16 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate 2014-11-19 17:27 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 17:27 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-19 17:27 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-19 17:27 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-17 17:50 - 2014-11-18 09:27 - 00000000 ____D () C:\Users\Jan\Desktop\Präsentation 2014-11-17 17:48 - 2014-11-17 17:48 - 00000000 _____ () C:\Users\Jan\Desktop\Neue Bitmap.bmp 2014-11-15 17:16 - 2014-11-15 17:16 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieBrowserModeList 2014-11-15 14:18 - 2014-11-15 14:18 - 00000000 ____D () C:\!KillBox 2014-11-15 14:17 - 2014-11-15 14:17 - 01125200 _____ () C:\Users\Jan\Downloads\Pocket KillBox - CHIP-Installer.exe 2014-11-15 09:21 - 2012-09-20 18:52 - 00618102 _____ () C:\Users\Jan\Desktop\Auge.bmp 2014-11-15 08:57 - 2010-04-06 00:20 - 05027670 _____ () C:\Users\Jan\Desktop\Stummfilm.avi 2014-11-13 10:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-13 10:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-13 10:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-13 10:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-13 10:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-13 10:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-13 10:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-13 10:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-13 10:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-13 10:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-13 10:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-13 10:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-13 10:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-13 10:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-13 10:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-13 10:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-13 10:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-13 10:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-13 10:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-13 10:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-13 10:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-13 10:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-13 10:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-13 10:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-13 10:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-13 10:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-13 10:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-13 10:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-13 10:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-13 10:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-13 10:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-13 10:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-13 10:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-13 10:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-13 10:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-13 10:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-13 10:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 10:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-13 10:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-13 10:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-13 10:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-13 10:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-13 10:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-13 10:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-13 10:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-13 10:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-13 10:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-13 10:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-13 10:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-13 10:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-13 10:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-13 10:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-13 10:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-13 10:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-13 10:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-13 10:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-13 10:24 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-13 10:24 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-13 10:24 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-13 10:24 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-13 10:24 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-13 10:24 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-13 10:24 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-13 10:24 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-13 10:24 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-13 10:24 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-13 10:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-13 10:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-13 10:19 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-13 10:19 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-13 10:19 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-13 10:19 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-13 10:19 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-13 10:19 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-13 10:19 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-13 10:19 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-13 10:19 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-13 10:19 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-13 10:19 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-13 10:19 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-13 10:19 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-13 10:19 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-13 10:19 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-13 10:19 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-13 10:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-13 10:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-13 10:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-13 10:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-13 10:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-13 10:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-13 10:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-06 15:57 - 2014-11-19 17:54 - 00000000 ____D () C:\Users\Jan\Desktop\Sent 2014-11-04 19:39 - 2014-11-04 20:09 - 00008437 _____ () C:\Users\Jan\Desktop\Bacterien (1).ods 2014-11-04 19:16 - 2014-11-04 19:16 - 01375089 _____ () C:\Users\Jan\Downloads\adwcleaner_3.311.exe 2014-11-03 19:19 - 2014-11-03 19:19 - 626722909 _____ () C:\Windows\MEMORY.DMP 2014-11-03 19:19 - 2014-11-03 19:19 - 00622216 _____ () C:\Windows\Minidump\110314-32089-01.dmp 2014-11-03 18:28 - 2014-11-03 18:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Motousbnet_01009.Wdf 2014-11-03 18:28 - 2014-11-03 18:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motfilt_01009.Wdf 2014-11-03 18:28 - 2014-11-03 18:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf 2014-11-03 18:26 - 2014-11-03 18:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motusbdevice_01009.Wdf ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-02 17:34 - 2009-07-14 05:45 - 00027632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-02 17:34 - 2009-07-14 05:45 - 00027632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-02 17:33 - 2013-06-05 16:48 - 00000232 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck 2014-12-02 17:33 - 2013-06-05 16:48 - 00000232 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg 2014-12-02 17:33 - 2013-03-27 10:07 - 01378060 _____ () C:\Windows\WindowsUpdate.log 2014-12-02 17:32 - 2013-10-15 19:20 - 00000000 ____D () C:\Users\Jan\AppData\Local\LogMeIn Hamachi 2014-12-02 17:30 - 2013-06-05 16:50 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck 2014-12-02 17:30 - 2013-06-05 16:50 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg 2014-12-02 17:30 - 2013-06-05 16:50 - 00000128 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck 2014-12-02 17:30 - 2013-06-05 16:50 - 00000128 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt 2014-12-02 17:30 - 2013-06-05 16:50 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck 2014-12-02 17:30 - 2013-06-05 16:50 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg 2014-12-02 17:30 - 2013-06-05 16:50 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck 2014-12-02 17:30 - 2013-06-05 16:50 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg 2014-12-02 17:30 - 2013-06-05 16:44 - 00410084 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck 2014-12-02 17:30 - 2013-06-05 16:44 - 00410084 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT 2014-12-02 17:30 - 2013-06-05 16:44 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck 2014-12-02 17:30 - 2013-06-05 16:44 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG 2014-12-02 17:29 - 2013-03-30 13:00 - 00000000 ____D () C:\Users\Jan\.gstreamer-0.10 2014-12-02 17:29 - 2013-03-30 12:55 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\MotoCast 2014-12-02 17:28 - 2013-06-05 16:48 - 00000060 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck 2014-12-02 17:28 - 2013-06-05 16:48 - 00000060 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt 2014-12-02 17:25 - 2014-10-25 19:30 - 00000000 ____D () C:\Temp 2014-12-02 17:25 - 2013-12-08 23:14 - 00056668 _____ () C:\Windows\setupact.log 2014-12-02 17:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-02 17:16 - 2013-12-09 18:58 - 00013992 _____ () C:\Windows\PFRO.log 2014-12-02 17:16 - 2013-04-18 21:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-02 17:14 - 2013-11-17 17:38 - 00000000 ____D () C:\AdwCleaner 2014-12-02 17:11 - 2013-05-18 11:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-02 16:46 - 2013-11-25 20:15 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-12-02 16:46 - 2010-11-21 07:50 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2014-12-02 16:46 - 2010-11-21 07:50 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2014-12-02 16:46 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-01 22:05 - 2013-08-10 14:16 - 00000758 _____ () C:\Users\Jan\Desktop\Filme.lnk 2014-12-01 21:51 - 2014-05-20 19:24 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Raptr 2014-12-01 18:05 - 2013-06-05 16:56 - 00008627 _____ () C:\Windows\SysWOW64\PAV_FOG.OPC 2014-12-01 17:13 - 2013-06-05 16:50 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck 2014-12-01 17:13 - 2013-06-05 16:50 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg 2014-11-30 23:02 - 2014-03-12 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-30 23:01 - 2014-03-12 17:51 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-29 15:31 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-29 03:08 - 2013-03-28 20:28 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\vlc 2014-11-28 19:31 - 2014-06-05 12:08 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1385406909 2014-11-26 21:11 - 2013-05-18 11:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-26 21:11 - 2013-03-27 20:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-26 21:11 - 2013-03-27 20:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-26 17:51 - 2013-03-27 10:24 - 00000000 ____D () C:\Users\Jan\AppData\Local\VirtualStore 2014-11-22 13:54 - 2014-05-20 19:24 - 00000000 ____D () C:\Program Files (x86)\Raptr 2014-11-21 06:21 - 2014-09-01 17:45 - 00007622 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg 2014-11-20 21:31 - 2014-05-12 11:22 - 00000385 _____ () C:\Users\Jan\Desktop\Neues Textdokument (2).txt 2014-11-19 22:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool 2014-11-19 21:56 - 2014-02-16 14:47 - 00000000 ____D () C:\Users\Jan\Desktop\Bewerbungen 2014-11-17 20:11 - 2014-04-15 16:22 - 00000000 ____D () C:\Users\Jan\AppData\Local\Amazon Cloud Player 2014-11-14 22:57 - 2014-05-20 18:32 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-14 22:56 - 2014-08-28 11:26 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-11-14 22:56 - 2013-11-25 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-11-14 22:56 - 2013-11-25 18:45 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-11-13 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-13 15:42 - 2009-07-14 05:45 - 00308792 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 15:40 - 2014-05-07 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-13 11:04 - 2013-07-26 22:14 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-13 10:59 - 2013-04-13 11:34 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-04 23:33 - 2013-03-28 10:51 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\ICQ 2014-11-04 20:12 - 2014-10-24 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-11-04 19:30 - 2014-04-15 15:49 - 00001267 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk 2014-11-03 19:19 - 2013-09-08 18:40 - 00000000 ____D () C:\Windows\Minidump Some content of TEMP: ==================== C:\Users\Jan\AppData\Local\Temp\avgnt.exe C:\Users\Jan\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Jan\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Jan\AppData\Local\Temp\drm_dyndata_7410004.dll C:\Users\Jan\AppData\Local\Temp\FreemakeVideoDownloader_3.6.4.1.exe C:\Users\Jan\AppData\Local\Temp\JavaRa.exe C:\Users\Jan\AppData\Local\Temp\jli.dll C:\Users\Jan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Jan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Jan\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Jan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Jan\AppData\Local\Temp\jre-8u25-windows-i586.exe C:\Users\Jan\AppData\Local\Temp\jre-8u25-windows-x64.exe C:\Users\Jan\AppData\Local\Temp\keytool.exe C:\Users\Jan\AppData\Local\Temp\MotorolaDeviceManager_2.0405.exe C:\Users\Jan\AppData\Local\Temp\msvcr100.dll C:\Users\Jan\AppData\Local\Temp\node.exe C:\Users\Jan\AppData\Local\Temp\PCloudCleanerUpdater.exe C:\Users\Jan\AppData\Local\Temp\Quarantine.exe C:\Users\Jan\AppData\Local\Temp\raptrpatch.exe C:\Users\Jan\AppData\Local\Temp\raptr_stub.exe C:\Users\Jan\AppData\Local\Temp\SkypeSetup.exe C:\Users\Jan\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll C:\Users\Jan\AppData\Local\Temp\sqlite3.dll C:\Users\Jan\AppData\Local\Temp\sqlite3.exe C:\Users\Jan\AppData\Local\Temp\vlc-2.1.4-win64.exe C:\Users\Jan\AppData\Local\Temp\vlc-2.1.5-win64.exe C:\Users\Jan\AppData\Local\Temp\{AABBAA94-A61A-4893-BC80-17990EBC24C0}.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-27 19:08 ==================== End Of Log ============================ --- --- --- Nun die Additional txt:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2014 Ran by Jan at 2014-12-02 18:01:12 Running from C:\Users\Jan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Panda Global Protection 2013 (Enabled - Up to date) {86971480-9989-6750-B122-681A86518D59} AS: Panda Global Protection 2013 (Enabled - Up to date) {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Personal Firewall 2013 (Disabled) {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark) 3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\Amazon Amazon Music) (Version: 3.6.0.671 - Amazon Services LLC) AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.291 - ArcSoft) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology) Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira) Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version: - ) Battlefield 1942: Secret Weapons of WWII (HKLM-x32\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version: - ) Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version: - ) Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.) BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform) Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - ) Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited) Creative Konsole Starter (HKLM-x32\...\Console Launcher) (Version: - Creative Technology Limited) Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland) Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC) Drive Rescue 1.9 (HKLM-x32\...\Drive Rescue_is1) (Version: - Alexander Grau) Elevated Installer (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden Evaer Video Recorder for Skype 1.2.9.96 (HKLM-x32\...\Evaer Video Recorder for Skype) (Version: 1.2.9.96 - Evaer Technology) ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - ) FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - hxxp://www.FlashGet.com) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation) Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark) Garmin Express (HKLM-x32\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games) Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto) Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games) Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games) GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - ) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve) Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve) Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve) HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) HL-4150CDN (HKLM-x32\...\{123DE6D6-9566-4777-AC81-E6D86FFA95DA}) (Version: 1.0.6.0 - Brother Industries, Ltd.) IP Camera (HKLM-x32\...\IP Camera) (Version: - ) IPCamClient (HKLM-x32\...\{B1534528-3E4B-4630-A06D-8115917A2B92}) (Version: 1.0.0.10 - ) IPCamSetup (HKLM-x32\...\{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}) (Version: 1.00.0000 - FOSCAM) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.58 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.58 - LogMeIn, Inc.) Hidden Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-441872813-2357865288-1052857262-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility) Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MPU easy Trainingssoftware (HKLM-x32\...\MPU easy) (Version: - Lueck mediafactory) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) ocxinstall (HKLM-x32\...\{1A2606DD-5E86-4ADA-954B-D98012A174E0}) (Version: 1.0.0.32 - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Opera Stable 26.0.1656.24 (HKLM-x32\...\Opera 26.0.1656.24) (Version: 26.0.1656.24 - Opera Software ASA) Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security) Panda Global Protection 2013 (HKLM-x32\...\{81A25967-DB85-4B48-A8A7-D25AC191DEE4}) (Version: 6.01.01 - Panda Security) Panda Global Protection 2013 (x32 Version: 6.01.01 - Panda Security) Hidden Paragon GPT Loader (HKLM-x32\...\{29526580-8F47-11DF-9C18-005056C00008}) (Version: 90.00.0003 - Paragon Software) Password Depot 6 - Panda Secure Vault Edition (HKLM-x32\...\{AAE587E4-E661-4DB5-96DF-6E31C548F186}_is1) (Version: 6.1.5 - AceBIT GmbH) PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific) PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version: - ) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SolarWinds TFTP Server (HKLM-x32\...\{BC3EE229-5486-40AD-8834-63B5BDC23C50}) (Version: 10.9.0.25 - SolarWinds) Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve) SYNQ DFX-48 V101 (HKLM-x32\...\SYNQ DFX-48 V101) (Version: - ) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal) TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) USB Sound Blaster HD (HKLM-x32\...\{3BE06146-8ADC-47D7-9AD5-E5CABF1FF90C}) (Version: 1.0 - Creative Technology Limited) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e) Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - Xvid Development Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-441872813-2357865288-1052857262-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-441872813-2357865288-1052857262-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-441872813-2357865288-1052857262-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-441872813-2357865288-1052857262-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 21-06-2014 13:15:29 Installed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology 24-06-2014 14:11:09 Windows-Sicherung 02-07-2014 13:44:55 Geplanter Prüfpunkt 11-07-2014 16:52:24 Geplanter Prüfpunkt 11-08-2014 23:17:36 Geplanter Prüfpunkt 17-08-2014 23:40:26 Windows-Sicherung 26-08-2014 21:34:19 Geplanter Prüfpunkt 01-09-2014 19:28:52 Windows-Sicherung 19-11-2014 23:29:24 Windows Update 27-11-2014 18:15:32 Geplanter Prüfpunkt 30-11-2014 21:59:13 Knuddels Updater ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {073968F2-BEE0-45FF-BF3F-E4A7D08172D6} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {1A3B7E6A-76BA-4363-86C4-589DA5B12E34} - System32\Tasks\{34DD2E8F-3859-4FE9-A247-6A6C39048CE9} => C:\Spiele\St3am\SteamApps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe Task: {1B167C7F-767F-48DF-9805-0AB2952BEB1F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] () Task: {25BB7F70-30C9-4D0E-98F9-4588B669BCFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd) Task: {772DE897-FA91-41C9-89CB-1878127720AB} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {9F4B0C1A-B3F3-465B-93DD-F3FD472567C3} - System32\Tasks\{9365BA7E-2EE8-41D8-9ED0-16529B890CC6} => R:\Spiele\Battlefield1942\BF1942.exe [2004-01-22] () Task: {A671A049-B9A9-49F3-BE27-14C3B4A7B9B7} - System32\Tasks\{D1B41188-87C3-4BCA-8294-C39E2012998F} => R:\Spiele\Battlefield1942\BF1942.exe [2004-01-22] () Task: {B4ED9AE3-5443-44F4-9E7F-74BF9F199129} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated) Task: {C2D8A5B8-91AD-4124-A035-0683BB006E4A} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] () Task: {D6D67299-B405-425A-8399-0E12061D7669} - System32\Tasks\Opera scheduled Autoupdate 1385406909 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-20] (Opera Software) Task: {DA0EBC57-208A-424C-8F30-6480B809EEC2} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-18 12:06 - 2014-09-18 11:06 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll 2014-04-17 21:29 - 2014-04-17 21:29 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2014-04-17 21:29 - 2014-04-17 21:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2013-11-16 12:12 - 2013-01-25 10:08 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2013-11-16 12:12 - 2013-01-25 10:06 - 00328704 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2014-11-17 20:11 - 2014-10-15 06:35 - 06281024 _____ () C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe 2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2012-10-19 20:46 - 2012-10-19 20:46 - 00240056 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe 2014-04-17 21:29 - 2014-04-17 21:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll 2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll 2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll 2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll 2013-10-31 16:05 - 2013-10-31 16:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2013-06-05 16:44 - 2007-02-14 11:55 - 00165424 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\MiniCrypto.dll 2013-06-05 16:44 - 2004-05-19 09:33 - 00507904 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\libxml2.dll 2013-06-05 16:44 - 2007-02-14 11:55 - 00099888 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APIcr.dll 2014-12-02 17:29 - 2014-12-02 17:29 - 00205824 ____N () C:\Users\Jan\AppData\Local\Temp\WindowsAPI.dll1794071622638929166.lib 2013-03-30 13:00 - 2013-03-30 13:00 - 00509440 ____N () C:\Users\Jan\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll 2013-03-28 18:18 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll 2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2013-03-28 18:18 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll 2013-03-28 18:18 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll 2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00699392 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 01396736 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00085504 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00030208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00471552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00253440 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00109568 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00038400 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00048640 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00126976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00038912 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00017920 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00248352 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00123947 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00133120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00098304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00078848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00052224 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00123904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00041984 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00212480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00011776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00016896 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00086016 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00091136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00073216 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00026624 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00187904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00069120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00331264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00023552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 01694208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00122880 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 02009600 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00033280 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00036864 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00088064 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 01376256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 01563136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00363008 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00531968 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00119296 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00029696 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00037888 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00035840 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00276480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00069632 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00276992 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00207872 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00047616 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00150528 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00039936 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00025088 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00132608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00190976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00035328 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00011264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00054784 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00051712 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00061952 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00032768 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00162304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 01520128 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00050688 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00196608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00042496 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll 2012-10-19 20:46 - 2012-10-19 20:46 - 00013312 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll 2014-12-01 21:56 - 2014-12-01 21:56 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\28404067.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\28404067.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-441872813-2357865288-1052857262-500 - Administrator - Disabled) Gast (S-1-5-21-441872813-2357865288-1052857262-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-441872813-2357865288-1052857262-1003 - Limited - Enabled) Jan (S-1-5-21-441872813-2357865288-1052857262-1000 - Administrator - Enabled) => C:\Users\Jan ==================== Faulty Device Manager Devices ============= Name: Hamachi Network Interface Description: Hamachi Network Interface Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn, Inc. Service: hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (12/02/2014 05:51:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 34.0.0.5442, Zeitstempel: 0x5475509b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0x1848 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (12/02/2014 05:37:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: raptr.exe, Version: 4.2.5.0, Zeitstempel: 0x4bbd3163 Name des fehlerhaften Moduls: PavLspHookWow.DLL, Version: 9.2.2.1, Zeitstempel: 0x4fbb9911 Ausnahmecode: 0xc000000d Fehleroffset: 0x00004a81 ID des fehlerhaften Prozesses: 0x17dc Startzeit der fehlerhaften Anwendung: 0xraptr.exe0 Pfad der fehlerhaften Anwendung: raptr.exe1 Pfad des fehlerhaften Moduls: raptr.exe2 Berichtskennung: raptr.exe3 Error: (12/02/2014 05:26:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 05:26:07 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/02/2014 05:18:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 05:17:31 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/02/2014 04:41:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 04:40:52 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/01/2014 05:11:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/01/2014 05:10:39 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 System errors: ============= Error: (12/02/2014 06:01:53 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:51 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:50 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:48 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:47 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:45 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:44 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:42 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:41 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (12/02/2014 06:01:39 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Microsoft Office Sessions: ========================= Error: (12/02/2014 05:51:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: firefox.exe34.0.0.54425475509bntdll.dll6.1.7601.18247521ea8e7c0000374000ce753184801d00e5023ef8c87C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SysWOW64\ntdll.dll6690dd20-7a43-11e4-9a0c-14dae9221fc1 Error: (12/02/2014 05:37:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: raptr.exe4.2.5.04bbd3163PavLspHookWow.DLL9.2.2.14fbb9911c000000d00004a8117dc01d00e4d25aea12dC:\PROGRA~2\Raptr\raptr.exeC:\WINDOWS\SYSWOW64\PavLspHookWow.DLL7df2beef-7a41-11e4-9a0c-14dae9221fc1 Error: (12/02/2014 05:26:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 05:26:07 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/02/2014 05:18:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 05:17:31 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/02/2014 04:41:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/02/2014 04:40:52 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 Error: (12/01/2014 05:11:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/01/2014 05:10:39 PM) (Source: SolarWinds TFTP Server) (EventID: 0) (User: ) Description: Bindung an IP-Adresse nicht möglich. Konfigurieren Sie TFTP Server so, dass eine Bindung an alle derzeit auf dem System vorhandenen IP-Adressen möglich ist. Derzeit konfigurierte Adressen: 192.168.11.1/32 ==================== Memory info =========================== Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 28% Total physical RAM: 8138.42 MB Available physical RAM: 5783.13 MB Total Pagefile: 16275.02 MB Available Pagefile: 13181.12 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:270.35 GB) (Free:105.96 GB) NTFS Drive d: () (Fixed) (Total:452.15 GB) (Free:314.33 GB) NTFS Drive f: (Western_1_Digital3TB_1) (Fixed) (Total:1036.71 GB) (Free:554.62 GB) NTFS Drive g: () (Fixed) (Total:193.36 GB) (Free:173.4 GB) NTFS Drive h: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive i: (Recovery) (Fixed) (Total:13.5 GB) (Free:1.1 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive p: (Western_1_Digital3TB_2) (Fixed) (Total:1005.86 GB) (Free:411.25 GB) NTFS Drive r: (Western_2_Digital3TB_1) (Fixed) (Total:908.16 GB) (Free:354.13 GB) NTFS Drive s: (Western_2_Digital3TB_2) (Fixed) (Total:908.16 GB) (Free:691.05 GB) NTFS Drive t: (Western_2_Digital3TB_3) (Fixed) (Total:978.07 GB) (Free:164.22 GB) NTFS Drive u: (Western_3_Digital3TB_1) (Fixed) (Total:909.75 GB) (Free:744.54 GB) NTFS Drive v: (Western_3_Digital3TB_2) (Fixed) (Total:910.16 GB) (Free:803.61 GB) NTFS Drive w: (Western_3_Digital3TB_3) (Fixed) (Total:974.61 GB) (Free:973.27 GB) NTFS Drive x: (Western_4_Digital3TB_1) (Fixed) (Total:908.78 GB) (Free:822.97 GB) NTFS Drive y: (Western_4_Digital3TB_2) (Fixed) (Total:909.18 GB) (Free:840.6 GB) NTFS Drive z: (Western_4_Digital3TB_3) (Fixed) (Total:976.56 GB) (Free:869.91 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 2A8F2312) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 2794.5 GB) (Disk ID: DDFBDDFB) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 93191898) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=193.4 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 2794.5 GB) (Disk ID: 00000001) Partition: GPT Partition Type. ======================================================== Disk: 4 (Size: 2794.5 GB) (Disk ID: E7138AE3) Partition: GPT Partition Type. ======================================================== Disk: 5 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 42148CB1) Partition 1: (Active) - (Size=13.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=10 MB) - (Type=07 NTFS) ==================== End Of Log ============================ |
03.12.2014, 11:48 | #6 |
/// the machine /// TB-Ausbilder | Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Scan mit Combofix
__________________ --> Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside |
03.12.2014, 16:36 | #7 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside TDSS 15:46:59.0191 0x0f5c TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 15:47:01.0284 0x0f5c ============================================================ 15:47:01.0284 0x0f5c Current date / time: 2014/12/03 15:47:01.0284 15:47:01.0284 0x0f5c SystemInfo: 15:47:01.0284 0x0f5c 15:47:01.0284 0x0f5c OS Version: 6.1.7601 ServicePack: 1.0 15:47:01.0284 0x0f5c Product type: Workstation 15:47:01.0284 0x0f5c ComputerName: AMDFXCROSSFIRE 15:47:01.0284 0x0f5c UserName: Jan 15:47:01.0284 0x0f5c Windows directory: C:\Windows 15:47:01.0284 0x0f5c System windows directory: C:\Windows 15:47:01.0285 0x0f5c Running under WOW64 15:47:01.0285 0x0f5c Processor architecture: Intel x64 15:47:01.0285 0x0f5c Number of processors: 8 15:47:01.0285 0x0f5c Page size: 0x1000 15:47:01.0285 0x0f5c Boot type: Normal boot 15:47:01.0285 0x0f5c ============================================================ 15:47:03.0000 0x0f5c KLMD registered as C:\Windows\system32\drivers\76703731.sys 15:47:03.0233 0x0f5c System UUID: {144609C6-277B-040E-AC59-F06BF1D25E5F} 15:47:03.0561 0x0f5c Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:47:03.0561 0x0f5c Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:47:03.0570 0x0f5c Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:47:03.0570 0x0f5c Drive \Device\Harddisk3\DR3 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:47:03.0570 0x0f5c Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:47:03.0578 0x0f5c Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:47:03.0634 0x0f5c ============================================================ 15:47:03.0634 0x0f5c \Device\Harddisk0\DR0: 15:47:03.0634 0x0f5c GPT partitions: 15:47:03.0635 0x0f5c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8364E391-EF97-4689-BBB3-F7AC411295F6}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000 15:47:03.0635 0x0f5c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0773DDDA-7FC5-4838-D299-65E7B62441F4}, Name: Basic data partition, StartLBA 0x41000, BlocksNum 0x71853000 15:47:03.0635 0x0f5c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {07AAE340-91A7-4E95-EAB0-0EFD4A31D1FD}, Name: Basic data partition, StartLBA 0x71894000, BlocksNum 0x71853000 15:47:03.0635 0x0f5c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5FCE86C3-D3E4-454B-55D8-C08005033E56}, Name: Basic data partition, StartLBA 0xE30E7000, BlocksNum 0x7A423000 15:47:03.0635 0x0f5c MBR partitions: 15:47:03.0635 0x0f5c \Device\Harddisk1\DR1: 15:47:03.0635 0x0f5c GPT partitions: 15:47:03.0636 0x0f5c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6D65002A-B863-4D54-9EF5-E0387371494F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71B81800 15:47:03.0636 0x0f5c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E0E7C3B6-89C8-43B7-A1C3-1882F1A5A3DD}, Name: Basic data partition, StartLBA 0x71B82000, BlocksNum 0x71C4F800 15:47:03.0636 0x0f5c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F0B8BAC-A2C5-4CCA-8228-DC243D0FCA1C}, Name: Basic data partition, StartLBA 0xE37D1800, BlocksNum 0x79D38000 15:47:03.0636 0x0f5c MBR partitions: 15:47:03.0636 0x0f5c \Device\Harddisk2\DR2: 15:47:03.0636 0x0f5c MBR partitions: 15:47:03.0636 0x0f5c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:47:03.0636 0x0f5c \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x21CB3000 15:47:03.0636 0x0f5c \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x21CE5800, BlocksNum 0x182B8000 15:47:03.0636 0x0f5c \Device\Harddisk3\DR3: 15:47:03.0637 0x0f5c GPT partitions: 15:47:03.0637 0x0f5c \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {283654C3-1EDF-4DFC-985C-68EE18B8396C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x7198D800 15:47:03.0637 0x0f5c \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {64448BDE-9715-4BBE-AA2B-4979E40FA37C}, Name: Basic data partition, StartLBA 0x7198E000, BlocksNum 0x71A5B800 15:47:03.0637 0x0f5c \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {154B5B89-618D-4086-9455-90677718D689}, Name: Basic data partition, StartLBA 0xE33E9800, BlocksNum 0x7A120000 15:47:03.0637 0x0f5c MBR partitions: 15:47:03.0637 0x0f5c \Device\Harddisk4\DR4: 15:47:03.0637 0x0f5c GPT partitions: 15:47:03.0638 0x0f5c \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B67E26B0-97B6-4911-CE13-C2A37AD68D0B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x81969800 15:47:03.0638 0x0f5c \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0A330361-6241-4614-8E52-0BA87BB7D564}, Name: Basic data partition, StartLBA 0x8196A000, BlocksNum 0x7DBB8000 15:47:03.0638 0x0f5c \Device\Harddisk4\DR4\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {11333C85-0799-4CDE-5B10-1623ED381EAF}, Name: Basic data partition, StartLBA 0xFF522000, BlocksNum 0x5DFE8000 15:47:03.0638 0x0f5c MBR partitions: 15:47:03.0638 0x0f5c \Device\Harddisk5\DR5: 15:47:03.0640 0x0f5c MBR partitions: 15:47:03.0640 0x0f5c \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1B00800 15:47:03.0640 0x0f5c \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0x1B01800, BlocksNum 0x32000 15:47:03.0640 0x0f5c \Device\Harddisk5\DR5\Partition3: MBR, Type 0x7, StartLBA 0x1B33800, BlocksNum 0x3884B800 15:47:03.0640 0x0f5c \Device\Harddisk5\DR5\Partition4: MBR, Type 0x7, StartLBA 0x3A37F000, BlocksNum 0x5000 15:47:03.0640 0x0f5c ============================================================ 15:47:03.0668 0x0f5c C: <-> \Device\Harddisk2\DR2\Partition2 15:47:03.0702 0x0f5c G: <-> \Device\Harddisk2\DR2\Partition3 15:47:03.0702 0x0f5c Z: <-> \Device\Harddisk3\DR3\Partition3 15:47:03.0703 0x0f5c Y: <-> \Device\Harddisk3\DR3\Partition2 15:47:03.0704 0x0f5c X: <-> \Device\Harddisk3\DR3\Partition1 15:47:03.0704 0x0f5c W: <-> \Device\Harddisk1\DR1\Partition3 15:47:03.0705 0x0f5c V: <-> \Device\Harddisk1\DR1\Partition2 15:47:03.0705 0x0f5c U: <-> \Device\Harddisk1\DR1\Partition1 15:47:03.0706 0x0f5c T: <-> \Device\Harddisk0\DR0\Partition4 15:47:03.0707 0x0f5c S: <-> \Device\Harddisk0\DR0\Partition3 15:47:03.0708 0x0f5c R: <-> \Device\Harddisk0\DR0\Partition2 15:47:03.0709 0x0f5c P: <-> \Device\Harddisk4\DR4\Partition2 15:47:03.0734 0x0f5c F: <-> \Device\Harddisk4\DR4\Partition1 15:47:03.0755 0x0f5c H: <-> \Device\Harddisk5\DR5\Partition2 15:47:03.0776 0x0f5c I: <-> \Device\Harddisk5\DR5\Partition1 15:47:03.0794 0x0f5c D: <-> \Device\Harddisk5\DR5\Partition3 15:47:03.0796 0x0f5c ============================================================ 15:47:03.0796 0x0f5c Initialize success 15:47:03.0796 0x0f5c ============================================================ 15:47:15.0142 0x1bc0 ============================================================ 15:47:15.0143 0x1bc0 Scan started 15:47:15.0143 0x1bc0 Mode: Manual; 15:47:15.0143 0x1bc0 ============================================================ 15:47:15.0143 0x1bc0 KSN ping started 15:47:28.0554 0x1bc0 KSN ping finished: true 15:47:29.0962 0x1bc0 ================ Scan system memory ======================== 15:47:29.0962 0x1bc0 System memory - ok 15:47:29.0963 0x1bc0 ================ Scan services ============================= 15:47:30.0162 0x1bc0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 15:47:30.0203 0x1bc0 1394ohci - ok 15:47:30.0321 0x1bc0 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 15:47:30.0347 0x1bc0 ACDaemon - ok 15:47:30.0376 0x1bc0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 15:47:30.0393 0x1bc0 ACPI - ok 15:47:30.0404 0x1bc0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 15:47:30.0410 0x1bc0 AcpiPmi - ok 15:47:30.0491 0x1bc0 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:47:30.0521 0x1bc0 AdobeARMservice - ok 15:47:30.0635 0x1bc0 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:47:30.0643 0x1bc0 AdobeFlashPlayerUpdateSvc - ok 15:47:30.0694 0x1bc0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 15:47:30.0736 0x1bc0 adp94xx - ok 15:47:30.0769 0x1bc0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 15:47:30.0798 0x1bc0 adpahci - ok 15:47:30.0818 0x1bc0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 15:47:30.0845 0x1bc0 adpu320 - ok 15:47:30.0880 0x1bc0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:47:30.0883 0x1bc0 AeLookupSvc - ok 15:47:30.0938 0x1bc0 [ 4AD765ED1F6B2BA2F65CD898EC33AF44, 409A1EED520165BD4AD70ADFD8AC7B42B9E1E17AC1F23572DEE5F70019D5C508 ] AF9035BDA C:\Windows\system32\Drivers\AF9035BDA.sys 15:47:30.0999 0x1bc0 AF9035BDA - ok 15:47:31.0053 0x1bc0 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys 15:47:31.0062 0x1bc0 Afc - ok 15:47:31.0114 0x1bc0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 15:47:31.0391 0x1bc0 AFD - ok 15:47:31.0411 0x1bc0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 15:47:31.0419 0x1bc0 agp440 - ok 15:47:31.0430 0x1bc0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 15:47:31.0439 0x1bc0 ALG - ok 15:47:31.0467 0x1bc0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 15:47:31.0473 0x1bc0 aliide - ok 15:47:31.0508 0x1bc0 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 15:47:31.0520 0x1bc0 AMD External Events Utility - ok 15:47:31.0599 0x1bc0 AMD FUEL Service - ok 15:47:31.0634 0x1bc0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 15:47:31.0647 0x1bc0 amdide - ok 15:47:31.0666 0x1bc0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 15:47:31.0684 0x1bc0 AmdK8 - ok 15:47:32.0168 0x1bc0 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 15:47:32.0678 0x1bc0 amdkmdag - ok 15:47:32.0767 0x1bc0 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 15:47:32.0793 0x1bc0 amdkmdap - ok 15:47:32.0823 0x1bc0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 15:47:32.0829 0x1bc0 AmdPPM - ok 15:47:32.0865 0x1bc0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 15:47:32.0886 0x1bc0 amdsata - ok 15:47:32.0918 0x1bc0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 15:47:33.0175 0x1bc0 amdsbs - ok 15:47:33.0189 0x1bc0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 15:47:33.0195 0x1bc0 amdxata - ok 15:47:33.0266 0x1bc0 [ 208D5E390FE712A826A1D26397E533E2, 935336D0BAB0E4E88A25E8887CC10650ED195AF022D50EA0B392FAB84245CD9A ] AmFSM C:\Windows\system32\DRIVERS\amm6460.sys 15:47:33.0287 0x1bc0 AmFSM - ok 15:47:33.0394 0x1bc0 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:47:33.0406 0x1bc0 AntiVirSchedulerService - ok 15:47:33.0448 0x1bc0 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:47:33.0458 0x1bc0 AntiVirService - ok 15:47:33.0535 0x1bc0 [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 15:47:33.0565 0x1bc0 AntiVirWebService - ok 15:47:33.0603 0x1bc0 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 15:47:33.0779 0x1bc0 AODDriver4.3 - ok 15:47:33.0826 0x1bc0 [ B1A935537BE5C168C223946572E2EDD1, 8F41AD100A7A07500A27DBE0D2E6B81395E4B151950C53B5C659AA9F6982DC9F ] APPFLT C:\Windows\system32\Drivers\APPFLT64.SYS 15:47:33.0848 0x1bc0 APPFLT - ok 15:47:33.0894 0x1bc0 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys 15:47:33.0903 0x1bc0 AppID - ok 15:47:33.0914 0x1bc0 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:47:33.0925 0x1bc0 AppIDSvc - ok 15:47:33.0965 0x1bc0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 15:47:33.0968 0x1bc0 Appinfo - ok 15:47:34.0008 0x1bc0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 15:47:34.0021 0x1bc0 AppMgmt - ok 15:47:34.0053 0x1bc0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 15:47:34.0061 0x1bc0 arc - ok 15:47:34.0077 0x1bc0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 15:47:34.0087 0x1bc0 arcsas - ok 15:47:34.0127 0x1bc0 [ 6D9C024AA8F24065A6DBEAB1F431D854, 1A3CA36F7321130924171967228F304E8B5FCAD624B6078877A44616BE186E9A ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 15:47:34.0148 0x1bc0 asmthub3 - ok 15:47:34.0269 0x1bc0 [ ECAD22F15D8F17CC04F24E9A6FB00F2F, DAE3042C7C0DC96D3EEF6AC763B57C729CE3557D740A3D2952B6EB7964F4AA45 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 15:47:34.0291 0x1bc0 asmtxhci - ok 15:47:34.0420 0x1bc0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:47:34.0441 0x1bc0 aspnet_state - ok 15:47:34.0487 0x1bc0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:47:34.0495 0x1bc0 AsyncMac - ok 15:47:34.0528 0x1bc0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 15:47:34.0530 0x1bc0 atapi - ok 15:47:34.0573 0x1bc0 [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 15:47:34.0586 0x1bc0 AtiHDAudioService - ok 15:47:34.0639 0x1bc0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:47:34.0659 0x1bc0 AudioEndpointBuilder - ok 15:47:34.0689 0x1bc0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll 15:47:34.0702 0x1bc0 AudioSrv - ok 15:47:34.0775 0x1bc0 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:47:34.0792 0x1bc0 avgntflt - ok 15:47:34.0843 0x1bc0 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 15:47:34.0861 0x1bc0 avipbb - ok 15:47:34.0946 0x1bc0 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 15:47:34.0976 0x1bc0 Avira.OE.ServiceHost - ok 15:47:35.0010 0x1bc0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 15:47:35.0019 0x1bc0 avkmgr - ok 15:47:35.0070 0x1bc0 [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 15:47:35.0079 0x1bc0 avnetflt - ok 15:47:35.0123 0x1bc0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:47:35.0145 0x1bc0 AxInstSV - ok 15:47:35.0187 0x1bc0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 15:47:35.0428 0x1bc0 b06bdrv - ok 15:47:35.0460 0x1bc0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 15:47:35.0485 0x1bc0 b57nd60a - ok 15:47:35.0491 0x1bc0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 15:47:35.0503 0x1bc0 BDESVC - ok 15:47:35.0531 0x1bc0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 15:47:35.0535 0x1bc0 Beep - ok 15:47:35.0583 0x1bc0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 15:47:35.0598 0x1bc0 BFE - ok 15:47:35.0644 0x1bc0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 15:47:35.0658 0x1bc0 BITS - ok 15:47:35.0674 0x1bc0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 15:47:35.0680 0x1bc0 blbdrive - ok 15:47:35.0705 0x1bc0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:47:35.0714 0x1bc0 bowser - ok 15:47:35.0723 0x1bc0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 15:47:35.0728 0x1bc0 BrFiltLo - ok 15:47:35.0739 0x1bc0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 15:47:35.0743 0x1bc0 BrFiltUp - ok 15:47:35.0785 0x1bc0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 15:47:35.0793 0x1bc0 Browser - ok 15:47:35.0819 0x1bc0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:47:35.0846 0x1bc0 Brserid - ok 15:47:35.0857 0x1bc0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:47:35.0863 0x1bc0 BrSerWdm - ok 15:47:35.0869 0x1bc0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:47:35.0874 0x1bc0 BrUsbMdm - ok 15:47:35.0884 0x1bc0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:47:35.0888 0x1bc0 BrUsbSer - ok 15:47:35.0947 0x1bc0 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 15:47:35.0991 0x1bc0 BrYNSvc - ok 15:47:36.0025 0x1bc0 [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys 15:47:36.0030 0x1bc0 BTCFilterService - ok 15:47:36.0049 0x1bc0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 15:47:36.0057 0x1bc0 BTHMODEM - ok 15:47:36.0104 0x1bc0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 15:47:36.0130 0x1bc0 bthserv - ok 15:47:36.0156 0x1bc0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:47:36.0169 0x1bc0 cdfs - ok 15:47:36.0212 0x1bc0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 15:47:36.0229 0x1bc0 cdrom - ok 15:47:36.0254 0x1bc0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 15:47:36.0257 0x1bc0 CertPropSvc - ok 15:47:36.0263 0x1bc0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 15:47:36.0275 0x1bc0 circlass - ok 15:47:36.0325 0x1bc0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 15:47:36.0346 0x1bc0 CLFS - ok 15:47:36.0406 0x1bc0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:47:36.0436 0x1bc0 clr_optimization_v2.0.50727_32 - ok 15:47:36.0484 0x1bc0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:47:36.0508 0x1bc0 clr_optimization_v2.0.50727_64 - ok 15:47:36.0577 0x1bc0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:47:36.0594 0x1bc0 clr_optimization_v4.0.30319_32 - ok 15:47:36.0636 0x1bc0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:47:36.0652 0x1bc0 clr_optimization_v4.0.30319_64 - ok 15:47:36.0669 0x1bc0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 15:47:36.0679 0x1bc0 CmBatt - ok 15:47:36.0694 0x1bc0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:47:36.0707 0x1bc0 cmdide - ok 15:47:36.0774 0x1bc0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 15:47:36.0833 0x1bc0 CNG - ok 15:47:36.0871 0x1bc0 [ 8A64C45F467FB30C47A30AE2819DDD62, 667C28C8AFDA07BC9537BE214CCF2F29D0E4C6916D832DF2738907F3AC4A6971 ] ComFiltr C:\Windows\system32\DRIVERS\COMFiltr.sys 15:47:36.0877 0x1bc0 ComFiltr - ok 15:47:36.0929 0x1bc0 [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS 15:47:36.0959 0x1bc0 COMMONFX - ok 15:47:36.0998 0x1bc0 [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS 15:47:37.0005 0x1bc0 COMMONFX.SYS - ok 15:47:37.0019 0x1bc0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 15:47:37.0034 0x1bc0 Compbatt - ok 15:47:37.0076 0x1bc0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 15:47:37.0092 0x1bc0 CompositeBus - ok 15:47:37.0102 0x1bc0 COMSysApp - ok 15:47:37.0155 0x1bc0 cpuz136 - ok 15:47:37.0173 0x1bc0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 15:47:37.0189 0x1bc0 crcdisk - ok 15:47:37.0231 0x1bc0 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 15:47:37.0259 0x1bc0 Creative Audio Engine Licensing Service - ok 15:47:37.0298 0x1bc0 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:47:37.0302 0x1bc0 CryptSvc - ok 15:47:37.0346 0x1bc0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 15:47:37.0378 0x1bc0 CSC - ok 15:47:37.0404 0x1bc0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 15:47:37.0420 0x1bc0 CscService - ok 15:47:37.0450 0x1bc0 [ 01BBD5CB85423B12E445209D243A49A9, 3E223E76ED97EB6A13E4A9957C564D2E5B1979ED1C3CCFBE687C18452C3EA3CD ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL 15:47:37.0466 0x1bc0 CT20XUT.DLL - ok 15:47:37.0546 0x1bc0 [ 095C566746217CD1482EDE40A70D87D2, FE8F9505C15E85222EC2DC21F239D9613EDB1E07FF4EE33A931AC0271A35B5B7 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys 15:47:37.0750 0x1bc0 ctac32k - ok 15:47:37.0783 0x1bc0 [ 157E2196FCCD002A2EDF3B06DF7B0C9A, 54FCAE9C37D64B66D0339B397F2C270095FCC47A33F0D59A3077E5DC37475796 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys 15:47:37.0832 0x1bc0 ctaud2k - ok 15:47:37.0858 0x1bc0 [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS 15:47:37.0893 0x1bc0 CTAUDFX - ok 15:47:37.0913 0x1bc0 CTAUDFX.DLL - ok 15:47:37.0955 0x1bc0 [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS 15:47:37.0966 0x1bc0 CTAUDFX.SYS - ok 15:47:38.0049 0x1bc0 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA, 6B9DB2C350140ED547C7A96DB0EAD812E8987176B312C79AF52FC9B23EEEB8C4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 15:47:38.0088 0x1bc0 CTAudSvcService - ok 15:47:38.0102 0x1bc0 [ 06300545BEDF49B6A51FDFE1861F9CAF, EA1FF3A67DE3AAFD8A2F542B681FCD0720C4995C0FDB1E0ADF02203B45083F75 ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL 15:47:38.0118 0x1bc0 CTEAPSFX.DLL - ok 15:47:38.0132 0x1bc0 [ 2D902F8EC247F0ED0D458CDCAF786544, F027D63849C88A4714F391F0DFCFB56B36599BE410F53636457A3D6323AF6C6E ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL 15:47:38.0154 0x1bc0 CTEDSPFX.DLL - ok 15:47:38.0167 0x1bc0 [ 0D3F99CDA2BEA14E4911A698441F1A29, BEB89B59B241482B8771016F952DBE2553414F3BB1BAA5CBB3E464BE38401F7F ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL 15:47:38.0184 0x1bc0 CTEDSPIO.DLL - ok 15:47:38.0200 0x1bc0 [ 9D26AA450AC1CAADDE25F1621BA89842, 8C3316CE5BC1377FFB2D4378A4AA5D1979D96BBFBF6534A1EFDB966C34A47D25 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL 15:47:38.0223 0x1bc0 CTEDSPSY.DLL - ok 15:47:38.0238 0x1bc0 [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS 15:47:38.0247 0x1bc0 CTERFXFX - ok 15:47:38.0250 0x1bc0 CTERFXFX.DLL - ok 15:47:38.0263 0x1bc0 [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS 15:47:38.0265 0x1bc0 CTERFXFX.SYS - ok 15:47:38.0320 0x1bc0 [ FA6DCA331835997D2F7C83B9AAABC4BB, 47014DC40220461E4CA268C30AD4126226E9E4E1CF7818E7D11C7C5D154BB430 ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL 15:47:38.0460 0x1bc0 CTEXFIFX.DLL - ok 15:47:38.0472 0x1bc0 [ 9E6A0A3CA3825BB568D42F5F3CB09453, 0C2A69AAFF1841C81942E2A252F220F18EBE27E5E9D9619C3EB876C29854B1C0 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL 15:47:38.0481 0x1bc0 CTHWIUT.DLL - ok 15:47:38.0495 0x1bc0 [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C, 59DA2CAF7E4DF97072E71BCE29DEEA764E7552E7539B25BB38FBF9A9CDB0CFEC ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys 15:47:38.0501 0x1bc0 ctprxy2k - ok 15:47:38.0588 0x1bc0 [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS 15:47:38.0609 0x1bc0 CTSBLFX - ok 15:47:38.0613 0x1bc0 CTSBLFX.DLL - ok 15:47:38.0630 0x1bc0 [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS 15:47:38.0641 0x1bc0 CTSBLFX.SYS - ok 15:47:38.0659 0x1bc0 [ 065ADE032A044D518AB1407D3586B7D5, 09BA9FB3B5685775811C95A4C09EE9DF770AB6DC497211C99EC9A6216119CC9E ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys 15:47:38.0683 0x1bc0 ctsfm2k - ok 15:47:38.0747 0x1bc0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:47:38.0770 0x1bc0 DcomLaunch - ok 15:47:38.0824 0x1bc0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 15:47:38.0864 0x1bc0 defragsvc - ok 15:47:38.0948 0x1bc0 [ 59D90B6A7FBC4CC712DD7C5868618480, ED7D7052D50B346CD1624D05ADDC33E030008D7EEE3AEDBA267F583BE51D859B ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe 15:47:38.0969 0x1bc0 DeviceMonitorService - ok 15:47:39.0026 0x1bc0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:47:39.0043 0x1bc0 DfsC - ok 15:47:39.0078 0x1bc0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 15:47:39.0089 0x1bc0 Dhcp - ok 15:47:39.0100 0x1bc0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 15:47:39.0107 0x1bc0 discache - ok 15:47:39.0133 0x1bc0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 15:47:39.0141 0x1bc0 Disk - ok 15:47:39.0152 0x1bc0 DisplayLinkUsbIo_x64 - ok 15:47:39.0182 0x1bc0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 15:47:39.0212 0x1bc0 dmvsc - ok 15:47:39.0262 0x1bc0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:47:39.0272 0x1bc0 Dnscache - ok 15:47:39.0320 0x1bc0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 15:47:39.0333 0x1bc0 dot3svc - ok 15:47:39.0359 0x1bc0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 15:47:39.0363 0x1bc0 DPS - ok 15:47:39.0407 0x1bc0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:47:39.0415 0x1bc0 drmkaud - ok 15:47:39.0456 0x1bc0 [ 64648B677D5005749F2FE412254512B7, 3393EB54AF087ED480F1369A0E0959450207DE6D5EB74DDC33A5EAD338BA18AF ] DSAFLT C:\Windows\system32\Drivers\DSAFLT64.SYS 15:47:39.0467 0x1bc0 DSAFLT - ok 15:47:39.0517 0x1bc0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 15:47:39.0533 0x1bc0 dtsoftbus01 - ok 15:47:39.0594 0x1bc0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:47:39.0621 0x1bc0 DXGKrnl - ok 15:47:39.0627 0x1bc0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 15:47:39.0629 0x1bc0 EapHost - ok 15:47:39.0753 0x1bc0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 15:47:39.0879 0x1bc0 ebdrv - ok 15:47:39.0908 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 15:47:39.0910 0x1bc0 EFS - ok 15:47:39.0999 0x1bc0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:47:40.0046 0x1bc0 ehRecvr - ok 15:47:40.0061 0x1bc0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 15:47:40.0079 0x1bc0 ehSched - ok 15:47:40.0111 0x1bc0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 15:47:40.0139 0x1bc0 elxstor - ok 15:47:40.0154 0x1bc0 [ F380FF5D6D80CECC6DBBC15569757613, D882947D41396DB6E57691A7971B27664E7CB14475B48A37FC63D0BA3C908112 ] emupia C:\Windows\system32\drivers\emupia2k.sys 15:47:40.0373 0x1bc0 emupia - ok 15:47:40.0381 0x1bc0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:47:40.0385 0x1bc0 ErrDev - ok 15:47:40.0452 0x1bc0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 15:47:40.0464 0x1bc0 EventSystem - ok 15:47:40.0473 0x1bc0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 15:47:40.0484 0x1bc0 exfat - ok 15:47:40.0497 0x1bc0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:47:40.0515 0x1bc0 fastfat - ok 15:47:40.0553 0x1bc0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 15:47:40.0564 0x1bc0 Fax - ok 15:47:40.0581 0x1bc0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 15:47:40.0586 0x1bc0 fdc - ok 15:47:40.0609 0x1bc0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 15:47:40.0613 0x1bc0 fdPHost - ok 15:47:40.0628 0x1bc0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 15:47:40.0641 0x1bc0 FDResPub - ok 15:47:40.0649 0x1bc0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:47:40.0660 0x1bc0 FileInfo - ok 15:47:40.0673 0x1bc0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:47:40.0679 0x1bc0 Filetrace - ok 15:47:40.0689 0x1bc0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 15:47:40.0694 0x1bc0 flpydisk - ok 15:47:40.0721 0x1bc0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:47:40.0737 0x1bc0 FltMgr - ok 15:47:40.0764 0x1bc0 [ 50C6C310A98108A94E985FD46B4E150C, BFBE859FA74EAF7C2B3B771FBBA642AEF33FB9FE2FBCB08A15D7DA80C89EFFA6 ] FNETMON C:\Windows\system32\Drivers\fnetm64.SYS 15:47:40.0770 0x1bc0 FNETMON - ok 15:47:40.0860 0x1bc0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 15:47:40.0882 0x1bc0 FontCache - ok 15:47:40.0942 0x1bc0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:47:40.0952 0x1bc0 FontCache3.0.0.0 - ok 15:47:40.0978 0x1bc0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:47:40.0985 0x1bc0 FsDepends - ok 15:47:41.0029 0x1bc0 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 15:47:41.0049 0x1bc0 fssfltr - ok 15:47:41.0182 0x1bc0 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 15:47:41.0300 0x1bc0 fsssvc - ok 15:47:41.0323 0x1bc0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:47:41.0329 0x1bc0 Fs_Rec - ok 15:47:41.0408 0x1bc0 [ DA3973288935149A6EF1C45BF1B39B98, D02D0BFEC8AF504FD69871DFF7BE70DB6C5AFC2F585EA850B68CCBFC78EA36C0 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe 15:47:41.0679 0x1bc0 Futuremark SystemInfo Service - ok 15:47:41.0718 0x1bc0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:47:41.0752 0x1bc0 fvevol - ok 15:47:41.0776 0x1bc0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 15:47:41.0786 0x1bc0 gagp30kx - ok 15:47:41.0866 0x1bc0 [ D19247FC720233111B68409891D907D2, EECEA7CDE335BC046F845A0995DACCDCC663B9973113949C405A2D115DE40895 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 15:47:41.0889 0x1bc0 Garmin Core Update Service - ok 15:47:41.0939 0x1bc0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 15:47:41.0963 0x1bc0 gpsvc - ok 15:47:42.0004 0x1bc0 [ B785CE102259D0FDE230211FC10AC624, C1D22B13A58A69A0521DC4DB131136F25B1ADFA8F162F4F6CCC609FD2D695903 ] gpt_loader C:\Windows\system32\DRIVERS\gpt_loader.sys 15:47:42.0013 0x1bc0 gpt_loader - ok 15:47:42.0025 0x1bc0 GPUZ - ok 15:47:42.0091 0x1bc0 [ 82B68F585110AE8500A6D23623AE1F74, 1ADCFA2D77E3BB9BDCDD15DC21E7F6707823788A1CFB31ED959BC470595EE89B ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys 15:47:42.0402 0x1bc0 ha10kx2k - ok 15:47:42.0438 0x1bc0 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 15:47:42.0445 0x1bc0 hamachi - ok 15:47:42.0607 0x1bc0 [ 1908A2C4593905FC16400A5AD30AC9F5, 261CA6FC8EEEDC8EB4DE94EF78261D89A2670B7BED0B5F7BB21756FB529F43FD ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 15:47:42.0882 0x1bc0 Hamachi2Svc - ok 15:47:42.0893 0x1bc0 [ 83F647F9ACE9192556F758E528024F68, 1007C2E3C8FDB3CB5FB3C336F9904AD076DC31BB263E633EF17E3813B9ED6EF6 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys 15:47:42.0907 0x1bc0 hap16v2k - ok 15:47:42.0916 0x1bc0 [ E815D29361DE89D24C8DBE3E5A7006C9, 2B9075CC6A2425D06E6C3CB77E0755727F8B0920575C660CF261981464D190F0 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys 15:47:42.0931 0x1bc0 hap17v2k - ok 15:47:42.0945 0x1bc0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:47:42.0952 0x1bc0 hcw85cir - ok 15:47:42.0989 0x1bc0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 15:47:43.0005 0x1bc0 HdAudAddService - ok 15:47:43.0027 0x1bc0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 15:47:43.0040 0x1bc0 HDAudBus - ok 15:47:43.0057 0x1bc0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 15:47:43.0063 0x1bc0 HidBatt - ok 15:47:43.0073 0x1bc0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 15:47:43.0081 0x1bc0 HidBth - ok 15:47:43.0096 0x1bc0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 15:47:43.0102 0x1bc0 HidIr - ok 15:47:43.0112 0x1bc0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 15:47:43.0113 0x1bc0 hidserv - ok 15:47:43.0150 0x1bc0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 15:47:43.0157 0x1bc0 HidUsb - ok 15:47:43.0181 0x1bc0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:47:43.0183 0x1bc0 hkmsvc - ok 15:47:43.0198 0x1bc0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:47:43.0216 0x1bc0 HomeGroupListener - ok 15:47:43.0252 0x1bc0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:47:43.0256 0x1bc0 HomeGroupProvider - ok 15:47:43.0301 0x1bc0 [ 047F4C56DDBE001043B8EC6F2287A5DA, 9C1FCE9B90A9FA4E603DC7F03BE778B4815E78A1F498782834A9A96074740656 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys 15:47:43.0316 0x1bc0 hotcore3 - ok 15:47:43.0343 0x1bc0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 15:47:43.0355 0x1bc0 HpSAMD - ok 15:47:43.0423 0x1bc0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:47:43.0781 0x1bc0 HTTP - ok 15:47:43.0789 0x1bc0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:47:43.0794 0x1bc0 hwpolicy - ok 15:47:43.0819 0x1bc0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 15:47:43.0828 0x1bc0 i8042prt - ok 15:47:43.0870 0x1bc0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 15:47:44.0092 0x1bc0 iaStorV - ok 15:47:44.0121 0x1bc0 [ E3FC339DAC4DDF4A12188313DC4DA94F, B1C032FC24DF7938196198641C375C5A8E9C586BFB15E51C843258D6307DBFFC ] IDSFLT C:\Windows\system32\Drivers\IDSFLT64.SYS 15:47:44.0294 0x1bc0 IDSFLT - ok 15:47:44.0360 0x1bc0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:47:44.0436 0x1bc0 idsvc - ok 15:47:44.0479 0x1bc0 IEEtwCollectorService - ok 15:47:44.0506 0x1bc0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 15:47:44.0789 0x1bc0 iirsp - ok 15:47:44.0859 0x1bc0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 15:47:44.0884 0x1bc0 IKEEXT - ok 15:47:44.0917 0x1bc0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 15:47:44.0923 0x1bc0 intelide - ok 15:47:44.0941 0x1bc0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 15:47:44.0949 0x1bc0 intelppm - ok 15:47:44.0985 0x1bc0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:47:44.0998 0x1bc0 IPBusEnum - ok 15:47:45.0024 0x1bc0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:47:45.0263 0x1bc0 IpFilterDriver - ok 15:47:45.0301 0x1bc0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:47:45.0311 0x1bc0 iphlpsvc - ok 15:47:45.0326 0x1bc0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 15:47:45.0334 0x1bc0 IPMIDRV - ok 15:47:45.0346 0x1bc0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:47:45.0533 0x1bc0 IPNAT - ok 15:47:45.0551 0x1bc0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:47:45.0555 0x1bc0 IRENUM - ok 15:47:45.0569 0x1bc0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:47:45.0575 0x1bc0 isapnp - ok 15:47:45.0620 0x1bc0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 15:47:45.0653 0x1bc0 iScsiPrt - ok 15:47:45.0766 0x1bc0 [ E712A6B57943D65AA587655335EF9DAD, 8F3D46C1BA612EA845722B2D7C568BFE3AB00763094AE163EE8B5672D9D3B071 ] jswpsapi C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe 15:47:46.0040 0x1bc0 jswpsapi - ok 15:47:46.0086 0x1bc0 [ 5BE640E88814B77A9E84B4549B5DCC2C, 2ECF73254D701EFCC135B81EC951A76BCE5E74435521A061B05E9445C8D3C843 ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys 15:47:46.0098 0x1bc0 JSWPSLWF - ok 15:47:46.0112 0x1bc0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:47:46.0119 0x1bc0 kbdclass - ok 15:47:46.0129 0x1bc0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:47:46.0135 0x1bc0 kbdhid - ok 15:47:46.0139 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 15:47:46.0140 0x1bc0 KeyIso - ok 15:47:46.0245 0x1bc0 [ 72ED0AA65F63047445943B1A4275FE83, C572DEF549F0C71EF0415B290138D616F9C5AC832C443787E73BCDB718028C7C ] ksaud C:\Windows\system32\drivers\ksaud.sys 15:47:46.0349 0x1bc0 ksaud - ok 15:47:46.0386 0x1bc0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:47:46.0404 0x1bc0 KSecDD - ok 15:47:46.0445 0x1bc0 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:47:46.0477 0x1bc0 KSecPkg - ok 15:47:46.0496 0x1bc0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 15:47:46.0507 0x1bc0 ksthunk - ok 15:47:46.0560 0x1bc0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 15:47:46.0591 0x1bc0 KtmRm - ok 15:47:46.0623 0x1bc0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 15:47:46.0630 0x1bc0 LanmanServer - ok 15:47:46.0657 0x1bc0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:47:46.0662 0x1bc0 LanmanWorkstation - ok 15:47:46.0689 0x1bc0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:47:46.0698 0x1bc0 lltdio - ok 15:47:46.0739 0x1bc0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:47:46.0771 0x1bc0 lltdsvc - ok 15:47:46.0787 0x1bc0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:47:46.0789 0x1bc0 lmhosts - ok 15:47:46.0811 0x1bc0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 15:47:46.0822 0x1bc0 LSI_FC - ok 15:47:46.0834 0x1bc0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 15:47:46.0845 0x1bc0 LSI_SAS - ok 15:47:46.0859 0x1bc0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 15:47:46.0869 0x1bc0 LSI_SAS2 - ok 15:47:46.0884 0x1bc0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 15:47:46.0896 0x1bc0 LSI_SCSI - ok 15:47:46.0920 0x1bc0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 15:47:46.0931 0x1bc0 luafv - ok 15:47:46.0972 0x1bc0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:47:46.0988 0x1bc0 Mcx2Svc - ok 15:47:47.0007 0x1bc0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 15:47:47.0016 0x1bc0 megasas - ok 15:47:47.0050 0x1bc0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 15:47:47.0246 0x1bc0 MegaSR - ok 15:47:47.0275 0x1bc0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 15:47:47.0277 0x1bc0 MMCSS - ok 15:47:47.0291 0x1bc0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 15:47:47.0297 0x1bc0 Modem - ok 15:47:47.0312 0x1bc0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:47:47.0318 0x1bc0 monitor - ok 15:47:47.0327 0x1bc0 motandroidusb - ok 15:47:47.0369 0x1bc0 [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 15:47:47.0375 0x1bc0 motccgp - ok 15:47:47.0377 0x1bc0 motccgpfl - ok 15:47:47.0430 0x1bc0 [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 15:47:47.0437 0x1bc0 Motorola Device Manager - ok 15:47:47.0475 0x1bc0 [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 15:47:47.0481 0x1bc0 MotoSwitchService - ok 15:47:47.0516 0x1bc0 [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys 15:47:47.0526 0x1bc0 Motousbnet - ok 15:47:47.0566 0x1bc0 [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys 15:47:47.0574 0x1bc0 motusbdevice - ok 15:47:47.0591 0x1bc0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:47:47.0604 0x1bc0 mouclass - ok 15:47:47.0616 0x1bc0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:47:47.0625 0x1bc0 mouhid - ok 15:47:47.0646 0x1bc0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:47:47.0661 0x1bc0 mountmgr - ok 15:47:47.0729 0x1bc0 [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:47:47.0833 0x1bc0 MozillaMaintenance - ok 15:47:47.0849 0x1bc0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 15:47:47.0861 0x1bc0 mpio - ok 15:47:47.0885 0x1bc0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:47:47.0892 0x1bc0 mpsdrv - ok 15:47:47.0946 0x1bc0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 15:47:47.0969 0x1bc0 MpsSvc - ok 15:47:48.0012 0x1bc0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:47:48.0035 0x1bc0 MRxDAV - ok 15:47:48.0071 0x1bc0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys |
03.12.2014, 16:38 | #8 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside 15:47:48.0084 0x1bc0 mrxsmb - ok 15:47:48.0104 0x1bc0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:47:48.0130 0x1bc0 mrxsmb10 - ok 15:47:48.0147 0x1bc0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:47:48.0159 0x1bc0 mrxsmb20 - ok 15:47:48.0195 0x1bc0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 15:47:48.0204 0x1bc0 msahci - ok 15:47:48.0298 0x1bc0 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 15:47:48.0319 0x1bc0 MSCamSvc - ok 15:47:48.0327 0x1bc0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:47:48.0341 0x1bc0 msdsm - ok 15:47:48.0357 0x1bc0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 15:47:48.0372 0x1bc0 MSDTC - ok 15:47:48.0390 0x1bc0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:47:48.0397 0x1bc0 Msfs - ok 15:47:48.0416 0x1bc0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:47:48.0421 0x1bc0 mshidkmdf - ok 15:47:48.0468 0x1bc0 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 15:47:48.0485 0x1bc0 MSHUSBVideo - ok 15:47:48.0516 0x1bc0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:47:48.0526 0x1bc0 msisadrv - ok 15:47:48.0558 0x1bc0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:47:48.0581 0x1bc0 MSiSCSI - ok 15:47:48.0587 0x1bc0 msiserver - ok 15:47:48.0615 0x1bc0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:47:48.0622 0x1bc0 MSKSSRV - ok 15:47:48.0633 0x1bc0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:47:48.0640 0x1bc0 MSPCLOCK - ok 15:47:48.0654 0x1bc0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:47:48.0660 0x1bc0 MSPQM - ok 15:47:48.0688 0x1bc0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:47:48.0720 0x1bc0 MsRPC - ok 15:47:48.0751 0x1bc0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 15:47:48.0759 0x1bc0 mssmbios - ok 15:47:48.0768 0x1bc0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:47:48.0773 0x1bc0 MSTEE - ok 15:47:48.0784 0x1bc0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 15:47:48.0789 0x1bc0 MTConfig - ok 15:47:48.0807 0x1bc0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 15:47:48.0816 0x1bc0 Mup - ok 15:47:48.0873 0x1bc0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 15:47:48.0897 0x1bc0 napagent - ok 15:47:48.0941 0x1bc0 NasPmService - ok 15:47:48.0988 0x1bc0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:47:49.0029 0x1bc0 NativeWifiP - ok 15:47:49.0122 0x1bc0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 15:47:49.0137 0x1bc0 NDIS - ok 15:47:49.0152 0x1bc0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:47:49.0158 0x1bc0 NdisCap - ok 15:47:49.0182 0x1bc0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:47:49.0187 0x1bc0 NdisTapi - ok 15:47:49.0215 0x1bc0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:47:49.0222 0x1bc0 Ndisuio - ok 15:47:49.0239 0x1bc0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:47:49.0249 0x1bc0 NdisWan - ok 15:47:49.0265 0x1bc0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:47:49.0272 0x1bc0 NDProxy - ok 15:47:49.0284 0x1bc0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:47:49.0290 0x1bc0 NetBIOS - ok 15:47:49.0309 0x1bc0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:47:49.0324 0x1bc0 NetBT - ok 15:47:49.0377 0x1bc0 [ BA99A34A9B5EB737CE54BC0A7C596609, 580A0ED7BEBC77E62D7F21D2089950C63544C9A954F868B73D27D8D943D1661D ] NETFLTDI C:\Windows\system32\Drivers\NETTDI64.SYS 15:47:49.0575 0x1bc0 NETFLTDI - ok 15:47:49.0593 0x1bc0 [ FD0BFED656D9B26C22E439CC0EF5C771, CAA02795981EDD18985580C5C32FB4513B91149D73BD4625EDDEA59687A8387D ] NETIMFLT01060044 C:\Windows\system32\DRIVERS\n64i1644.sys 15:47:49.0782 0x1bc0 NETIMFLT01060044 - ok 15:47:49.0791 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 15:47:49.0793 0x1bc0 Netlogon - ok 15:47:49.0830 0x1bc0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 15:47:49.0836 0x1bc0 Netman - ok 15:47:49.0877 0x1bc0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:47:49.0908 0x1bc0 NetMsmqActivator - ok 15:47:49.0926 0x1bc0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:47:49.0930 0x1bc0 NetPipeActivator - ok 15:47:49.0961 0x1bc0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 15:47:49.0976 0x1bc0 netprofm - ok 15:47:50.0090 0x1bc0 [ 6193669D716B17F35BE1C80C675CAAD8, 4BF096FF7CEA6E36E241407048E75F2399F07BA39E0EF7D2F99AF9A849895728 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys 15:47:50.0300 0x1bc0 netr28ux - ok 15:47:50.0308 0x1bc0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:47:50.0311 0x1bc0 NetTcpActivator - ok 15:47:50.0316 0x1bc0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:47:50.0318 0x1bc0 NetTcpPortSharing - ok 15:47:50.0343 0x1bc0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 15:47:50.0351 0x1bc0 nfrd960 - ok 15:47:50.0374 0x1bc0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:47:50.0379 0x1bc0 NlaSvc - ok 15:47:50.0444 0x1bc0 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys 15:47:50.0453 0x1bc0 npf - ok 15:47:50.0465 0x1bc0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:47:50.0473 0x1bc0 Npfs - ok 15:47:50.0503 0x1bc0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 15:47:50.0506 0x1bc0 nsi - ok 15:47:50.0515 0x1bc0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:47:50.0522 0x1bc0 nsiproxy - ok 15:47:50.0612 0x1bc0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:47:51.0009 0x1bc0 Ntfs - ok 15:47:51.0026 0x1bc0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 15:47:51.0030 0x1bc0 Null - ok 15:47:51.0073 0x1bc0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:47:51.0104 0x1bc0 nvraid - ok 15:47:51.0146 0x1bc0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:47:51.0173 0x1bc0 nvstor - ok 15:47:51.0203 0x1bc0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:47:51.0220 0x1bc0 nv_agp - ok 15:47:51.0237 0x1bc0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:47:51.0249 0x1bc0 ohci1394 - ok 15:47:51.0268 0x1bc0 [ 85EA378116E2C4385993BA5124536FFC, C641A62375F846839ED2CDFDF09D2E3CE393AAEE99490B1E1338C81B6F4D7257 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys 15:47:51.0291 0x1bc0 ossrv - ok 15:47:51.0378 0x1bc0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:47:51.0396 0x1bc0 p2pimsvc - ok 15:47:51.0458 0x1bc0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 15:47:51.0578 0x1bc0 p2psvc - ok 15:47:51.0659 0x1bc0 [ 54F00466439F749EDDF29CBA0BC1A28A, AFEFD02CDC8508E26641CB11FC0E6A674F9FD50233D621CF6DAD7A7C819971AC ] Panda Software Controller C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe 15:47:51.0668 0x1bc0 Panda Software Controller - ok 15:47:51.0704 0x1bc0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 15:47:51.0718 0x1bc0 Parport - ok 15:47:51.0752 0x1bc0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:47:51.0767 0x1bc0 partmgr - ok 15:47:51.0811 0x1bc0 [ 337A81B3FF34F9851D245D42A725FC22, D80AD090EDC3A80EB29A9105E98546EDF3DA22A8763EB0B8D037A9A85CE08C48 ] pavboot C:\Windows\system32\Drivers\pavboot64.sys 15:47:51.0820 0x1bc0 pavboot - ok 15:47:51.0857 0x1bc0 [ F458128A5321BB48DF7B3D8E279F6393, BD5E2A16A801049E326D54DDB3FC27E8B6DBB7FBB8DE02BFCD4F55B24DFB3D4F ] PAVFNSVR C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe 15:47:51.0890 0x1bc0 PAVFNSVR - ok 15:47:51.0945 0x1bc0 [ 2AE3F6B23448443BBEF5DE207159213B, 86FE0D23B49874864E0E2996C5DC0B4F13BF77FAB4F3F55F165EE9AA73A3A14F ] PavPrSrv C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe 15:47:51.0974 0x1bc0 PavPrSrv - ok 15:47:52.0022 0x1bc0 [ 4D8C2645A12FDDF9CD4A68DDE8496BEF, 4A2BD0A23CF342B6918A3950946CC574346E2A09C9DE93B235D3B99B8E4CB4FF ] PAVSRV C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe 15:47:52.0032 0x1bc0 PAVSRV - ok 15:47:52.0039 0x1bc0 PavTPK.sys - ok 15:47:52.0077 0x1bc0 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll 15:47:52.0085 0x1bc0 PcaSvc - ok 15:47:52.0102 0x1bc0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 15:47:52.0121 0x1bc0 pci - ok 15:47:52.0153 0x1bc0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 15:47:52.0161 0x1bc0 pciide - ok 15:47:52.0186 0x1bc0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 15:47:52.0219 0x1bc0 pcmcia - ok 15:47:52.0236 0x1bc0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 15:47:52.0248 0x1bc0 pcw - ok 15:47:52.0361 0x1bc0 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe 15:47:53.0058 0x1bc0 PDF Architect Helper Service - ok 15:47:53.0111 0x1bc0 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe 15:47:53.0747 0x1bc0 PDF Architect Service - ok 15:47:53.0794 0x1bc0 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:47:53.0832 0x1bc0 PEAUTH - ok 15:47:53.0925 0x1bc0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 15:47:53.0947 0x1bc0 PeerDistSvc - ok 15:47:54.0046 0x1bc0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 15:47:54.0087 0x1bc0 PerfHost - ok 15:47:54.0166 0x1bc0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 15:47:54.0253 0x1bc0 pla - ok 15:47:54.0305 0x1bc0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:47:54.0313 0x1bc0 PlugPlay - ok 15:47:54.0322 0x1bc0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:47:54.0331 0x1bc0 PNRPAutoReg - ok 15:47:54.0352 0x1bc0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:47:54.0358 0x1bc0 PNRPsvc - ok 15:47:54.0415 0x1bc0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:47:54.0456 0x1bc0 PolicyAgent - ok 15:47:54.0491 0x1bc0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 15:47:54.0495 0x1bc0 Power - ok 15:47:54.0539 0x1bc0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:47:54.0549 0x1bc0 PptpMiniport - ok 15:47:54.0577 0x1bc0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 15:47:54.0586 0x1bc0 Processor - ok 15:47:54.0627 0x1bc0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 15:47:54.0633 0x1bc0 ProfSvc - ok 15:47:54.0654 0x1bc0 Prot6Flt - ok 15:47:54.0666 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:47:54.0668 0x1bc0 ProtectedStorage - ok 15:47:54.0694 0x1bc0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:47:54.0697 0x1bc0 Psched - ok 15:47:54.0739 0x1bc0 [ 532053E8E3BB8FA7166AB4E7685FDDCC, 30792CF8FE44F86583D28886829C6D4CCF302AC6AFE277787A52B7B1319F40FF ] PSHost c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.EXE 15:47:54.0774 0x1bc0 PSHost - ok 15:47:54.0804 0x1bc0 [ 196C450F2779D0B462C444DA4906EA7F, 405F801DD9AEB9D59B661F296626CE9955B7F3D6917BFC56566BD0C910948971 ] PSIMSVC C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe 15:47:55.0018 0x1bc0 PSIMSVC - ok 15:47:55.0075 0x1bc0 [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys 15:47:55.0098 0x1bc0 PSKMAD - ok 15:47:55.0131 0x1bc0 [ 341457B79B3FC31A80C346C767045879, 879C18AA177E7B72392BA46D0CB5691C7C5842C21A28AF79918DA807DEDAD30F ] PskSvcRetail C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe 15:47:55.0147 0x1bc0 PskSvcRetail - ok 15:47:55.0192 0x1bc0 [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe 15:47:55.0232 0x1bc0 PST Service - ok 15:47:55.0310 0x1bc0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 15:47:55.0632 0x1bc0 ql2300 - ok 15:47:55.0647 0x1bc0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 15:47:55.0822 0x1bc0 ql40xx - ok 15:47:55.0851 0x1bc0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 15:47:55.0870 0x1bc0 QWAVE - ok 15:47:55.0883 0x1bc0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:47:55.0890 0x1bc0 QWAVEdrv - ok 15:47:55.0902 0x1bc0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:47:55.0907 0x1bc0 RasAcd - ok 15:47:55.0953 0x1bc0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:47:55.0960 0x1bc0 RasAgileVpn - ok 15:47:55.0979 0x1bc0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 15:47:55.0991 0x1bc0 RasAuto - ok 15:47:56.0003 0x1bc0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:47:56.0013 0x1bc0 Rasl2tp - ok 15:47:56.0039 0x1bc0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 15:47:56.0046 0x1bc0 RasMan - ok 15:47:56.0063 0x1bc0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:47:56.0072 0x1bc0 RasPppoe - ok 15:47:56.0086 0x1bc0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:47:56.0094 0x1bc0 RasSstp - ok 15:47:56.0131 0x1bc0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:47:56.0146 0x1bc0 rdbss - ok 15:47:56.0158 0x1bc0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 15:47:56.0163 0x1bc0 rdpbus - ok 15:47:56.0175 0x1bc0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:47:56.0179 0x1bc0 RDPCDD - ok 15:47:56.0214 0x1bc0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 15:47:56.0225 0x1bc0 RDPDR - ok 15:47:56.0240 0x1bc0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:47:56.0243 0x1bc0 RDPENCDD - ok 15:47:56.0250 0x1bc0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:47:56.0254 0x1bc0 RDPREFMP - ok 15:47:56.0319 0x1bc0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 15:47:56.0330 0x1bc0 RdpVideoMiniport - ok 15:47:56.0371 0x1bc0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:47:56.0388 0x1bc0 RDPWD - ok 15:47:56.0416 0x1bc0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:47:56.0438 0x1bc0 rdyboost - ok 15:47:56.0469 0x1bc0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:47:56.0481 0x1bc0 RemoteAccess - ok 15:47:56.0499 0x1bc0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:47:56.0513 0x1bc0 RemoteRegistry - ok 15:47:56.0577 0x1bc0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:47:56.0583 0x1bc0 RpcEptMapper - ok 15:47:56.0613 0x1bc0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 15:47:56.0622 0x1bc0 RpcLocator - ok 15:47:56.0663 0x1bc0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 15:47:56.0679 0x1bc0 RpcSs - ok 15:47:56.0685 0x1bc0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:47:56.0692 0x1bc0 rspndr - ok 15:47:56.0758 0x1bc0 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 15:47:56.0783 0x1bc0 RTL8167 - ok 15:47:56.0816 0x1bc0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 15:47:56.0821 0x1bc0 s3cap - ok 15:47:56.0841 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 15:47:56.0843 0x1bc0 SamSs - ok 15:47:56.0862 0x1bc0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:47:56.0875 0x1bc0 sbp2port - ok 15:47:56.0897 0x1bc0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:47:56.0916 0x1bc0 SCardSvr - ok 15:47:56.0927 0x1bc0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:47:56.0933 0x1bc0 scfilter - ok 15:47:56.0976 0x1bc0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 15:47:57.0042 0x1bc0 Schedule - ok 15:47:57.0068 0x1bc0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 15:47:57.0070 0x1bc0 SCPolicySvc - ok 15:47:57.0104 0x1bc0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:47:57.0123 0x1bc0 SDRSVC - ok 15:47:57.0139 0x1bc0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:47:57.0144 0x1bc0 secdrv - ok 15:47:57.0156 0x1bc0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 15:47:57.0164 0x1bc0 seclogon - ok 15:47:57.0174 0x1bc0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 15:47:57.0176 0x1bc0 SENS - ok 15:47:57.0181 0x1bc0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:47:57.0190 0x1bc0 SensrSvc - ok 15:47:57.0238 0x1bc0 [ D666EBEC6374B2018CF61EE204C3CF50, 4BA0C0370F0C13AADBAE9724660F13210554B0B84C405494521502C2F6DEF27E ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys 15:47:57.0253 0x1bc0 Ser2pl - ok 15:47:57.0287 0x1bc0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 15:47:57.0294 0x1bc0 Serenum - ok 15:47:57.0325 0x1bc0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 15:47:57.0335 0x1bc0 Serial - ok 15:47:57.0351 0x1bc0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 15:47:57.0358 0x1bc0 sermouse - ok 15:47:57.0385 0x1bc0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 15:47:57.0389 0x1bc0 SessionEnv - ok 15:47:57.0394 0x1bc0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 15:47:57.0399 0x1bc0 sffdisk - ok 15:47:57.0404 0x1bc0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:47:57.0409 0x1bc0 sffp_mmc - ok 15:47:57.0423 0x1bc0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 15:47:57.0428 0x1bc0 sffp_sd - ok 15:47:57.0432 0x1bc0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 15:47:57.0437 0x1bc0 sfloppy - ok 15:47:57.0478 0x1bc0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:47:57.0510 0x1bc0 SharedAccess - ok 15:47:57.0552 0x1bc0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:47:57.0558 0x1bc0 ShellHWDetection - ok 15:47:57.0607 0x1bc0 [ 03639A3B26AA808BAE79D89FDB4B151C, CE77E201541E9BECE6DF4F63F2F4269D561DD9D32275902F1ADE57EA19A57A13 ] ShldFlt C:\Windows\system32\DRIVERS\ShldFlt.sys 15:47:57.0624 0x1bc0 ShldFlt - ok 15:47:57.0650 0x1bc0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 15:47:57.0667 0x1bc0 SiSRaid2 - ok 15:47:57.0680 0x1bc0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 15:47:57.0691 0x1bc0 SiSRaid4 - ok 15:47:57.0714 0x1bc0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:47:57.0724 0x1bc0 Smb - ok 15:47:57.0746 0x1bc0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:47:57.0754 0x1bc0 SNMPTRAP - ok 15:47:57.0816 0x1bc0 [ 52721183C4CD1BED92C0E7430134A2E4, 2EF0C1A21C36F2FD4D0E2266233770E0A3C88F02DA5056B2B854723AAB403192 ] SolarWinds TFTP Server C:\Program Files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe 15:47:57.0835 0x1bc0 SolarWinds TFTP Server - ok 15:47:57.0847 0x1bc0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 15:47:57.0853 0x1bc0 spldr - ok 15:47:57.0898 0x1bc0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 15:47:57.0907 0x1bc0 Spooler - ok 15:47:58.0007 0x1bc0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 15:47:58.0062 0x1bc0 sppsvc - ok 15:47:58.0079 0x1bc0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:47:58.0091 0x1bc0 sppuinotify - ok 15:47:58.0134 0x1bc0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 15:47:58.0341 0x1bc0 srv - ok 15:47:58.0359 0x1bc0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:47:58.0382 0x1bc0 srv2 - ok 15:47:58.0425 0x1bc0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:47:58.0453 0x1bc0 srvnet - ok 15:47:58.0492 0x1bc0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:47:58.0500 0x1bc0 SSDPSRV - ok 15:47:58.0516 0x1bc0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:47:58.0525 0x1bc0 SstpSvc - ok 15:47:58.0604 0x1bc0 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 15:47:59.0277 0x1bc0 Steam Client Service - ok 15:47:59.0295 0x1bc0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 15:47:59.0302 0x1bc0 stexstor - ok 15:47:59.0354 0x1bc0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 15:47:59.0377 0x1bc0 stisvc - ok 15:47:59.0404 0x1bc0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 15:47:59.0412 0x1bc0 storflt - ok 15:47:59.0430 0x1bc0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 15:47:59.0437 0x1bc0 storvsc - ok 15:47:59.0446 0x1bc0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 15:47:59.0451 0x1bc0 swenum - ok 15:47:59.0477 0x1bc0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 15:47:59.0510 0x1bc0 swprv - ok 15:47:59.0539 0x1bc0 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys 15:47:59.0549 0x1bc0 Synth3dVsc - ok 15:47:59.0653 0x1bc0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 15:47:59.0702 0x1bc0 SysMain - ok 15:47:59.0720 0x1bc0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:47:59.0723 0x1bc0 TabletInputService - ok 15:47:59.0747 0x1bc0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 15:47:59.0753 0x1bc0 TapiSrv - ok 15:47:59.0771 0x1bc0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 15:47:59.0774 0x1bc0 TBS - ok 15:47:59.0850 0x1bc0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:48:00.0011 0x1b70 Object required for P2P: [ 72ED0AA65F63047445943B1A4275FE83 ] ksaud 15:48:00.0154 0x1bc0 Tcpip - ok 15:48:00.0243 0x1bc0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:48:00.0273 0x1bc0 TCPIP6 - ok 15:48:00.0317 0x1bc0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:48:00.0331 0x1bc0 tcpipreg - ok 15:48:00.0356 0x1bc0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:48:00.0362 0x1bc0 TDPIPE - ok 15:48:00.0390 0x1bc0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:48:00.0397 0x1bc0 TDTCP - ok 15:48:00.0424 0x1bc0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:48:00.0436 0x1bc0 tdx - ok 15:48:00.0683 0x1bc0 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 15:48:00.0757 0x1bc0 TeamViewer9 - ok 15:48:00.0781 0x1bc0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 15:48:00.0788 0x1bc0 TermDD - ok 15:48:00.0822 0x1bc0 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys 15:48:00.0835 0x1bc0 terminpt - ok 15:48:00.0909 0x1bc0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 15:48:00.0932 0x1bc0 TermService - ok 15:48:00.0941 0x1bc0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 15:48:00.0943 0x1bc0 Themes - ok 15:48:00.0974 0x1bc0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 15:48:00.0976 0x1bc0 THREADORDER - ok 15:48:01.0007 0x1bc0 [ 71D19B5D542B6EEA00C99D9984DC901F, 5AD751826B52646BBC2C1CE7085B74B964E858F745AFA8CDD8860882346B225A ] TPSrv C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe 15:48:01.0010 0x1bc0 TPSrv - ok 15:48:01.0024 0x1bc0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 15:48:01.0028 0x1bc0 TrkWks - ok 15:48:01.0096 0x1bc0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:48:01.0106 0x1bc0 TrustedInstaller - ok 15:48:01.0156 0x1bc0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:48:01.0163 0x1bc0 tssecsrv - ok 15:48:01.0205 0x1bc0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 15:48:01.0214 0x1bc0 TsUsbFlt - ok 15:48:01.0255 0x1bc0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 15:48:01.0262 0x1bc0 TsUsbGD - ok 15:48:01.0295 0x1bc0 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 15:48:01.0315 0x1bc0 tsusbhub - ok 15:48:01.0355 0x1bc0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:48:01.0555 0x1bc0 tunnel - ok 15:48:01.0575 0x1bc0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 15:48:01.0583 0x1bc0 uagp35 - ok 15:48:01.0602 0x1bc0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:48:01.0624 0x1bc0 udfs - ok 15:48:01.0642 0x1bc0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:48:01.0651 0x1bc0 UI0Detect - ok 15:48:01.0671 0x1bc0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:48:01.0679 0x1bc0 uliagpkx - ok 15:48:01.0698 0x1bc0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 15:48:01.0705 0x1bc0 umbus - ok 15:48:01.0716 0x1bc0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 15:48:01.0721 0x1bc0 UmPass - ok 15:48:01.0761 0x1bc0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 15:48:01.0766 0x1bc0 UmRdpService - ok 15:48:01.0784 0x1bc0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 15:48:01.0790 0x1bc0 upnphost - ok 15:48:01.0823 0x1bc0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 15:48:01.0832 0x1bc0 usbaudio - ok 15:48:01.0861 0x1bc0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:48:01.0869 0x1bc0 usbccgp - ok 15:48:01.0919 0x1bc0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:48:01.0930 0x1bc0 usbcir - ok 15:48:01.0946 0x1bc0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:48:01.0953 0x1bc0 usbehci - ok 15:48:01.0977 0x1bc0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:48:02.0002 0x1bc0 usbhub - ok 15:48:02.0015 0x1bc0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 15:48:02.0021 0x1bc0 usbohci - ok 15:48:02.0033 0x1bc0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 15:48:02.0040 0x1bc0 usbprint - ok 15:48:02.0078 0x1bc0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:48:02.0089 0x1bc0 USBSTOR - ok 15:48:02.0112 0x1bc0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 15:48:02.0124 0x1bc0 usbuhci - ok 15:48:02.0180 0x1bc0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 15:48:02.0204 0x1bc0 usbvideo - ok 15:48:02.0225 0x1bc0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 15:48:02.0228 0x1bc0 UxSms - ok 15:48:02.0241 0x1bc0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 15:48:02.0243 0x1bc0 VaultSvc - ok 15:48:02.0252 0x1bc0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 15:48:02.0261 0x1bc0 vdrvroot - ok 15:48:02.0295 0x1bc0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 15:48:02.0338 0x1bc0 vds - ok 15:48:02.0353 0x1bc0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:48:02.0359 0x1bc0 vga - ok 15:48:02.0370 0x1bc0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 15:48:02.0376 0x1bc0 VgaSave - ok 15:48:02.0380 0x1bc0 VGPU - ok 15:48:02.0398 0x1bc0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 15:48:02.0413 0x1bc0 vhdmp - ok 15:48:02.0443 0x1bc0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 15:48:02.0449 0x1bc0 viaide - ok 15:48:02.0489 0x1bc0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 15:48:02.0508 0x1b70 Object send P2P result: true 15:48:02.0654 0x1bc0 vmbus - ok 15:48:02.0667 0x1bc0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 15:48:02.0672 0x1bc0 VMBusHID - ok 15:48:02.0692 0x1bc0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:48:02.0701 0x1bc0 volmgr - ok 15:48:02.0724 0x1bc0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:48:02.0748 0x1bc0 volmgrx - ok 15:48:02.0758 0x1bc0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:48:02.0773 0x1bc0 volsnap - ok 15:48:02.0804 0x1bc0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 15:48:02.0814 0x1bc0 vsmraid - ok 15:48:02.0870 0x1bc0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 15:48:02.0895 0x1bc0 VSS - ok 15:48:02.0911 0x1bc0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 15:48:02.0917 0x1bc0 vwifibus - ok 15:48:02.0948 0x1bc0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys 15:48:02.0955 0x1bc0 VWiFiFlt - ok 15:48:02.0975 0x1bc0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 15:48:02.0980 0x1bc0 vwifimp - ok 15:48:02.0998 0x1bc0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 15:48:03.0006 0x1bc0 W32Time - ok 15:48:03.0031 0x1bc0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 15:48:03.0037 0x1bc0 WacomPen - ok 15:48:03.0062 0x1bc0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:48:03.0070 0x1bc0 WANARP - ok 15:48:03.0085 0x1bc0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:48:03.0086 0x1bc0 Wanarpv6 - ok 15:48:03.0136 0x1bc0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 15:48:03.0217 0x1bc0 wbengine - ok 15:48:03.0235 0x1bc0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:48:03.0256 0x1bc0 WbioSrvc - ok 15:48:03.0275 0x1bc0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:48:03.0282 0x1bc0 wcncsvc - ok 15:48:03.0293 0x1bc0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:48:03.0304 0x1bc0 WcsPlugInService - ok 15:48:03.0319 0x1bc0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 15:48:03.0325 0x1bc0 Wd - ok 15:48:03.0372 0x1bc0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:48:03.0422 0x1bc0 Wdf01000 - ok 15:48:03.0444 0x1bc0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:48:03.0447 0x1bc0 WdiServiceHost - ok 15:48:03.0452 0x1bc0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:48:03.0455 0x1bc0 WdiSystemHost - ok 15:48:03.0502 0x1bc0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 15:48:03.0548 0x1bc0 WebClient - ok 15:48:03.0571 0x1bc0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:48:03.0603 0x1bc0 Wecsvc - ok 15:48:03.0620 0x1bc0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:48:03.0624 0x1bc0 wercplsupport - ok 15:48:03.0653 0x1bc0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 15:48:03.0657 0x1bc0 WerSvc - ok 15:48:03.0671 0x1bc0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:48:03.0677 0x1bc0 WfpLwf - ok 15:48:03.0689 0x1bc0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:48:03.0698 0x1bc0 WIMMount - ok 15:48:03.0727 0x1bc0 WinDefend - ok 15:48:03.0751 0x1bc0 WinHttpAutoProxySvc - ok 15:48:03.0818 0x1bc0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:48:03.0827 0x1bc0 Winmgmt - ok 15:48:03.0937 0x1bc0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 15:48:04.0093 0x1bc0 WinRM - ok 15:48:04.0143 0x1bc0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 15:48:04.0150 0x1bc0 WinUsb - ok 15:48:04.0207 0x1bc0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 15:48:04.0222 0x1bc0 Wlansvc - ok 15:48:04.0392 0x1bc0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:48:04.0427 0x1bc0 wlidsvc - ok 15:48:04.0443 0x1bc0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 15:48:04.0447 0x1bc0 WmiAcpi - ok 15:48:04.0487 0x1bc0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:48:04.0507 0x1bc0 wmiApSrv - ok 15:48:04.0525 0x1bc0 WMPNetworkSvc - ok 15:48:04.0557 0x1bc0 [ C1B61612FCCC6E750AD0A6E19C77EE85, 9B99E52B1D74BAC34A338681689A18C8E6C57F6AE9C5E52B7BF5561B0867CD74 ] WNMFLT C:\Windows\system32\Drivers\WNMFLT64.SYS 15:48:04.0565 0x1bc0 WNMFLT - ok 15:48:04.0575 0x1bc0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:48:04.0583 0x1bc0 WPCSvc - ok 15:48:04.0595 0x1bc0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:48:04.0602 0x1bc0 WPDBusEnum - ok 15:48:04.0630 0x1bc0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:48:04.0633 0x1bc0 ws2ifsl - ok 15:48:04.0644 0x1bc0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 15:48:04.0647 0x1bc0 wscsvc - ok 15:48:04.0651 0x1bc0 WSearch - ok 15:48:04.0762 0x1bc0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 15:48:04.0801 0x1bc0 wuauserv - ok 15:48:04.0834 0x1bc0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:48:04.0847 0x1bc0 WudfPf - ok 15:48:04.0879 0x1bc0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:48:04.0905 0x1bc0 WUDFRd - ok 15:48:04.0937 0x1bc0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:48:04.0943 0x1bc0 wudfsvc - ok 15:48:04.0997 0x1bc0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 15:48:05.0007 0x1bc0 WwanSvc - ok 15:48:05.0069 0x1bc0 ================ Scan global =============================== 15:48:05.0100 0x1bc0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 15:48:05.0138 0x1bc0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 15:48:05.0167 0x1bc0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 15:48:05.0205 0x1bc0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 15:48:05.0246 0x1bc0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 15:48:05.0253 0x1bc0 [ Global ] - ok 15:48:05.0254 0x1bc0 ================ Scan MBR ================================== 15:48:05.0255 0x1bc0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 15:48:05.0260 0x1bc0 \Device\Harddisk0\DR0 - ok 15:48:05.0262 0x1bc0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 15:48:05.0267 0x1bc0 \Device\Harddisk1\DR1 - ok 15:48:05.0275 0x1bc0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 15:48:05.0513 0x1bc0 \Device\Harddisk2\DR2 - ok 15:48:05.0516 0x1bc0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 15:48:05.0523 0x1bc0 \Device\Harddisk3\DR3 - ok 15:48:05.0526 0x1bc0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4 15:48:06.0244 0x1bc0 \Device\Harddisk4\DR4 - ok 15:48:06.0247 0x1bc0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5 15:48:06.0334 0x1bc0 \Device\Harddisk5\DR5 - detected Rootkit.Boot.SST.b ( 0 ) 15:48:06.0334 0x1bc0 \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - infected 15:48:08.0738 0x1bc0 ================ Scan VBR ================================== 15:48:08.0740 0x1bc0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1 15:48:08.0740 0x1bc0 \Device\Harddisk0\DR0\Partition1 - ok 15:48:08.0742 0x1bc0 [ 4E5A47B84A1239387D669885C7827CC8 ] \Device\Harddisk0\DR0\Partition2 15:48:09.0430 0x1bc0 \Device\Harddisk0\DR0\Partition2 - ok 15:48:09.0435 0x1bc0 [ 6F9F84AB1878B8A871345C498291C159 ] \Device\Harddisk0\DR0\Partition3 15:48:09.0487 0x1bc0 \Device\Harddisk0\DR0\Partition3 - ok 15:48:09.0491 0x1bc0 [ 845321655D80268BD1D82FCD9D8E3D2C ] \Device\Harddisk0\DR0\Partition4 15:48:09.0523 0x1bc0 \Device\Harddisk0\DR0\Partition4 - ok 15:48:09.0526 0x1bc0 [ FB945DD791BFE566800D6A2B0A4D3E3A ] \Device\Harddisk1\DR1\Partition1 15:48:10.0286 0x1bc0 \Device\Harddisk1\DR1\Partition1 - ok 15:48:10.0290 0x1bc0 [ CFFEE9CE09946EBF82E3F72635A4EF4B ] \Device\Harddisk1\DR1\Partition2 15:48:10.0357 0x1bc0 \Device\Harddisk1\DR1\Partition2 - ok 15:48:10.0362 0x1bc0 [ C42CF0781D12937FB2EB63567D450101 ] \Device\Harddisk1\DR1\Partition3 15:48:10.0434 0x1bc0 \Device\Harddisk1\DR1\Partition3 - ok 15:48:10.0439 0x1bc0 [ 3D79E7F9772019C5CA4D0EB412F6C4CB ] \Device\Harddisk2\DR2\Partition1 15:48:10.0441 0x1bc0 \Device\Harddisk2\DR2\Partition1 - ok 15:48:10.0446 0x1bc0 [ CB17264DFFEF8A045B19F64B9DD3B19F ] \Device\Harddisk2\DR2\Partition2 15:48:10.0449 0x1bc0 \Device\Harddisk2\DR2\Partition2 - ok 15:48:10.0454 0x1bc0 [ 7EE1EF8432962E1703DE5E005F067647 ] \Device\Harddisk2\DR2\Partition3 15:48:10.0456 0x1bc0 \Device\Harddisk2\DR2\Partition3 - ok 15:48:10.0460 0x1bc0 [ 4DA69DC166266ADF8DF099EAAA49F585 ] \Device\Harddisk3\DR3\Partition1 15:48:11.0153 0x1bc0 \Device\Harddisk3\DR3\Partition1 - ok 15:48:11.0158 0x1bc0 [ 85F66079C7644EEAEFA95DE2A1305C2A ] \Device\Harddisk3\DR3\Partition2 15:48:11.0197 0x1bc0 \Device\Harddisk3\DR3\Partition2 - ok 15:48:11.0202 0x1bc0 [ 8011BE736890ABFA6FBC1F982F14CCFE ] \Device\Harddisk3\DR3\Partition3 15:48:11.0235 0x1bc0 \Device\Harddisk3\DR3\Partition3 - ok 15:48:11.0239 0x1bc0 [ C2BDA3BFE14B6909D193978F0339F9F3 ] \Device\Harddisk4\DR4\Partition1 15:48:11.0732 0x1bc0 \Device\Harddisk4\DR4\Partition1 - ok 15:48:11.0737 0x1bc0 [ D5D5C85638A3BEDAD379ECC51F2EDB93 ] \Device\Harddisk4\DR4\Partition2 15:48:11.0826 0x1bc0 \Device\Harddisk4\DR4\Partition2 - ok 15:48:11.0830 0x1bc0 [ D5F057BA1333A4CE1EC319B900E6674E ] \Device\Harddisk4\DR4\Partition3 15:48:11.0833 0x1bc0 \Device\Harddisk4\DR4\Partition3 - ok 15:48:11.0837 0x1bc0 [ 02B47C5D76273CDED1C12A459BFE3080 ] \Device\Harddisk5\DR5\Partition1 15:48:11.0842 0x1bc0 \Device\Harddisk5\DR5\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 ) 15:48:11.0842 0x1bc0 \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - infected 15:48:14.0276 0x1bc0 [ 0FD1B24EED5EE77991202DC2534D943B ] \Device\Harddisk5\DR5\Partition2 15:48:14.0280 0x1bc0 \Device\Harddisk5\DR5\Partition2 - ok 15:48:14.0285 0x1bc0 [ 26F016019ED598CA7DE39D870D309E5A ] \Device\Harddisk5\DR5\Partition3 15:48:14.0289 0x1bc0 \Device\Harddisk5\DR5\Partition3 - ok 15:48:14.0292 0x1bc0 [ AEFCDB447FA584BBC3D2BC0D75FBF72B ] \Device\Harddisk5\DR5\Partition4 15:48:14.0296 0x1bc0 \Device\Harddisk5\DR5\Partition4 - ok 15:48:14.0297 0x1bc0 ================ Scan generic autorun ====================== 15:48:14.0299 0x1bc0 Creative SB Monitoring Utility - ok 15:48:14.0363 0x1bc0 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 15:48:14.0370 0x1bc0 ArcSoft Connection Service - ok 15:48:14.0447 0x1bc0 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 15:48:14.0474 0x1bc0 Adobe ARM - ok 15:48:14.0539 0x1bc0 [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe 15:48:14.0589 0x1bc0 LifeCam - ok 15:48:14.0648 0x1bc0 [ F9413654DBA2F81CA2FDC827C41BDF6E, 3C8FBD4813371AB372BF05E0D56B9949216302C07EF954C1777A4A35623D819F ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE 15:48:14.0663 0x1bc0 APVXDWIN - ok 15:48:14.0674 0x1bc0 [ 1CB26EC6478D64AA834802C74518561B, FB222950869236B66F6E7DD987AFC8688F59B0D0FC5B060B07FBEF003BCF0709 ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe 15:48:14.0688 0x1bc0 SCANINICIO - ok 15:48:14.0763 0x1bc0 [ 1B22422DC7EAA39E86820387C5AA1CB4, 365F4E690EDCF1FB86D88858456997E8433D6FDBEC384853D866EEA91F3ACE77 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe 15:48:14.0794 0x1bc0 DivXMediaServer - ok 15:48:14.0875 0x1bc0 [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 15:48:14.0897 0x1bc0 DivXUpdate - ok 15:48:15.0034 0x1bc0 [ 3CD9C60B23D870700F63AD4755364902, 0E02E5AAE14613286F486DB1F1F257E047B9F3FDF18480869274C1C1A2C735AF ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 15:48:15.0108 0x1bc0 LogMeIn Hamachi Ui - ok 15:48:15.0113 0x1bc0 AsioThk32Reg - ok 15:48:15.0208 0x1bc0 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 15:48:15.0237 0x1bc0 avgnt - ok 15:48:15.0370 0x1bc0 [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 15:48:15.0413 0x1bc0 StartCCC - ok 15:48:15.0577 0x1bc0 [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 15:48:15.0657 0x1bc0 BrStsMon00 - ok 15:48:15.0715 0x1bc0 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 15:48:15.0720 0x1bc0 Avira Systray - ok 15:48:15.0763 0x1bc0 [ 38429BDE3F544D3B38CF3DFE4691688B, E0D2E93156C4A0ACD6B0AD833834F92520CE0935F8C864D5719EBC0582C0C3BE ] C:\Program Files (x86)\Raptr\raptrstub.exe 15:48:15.0792 0x1bc0 Raptr - ok 15:48:15.0843 0x1bc0 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 15:48:16.0114 0x1bc0 SunJavaUpdateSched - ok 15:48:16.0216 0x1bc0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 15:48:16.0326 0x1bc0 Sidebar - ok 15:48:16.0358 0x1bc0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 15:48:16.0369 0x1bc0 mctadmin - ok 15:48:16.0396 0x1bc0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 15:48:16.0413 0x1bc0 Sidebar - ok 15:48:16.0418 0x1bc0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 15:48:16.0420 0x1bc0 mctadmin - ok 15:48:16.0504 0x1bc0 [ 5224410189A80F65C4C5841311603350, 146F417791ED827CBD848C08DDB00EB22D3F8CAC7DC24F3CB27F34E9C1A0913C ] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk 15:48:16.0508 0x1bc0 MotoCast - ok 15:48:16.0603 0x1bc0 [ 4D2D5A2F86ED8E0DA5E63747F6AA6D8D, 9EF811C475BD08459CFE8A2B3277995CF5F6B673EF2F734D09CBDA952FC7479C ] C:\Program Files (x86)\Evaer\videochannel.exe 15:48:16.0668 0x1bc0 avichannel - ok 15:48:16.0842 0x1bc0 [ AFE3883FB37A5567C913E7DFCF2924A5, 3CA38EE302E0FF343DB87AE90DA868DCE5B7B490C2AA32164AF8DD4773482265 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 15:48:17.0125 0x1bc0 DAEMON Tools Lite - ok 15:48:17.0264 0x1bc0 [ F922C7051474DF6A41770D8C6C90A97C, 558F009485C04B531E08C144612C32DA4AF3A960BB7442E712F2687A546D05B4 ] C:\Users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 15:48:17.0519 0x1bc0 AmazonMP3DownloaderHelper - ok 15:48:17.0621 0x1bc0 [ 67532439BB1556CC64A551FDC4CD881E, 31841C350C6247F31D0FF61B6F70B4D713FBAB59AD7927F497014D1AF2B7FE98 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 15:48:17.0644 0x1bc0 GarminExpressTrayApp - ok 15:48:17.0894 0x1bc0 [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe 15:48:17.0985 0x1bc0 Amazon Music - ok 15:48:17.0992 0x1bc0 Waiting for KSN requests completion. In queue: 24 15:48:18.0992 0x1bc0 Waiting for KSN requests completion. In queue: 24 15:48:19.0992 0x1bc0 Waiting for KSN requests completion. In queue: 24 15:48:21.0017 0x1bc0 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x40000 ( disabled : updated ) 15:48:21.0019 0x1bc0 AV detected via SS2: Panda Global Protection 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x51000 ( enabled : updated ) 15:48:21.0021 0x1bc0 FW detected via SS2: Panda Personal Firewall 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x50010 ( disabled ) 15:48:21.0025 0x1bc0 Win FW state via NFP2: enabled 15:48:23.0433 0x1bc0 ============================================================ 15:48:23.0433 0x1bc0 Scan finished 15:48:23.0433 0x1bc0 ============================================================ 15:48:23.0445 0x1fac Detected object count: 2 15:48:23.0445 0x1fac Actual detected object count: 2 15:51:55.0566 0x1fac \Device\Harddisk5\DR5\# - copied to quarantine 15:51:55.0567 0x1fac \Device\Harddisk5\DR5 - copied to quarantine 15:51:55.0810 0x1fac \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - cured 15:51:55.0816 0x1fac \Device\Harddisk5\DR5 - ok 15:51:56.0469 0x1fac \Device\Harddisk5\DR5 ( Rootkit.Boot.SST.b ) - User select action: Cure 15:51:56.0491 0x1fac \Device\Harddisk5\DR5\Partition1 - copied to quarantine 15:51:56.0500 0x1fac \Device\Harddisk5\DR5\Partition1 - processing error 15:52:51.0352 0x1fac \Device\Harddisk5\DR5\Partition1 - processing error 15:52:51.0352 0x1fac \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure Restore 15:53:17.0028 0x19ac Deinitialize success Combofix Logfile: Code:
ATTFilter ComboFix 14-12-02.01 - Jan 03.12.2014 16:00:08.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8138.5462 [GMT 1:00] ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} AV: Panda Global Protection 2013 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} FW: Panda Personal Firewall 2013 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Panda Global Protection 2013 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\users\Jan\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll c:\windows\msdownld.tmp c:\windows\SysWow64\~GLH0045.TMP c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll I:\Autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((( Dateien erstellt von 2014-11-03 bis 2014-12-03 )))))))))))))))))))))))))))))) . . 2014-12-03 15:12 . 2014-12-03 15:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-12-03 14:51 . 2014-12-03 14:51 -------- d-----w- C:\TDSSKiller_Quarantine 2014-12-02 16:56 . 2014-12-02 17:01 -------- d-----w- C:\FRST 2014-11-30 22:04 . 2014-11-30 22:04 -------- d-----w- c:\windows\Sun 2014-11-30 22:03 . 2014-11-30 22:03 -------- d-----w- c:\program files (x86)\Knuddels 2014-11-30 22:03 . 2014-11-30 22:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2014-11-30 22:02 . 2014-11-30 22:02 -------- d-----w- c:\program files\Java 2014-11-30 22:02 . 2014-11-30 22:02 -------- d-----w- c:\program files (x86)\Common Files\Java 2014-11-30 22:02 . 2014-11-30 22:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-11-30 22:01 . 2014-11-30 22:01 -------- d-----w- c:\program files (x86)\Java 2014-11-19 21:16 . 2014-11-19 21:16 -------- d-----w- c:\programdata\Samsung 2014-11-19 21:16 . 2014-11-19 21:16 -------- d-----w- c:\program files (x86)\SamsungPrinterLiveUpdate 2014-11-19 21:16 . 2014-09-18 10:06 41984 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssm1mpc.dll 2014-11-19 16:27 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll 2014-11-19 16:27 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll 2014-11-19 16:27 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll 2014-11-19 16:27 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll 2014-11-17 19:11 . 2014-11-17 19:11 -------- d-----w- c:\users\Jan\AppData\Local\Amazon Music 2014-11-15 16:16 . 2014-11-15 16:16 -------- d-sh--w- c:\users\Jan\AppData\Local\EmieBrowserModeList 2014-11-15 13:18 . 2014-11-15 13:18 -------- d-----w- C:\!KillBox 2014-11-13 09:24 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll 2014-11-13 09:24 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll 2014-11-13 09:24 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-11-13 09:24 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2014-11-13 09:24 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll 2014-11-13 09:24 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll 2014-11-13 09:24 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll 2014-11-13 09:24 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll 2014-11-13 09:24 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll 2014-11-13 09:24 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2014-11-13 09:24 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2014-11-13 09:24 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll 2014-11-13 09:18 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll 2014-11-13 09:18 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll 2014-11-13 09:18 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys 2014-11-13 09:18 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll 2014-11-13 09:18 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll 2014-11-13 09:18 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll 2014-11-13 09:18 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-11-26 20:11 . 2013-03-27 19:21 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-11-26 20:11 . 2013-03-27 19:21 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-11-13 09:59 . 2013-04-13 10:34 103374192 ----a-w- c:\windows\system32\MRT.exe 2014-10-09 09:14 . 2013-11-25 17:46 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2014-10-09 09:14 . 2013-11-25 17:46 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys 2014-10-09 09:14 . 2013-11-25 17:46 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2014-09-25 02:08 . 2014-10-02 14:32 371712 ----a-w- c:\windows\system32\qdvd.dll 2014-09-25 01:40 . 2014-10-02 14:32 519680 ----a-w- c:\windows\SysWow64\qdvd.dll 2014-09-18 10:06 . 2014-09-18 11:06 686384 ----a-w- c:\windows\system32\eed_sl.exe 2014-09-18 10:06 . 2014-09-18 11:06 34304 ----a-w- c:\windows\system32\ssm1mlm.dll 2014-09-18 10:06 . 2014-09-18 11:06 3112960 ----a-w- c:\windows\system32\eed_ec.dll 2014-09-18 10:06 . 2014-09-18 11:06 226424 ----a-w- c:\windows\system32\SBuySupplies.exe 2014-09-18 10:06 . 2014-09-18 11:06 89600 ----a-w- c:\windows\system32\ssm1mci.dll 2014-09-18 10:06 . 2014-09-18 11:06 151552 ----a-w- c:\windows\system32\ssm1mci.exe 2014-09-09 22:11 . 2014-09-28 15:58 2048 ----a-w- c:\windows\system32\tzres.dll 2014-09-09 21:47 . 2014-09-28 15:58 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2014-09-05 02:11 . 2014-10-15 14:14 6584320 ----a-w- c:\windows\system32\mstscax.dll 2014-09-05 01:52 . 2014-10-15 14:14 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-06-04 19:06 220632 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-06-04 19:06 220632 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-06-04 19:06 220632 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MotoCast"="c:\program files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk" [2013-03-30 2051] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] "AmazonMP3DownloaderHelper"="c:\users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704] "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-09-18 688984] "Amazon Music"="c:\users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-10-15 6281024] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536] "APVXDWIN"="c:\program files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE" [2012-12-12 1038192] "SCANINICIO"="c:\program files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe" [2012-11-08 70432] "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296] "AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-11-18 703736] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200] "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440] "Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208] "Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2014-11-20 55568] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776] . c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ NAS Scheduler.lnk - c:\program files (x86)\BUFFALO\NASNAVI\nassche.exe [2013-6-16 206128] OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2013-3-28 258048] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x] R3 AF9035BDA;AF9035 BDA Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x] R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x] R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x] R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x] R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x] R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x] R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x] R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x] R3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64;c:\windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.2.47157.0.sys;c:\windows\SYSNATIVE\DRIVERS\DisplayLinkUsbIo_x64_7.2.47157.0.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x] R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe;c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [x] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x] R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x] R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x] S0 gpt_loader;GUID Partition table support driver;c:\windows\system32\DRIVERS\gpt_loader.sys;c:\windows\SYSNATIVE\DRIVERS\gpt_loader.sys [x] S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x] S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot64.sys;c:\windows\SYSNATIVE\Drivers\pavboot64.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x] S1 ShldFlt;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShldFlt.sys;c:\windows\SYSNATIVE\DRIVERS\ShldFlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm6460.sys;c:\windows\SYSNATIVE\DRIVERS\amm6460.sys [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT64.SYS;c:\windows\SYSNATIVE\Drivers\APPFLT64.SYS [x] S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x] S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x] S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys;c:\windows\SYSNATIVE\DRIVERS\COMFiltr.sys [x] S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x] S2 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT64.SYS;c:\windows\SYSNATIVE\Drivers\DSAFLT64.SYS [x] S2 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetm64.SYS;c:\windows\SYSNATIVE\Drivers\fnetm64.SYS [x] S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x] S2 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT64.SYS;c:\windows\SYSNATIVE\Drivers\IDSFLT64.SYS [x] S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x] S2 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [x] S2 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETTDI64.SYS;c:\windows\SYSNATIVE\Drivers\NETTDI64.SYS [x] S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x] S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x] S2 PskSvcRetail;Panda PSK service;c:\program files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe;c:\program files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe [x] S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x] S2 SolarWinds TFTP Server;SolarWinds TFTP Server;c:\program files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe;c:\program files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT64.SYS;c:\windows\SYSNATIVE\Drivers\WNMFLT64.SYS [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys;c:\windows\SYSNATIVE\drivers\ksaud.sys [x] S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\DRIVERS\n64i1644.sys;c:\windows\SYSNATIVE\DRIVERS\n64i1644.sys [x] S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys;c:\windows\SYSNATIVE\PavTPK.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . Inhalt des "geplante Tasks" Ordners . 2014-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-27 20:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-06-04 19:06 244696 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-06-04 19:06 244696 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-06-04 19:06 244696 ----a-w- c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative SB Monitoring Utility"="sbavmon.dll" [2010-01-12 109056] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.de/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Alles mit FlashGet laden - c:\program files (x86)\FlashGet\jc_all.htm IE: &Mit FlashGet laden - c:\program files (x86)\FlashGet\jc_link.htm TCP: DhcpNameServer = 192.168.2.1 DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://foxymethoxy.no-ip.org/codebase/DVM_IPCam2.ocx FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\mc6sz7oq.default\ . . ------- Dateityp-Verknüpfung ------- . JSEFile=c:\progra~2\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* . - - - - Entfernte verwaiste Registrierungseinträge - - - - . SafeBoot-28404067.sys HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Age of Empires 2.0 - e:\spiele\Strategie\Age\UNINSTAL.EXE AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - e:\spiele\Strategie\Age\UNINSTALX.EXE AddRemove-PlusWinks - c:\program files (x86)\Cool Smiley Bar for Facebook\uninst.exe AddRemove-Steam App 12100 - c:\spiele\St3am\steam.exe AddRemove-Steam App 12110 - c:\spiele\St3am\steam.exe AddRemove-Steam App 12120 - c:\spiele\St3am\steam.exe AddRemove-Steam App 12210 - c:\spiele\St3am\steam.exe AddRemove-Steam App 12220 - c:\spiele\St3am\steam.exe AddRemove-Steam App 216250 - c:\spiele\St3am\steam.exe AddRemove-Steam App 218 - c:\spiele\St3am\steam.exe AddRemove-Steam App 239160 - c:\spiele\St3am\steam.exe AddRemove-Steam App 340 - f:\spiele\St3am\steam.exe AddRemove-Steam App 380 - f:\spiele\St3am\steam.exe AddRemove-Steam App 420 - f:\spiele\St3am\steam.exe AddRemove-Steam App 91310 - c:\spiele\St3am\steam.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-441872813-2357865288-1052857262-1000\Software\SecuROM\License information*] "datasecu"=hex:5a,b0,8e,bd,a5,1a,41,54,2e,28,f7,71,13,78,32,f1,bc,6e,0e,1a,b1, 41,dd,9b,64,6a,3f,0b,d8,22,f6,a3,e3,7c,d0,8f,18,d9,18,8e,01,8d,7b,29,93,4d,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe c:\program files (x86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe c:\program files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe c:\program files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe c:\program files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe c:\program files (x86)\Panda Security\Panda Global Protection 2013\AVENGINE.EXE c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.EXE c:\program files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe c:\program files (x86)\TeamViewer\Version9\tv_w32.exe . ************************************************************************** . Zeit der Fertigstellung: 2014-12-03 16:29:21 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2014-12-03 15:29 . Vor Suchlauf: 24 Verzeichnis(se), 128.574.943.232 Bytes frei Nach Suchlauf: 28 Verzeichnis(se), 129.292.304.384 Bytes frei . - - End Of File - - A952793798D4EE95C02E0A70994C5EB0 A36C5E4F47E84449FF07ED3517B43A31 |
03.12.2014, 17:18 | #9 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Ein threat bleibt allerdings noch vorhanden und kann von TDSS nicht verarbeitet werden. Das ist der aktuelle LOG 17:02:24.0812 0x14c0 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 17:02:27.0155 0x14c0 ============================================================ 17:02:27.0155 0x14c0 Current date / time: 2014/12/03 17:02:27.0155 17:02:27.0155 0x14c0 SystemInfo: 17:02:27.0156 0x14c0 17:02:27.0156 0x14c0 OS Version: 6.1.7601 ServicePack: 1.0 17:02:27.0156 0x14c0 Product type: Workstation 17:02:27.0156 0x14c0 ComputerName: AMDFXCROSSFIRE 17:02:27.0156 0x14c0 UserName: Jan 17:02:27.0156 0x14c0 Windows directory: C:\Windows 17:02:27.0156 0x14c0 System windows directory: C:\Windows 17:02:27.0156 0x14c0 Running under WOW64 17:02:27.0156 0x14c0 Processor architecture: Intel x64 17:02:27.0156 0x14c0 Number of processors: 8 17:02:27.0156 0x14c0 Page size: 0x1000 17:02:27.0156 0x14c0 Boot type: Normal boot 17:02:27.0156 0x14c0 ============================================================ 17:02:29.0228 0x14c0 KLMD registered as C:\Windows\system32\drivers\71892273.sys 17:02:29.0617 0x14c0 System UUID: {144609C6-277B-040E-AC59-F06BF1D25E5F} 17:02:30.0264 0x14c0 Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:02:30.0264 0x14c0 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:02:30.0267 0x14c0 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:02:30.0285 0x14c0 Drive \Device\Harddisk3\DR3 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:02:30.0285 0x14c0 Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:02:30.0292 0x14c0 Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 17:02:30.0596 0x14c0 ============================================================ 17:02:30.0596 0x14c0 \Device\Harddisk0\DR0: 17:02:30.0596 0x14c0 GPT partitions: 17:02:30.0596 0x14c0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8364E391-EF97-4689-BBB3-F7AC411295F6}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000 17:02:30.0596 0x14c0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0773DDDA-7FC5-4838-D299-65E7B62441F4}, Name: Basic data partition, StartLBA 0x41000, BlocksNum 0x71853000 17:02:30.0596 0x14c0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {07AAE340-91A7-4E95-EAB0-0EFD4A31D1FD}, Name: Basic data partition, StartLBA 0x71894000, BlocksNum 0x71853000 17:02:30.0596 0x14c0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5FCE86C3-D3E4-454B-55D8-C08005033E56}, Name: Basic data partition, StartLBA 0xE30E7000, BlocksNum 0x7A423000 17:02:30.0596 0x14c0 MBR partitions: 17:02:30.0596 0x14c0 \Device\Harddisk1\DR1: 17:02:30.0597 0x14c0 GPT partitions: 17:02:30.0597 0x14c0 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6D65002A-B863-4D54-9EF5-E0387371494F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71B81800 17:02:30.0597 0x14c0 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E0E7C3B6-89C8-43B7-A1C3-1882F1A5A3DD}, Name: Basic data partition, StartLBA 0x71B82000, BlocksNum 0x71C4F800 17:02:30.0597 0x14c0 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F0B8BAC-A2C5-4CCA-8228-DC243D0FCA1C}, Name: Basic data partition, StartLBA 0xE37D1800, BlocksNum 0x79D38000 17:02:30.0597 0x14c0 MBR partitions: 17:02:30.0597 0x14c0 \Device\Harddisk2\DR2: 17:02:30.0597 0x14c0 MBR partitions: 17:02:30.0597 0x14c0 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:02:30.0597 0x14c0 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x21CB3000 17:02:30.0597 0x14c0 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x21CE5800, BlocksNum 0x182B8000 17:02:30.0597 0x14c0 \Device\Harddisk3\DR3: 17:02:30.0597 0x14c0 GPT partitions: 17:02:30.0629 0x14c0 \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {283654C3-1EDF-4DFC-985C-68EE18B8396C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x7198D800 17:02:30.0629 0x14c0 \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {64448BDE-9715-4BBE-AA2B-4979E40FA37C}, Name: Basic data partition, StartLBA 0x7198E000, BlocksNum 0x71A5B800 17:02:30.0629 0x14c0 \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {154B5B89-618D-4086-9455-90677718D689}, Name: Basic data partition, StartLBA 0xE33E9800, BlocksNum 0x7A120000 17:02:30.0629 0x14c0 MBR partitions: 17:02:30.0629 0x14c0 \Device\Harddisk4\DR4: 17:02:30.0629 0x14c0 GPT partitions: 17:02:30.0630 0x14c0 \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B67E26B0-97B6-4911-CE13-C2A37AD68D0B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x81969800 17:02:30.0630 0x14c0 \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0A330361-6241-4614-8E52-0BA87BB7D564}, Name: Basic data partition, StartLBA 0x8196A000, BlocksNum 0x7DBB8000 17:02:30.0630 0x14c0 \Device\Harddisk4\DR4\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {11333C85-0799-4CDE-5B10-1623ED381EAF}, Name: Basic data partition, StartLBA 0xFF522000, BlocksNum 0x5DFE8000 17:02:30.0630 0x14c0 MBR partitions: 17:02:30.0630 0x14c0 \Device\Harddisk5\DR5: 17:02:30.0660 0x14c0 MBR partitions: 17:02:30.0660 0x14c0 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1B00800 17:02:30.0660 0x14c0 \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0x1B01800, BlocksNum 0x32000 17:02:30.0660 0x14c0 \Device\Harddisk5\DR5\Partition3: MBR, Type 0x7, StartLBA 0x1B33800, BlocksNum 0x3884B800 17:02:30.0660 0x14c0 ============================================================ 17:02:30.0691 0x14c0 C: <-> \Device\Harddisk2\DR2\Partition2 17:02:30.0724 0x14c0 G: <-> \Device\Harddisk2\DR2\Partition3 17:02:30.0749 0x14c0 Z: <-> \Device\Harddisk3\DR3\Partition3 17:02:30.0776 0x14c0 Y: <-> \Device\Harddisk3\DR3\Partition2 17:02:30.0798 0x14c0 X: <-> \Device\Harddisk3\DR3\Partition1 17:02:31.0565 0x14c0 W: <-> \Device\Harddisk1\DR1\Partition3 17:02:31.0580 0x14c0 V: <-> \Device\Harddisk1\DR1\Partition2 17:02:31.0595 0x14c0 U: <-> \Device\Harddisk1\DR1\Partition1 17:02:32.0240 0x14c0 T: <-> \Device\Harddisk0\DR0\Partition4 17:02:32.0253 0x14c0 S: <-> \Device\Harddisk0\DR0\Partition3 17:02:32.0266 0x14c0 R: <-> \Device\Harddisk0\DR0\Partition2 17:02:32.0690 0x14c0 P: <-> \Device\Harddisk4\DR4\Partition2 17:02:32.0730 0x14c0 F: <-> \Device\Harddisk4\DR4\Partition1 17:02:32.0802 0x14c0 H: <-> \Device\Harddisk5\DR5\Partition2 17:02:32.0823 0x14c0 I: <-> \Device\Harddisk5\DR5\Partition1 17:02:32.0840 0x14c0 D: <-> \Device\Harddisk5\DR5\Partition3 17:02:32.0841 0x14c0 ============================================================ 17:02:32.0841 0x14c0 Initialize success 17:02:32.0841 0x14c0 ============================================================ 17:02:34.0373 0x03bc ============================================================ 17:02:34.0373 0x03bc Scan started 17:02:34.0373 0x03bc Mode: Manual; 17:02:34.0373 0x03bc ============================================================ 17:02:34.0373 0x03bc KSN ping started 17:02:57.0024 0x03bc KSN ping finished: false 17:02:59.0167 0x03bc ================ Scan system memory ======================== 17:02:59.0167 0x03bc System memory - ok 17:02:59.0168 0x03bc ================ Scan services ============================= 17:02:59.0376 0x03bc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 17:02:59.0410 0x03bc 1394ohci - ok 17:02:59.0521 0x03bc [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 17:02:59.0553 0x03bc ACDaemon - ok 17:02:59.0583 0x03bc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 17:02:59.0595 0x03bc ACPI - ok 17:02:59.0610 0x03bc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 17:02:59.0616 0x03bc AcpiPmi - ok 17:02:59.0688 0x03bc [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:02:59.0709 0x03bc AdobeARMservice - ok 17:02:59.0827 0x03bc [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:02:59.0839 0x03bc AdobeFlashPlayerUpdateSvc - ok 17:02:59.0886 0x03bc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:02:59.0926 0x03bc adp94xx - ok 17:02:59.0949 0x03bc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:02:59.0978 0x03bc adpahci - ok 17:02:59.0999 0x03bc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:03:00.0016 0x03bc adpu320 - ok 17:03:00.0051 0x03bc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:03:00.0059 0x03bc AeLookupSvc - ok 17:03:00.0107 0x03bc [ 4AD765ED1F6B2BA2F65CD898EC33AF44, 409A1EED520165BD4AD70ADFD8AC7B42B9E1E17AC1F23572DEE5F70019D5C508 ] AF9035BDA C:\Windows\system32\Drivers\AF9035BDA.sys 17:03:00.0174 0x03bc AF9035BDA - ok 17:03:00.0259 0x03bc [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys 17:03:00.0272 0x03bc Afc - ok 17:03:00.0332 0x03bc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 17:03:00.0623 0x03bc AFD - ok 17:03:00.0641 0x03bc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 17:03:00.0649 0x03bc agp440 - ok 17:03:00.0661 0x03bc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 17:03:00.0669 0x03bc ALG - ok 17:03:00.0697 0x03bc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 17:03:00.0703 0x03bc aliide - ok 17:03:00.0745 0x03bc [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 17:03:00.0765 0x03bc AMD External Events Utility - ok 17:03:00.0846 0x03bc AMD FUEL Service - ok 17:03:00.0881 0x03bc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 17:03:00.0894 0x03bc amdide - ok 17:03:00.0913 0x03bc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:03:00.0930 0x03bc AmdK8 - ok 17:03:01.0405 0x03bc [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:03:01.0860 0x03bc amdkmdag - ok 17:03:01.0945 0x03bc [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 17:03:01.0971 0x03bc amdkmdap - ok 17:03:01.0995 0x03bc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 17:03:01.0998 0x03bc AmdPPM - ok 17:03:02.0037 0x03bc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 17:03:02.0058 0x03bc amdsata - ok 17:03:02.0086 0x03bc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 17:03:02.0372 0x03bc amdsbs - ok 17:03:02.0386 0x03bc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 17:03:02.0392 0x03bc amdxata - ok 17:03:02.0463 0x03bc [ 208D5E390FE712A826A1D26397E533E2, 935336D0BAB0E4E88A25E8887CC10650ED195AF022D50EA0B392FAB84245CD9A ] AmFSM C:\Windows\system32\DRIVERS\amm6460.sys 17:03:02.0483 0x03bc AmFSM - ok 17:03:02.0579 0x03bc [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 17:03:02.0784 0x03bc AntiVirSchedulerService - ok 17:03:02.0837 0x03bc [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 17:03:02.0848 0x03bc AntiVirService - ok 17:03:02.0934 0x03bc [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 17:03:03.0055 0x03bc AntiVirWebService - ok 17:03:03.0092 0x03bc [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 17:03:03.0268 0x03bc AODDriver4.3 - ok 17:03:03.0303 0x03bc [ B1A935537BE5C168C223946572E2EDD1, 8F41AD100A7A07500A27DBE0D2E6B81395E4B151950C53B5C659AA9F6982DC9F ] APPFLT C:\Windows\system32\Drivers\APPFLT64.SYS 17:03:03.0312 0x03bc APPFLT - ok 17:03:03.0359 0x03bc [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys 17:03:03.0374 0x03bc AppID - ok 17:03:03.0395 0x03bc [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll 17:03:03.0405 0x03bc AppIDSvc - ok 17:03:03.0447 0x03bc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 17:03:03.0457 0x03bc Appinfo - ok 17:03:03.0519 0x03bc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 17:03:03.0547 0x03bc AppMgmt - ok 17:03:03.0602 0x03bc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 17:03:03.0622 0x03bc arc - ok 17:03:03.0634 0x03bc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:03:03.0649 0x03bc arcsas - ok 17:03:03.0690 0x03bc [ 6D9C024AA8F24065A6DBEAB1F431D854, 1A3CA36F7321130924171967228F304E8B5FCAD624B6078877A44616BE186E9A ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 17:03:03.0710 0x03bc asmthub3 - ok 17:03:03.0767 0x03bc [ ECAD22F15D8F17CC04F24E9A6FB00F2F, DAE3042C7C0DC96D3EEF6AC763B57C729CE3557D740A3D2952B6EB7964F4AA45 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 17:03:03.0798 0x03bc asmtxhci - ok 17:03:03.0934 0x03bc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 17:03:03.0954 0x03bc aspnet_state - ok 17:03:03.0976 0x03bc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:03:03.0978 0x03bc AsyncMac - ok 17:03:04.0008 0x03bc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 17:03:04.0009 0x03bc atapi - ok 17:03:04.0053 0x03bc [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 17:03:04.0066 0x03bc AtiHDAudioService - ok 17:03:04.0135 0x03bc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:03:04.0150 0x03bc AudioEndpointBuilder - ok 17:03:04.0177 0x03bc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll 17:03:04.0188 0x03bc AudioSrv - ok 17:03:04.0256 0x03bc [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 17:03:04.0280 0x03bc avgntflt - ok 17:03:04.0323 0x03bc [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 17:03:04.0349 0x03bc avipbb - ok 17:03:04.0426 0x03bc [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 17:03:04.0443 0x03bc Avira.OE.ServiceHost - ok 17:03:04.0474 0x03bc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 17:03:04.0489 0x03bc avkmgr - ok 17:03:04.0551 0x03bc [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 17:03:04.0567 0x03bc avnetflt - ok 17:03:04.0630 0x03bc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 17:03:04.0659 0x03bc AxInstSV - ok 17:03:04.0705 0x03bc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 17:03:04.0940 0x03bc b06bdrv - ok 17:03:04.0990 0x03bc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 17:03:05.0025 0x03bc b57nd60a - ok 17:03:05.0048 0x03bc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 17:03:05.0065 0x03bc BDESVC - ok 17:03:05.0079 0x03bc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 17:03:05.0083 0x03bc Beep - ok 17:03:05.0132 0x03bc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 17:03:05.0162 0x03bc BFE - ok 17:03:05.0208 0x03bc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll 17:03:05.0233 0x03bc BITS - ok 17:03:05.0254 0x03bc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 17:03:05.0260 0x03bc blbdrive - ok 17:03:05.0305 0x03bc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:03:05.0324 0x03bc bowser - ok 17:03:05.0337 0x03bc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 17:03:05.0343 0x03bc BrFiltLo - ok 17:03:05.0352 0x03bc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 17:03:05.0357 0x03bc BrFiltUp - ok 17:03:05.0414 0x03bc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 17:03:05.0429 0x03bc BridgeMP - ok 17:03:05.0464 0x03bc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 17:03:05.0469 0x03bc Browser - ok 17:03:05.0493 0x03bc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 17:03:05.0522 0x03bc Brserid - ok 17:03:05.0538 0x03bc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 17:03:05.0547 0x03bc BrSerWdm - ok 17:03:05.0567 0x03bc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 17:03:05.0574 0x03bc BrUsbMdm - ok 17:03:05.0589 0x03bc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 17:03:05.0596 0x03bc BrUsbSer - ok 17:03:05.0656 0x03bc [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 17:03:05.0701 0x03bc BrYNSvc - ok 17:03:05.0739 0x03bc [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys 17:03:05.0746 0x03bc BTCFilterService - ok 17:03:05.0763 0x03bc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 17:03:05.0774 0x03bc BTHMODEM - ok 17:03:05.0834 0x03bc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 17:03:05.0855 0x03bc bthserv - ok 17:03:05.0906 0x03bc catchme - ok 17:03:05.0930 0x03bc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:03:05.0947 0x03bc cdfs - ok 17:03:06.0003 0x03bc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:03:06.0025 0x03bc cdrom - ok 17:03:06.0051 0x03bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 17:03:06.0059 0x03bc CertPropSvc - ok 17:03:06.0064 0x03bc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 17:03:06.0075 0x03bc circlass - ok 17:03:06.0120 0x03bc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 17:03:06.0149 0x03bc CLFS - ok 17:03:06.0211 0x03bc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:03:06.0238 0x03bc clr_optimization_v2.0.50727_32 - ok 17:03:06.0282 0x03bc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:03:06.0302 0x03bc clr_optimization_v2.0.50727_64 - ok 17:03:06.0367 0x03bc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:03:06.0392 0x03bc clr_optimization_v4.0.30319_32 - ok 17:03:06.0433 0x03bc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:03:06.0443 0x03bc clr_optimization_v4.0.30319_64 - ok 17:03:06.0465 0x03bc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 17:03:06.0473 0x03bc CmBatt - ok 17:03:06.0482 0x03bc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:03:06.0491 0x03bc cmdide - ok 17:03:06.0560 0x03bc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 17:03:06.0586 0x03bc CNG - ok 17:03:06.0618 0x03bc [ 8A64C45F467FB30C47A30AE2819DDD62, 667C28C8AFDA07BC9537BE214CCF2F29D0E4C6916D832DF2738907F3AC4A6971 ] ComFiltr C:\Windows\system32\DRIVERS\COMFiltr.sys 17:03:06.0627 0x03bc ComFiltr - ok 17:03:06.0673 0x03bc [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS 17:03:06.0686 0x03bc COMMONFX - ok 17:03:06.0732 0x03bc [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS 17:03:06.0737 0x03bc COMMONFX.SYS - ok 17:03:06.0749 0x03bc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 17:03:06.0759 0x03bc Compbatt - ok 17:03:06.0790 0x03bc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 17:03:06.0800 0x03bc CompositeBus - ok 17:03:06.0814 0x03bc COMSysApp - ok 17:03:06.0851 0x03bc cpuz136 - ok 17:03:06.0870 0x03bc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:03:06.0881 0x03bc crcdisk - ok 17:03:06.0920 0x03bc [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 17:03:06.0971 0x03bc Creative Audio Engine Licensing Service - ok 17:03:07.0026 0x03bc [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:03:07.0043 0x03bc CryptSvc - ok 17:03:07.0098 0x03bc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 17:03:07.0133 0x03bc CSC - ok 17:03:07.0164 0x03bc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 17:03:07.0188 0x03bc CscService - ok 17:03:07.0213 0x03bc [ 01BBD5CB85423B12E445209D243A49A9, 3E223E76ED97EB6A13E4A9957C564D2E5B1979ED1C3CCFBE687C18452C3EA3CD ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL 17:03:07.0229 0x03bc CT20XUT.DLL - ok 17:03:07.0277 0x03bc [ 095C566746217CD1482EDE40A70D87D2, FE8F9505C15E85222EC2DC21F239D9613EDB1E07FF4EE33A931AC0271A35B5B7 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys 17:03:07.0530 0x03bc ctac32k - ok 17:03:07.0581 0x03bc [ 157E2196FCCD002A2EDF3B06DF7B0C9A, 54FCAE9C37D64B66D0339B397F2C270095FCC47A33F0D59A3077E5DC37475796 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys 17:03:07.0627 0x03bc ctaud2k - ok 17:03:07.0655 0x03bc [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS 17:03:07.0690 0x03bc CTAUDFX - ok 17:03:07.0705 0x03bc CTAUDFX.DLL - ok 17:03:07.0762 0x03bc [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS 17:03:07.0773 0x03bc CTAUDFX.SYS - ok 17:03:07.0855 0x03bc [ 5CE3D0E1D1B3832EE052CFC442EEE0FA, 6B9DB2C350140ED547C7A96DB0EAD812E8987176B312C79AF52FC9B23EEEB8C4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 17:03:07.0909 0x03bc CTAudSvcService - ok 17:03:07.0925 0x03bc [ 06300545BEDF49B6A51FDFE1861F9CAF, EA1FF3A67DE3AAFD8A2F542B681FCD0720C4995C0FDB1E0ADF02203B45083F75 ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL 17:03:07.0941 0x03bc CTEAPSFX.DLL - ok 17:03:07.0965 0x03bc [ 2D902F8EC247F0ED0D458CDCAF786544, F027D63849C88A4714F391F0DFCFB56B36599BE410F53636457A3D6323AF6C6E ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL 17:03:07.0989 0x03bc CTEDSPFX.DLL - ok 17:03:08.0008 0x03bc [ 0D3F99CDA2BEA14E4911A698441F1A29, BEB89B59B241482B8771016F952DBE2553414F3BB1BAA5CBB3E464BE38401F7F ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL 17:03:08.0024 0x03bc CTEDSPIO.DLL - ok 17:03:08.0049 0x03bc [ 9D26AA450AC1CAADDE25F1621BA89842, 8C3316CE5BC1377FFB2D4378A4AA5D1979D96BBFBF6534A1EFDB966C34A47D25 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL 17:03:08.0074 0x03bc CTEDSPSY.DLL - ok 17:03:08.0094 0x03bc [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS 17:03:08.0105 0x03bc CTERFXFX - ok 17:03:08.0108 0x03bc CTERFXFX.DLL - ok 17:03:08.0119 0x03bc [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS 17:03:08.0123 0x03bc CTERFXFX.SYS - ok 17:03:08.0184 0x03bc [ FA6DCA331835997D2F7C83B9AAABC4BB, 47014DC40220461E4CA268C30AD4126226E9E4E1CF7818E7D11C7C5D154BB430 ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL 17:03:08.0324 0x03bc CTEXFIFX.DLL - ok 17:03:08.0344 0x03bc [ 9E6A0A3CA3825BB568D42F5F3CB09453, 0C2A69AAFF1841C81942E2A252F220F18EBE27E5E9D9619C3EB876C29854B1C0 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL 17:03:08.0352 0x03bc CTHWIUT.DLL - ok 17:03:08.0367 0x03bc [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C, 59DA2CAF7E4DF97072E71BCE29DEEA764E7552E7539B25BB38FBF9A9CDB0CFEC ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys 17:03:08.0373 0x03bc ctprxy2k - ok 17:03:08.0400 0x03bc [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS 17:03:08.0435 0x03bc CTSBLFX - ok 17:03:08.0438 0x03bc CTSBLFX.DLL - ok 17:03:08.0463 0x03bc [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS 17:03:08.0473 0x03bc CTSBLFX.SYS - ok 17:03:08.0489 0x03bc [ 065ADE032A044D518AB1407D3586B7D5, 09BA9FB3B5685775811C95A4C09EE9DF770AB6DC497211C99EC9A6216119CC9E ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys 17:03:08.0505 0x03bc ctsfm2k - ok 17:03:08.0571 0x03bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:03:08.0580 0x03bc DcomLaunch - ok 17:03:08.0663 0x03bc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 17:03:08.0700 0x03bc defragsvc - ok 17:03:08.0786 0x03bc [ 59D90B6A7FBC4CC712DD7C5868618480, ED7D7052D50B346CD1624D05ADDC33E030008D7EEE3AEDBA267F583BE51D859B ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe 17:03:08.0813 0x03bc DeviceMonitorService - ok 17:03:08.0865 0x03bc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:03:08.0880 0x03bc DfsC - ok 17:03:08.0917 0x03bc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 17:03:08.0934 0x03bc Dhcp - ok 17:03:08.0947 0x03bc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 17:03:08.0953 0x03bc discache - ok 17:03:08.0999 0x03bc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 17:03:09.0019 0x03bc Disk - ok 17:03:09.0055 0x03bc DisplayLinkUsbIo_x64 - ok 17:03:09.0097 0x03bc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 17:03:09.0131 0x03bc dmvsc - ok 17:03:09.0184 0x03bc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:03:09.0202 0x03bc Dnscache - ok 17:03:09.0219 0x03bc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 17:03:09.0228 0x03bc dot3svc - ok 17:03:09.0267 0x03bc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 17:03:09.0284 0x03bc DPS - ok 17:03:09.0329 0x03bc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:03:09.0337 0x03bc drmkaud - ok 17:03:09.0378 0x03bc [ 64648B677D5005749F2FE412254512B7, 3393EB54AF087ED480F1369A0E0959450207DE6D5EB74DDC33A5EAD338BA18AF ] DSAFLT C:\Windows\system32\Drivers\DSAFLT64.SYS 17:03:09.0392 0x03bc DSAFLT - ok 17:03:09.0453 0x03bc [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 17:03:09.0473 0x03bc dtsoftbus01 - ok 17:03:09.0540 0x03bc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:03:09.0566 0x03bc DXGKrnl - ok 17:03:09.0586 0x03bc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 17:03:09.0591 0x03bc EapHost - ok 17:03:09.0710 0x03bc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 17:03:09.0834 0x03bc ebdrv - ok 17:03:09.0864 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 17:03:09.0867 0x03bc EFS - ok 17:03:09.0954 0x03bc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:03:09.0998 0x03bc ehRecvr - ok 17:03:10.0009 0x03bc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 17:03:10.0024 0x03bc ehSched - ok 17:03:10.0058 0x03bc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:03:10.0092 0x03bc elxstor - ok 17:03:10.0102 0x03bc [ F380FF5D6D80CECC6DBBC15569757613, D882947D41396DB6E57691A7971B27664E7CB14475B48A37FC63D0BA3C908112 ] emupia C:\Windows\system32\drivers\emupia2k.sys 17:03:10.0307 0x03bc emupia - ok 17:03:10.0320 0x03bc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:03:10.0325 0x03bc ErrDev - ok 17:03:10.0379 0x03bc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 17:03:10.0398 0x03bc EventSystem - ok 17:03:10.0409 0x03bc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 17:03:10.0422 0x03bc exfat - ok 17:03:10.0438 0x03bc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:03:10.0456 0x03bc fastfat - ok 17:03:10.0518 0x03bc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 17:03:10.0544 0x03bc Fax - ok 17:03:10.0570 0x03bc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 17:03:10.0576 0x03bc fdc - ok 17:03:10.0590 0x03bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 17:03:10.0591 0x03bc fdPHost - ok 17:03:10.0601 0x03bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 17:03:10.0611 0x03bc FDResPub - ok 17:03:10.0622 0x03bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:03:10.0630 0x03bc FileInfo - ok 17:03:10.0646 0x03bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:03:10.0652 0x03bc Filetrace - ok 17:03:10.0662 0x03bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 17:03:10.0667 0x03bc flpydisk - ok 17:03:10.0686 0x03bc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:03:10.0710 0x03bc FltMgr - ok 17:03:10.0737 0x03bc [ 50C6C310A98108A94E985FD46B4E150C, BFBE859FA74EAF7C2B3B771FBBA642AEF33FB9FE2FBCB08A15D7DA80C89EFFA6 ] FNETMON C:\Windows\system32\Drivers\fnetm64.SYS 17:03:10.0743 0x03bc FNETMON - ok 17:03:10.0804 0x03bc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 17:03:10.0822 0x03bc FontCache - ok 17:03:10.0883 0x03bc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:03:10.0903 0x03bc FontCache3.0.0.0 - ok 17:03:10.0918 0x03bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 17:03:10.0927 0x03bc FsDepends - ok 17:03:10.0977 0x03bc [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 17:03:10.0996 0x03bc fssfltr - ok 17:03:11.0127 0x03bc [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 17:03:11.0246 0x03bc fsssvc - ok 17:03:11.0271 0x03bc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:03:11.0277 0x03bc Fs_Rec - ok 17:03:11.0340 0x03bc [ DA3973288935149A6EF1C45BF1B39B98, D02D0BFEC8AF504FD69871DFF7BE70DB6C5AFC2F585EA850B68CCBFC78EA36C0 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe 17:03:11.0615 0x03bc Futuremark SystemInfo Service - ok 17:03:11.0659 0x03bc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 17:03:11.0682 0x03bc fvevol - ok 17:03:11.0706 0x03bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:03:11.0713 0x03bc gagp30kx - ok 17:03:11.0801 0x03bc [ D19247FC720233111B68409891D907D2, EECEA7CDE335BC046F845A0995DACCDCC663B9973113949C405A2D115DE40895 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 17:03:11.0820 0x03bc Garmin Core Update Service - ok 17:03:11.0870 0x03bc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 17:03:11.0893 0x03bc gpsvc - ok 17:03:11.0935 0x03bc [ B785CE102259D0FDE230211FC10AC624, C1D22B13A58A69A0521DC4DB131136F25B1ADFA8F162F4F6CCC609FD2D695903 ] gpt_loader C:\Windows\system32\DRIVERS\gpt_loader.sys 17:03:11.0955 0x03bc gpt_loader - ok 17:03:11.0971 0x03bc GPUZ - ok 17:03:12.0042 0x03bc [ 82B68F585110AE8500A6D23623AE1F74, 1ADCFA2D77E3BB9BDCDD15DC21E7F6707823788A1CFB31ED959BC470595EE89B ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys 17:03:12.0356 0x03bc ha10kx2k - ok 17:03:12.0393 0x03bc [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 17:03:12.0400 0x03bc hamachi - ok 17:03:12.0561 0x03bc [ 1908A2C4593905FC16400A5AD30AC9F5, 261CA6FC8EEEDC8EB4DE94EF78261D89A2670B7BED0B5F7BB21756FB529F43FD ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 17:03:12.0827 0x03bc Hamachi2Svc - ok 17:03:12.0839 0x03bc [ 83F647F9ACE9192556F758E528024F68, 1007C2E3C8FDB3CB5FB3C336F9904AD076DC31BB263E633EF17E3813B9ED6EF6 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys 17:03:12.0852 0x03bc hap16v2k - ok 17:03:12.0861 0x03bc [ E815D29361DE89D24C8DBE3E5A7006C9, 2B9075CC6A2425D06E6C3CB77E0755727F8B0920575C660CF261981464D190F0 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys 17:03:12.0875 0x03bc hap17v2k - ok 17:03:12.0892 0x03bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 17:03:12.0899 0x03bc hcw85cir - ok 17:03:12.0946 0x03bc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:03:12.0995 0x03bc HdAudAddService - ok 17:03:13.0016 0x03bc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:03:13.0029 0x03bc HDAudBus - ok 17:03:13.0045 0x03bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 17:03:13.0051 0x03bc HidBatt - ok 17:03:13.0062 0x03bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:03:13.0069 0x03bc HidBth - ok 17:03:13.0076 0x03bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 17:03:13.0082 0x03bc HidIr - ok 17:03:13.0100 0x03bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll 17:03:13.0104 0x03bc hidserv - ok 17:03:13.0147 0x03bc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:03:13.0153 0x03bc HidUsb - ok 17:03:13.0180 0x03bc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:03:13.0193 0x03bc hkmsvc - ok 17:03:13.0213 0x03bc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 17:03:13.0235 0x03bc HomeGroupListener - ok 17:03:13.0266 0x03bc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 17:03:13.0273 0x03bc HomeGroupProvider - ok 17:03:13.0331 0x03bc [ 047F4C56DDBE001043B8EC6F2287A5DA, 9C1FCE9B90A9FA4E603DC7F03BE778B4815E78A1F498782834A9A96074740656 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys 17:03:13.0347 0x03bc hotcore3 - ok 17:03:13.0367 0x03bc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 17:03:13.0382 0x03bc HpSAMD - ok 17:03:13.0492 0x03bc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:03:13.0783 0x03bc HTTP - ok 17:03:13.0795 0x03bc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 17:03:13.0799 0x03bc hwpolicy - ok 17:03:13.0827 0x03bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:03:13.0847 0x03bc i8042prt - ok 17:03:13.0903 0x03bc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 17:03:14.0128 0x03bc iaStorV - ok 17:03:14.0159 0x03bc [ E3FC339DAC4DDF4A12188313DC4DA94F, B1C032FC24DF7938196198641C375C5A8E9C586BFB15E51C843258D6307DBFFC ] IDSFLT C:\Windows\system32\Drivers\IDSFLT64.SYS 17:03:14.0332 0x03bc IDSFLT - ok 17:03:14.0401 0x03bc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:03:14.0463 0x03bc idsvc - ok 17:03:14.0505 0x03bc IEEtwCollectorService - ok 17:03:14.0561 0x03bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:03:14.0782 0x03bc iirsp - ok 17:03:14.0849 0x03bc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 17:03:14.0884 0x03bc IKEEXT - ok 17:03:14.0914 0x03bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 17:03:14.0920 0x03bc intelide - ok 17:03:14.0946 0x03bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 17:03:14.0953 0x03bc intelppm - ok 17:03:14.0982 0x03bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:03:14.0995 0x03bc IPBusEnum - ok 17:03:14.0999 0x03bc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:03:15.0236 0x03bc IpFilterDriver - ok 17:03:15.0281 0x03bc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:03:15.0291 0x03bc iphlpsvc - ok 17:03:15.0307 0x03bc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 17:03:15.0315 0x03bc IPMIDRV - ok 17:03:15.0327 0x03bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 17:03:15.0512 0x03bc IPNAT - ok 17:03:15.0539 0x03bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:03:15.0544 0x03bc IRENUM - ok 17:03:15.0557 0x03bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:03:15.0564 0x03bc isapnp - ok 17:03:15.0609 0x03bc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 17:03:15.0657 0x03bc iScsiPrt - ok 17:03:15.0804 0x03bc [ E712A6B57943D65AA587655335EF9DAD, 8F3D46C1BA612EA845722B2D7C568BFE3AB00763094AE163EE8B5672D9D3B071 ] jswpsapi C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe 17:03:16.0242 0x03bc jswpsapi - ok 17:03:16.0283 0x03bc [ 5BE640E88814B77A9E84B4549B5DCC2C, 2ECF73254D701EFCC135B81EC951A76BCE5E74435521A061B05E9445C8D3C843 ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys 17:03:16.0312 0x03bc JSWPSLWF - ok 17:03:16.0342 0x03bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:03:16.0352 0x03bc kbdclass - ok 17:03:16.0364 0x03bc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:03:16.0371 0x03bc kbdhid - ok 17:03:16.0377 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 17:03:16.0379 0x03bc KeyIso - ok 17:03:16.0474 0x03bc [ 72ED0AA65F63047445943B1A4275FE83, C572DEF549F0C71EF0415B290138D616F9C5AC832C443787E73BCDB718028C7C ] ksaud C:\Windows\system32\drivers\ksaud.sys 17:03:16.0550 0x03bc ksaud - ok 17:03:16.0582 0x03bc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:03:16.0601 0x03bc KSecDD - ok 17:03:16.0639 0x03bc [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 17:03:16.0662 0x03bc KSecPkg - ok 17:03:16.0676 0x03bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 17:03:16.0682 0x03bc ksthunk - ok 17:03:16.0727 0x03bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 17:03:16.0769 0x03bc KtmRm - ok 17:03:16.0813 0x03bc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll 17:03:16.0829 0x03bc LanmanServer - ok 17:03:16.0871 0x03bc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:03:16.0882 0x03bc LanmanWorkstation - ok 17:03:16.0911 0x03bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:03:16.0922 0x03bc lltdio - ok 17:03:16.0983 0x03bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:03:17.0027 0x03bc lltdsvc - ok 17:03:17.0043 0x03bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:03:17.0048 0x03bc lmhosts - ok 17:03:17.0084 0x03bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:03:17.0099 0x03bc LSI_FC - ok 17:03:17.0115 0x03bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:03:17.0129 0x03bc LSI_SAS - ok 17:03:17.0148 0x03bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 17:03:17.0161 0x03bc LSI_SAS2 - ok 17:03:17.0182 0x03bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:03:17.0196 0x03bc LSI_SCSI - ok 17:03:17.0226 0x03bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 17:03:17.0240 0x03bc luafv - ok 17:03:17.0279 0x03bc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:03:17.0305 0x03bc Mcx2Svc - ok 17:03:17.0321 0x03bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 17:03:17.0328 0x03bc megasas - ok 17:03:17.0348 0x03bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 17:03:17.0550 0x03bc MegaSR - ok 17:03:17.0588 0x03bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 17:03:17.0590 0x03bc MMCSS - ok 17:03:17.0605 0x03bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 17:03:17.0611 0x03bc Modem - ok 17:03:17.0634 0x03bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:03:17.0636 0x03bc monitor - ok 17:03:17.0645 0x03bc motandroidusb - ok 17:03:17.0690 0x03bc [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 17:03:17.0702 0x03bc motccgp - ok 17:03:17.0710 0x03bc motccgpfl - ok 17:03:17.0761 0x03bc [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 17:03:17.0787 0x03bc Motorola Device Manager - ok 17:03:17.0822 0x03bc [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 17:03:17.0826 0x03bc MotoSwitchService - ok 17:03:17.0870 0x03bc [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys 17:03:17.0882 0x03bc Motousbnet - ok 17:03:17.0929 0x03bc [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys 17:03:17.0937 0x03bc motusbdevice - ok 17:03:17.0964 0x03bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:03:17.0981 0x03bc mouclass - ok 17:03:18.0004 0x03bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:03:18.0016 0x03bc mouhid - ok 17:03:18.0044 0x03bc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 17:03:18.0065 0x03bc mountmgr - ok 17:03:18.0119 0x03bc [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:03:18.0248 0x03bc MozillaMaintenance - ok 17:03:18.0263 0x03bc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 17:03:18.0274 0x03bc mpio - ok 17:03:18.0307 0x03bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:03:18.0315 0x03bc mpsdrv - ok 17:03:18.0343 0x03bc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 17:03:18.0374 0x03bc MpsSvc - ok 17:03:18.0398 0x03bc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:03:18.0408 0x03bc MRxDAV - ok 17:03:18.0442 0x03bc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:03:18.0465 0x03bc mrxsmb - ok 17:03:18.0493 0x03bc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:03:18.0519 0x03bc mrxsmb10 - ok 17:03:18.0536 0x03bc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:03:18.0548 0x03bc mrxsmb20 - ok 17:03:18.0583 0x03bc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 17:03:18.0591 0x03bc msahci - ok 17:03:18.0686 0x03bc [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 17:03:18.0706 0x03bc MSCamSvc - ok 17:03:18.0722 0x03bc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:03:18.0744 0x03bc msdsm - ok 17:03:18.0762 0x03bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 17:03:18.0777 0x03bc MSDTC - ok 17:03:18.0796 0x03bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:03:18.0802 0x03bc Msfs - ok 17:03:18.0813 0x03bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 17:03:18.0817 0x03bc mshidkmdf - ok 17:03:18.0848 0x03bc [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 17:03:18.0857 0x03bc MSHUSBVideo - ok 17:03:18.0871 0x03bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:03:18.0879 0x03bc msisadrv - ok 17:03:18.0912 0x03bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:03:18.0930 0x03bc MSiSCSI - ok 17:03:18.0935 0x03bc msiserver - ok 17:03:18.0971 0x03bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:03:18.0976 0x03bc MSKSSRV - ok 17:03:18.0988 0x03bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:03:18.0994 0x03bc MSPCLOCK - ok 17:03:19.0026 0x03bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:03:19.0030 0x03bc MSPQM - ok 17:03:19.0057 0x03bc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:03:19.0083 0x03bc MsRPC - ok 17:03:19.0107 0x03bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:03:19.0111 0x03bc mssmbios - ok 17:03:19.0140 0x03bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:03:19.0145 0x03bc MSTEE - ok 17:03:19.0156 0x03bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 17:03:19.0162 0x03bc MTConfig - ok 17:03:19.0180 0x03bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 17:03:19.0190 0x03bc Mup - ok 17:03:19.0253 0x03bc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 17:03:19.0265 0x03bc napagent - ok 17:03:19.0329 0x03bc NasPmService - ok 17:03:19.0362 0x03bc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:03:19.0388 0x03bc NativeWifiP - ok 17:03:19.0477 0x03bc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 17:03:19.0499 0x03bc NDIS - ok 17:03:19.0524 0x03bc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 17:03:19.0536 0x03bc NdisCap - ok 17:03:19.0579 0x03bc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:03:19.0591 0x03bc NdisTapi - ok 17:03:19.0622 0x03bc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:03:19.0637 0x03bc Ndisuio - ok 17:03:19.0654 0x03bc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:03:19.0671 0x03bc NdisWan - ok 17:03:19.0680 0x03bc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:03:19.0690 0x03bc NDProxy - ok 17:03:19.0724 0x03bc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:03:19.0733 0x03bc NetBIOS - ok 17:03:19.0760 0x03bc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 17:03:19.0788 0x03bc NetBT - ok 17:03:19.0849 0x03bc [ BA99A34A9B5EB737CE54BC0A7C596609, 580A0ED7BEBC77E62D7F21D2089950C63544C9A954F868B73D27D8D943D1661D ] NETFLTDI C:\Windows\system32\Drivers\NETTDI64.SYS 17:03:20.0057 0x03bc NETFLTDI - ok 17:03:20.0073 0x03bc [ FD0BFED656D9B26C22E439CC0EF5C771, CAA02795981EDD18985580C5C32FB4513B91149D73BD4625EDDEA59687A8387D ] NETIMFLT01060044 C:\Windows\system32\DRIVERS\n64i1644.sys |
03.12.2014, 17:20 | #10 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside 17:03:20.0257 0x03bc NETIMFLT01060044 - ok 17:03:20.0263 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 17:03:20.0265 0x03bc Netlogon - ok 17:03:20.0302 0x03bc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 17:03:20.0312 0x03bc Netman - ok 17:03:20.0353 0x03bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:03:20.0372 0x03bc NetMsmqActivator - ok 17:03:20.0407 0x03bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:03:20.0413 0x03bc NetPipeActivator - ok 17:03:20.0446 0x03bc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 17:03:20.0457 0x03bc netprofm - ok 17:03:20.0587 0x03bc [ 6193669D716B17F35BE1C80C675CAAD8, 4BF096FF7CEA6E36E241407048E75F2399F07BA39E0EF7D2F99AF9A849895728 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys 17:03:20.0799 0x03bc netr28ux - ok 17:03:20.0806 0x03bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:03:20.0809 0x03bc NetTcpActivator - ok 17:03:20.0814 0x03bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:03:20.0816 0x03bc NetTcpPortSharing - ok 17:03:20.0840 0x03bc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:03:20.0847 0x03bc nfrd960 - ok 17:03:20.0871 0x03bc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:03:20.0876 0x03bc NlaSvc - ok 17:03:20.0887 0x03bc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:03:20.0893 0x03bc Npfs - ok 17:03:20.0925 0x03bc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 17:03:20.0928 0x03bc nsi - ok 17:03:20.0937 0x03bc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:03:20.0942 0x03bc nsiproxy - ok 17:03:21.0067 0x03bc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:03:21.0456 0x03bc Ntfs - ok 17:03:21.0464 0x03bc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 17:03:21.0468 0x03bc Null - ok 17:03:21.0512 0x03bc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:03:21.0543 0x03bc nvraid - ok 17:03:21.0584 0x03bc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:03:21.0618 0x03bc nvstor - ok 17:03:21.0640 0x03bc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:03:21.0653 0x03bc nv_agp - ok 17:03:21.0667 0x03bc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 17:03:21.0676 0x03bc ohci1394 - ok 17:03:21.0698 0x03bc [ 85EA378116E2C4385993BA5124536FFC, C641A62375F846839ED2CDFDF09D2E3CE393AAEE99490B1E1338C81B6F4D7257 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys 17:03:21.0722 0x03bc ossrv - ok 17:03:21.0760 0x03bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 17:03:21.0769 0x03bc p2pimsvc - ok 17:03:21.0822 0x03bc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 17:03:21.0864 0x03bc p2psvc - ok 17:03:21.0953 0x03bc [ 54F00466439F749EDDF29CBA0BC1A28A, AFEFD02CDC8508E26641CB11FC0E6A674F9FD50233D621CF6DAD7A7C819971AC ] Panda Software Controller C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe 17:03:21.0957 0x03bc Panda Software Controller - ok 17:03:21.0976 0x03bc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 17:03:21.0985 0x03bc Parport - ok 17:03:22.0015 0x03bc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:03:22.0023 0x03bc partmgr - ok 17:03:22.0066 0x03bc [ 337A81B3FF34F9851D245D42A725FC22, D80AD090EDC3A80EB29A9105E98546EDF3DA22A8763EB0B8D037A9A85CE08C48 ] pavboot C:\Windows\system32\Drivers\pavboot64.sys 17:03:22.0072 0x03bc pavboot - ok 17:03:22.0115 0x03bc [ F458128A5321BB48DF7B3D8E279F6393, BD5E2A16A801049E326D54DDB3FC27E8B6DBB7FBB8DE02BFCD4F55B24DFB3D4F ] PAVFNSVR C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe 17:03:22.0143 0x03bc PAVFNSVR - ok 17:03:22.0200 0x03bc [ 2AE3F6B23448443BBEF5DE207159213B, 86FE0D23B49874864E0E2996C5DC0B4F13BF77FAB4F3F55F165EE9AA73A3A14F ] PavPrSrv C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe 17:03:22.0219 0x03bc PavPrSrv - ok 17:03:22.0265 0x03bc [ 4D8C2645A12FDDF9CD4A68DDE8496BEF, 4A2BD0A23CF342B6918A3950946CC574346E2A09C9DE93B235D3B99B8E4CB4FF ] PAVSRV C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe 17:03:22.0478 0x03bc PAVSRV - ok 17:03:22.0481 0x03bc PavTPK.sys - ok 17:03:22.0513 0x03bc [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll 17:03:22.0520 0x03bc PcaSvc - ok 17:03:22.0538 0x03bc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 17:03:22.0545 0x03bc pci - ok 17:03:22.0575 0x03bc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 17:03:22.0580 0x03bc pciide - ok 17:03:22.0617 0x03bc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 17:03:22.0658 0x03bc pcmcia - ok 17:03:22.0684 0x03bc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 17:03:22.0701 0x03bc pcw - ok 17:03:22.0828 0x03bc [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe 17:03:23.0489 0x03bc PDF Architect Helper Service - ok 17:03:23.0548 0x03bc [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe 17:03:24.0174 0x03bc PDF Architect Service - ok 17:03:24.0216 0x03bc [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:03:24.0264 0x03bc PEAUTH - ok 17:03:24.0336 0x03bc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 17:03:24.0360 0x03bc PeerDistSvc - ok 17:03:24.0451 0x03bc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 17:03:24.0501 0x03bc PerfHost - ok 17:03:24.0602 0x03bc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 17:03:24.0694 0x03bc pla - ok 17:03:24.0748 0x03bc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:03:24.0779 0x03bc PlugPlay - ok 17:03:24.0794 0x03bc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 17:03:24.0809 0x03bc PNRPAutoReg - ok 17:03:24.0845 0x03bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 17:03:24.0857 0x03bc PNRPsvc - ok 17:03:24.0922 0x03bc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:03:24.0932 0x03bc PolicyAgent - ok 17:03:24.0979 0x03bc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 17:03:24.0987 0x03bc Power - ok 17:03:25.0030 0x03bc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:03:25.0050 0x03bc PptpMiniport - ok 17:03:25.0084 0x03bc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 17:03:25.0101 0x03bc Processor - ok 17:03:25.0159 0x03bc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 17:03:25.0170 0x03bc ProfSvc - ok 17:03:25.0199 0x03bc Prot6Flt - ok 17:03:25.0213 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:03:25.0216 0x03bc ProtectedStorage - ok 17:03:25.0251 0x03bc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 17:03:25.0255 0x03bc Psched - ok 17:03:25.0300 0x03bc [ 532053E8E3BB8FA7166AB4E7685FDDCC, 30792CF8FE44F86583D28886829C6D4CCF302AC6AFE277787A52B7B1319F40FF ] PSHost c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.EXE 17:03:25.0324 0x03bc PSHost - ok 17:03:25.0360 0x03bc [ 196C450F2779D0B462C444DA4906EA7F, 405F801DD9AEB9D59B661F296626CE9955B7F3D6917BFC56566BD0C910948971 ] PSIMSVC C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe 17:03:25.0554 0x03bc PSIMSVC - ok 17:03:25.0604 0x03bc [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys 17:03:25.0626 0x03bc PSKMAD - ok 17:03:25.0669 0x03bc [ 341457B79B3FC31A80C346C767045879, 879C18AA177E7B72392BA46D0CB5691C7C5842C21A28AF79918DA807DEDAD30F ] PskSvcRetail C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe 17:03:25.0688 0x03bc PskSvcRetail - ok 17:03:25.0731 0x03bc [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe 17:03:25.0758 0x03bc PST Service - ok 17:03:25.0833 0x03bc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:03:26.0138 0x03bc ql2300 - ok 17:03:26.0152 0x03bc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:03:26.0327 0x03bc ql40xx - ok 17:03:26.0356 0x03bc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 17:03:26.0394 0x03bc QWAVE - ok 17:03:26.0406 0x03bc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:03:26.0414 0x03bc QWAVEdrv - ok 17:03:26.0432 0x03bc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:03:26.0438 0x03bc RasAcd - ok 17:03:26.0475 0x03bc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 17:03:26.0486 0x03bc RasAgileVpn - ok 17:03:26.0504 0x03bc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 17:03:26.0518 0x03bc RasAuto - ok 17:03:26.0544 0x03bc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:03:26.0559 0x03bc Rasl2tp - ok 17:03:26.0599 0x03bc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 17:03:26.0624 0x03bc RasMan - ok 17:03:26.0645 0x03bc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:03:26.0658 0x03bc RasPppoe - ok 17:03:26.0676 0x03bc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:03:26.0688 0x03bc RasSstp - ok 17:03:26.0724 0x03bc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:03:26.0754 0x03bc rdbss - ok 17:03:26.0772 0x03bc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 17:03:26.0780 0x03bc rdpbus - ok 17:03:26.0797 0x03bc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:03:26.0803 0x03bc RDPCDD - ok 17:03:26.0847 0x03bc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 17:03:26.0864 0x03bc RDPDR - ok 17:03:26.0882 0x03bc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:03:26.0888 0x03bc RDPENCDD - ok 17:03:26.0900 0x03bc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 17:03:26.0906 0x03bc RDPREFMP - ok 17:03:26.0974 0x03bc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 17:03:26.0985 0x03bc RdpVideoMiniport - ok 17:03:27.0030 0x03bc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:03:27.0059 0x03bc RDPWD - ok 17:03:27.0080 0x03bc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 17:03:27.0095 0x03bc rdyboost - ok 17:03:27.0124 0x03bc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:03:27.0136 0x03bc RemoteAccess - ok 17:03:27.0171 0x03bc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:03:27.0206 0x03bc RemoteRegistry - ok 17:03:27.0232 0x03bc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 17:03:27.0243 0x03bc RpcEptMapper - ok 17:03:27.0277 0x03bc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 17:03:27.0283 0x03bc RpcLocator - ok 17:03:27.0315 0x03bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll 17:03:27.0328 0x03bc RpcSs - ok 17:03:27.0336 0x03bc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:03:27.0345 0x03bc rspndr - ok 17:03:27.0415 0x03bc [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 17:03:27.0442 0x03bc RTL8167 - ok 17:03:27.0472 0x03bc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 17:03:27.0480 0x03bc s3cap - ok 17:03:27.0498 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 17:03:27.0502 0x03bc SamSs - ok 17:03:27.0519 0x03bc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:03:27.0535 0x03bc sbp2port - ok 17:03:27.0588 0x03bc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:03:27.0613 0x03bc SCardSvr - ok 17:03:27.0625 0x03bc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 17:03:27.0631 0x03bc scfilter - ok 17:03:27.0674 0x03bc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 17:03:27.0692 0x03bc Schedule - ok 17:03:27.0724 0x03bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 17:03:27.0726 0x03bc SCPolicySvc - ok 17:03:27.0744 0x03bc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:03:27.0772 0x03bc SDRSVC - ok 17:03:27.0787 0x03bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:03:27.0793 0x03bc secdrv - ok 17:03:27.0804 0x03bc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 17:03:27.0809 0x03bc seclogon - ok 17:03:27.0822 0x03bc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll 17:03:27.0825 0x03bc SENS - ok 17:03:27.0844 0x03bc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 17:03:27.0855 0x03bc SensrSvc - ok 17:03:27.0907 0x03bc [ D666EBEC6374B2018CF61EE204C3CF50, 4BA0C0370F0C13AADBAE9724660F13210554B0B84C405494521502C2F6DEF27E ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys 17:03:27.0931 0x03bc Ser2pl - ok 17:03:27.0951 0x03bc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 17:03:27.0958 0x03bc Serenum - ok 17:03:27.0973 0x03bc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 17:03:27.0983 0x03bc Serial - ok 17:03:28.0017 0x03bc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:03:28.0029 0x03bc sermouse - ok 17:03:28.0068 0x03bc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 17:03:28.0079 0x03bc SessionEnv - ok 17:03:28.0086 0x03bc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:03:28.0093 0x03bc sffdisk - ok 17:03:28.0101 0x03bc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:03:28.0106 0x03bc sffp_mmc - ok 17:03:28.0121 0x03bc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:03:28.0126 0x03bc sffp_sd - ok 17:03:28.0130 0x03bc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 17:03:28.0135 0x03bc sfloppy - ok 17:03:28.0186 0x03bc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:03:28.0221 0x03bc SharedAccess - ok 17:03:28.0254 0x03bc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:03:28.0271 0x03bc ShellHWDetection - ok 17:03:28.0323 0x03bc [ 03639A3B26AA808BAE79D89FDB4B151C, CE77E201541E9BECE6DF4F63F2F4269D561DD9D32275902F1ADE57EA19A57A13 ] ShldFlt C:\Windows\system32\DRIVERS\ShldFlt.sys 17:03:28.0340 0x03bc ShldFlt - ok 17:03:28.0373 0x03bc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 17:03:28.0384 0x03bc SiSRaid2 - ok 17:03:28.0403 0x03bc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:03:28.0416 0x03bc SiSRaid4 - ok 17:03:28.0446 0x03bc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:03:28.0458 0x03bc Smb - ok 17:03:28.0494 0x03bc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:03:28.0504 0x03bc SNMPTRAP - ok 17:03:28.0573 0x03bc [ 52721183C4CD1BED92C0E7430134A2E4, 2EF0C1A21C36F2FD4D0E2266233770E0A3C88F02DA5056B2B854723AAB403192 ] SolarWinds TFTP Server C:\Program Files (x86)\SolarWinds\TFTP Server\SolarWinds TFTP Server.exe 17:03:28.0583 0x03bc SolarWinds TFTP Server - ok 17:03:28.0591 0x03bc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 17:03:28.0601 0x03bc spldr - ok 17:03:28.0653 0x03bc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 17:03:28.0678 0x03bc Spooler - ok 17:03:28.0800 0x03bc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 17:03:28.0887 0x03bc sppsvc - ok 17:03:28.0902 0x03bc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 17:03:28.0913 0x03bc sppuinotify - ok 17:03:28.0948 0x03bc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 17:03:29.0148 0x03bc srv - ok 17:03:29.0173 0x03bc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:03:29.0188 0x03bc srv2 - ok 17:03:29.0219 0x03bc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:03:29.0228 0x03bc srvnet - ok 17:03:29.0246 0x03bc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:03:29.0250 0x03bc SSDPSRV - ok 17:03:29.0264 0x03bc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:03:29.0269 0x03bc SstpSvc - ok 17:03:29.0344 0x03bc [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 17:03:30.0020 0x03bc Steam Client Service - ok 17:03:30.0034 0x03bc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 17:03:30.0040 0x03bc stexstor - ok 17:03:30.0076 0x03bc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 17:03:30.0093 0x03bc stisvc - ok 17:03:30.0126 0x03bc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 17:03:30.0134 0x03bc storflt - ok 17:03:30.0160 0x03bc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 17:03:30.0167 0x03bc storvsc - ok 17:03:30.0176 0x03bc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:03:30.0181 0x03bc swenum - ok 17:03:30.0207 0x03bc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 17:03:30.0240 0x03bc swprv - ok 17:03:30.0268 0x03bc [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys 17:03:30.0268 0x03bc Synth3dVsc - ok 17:03:30.0331 0x03bc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 17:03:30.0362 0x03bc SysMain - ok 17:03:30.0377 0x03bc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:03:30.0377 0x03bc TabletInputService - ok 17:03:30.0393 0x03bc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 17:03:30.0409 0x03bc TapiSrv - ok 17:03:30.0409 0x03bc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 17:03:30.0409 0x03bc TBS - ok 17:03:30.0533 0x03bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:03:30.0878 0x03bc Tcpip - ok 17:03:30.0940 0x03bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 17:03:30.0971 0x03bc TCPIP6 - ok 17:03:31.0002 0x03bc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:03:31.0018 0x03bc tcpipreg - ok 17:03:31.0034 0x03bc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:03:31.0049 0x03bc TDPIPE - ok 17:03:31.0080 0x03bc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:03:31.0112 0x03bc TDTCP - ok 17:03:31.0190 0x03bc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:03:31.0221 0x03bc tdx - ok 17:03:31.0470 0x03bc [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 17:03:31.0533 0x03bc TeamViewer9 - ok 17:03:31.0580 0x03bc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:03:31.0595 0x03bc TermDD - ok 17:03:31.0642 0x03bc [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys 17:03:31.0658 0x03bc terminpt - ok 17:03:31.0720 0x03bc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 17:03:31.0751 0x03bc TermService - ok 17:03:31.0767 0x03bc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 17:03:31.0782 0x03bc Themes - ok 17:03:31.0798 0x03bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 17:03:31.0814 0x03bc THREADORDER - ok 17:03:31.0845 0x03bc [ 71D19B5D542B6EEA00C99D9984DC901F, 5AD751826B52646BBC2C1CE7085B74B964E858F745AFA8CDD8860882346B225A ] TPSrv C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe 17:03:31.0845 0x03bc TPSrv - ok 17:03:31.0876 0x03bc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 17:03:31.0892 0x03bc TrkWks - ok 17:03:31.0954 0x03bc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:03:31.0970 0x03bc TrustedInstaller - ok 17:03:32.0016 0x03bc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:03:32.0016 0x03bc tssecsrv - ok 17:03:32.0064 0x03bc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 17:03:32.0080 0x03bc TsUsbFlt - ok 17:03:32.0127 0x03bc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 17:03:32.0142 0x03bc TsUsbGD - ok 17:03:32.0189 0x03bc [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 17:03:32.0205 0x03bc tsusbhub - ok 17:03:32.0236 0x03bc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:03:32.0423 0x03bc tunnel - ok 17:03:32.0454 0x03bc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:03:32.0454 0x03bc uagp35 - ok 17:03:32.0470 0x03bc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:03:32.0501 0x03bc udfs - ok 17:03:32.0517 0x03bc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:03:32.0517 0x03bc UI0Detect - ok 17:03:32.0548 0x03bc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:03:32.0563 0x03bc uliagpkx - ok 17:03:32.0610 0x03bc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:03:32.0626 0x03bc umbus - ok 17:03:32.0641 0x03bc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 17:03:32.0657 0x03bc UmPass - ok 17:03:32.0704 0x03bc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 17:03:32.0735 0x03bc UmRdpService - ok 17:03:32.0751 0x03bc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 17:03:32.0766 0x03bc upnphost - ok 17:03:32.0797 0x03bc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:03:32.0813 0x03bc usbaudio - ok 17:03:32.0844 0x03bc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:03:32.0860 0x03bc usbccgp - ok 17:03:32.0891 0x03bc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:03:32.0907 0x03bc usbcir - ok 17:03:32.0922 0x03bc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:03:32.0922 0x03bc usbehci - ok 17:03:32.0953 0x03bc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:03:32.0969 0x03bc usbhub - ok 17:03:33.0000 0x03bc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 17:03:33.0000 0x03bc usbohci - ok 17:03:33.0016 0x03bc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 17:03:33.0016 0x03bc usbprint - ok 17:03:33.0063 0x03bc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:03:33.0078 0x03bc USBSTOR - ok 17:03:33.0094 0x03bc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 17:03:33.0109 0x03bc usbuhci - ok 17:03:33.0156 0x03bc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:03:33.0187 0x03bc usbvideo - ok 17:03:33.0203 0x03bc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 17:03:33.0203 0x03bc UxSms - ok 17:03:33.0219 0x03bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 17:03:33.0219 0x03bc VaultSvc - ok 17:03:33.0234 0x03bc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 17:03:33.0234 0x03bc vdrvroot - ok 17:03:33.0265 0x03bc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 17:03:33.0312 0x03bc vds - ok 17:03:33.0328 0x03bc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:03:33.0343 0x03bc vga - ok 17:03:33.0359 0x03bc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 17:03:33.0359 0x03bc VgaSave - ok 17:03:33.0359 0x03bc VGPU - ok 17:03:33.0375 0x03bc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 17:03:33.0390 0x03bc vhdmp - ok 17:03:33.0421 0x03bc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 17:03:33.0437 0x03bc viaide - ok 17:03:33.0468 0x03bc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 17:03:33.0625 0x03bc vmbus - ok 17:03:33.0641 0x03bc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 17:03:33.0641 0x03bc VMBusHID - ok 17:03:33.0672 0x03bc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:03:33.0672 0x03bc volmgr - ok 17:03:33.0719 0x03bc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:03:33.0750 0x03bc volmgrx - ok 17:03:33.0766 0x03bc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:03:33.0781 0x03bc volsnap - ok 17:03:33.0812 0x03bc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:03:33.0828 0x03bc vsmraid - ok 17:03:33.0890 0x03bc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 17:03:33.0922 0x03bc VSS - ok 17:03:33.0937 0x03bc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 17:03:33.0937 0x03bc vwifibus - ok 17:03:33.0984 0x03bc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys 17:03:34.0000 0x03bc VWiFiFlt - ok 17:03:34.0031 0x03bc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 17:03:34.0046 0x03bc vwifimp - ok 17:03:34.0078 0x03bc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 17:03:34.0124 0x03bc W32Time - ok 17:03:34.0156 0x03bc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:03:34.0171 0x03bc WacomPen - ok 17:03:34.0218 0x03bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 17:03:34.0234 0x03bc WANARP - ok 17:03:34.0249 0x03bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:03:34.0249 0x03bc Wanarpv6 - ok 17:03:34.0343 0x03bc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 17:03:34.0436 0x03bc wbengine - ok 17:03:34.0452 0x03bc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 17:03:34.0468 0x03bc WbioSrvc - ok 17:03:34.0483 0x03bc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:03:34.0499 0x03bc wcncsvc - ok 17:03:34.0514 0x03bc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:03:34.0514 0x03bc WcsPlugInService - ok 17:03:34.0530 0x03bc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 17:03:34.0546 0x03bc Wd - ok 17:03:34.0624 0x03bc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:03:34.0655 0x03bc Wdf01000 - ok 17:03:34.0670 0x03bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:03:34.0686 0x03bc WdiServiceHost - ok 17:03:34.0686 0x03bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:03:34.0686 0x03bc WdiSystemHost - ok 17:03:34.0733 0x03bc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 17:03:34.0764 0x03bc WebClient - ok 17:03:34.0780 0x03bc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:03:34.0811 0x03bc Wecsvc - ok 17:03:34.0826 0x03bc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:03:34.0826 0x03bc wercplsupport - ok 17:03:34.0858 0x03bc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 17:03:34.0858 0x03bc WerSvc - ok 17:03:34.0873 0x03bc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 17:03:34.0873 0x03bc WfpLwf - ok 17:03:34.0889 0x03bc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 17:03:34.0889 0x03bc WIMMount - ok 17:03:34.0920 0x03bc WinDefend - ok 17:03:34.0936 0x03bc WinHttpAutoProxySvc - ok 17:03:35.0014 0x03bc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:03:35.0045 0x03bc Winmgmt - ok 17:03:35.0139 0x03bc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 17:03:35.0233 0x03bc WinRM - ok 17:03:35.0295 0x03bc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 17:03:35.0295 0x03bc WinUsb - ok 17:03:35.0373 0x03bc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 17:03:35.0405 0x03bc Wlansvc - ok 17:03:35.0576 0x03bc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:03:35.0607 0x03bc wlidsvc - ok 17:03:35.0623 0x03bc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 17:03:35.0623 0x03bc WmiAcpi - ok 17:03:35.0670 0x03bc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:03:35.0717 0x03bc wmiApSrv - ok 17:03:35.0732 0x03bc WMPNetworkSvc - ok 17:03:35.0779 0x03bc [ C1B61612FCCC6E750AD0A6E19C77EE85, 9B99E52B1D74BAC34A338681689A18C8E6C57F6AE9C5E52B7BF5561B0867CD74 ] WNMFLT C:\Windows\system32\Drivers\WNMFLT64.SYS 17:03:35.0795 0x03bc WNMFLT - ok 17:03:35.0810 0x03bc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:03:35.0826 0x03bc WPCSvc - ok 17:03:35.0857 0x03bc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:03:35.0857 0x03bc WPDBusEnum - ok 17:03:35.0888 0x03bc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:03:35.0904 0x03bc ws2ifsl - ok 17:03:35.0935 0x03bc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll 17:03:35.0935 0x03bc wscsvc - ok 17:03:35.0935 0x03bc WSearch - ok 17:03:36.0075 0x03bc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 17:03:36.0107 0x03bc wuauserv - ok 17:03:36.0153 0x03bc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 17:03:36.0169 0x03bc WudfPf - ok 17:03:36.0216 0x03bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:03:36.0247 0x03bc WUDFRd - ok 17:03:36.0278 0x03bc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:03:36.0294 0x03bc wudfsvc - ok 17:03:36.0341 0x03bc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 17:03:36.0372 0x03bc WwanSvc - ok 17:03:36.0450 0x03bc ================ Scan global =============================== 17:03:36.0465 0x03bc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 17:03:36.0512 0x03bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 17:03:36.0543 0x03bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 17:03:36.0590 0x03bc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 17:03:36.0654 0x03bc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 17:03:36.0654 0x03bc [ Global ] - ok 17:03:36.0654 0x03bc ================ Scan MBR ================================== 17:03:36.0669 0x03bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:03:36.0669 0x03bc \Device\Harddisk0\DR0 - ok 17:03:36.0669 0x03bc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 17:03:36.0685 0x03bc \Device\Harddisk1\DR1 - ok 17:03:36.0685 0x03bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 17:03:36.0934 0x03bc \Device\Harddisk2\DR2 - ok 17:03:36.0934 0x03bc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 17:03:36.0950 0x03bc \Device\Harddisk3\DR3 - ok 17:03:36.0950 0x03bc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4 17:03:37.0652 0x03bc \Device\Harddisk4\DR4 - ok 17:03:37.0995 0x03bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5 17:03:38.0573 0x03bc \Device\Harddisk5\DR5 - ok 17:03:38.0573 0x03bc ================ Scan VBR ================================== 17:03:38.0573 0x03bc [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1 17:03:38.0573 0x03bc \Device\Harddisk0\DR0\Partition1 - ok 17:03:38.0573 0x03bc [ 4E5A47B84A1239387D669885C7827CC8 ] \Device\Harddisk0\DR0\Partition2 17:03:39.0244 0x03bc \Device\Harddisk0\DR0\Partition2 - ok 17:03:39.0260 0x03bc [ 6F9F84AB1878B8A871345C498291C159 ] \Device\Harddisk0\DR0\Partition3 17:03:39.0307 0x03bc \Device\Harddisk0\DR0\Partition3 - ok 17:03:39.0307 0x03bc [ 845321655D80268BD1D82FCD9D8E3D2C ] \Device\Harddisk0\DR0\Partition4 17:03:39.0338 0x03bc \Device\Harddisk0\DR0\Partition4 - ok 17:03:39.0353 0x03bc [ FB945DD791BFE566800D6A2B0A4D3E3A ] \Device\Harddisk1\DR1\Partition1 17:03:40.0103 0x03bc \Device\Harddisk1\DR1\Partition1 - ok 17:03:40.0103 0x03bc [ CFFEE9CE09946EBF82E3F72635A4EF4B ] \Device\Harddisk1\DR1\Partition2 17:03:40.0166 0x03bc \Device\Harddisk1\DR1\Partition2 - ok 17:03:40.0181 0x03bc [ C42CF0781D12937FB2EB63567D450101 ] \Device\Harddisk1\DR1\Partition3 17:03:40.0244 0x03bc \Device\Harddisk1\DR1\Partition3 - ok 17:03:40.0244 0x03bc [ 3D79E7F9772019C5CA4D0EB412F6C4CB ] \Device\Harddisk2\DR2\Partition1 17:03:40.0244 0x03bc \Device\Harddisk2\DR2\Partition1 - ok 17:03:40.0244 0x03bc [ CB17264DFFEF8A045B19F64B9DD3B19F ] \Device\Harddisk2\DR2\Partition2 17:03:40.0244 0x03bc \Device\Harddisk2\DR2\Partition2 - ok 17:03:40.0259 0x03bc [ 7EE1EF8432962E1703DE5E005F067647 ] \Device\Harddisk2\DR2\Partition3 17:03:40.0259 0x03bc \Device\Harddisk2\DR2\Partition3 - ok 17:03:40.0259 0x03bc [ 4DA69DC166266ADF8DF099EAAA49F585 ] \Device\Harddisk3\DR3\Partition1 17:03:40.0930 0x03bc \Device\Harddisk3\DR3\Partition1 - ok 17:03:40.0946 0x03bc [ 85F66079C7644EEAEFA95DE2A1305C2A ] \Device\Harddisk3\DR3\Partition2 17:03:40.0977 0x03bc \Device\Harddisk3\DR3\Partition2 - ok 17:03:40.0977 0x03bc [ 8011BE736890ABFA6FBC1F982F14CCFE ] \Device\Harddisk3\DR3\Partition3 17:03:41.0024 0x03bc \Device\Harddisk3\DR3\Partition3 - ok 17:03:41.0024 0x03bc [ C2BDA3BFE14B6909D193978F0339F9F3 ] \Device\Harddisk4\DR4\Partition1 17:03:41.0508 0x03bc \Device\Harddisk4\DR4\Partition1 - ok 17:03:41.0508 0x03bc [ D5D5C85638A3BEDAD379ECC51F2EDB93 ] \Device\Harddisk4\DR4\Partition2 17:03:41.0586 0x03bc \Device\Harddisk4\DR4\Partition2 - ok 17:03:41.0586 0x03bc [ D5F057BA1333A4CE1EC319B900E6674E ] \Device\Harddisk4\DR4\Partition3 17:03:41.0586 0x03bc \Device\Harddisk4\DR4\Partition3 - ok 17:03:41.0602 0x03bc [ 02B47C5D76273CDED1C12A459BFE3080 ] \Device\Harddisk5\DR5\Partition1 17:03:41.0602 0x03bc \Device\Harddisk5\DR5\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 ) 17:03:41.0602 0x03bc \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - infected 17:03:41.0602 0x03bc [ 0FD1B24EED5EE77991202DC2534D943B ] \Device\Harddisk5\DR5\Partition2 17:03:41.0617 0x03bc \Device\Harddisk5\DR5\Partition2 - ok 17:03:41.0617 0x03bc [ 26F016019ED598CA7DE39D870D309E5A ] \Device\Harddisk5\DR5\Partition3 17:03:41.0617 0x03bc \Device\Harddisk5\DR5\Partition3 - ok 17:03:41.0617 0x03bc ================ Scan generic autorun ====================== 17:03:41.0617 0x03bc Creative SB Monitoring Utility - ok 17:03:41.0695 0x03bc [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 17:03:41.0727 0x03bc ArcSoft Connection Service - ok 17:03:41.0805 0x03bc [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 17:03:42.0085 0x03bc Adobe ARM - ok 17:03:42.0210 0x03bc [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe 17:03:42.0257 0x03bc LifeCam - ok 17:03:42.0397 0x03bc [ F9413654DBA2F81CA2FDC827C41BDF6E, 3C8FBD4813371AB372BF05E0D56B9949216302C07EF954C1777A4A35623D819F ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE 17:03:42.0413 0x03bc APVXDWIN - ok 17:03:42.0429 0x03bc [ 1CB26EC6478D64AA834802C74518561B, FB222950869236B66F6E7DD987AFC8688F59B0D0FC5B060B07FBEF003BCF0709 ] C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe 17:03:42.0444 0x03bc SCANINICIO - ok 17:03:42.0522 0x03bc [ 1B22422DC7EAA39E86820387C5AA1CB4, 365F4E690EDCF1FB86D88858456997E8433D6FDBEC384853D866EEA91F3ACE77 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe 17:03:42.0553 0x03bc DivXMediaServer - ok 17:03:42.0663 0x03bc [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 17:03:42.0694 0x03bc DivXUpdate - ok 17:03:42.0851 0x03bc [ 3CD9C60B23D870700F63AD4755364902, 0E02E5AAE14613286F486DB1F1F257E047B9F3FDF18480869274C1C1A2C735AF ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 17:03:42.0898 0x03bc LogMeIn Hamachi Ui - ok 17:03:42.0913 0x03bc AsioThk32Reg - ok 17:03:43.0007 0x03bc [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 17:03:43.0022 0x03bc avgnt - ok 17:03:43.0147 0x03bc [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 17:03:43.0178 0x03bc StartCCC - ok 17:03:43.0303 0x03bc [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 17:03:43.0381 0x03bc BrStsMon00 - ok 17:03:43.0428 0x03bc [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 17:03:43.0444 0x03bc Avira Systray - ok 17:03:43.0475 0x03bc [ 38429BDE3F544D3B38CF3DFE4691688B, E0D2E93156C4A0ACD6B0AD833834F92520CE0935F8C864D5719EBC0582C0C3BE ] C:\Program Files (x86)\Raptr\raptrstub.exe 17:03:43.0490 0x03bc Raptr - ok 17:03:43.0568 0x03bc [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 17:03:43.0584 0x03bc SunJavaUpdateSched - ok 17:03:43.0662 0x03bc [ 5224410189A80F65C4C5841311603350, 146F417791ED827CBD848C08DDB00EB22D3F8CAC7DC24F3CB27F34E9C1A0913C ] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk 17:03:43.0662 0x03bc MotoCast - ok 17:03:43.0834 0x03bc [ AFE3883FB37A5567C913E7DFCF2924A5, 3CA38EE302E0FF343DB87AE90DA868DCE5B7B490C2AA32164AF8DD4773482265 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 17:03:44.0099 0x03bc DAEMON Tools Lite - ok 17:03:44.0224 0x03bc [ F922C7051474DF6A41770D8C6C90A97C, 558F009485C04B531E08C144612C32DA4AF3A960BB7442E712F2687A546D05B4 ] C:\Users\Jan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 17:03:44.0474 0x03bc AmazonMP3DownloaderHelper - ok 17:03:44.0599 0x03bc [ 67532439BB1556CC64A551FDC4CD881E, 31841C350C6247F31D0FF61B6F70B4D713FBAB59AD7927F497014D1AF2B7FE98 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 17:03:44.0615 0x03bc GarminExpressTrayApp - ok 17:03:44.0864 0x03bc [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Jan\AppData\Local\Amazon Music\Amazon Music Helper.exe 17:03:44.0942 0x03bc Amazon Music - ok 17:03:45.0192 0x03bc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x40000 ( disabled : updated ) 17:03:45.0254 0x03bc AV detected via SS2: Panda Global Protection 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x51000 ( enabled : updated ) 17:03:45.0254 0x03bc FW detected via SS2: Panda Personal Firewall 2013, C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe ( 13.11.10.27 ), 0x50010 ( disabled ) 17:03:45.0254 0x03bc Win FW state via NFP2: enabled 17:03:45.0254 0x03bc ============================================================ 17:03:45.0254 0x03bc Scan finished 17:03:45.0254 0x03bc ============================================================ 17:03:45.0254 0x1158 Detected object count: 1 17:03:45.0254 0x1158 Actual detected object count: 1 17:03:58.0836 0x1158 \Device\Harddisk5\DR5\Partition1 - copied to quarantine 17:03:58.0836 0x1158 \Device\Harddisk5\DR5\Partition1 - processing error 17:04:03.0831 0x1158 \Device\Harddisk5\DR5\Partition1 - processing error 17:04:03.0831 0x1158 \Device\Harddisk5\DR5\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure Restore 17:16:42.0901 0x1ab8 Deinitialize success |
04.12.2014, 11:35 | #11 |
/// the machine /// TB-Ausbilder | Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Wählst Du Cure oder Delete=?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.12.2014, 19:07 | #12 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Hallo ! Delete steht bei TDSS garnicht zur Auswahl. Nur Cure Skip Restore meine ich. Antivir meint es wären immernoch alles Partitionen infiziert, TDSS sagt nur noch eine. Hab mal Spybot drüber Scannen lassen. Dann ging Antivir an (Das ist die vervirte externe Win Partition) D:\ProgramData\Windows Genuine Advantage\{AD369CCF-9EC0-4D9C-BF84-D40D52489D60}\msiexec.exe 04.12.2014,16:43:50 [FUND] Ist das Trojanische Pferd TR/Spy.ZBot.tkwig! Panda erkannte das Ding als Trj/Genetic.gen Danach wurde ein weiterer Fall entdeckt: D Users "Nutzername" Appdata Local Temp UPDATEFLASHPLAYER_42E34D74.EXE > Trj/Chgt.D Mal 2 Scanlogs Konfiguration für den aktuellen Suchlauf: Job Name..............................: Manuelle Auswahl Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\folder.avp Protokollierung.......................: standard Primäre Aktion........................: Interaktiv Sekundäre Aktion......................: Ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: D:, I:, Durchsuche aktive Programme...........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: aus Integritätsprüfung von Systemdateien..: aus Prüfe alle Dateien....................: Intelligente Dateiauswahl Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: Vollständig Abweichende Gefahrenkategorien........: +APPL, Beginn des Suchlaufs: Donnerstag, 4. Dezember 2014 16:56 Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'HDD5(D:, I' [FUND] Enthält Code des Bootsektorvirus BOO/Cidox.B Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht Durchsuche Prozess 'PskSvc.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'TPSrvWow.exe' - '56' Modul(e) wurden durchsucht Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '111' Modul(e) wurden durchsucht Durchsuche Prozess 'WebProxy.exe' - '141' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '164' Modul(e) wurden durchsucht Durchsuche Prozess 'CTAudSvc.exe' - '34' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'atieclxx.exe' - '48' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '70' Modul(e) wurden durchsucht Durchsuche Prozess 'spoolsv.exe' - '87' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht Durchsuche Prozess 'ACService.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'Fuel.Service.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '141' Modul(e) wurden durchsucht Durchsuche Prozess 'NServiceEntry.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'taskhost.exe' - '72' Modul(e) wurden durchsucht Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'Explorer.EXE' - '221' Modul(e) wurden durchsucht Durchsuche Prozess 'rundll32.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'MotoCast.exe' - '83' Modul(e) wurden durchsucht Durchsuche Prozess 'ExpressTray.exe' - '138' Modul(e) wurden durchsucht Durchsuche Prozess 'Amazon Music Helper.exe' - '67' Modul(e) wurden durchsucht Durchsuche Prozess 'TMMonitor.exe' - '91' Modul(e) wurden durchsucht Durchsuche Prozess 'ACDaemon.exe' - '61' Modul(e) wurden durchsucht Durchsuche Prozess 'ApVxdWin.exe' - '144' Modul(e) wurden durchsucht Durchsuche Prozess 'DivXUpdate.exe' - '78' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '128' Modul(e) wurden durchsucht Durchsuche Prozess 'conhost.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'Avira.OE.Systray.exe' - '139' Modul(e) wurden durchsucht Durchsuche Prozess 'jusched.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'MOM.exe' - '101' Modul(e) wurden durchsucht Durchsuche Prozess 'nassche.exe' - '44' Modul(e) wurden durchsucht Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'CCC.exe' - '270' Modul(e) wurden durchsucht Durchsuche Prozess 'nassvc.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'MotoCast-thumbnailer.exe' - '158' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.exe' - '24' Modul(e) wurden durchsucht Durchsuche Prozess 'PsCtrls.exe' - '102' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.bin' - '104' Modul(e) wurden durchsucht Durchsuche Prozess 'PavFnSvr.exe' - '111' Modul(e) wurden durchsucht Durchsuche Prozess 'pavprsrv.exe' - '15' Modul(e) wurden durchsucht Durchsuche Prozess 'pavsrvx86.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'AVENGINE.EXE' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'HelperService.exe' - '60' Modul(e) wurden durchsucht Durchsuche Prozess 'ConversionService.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'PSHOST.EXE' - '59' Modul(e) wurden durchsucht Durchsuche Prozess 'PsImSvc.exe' - '43' Modul(e) wurden durchsucht Durchsuche Prozess 'ForwardDaemon.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'SolarWinds TFTP Server.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'TeamViewer_Service.exe' - '106' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '69' Modul(e) wurden durchsucht Durchsuche Prozess 'SRVLOAD.EXE' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '128' Modul(e) wurden durchsucht Durchsuche Prozess 'Garmin.Cartography.MapUpdate.CoreService.exe' - '127' Modul(e) wurden durchsucht Durchsuche Prozess 'raptr.exe' - '135' Modul(e) wurden durchsucht Durchsuche Prozess 'TeamViewer.exe' - '123' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht Durchsuche Prozess 'tv_w32.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'tv_x64.exe' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'raptr_im.exe' - '107' Modul(e) wurden durchsucht Durchsuche Prozess 'raptr_ep64.exe' - '42' Modul(e) wurden durchsucht Durchsuche Prozess 'firefox.exe' - '200' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'wmpnetwk.exe' - '81' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht Durchsuche Prozess 'plugin-container.exe' - '91' Modul(e) wurden durchsucht Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_239.exe' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_239.exe' - '76' Modul(e) wurden durchsucht Durchsuche Prozess 'explorer.exe' - '126' Modul(e) wurden durchsucht Durchsuche Prozess 'SDTray.exe' - '126' Modul(e) wurden durchsucht Durchsuche Prozess 'SDWSCSvc.exe' - '52' Modul(e) wurden durchsucht Durchsuche Prozess 'SDUpdSvc.exe' - '97' Modul(e) wurden durchsucht Durchsuche Prozess 'SDWelcome.exe' - '132' Modul(e) wurden durchsucht Durchsuche Prozess 'SDFSSvc.exe' - '111' Modul(e) wurden durchsucht Durchsuche Prozess 'mmc.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'vds.exe' - '69' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '159' Modul(e) wurden durchsucht Durchsuche Prozess 'avnotify.exe' - '136' Modul(e) wurden durchsucht Durchsuche Prozess 'MpCmdRun.exe' - '47' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '15' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchProtocolHost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '39' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '125' Modul(e) wurden durchsucht Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'lsass.exe' - '78' Modul(e) wurden durchsucht Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '2944' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'D:\' D:\hiberfil.sys [WARNUNG] Die Datei konnte nicht geöffnet werden! D:\ProgramData\OfvaRjeb\OfvaRjeb.dat [FUND] Ist das Trojanische Pferd TR/Kazy.443847 Beginne mit der Suche in 'I:\' <Recovery> Beginne mit der Desinfektion: D:\ProgramData\OfvaRjeb\OfvaRjeb.dat [FUND] Ist das Trojanische Pferd TR/Kazy.443847 [WARNUNG] Die Datei wurde ignoriert. Ende des Suchlaufs: Donnerstag, 4. Dezember 2014 18:22 Benötigte Zeit: 1:07:54 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 28788 Verzeichnisse wurden überprüft 678446 Dateien wurden geprüft 2 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 1 Dateien konnten nicht durchsucht werden 678444 Dateien ohne Befall 4244 Archive wurden durchsucht 2 Warnungen 0 Hinweise Den Kazy habe ich nun samt Ordner mit Killbox entfernt. Panda Global Protection 2013 Fehlerbericht Gewählter Filter:Alle, Datum: Alle VORFALL BENACHRICHTIGT DURCH DATUM-ZEIT ERGEBNIS ZUSÄTZLICHE INFORMATON ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Spyware erkannt: Cookie/Adtech Antivirus-Schutz 04.12.2014 17:21:57 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\TL93HB5W.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OODRPC2B.TXT Spyware erkannt: Cookie/BurstBeacon Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SA2O49XP.TXT Spyware erkannt: Cookie/Tribalfusion Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\XN514YCP.TXT Spyware erkannt: Cookie/QuestionMarket Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\QFXZ4UHP.TXT Spyware erkannt: Cookie/Smartadserver Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\EEQ3KP0L.TXT Spyware erkannt: Cookie/Advertising Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JN03OD70.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:21:56 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\EZS3ET9U.TXT Spyware erkannt: Cookie/Casalemedia Antivirus-Schutz 04.12.2014 17:21:55 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\78KU2BNF.TXT Spyware erkannt: Cookie/Casalemedia Antivirus-Schutz 04.12.2014 17:21:55 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\QAGICR58.TXT Spyware erkannt: Cookie/Advertising Antivirus-Schutz 04.12.2014 17:21:55 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SNZ39HZO.TXT Spyware erkannt: Cookie/Mediaplex Antivirus-Schutz 04.12.2014 17:21:55 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\0LSXQLMB.TXT Spyware erkannt: Cookie/Zedo Antivirus-Schutz 04.12.2014 17:21:54 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\VQRXKLG3.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:54 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\4KEG7HPD.TXT Spyware erkannt: Cookie/FastClick Antivirus-Schutz 04.12.2014 17:21:53 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\W5YJQ2DH.TXT Spyware erkannt: Cookie/Adtech Antivirus-Schutz 04.12.2014 17:21:52 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\TZ7QHH7U.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:50 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\JRBMAWG2.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:21:49 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\JRYUW42W.TXT Spyware erkannt: Cookie/PointRoll Antivirus-Schutz 04.12.2014 17:21:49 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\KOCWJSTZ.TXT Spyware erkannt: Cookie/Smartadserver Antivirus-Schutz 04.12.2014 17:21:49 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\DS7XO9QQ.TXT Spyware erkannt: Cookie/Statcounter Antivirus-Schutz 04.12.2014 17:21:48 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\9CLPKPZ9.TXT Spyware erkannt: Cookie/QuestionMarket Antivirus-Schutz 04.12.2014 17:21:47 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\2ZZIVBZI.TXT Spyware erkannt: Cookie/RealMedia Antivirus-Schutz 04.12.2014 17:21:47 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\5T40A4VE.TXT Spyware erkannt: Cookie/BurstNet Antivirus-Schutz 04.12.2014 17:21:47 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\4TXIG310.TXT Spyware erkannt: Cookie/Mediaplex Antivirus-Schutz 04.12.2014 17:21:47 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\63RJQFHZ.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:47 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\57HX7Y0J.TXT Spyware erkannt: Cookie/Tribalfusion Antivirus-Schutz 04.12.2014 17:21:46 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\37RHRP7P.TXT Spyware erkannt: Cookie/Xiti Antivirus-Schutz 04.12.2014 17:21:46 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\4EXD35ZI.TXT Spyware erkannt: Cookie/RealMedia Antivirus-Schutz 04.12.2014 17:21:45 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\1RPVTY0X.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:10 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\T3VDIGME.TXT Spyware erkannt: Cookie/Mediaplex Antivirus-Schutz 04.12.2014 17:21:09 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\UGN24153.TXT Spyware erkannt: Cookie/Apmebf Antivirus-Schutz 04.12.2014 17:21:08 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\91O5TGSW.TXT Spyware erkannt: Cookie/Xiti Antivirus-Schutz 04.12.2014 17:21:06 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\KH6II1JW.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:21:06 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\IF2W8NXL.TXT Spyware erkannt: Cookie/Smartadserver Antivirus-Schutz 04.12.2014 17:21:06 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\6YR7J4X4.TXT Spyware erkannt: Cookie/Adtech Antivirus-Schutz 04.12.2014 17:21:06 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\47O1MD5H.TXT Spyware erkannt: Cookie/Serving-sys Antivirus-Schutz 04.12.2014 17:21:05 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\LOW\COOKIES\0D0GEIM4.TXT Spyware erkannt: Cookie/Mediaplex Antivirus-Schutz 04.12.2014 17:20:51 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\COOKIES\ABWYUY9M.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:20:50 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\COOKIES\ETIXUFJH.TXT Virus erkannt: Trj/Chgt.D Antivirus-Schutz 04.12.2014 17:20:45 Desinfiziert Pfad: D:\USERS\FABIENNE\APPDATA\LOCAL\TEMP\UPDATEFLASHPLAYER_42E34D74.EXE Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:15:46 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\9VQ8XOJR.TXT Spyware erkannt: Cookie/FastClick Antivirus-Schutz 04.12.2014 17:15:46 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\D6MSF960.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 17:15:46 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\NIXJ7NO6.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 16:49:24 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PYJMV2JF.TXT Spyware erkannt: Cookie/Advertising Antivirus-Schutz 04.12.2014 16:49:22 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\P0IS9W87.TXT Spyware erkannt: Cookie/FastClick Antivirus-Schutz 04.12.2014 16:49:21 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\VOJKMMYJ.TXT Spyware erkannt: Cookie/Doubleclick Antivirus-Schutz 04.12.2014 16:49:21 Desinfiziert Pfad: C:\USERS\JAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\7ITJ56N6.TXT Virus erkannt: Trj/Genetic.gen Antivirus-Schutz 04.12.2014 16:44:20 Desinfiziert Pfad: D:\PROGRAMDATA\WINDOWS GENUINE ADVANTAGE\{AD369CCF-9EC0-4D9C-BF84-D40D52489D60}\MSIEXEC.EXE Nochmal die Externe mit Spybot auf Rootkits gescannt.. // info: Rootkit removal help file // copyright: (c) 2008-2014 Safer-Networking Ltd. All rights reserved. :: RootAlyzer Results RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\services\WdiSystemHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\services\WdiServiceHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\services\DPS\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet002\services\WdiSystemHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet002\services\WdiServiceHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet002\services\DPS\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\services\WdiSystemHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\services\WdiServiceHost\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\services\DPS\","Security" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout" RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc" Geändert von RBMK1500 (04.12.2014 um 17:39 Uhr) |
05.12.2014, 16:46 | #13 |
/// the machine /// TB-Ausbilder | Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Downloade Dir HitmanProauf Deinen Desktop: HitmanPro - 32 Bit HitmanPro - 64 Bit
Poste bitte den Inhalt der HitmanPro_<Datum_Uhrzeit>.txt mit Deiner nächsten Antwort. Jetzt bitte nochmal ein frisches TDSSKiller Scanlog, und denk bitte an die Codetags.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
08.12.2014, 17:25 | #14 |
| Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Hitman Scannt nicht die externe infizierte, nur die eigene. Trozdem hier mal das log Code:
ATTFilter HitmanPro 3.7.9.232 www.hitmanpro.com Computer name . . . . : AMDFXCROSSFIRE Windows . . . . . . . : 6.1.1.7601.X64/8 User name . . . . . . : AMDFXCROSSFIRE\Jan UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2014-12-08 17:10:07 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 33s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 90 Objects scanned . . . : 2.160.397 Files scanned . . . . : 38.761 Remnants scanned . . : 641.922 files / 1.479.714 keys Suspicious files ____________________________________________________________ C:\Users\Jan\Desktop\FRST64.exe Size . . . . . . . : 2.117.120 bytes Age . . . . . . . : 6.0 days (2014-12-02 17:54:37) Entropy . . . . . : 7.5 SHA-256 . . . . . : 81232B69650A6091BC14D05B98CDD301CE78CF5DA433FB03FCB8C0CF85DB5BE8 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Potential Unwanted Programs _________________________________________________ HKU\S-1-5-21-441872813-2357865288-1052857262-1000\Software\Conduit\ (Conduit) -> Deleted Cookies _____________________________________________________________________ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\790KD6HU.txt C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\D6MSF960.txt C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\NIXJ7NO6.txt C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\TG1J73VU.txt |
09.12.2014, 11:50 | #15 |
/// the machine /// TB-Ausbilder | Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside Downloade dir bitte Rogue Killer von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside |
boo/cidox.b, fehlercode 0x5, fehlercode 0xc000000d, fehlercode 0xc0000374, fehlercode 22, fehlercode windows, festplatte, festplattenzugriff, freundin, tdsskiller, this device is disabled. (code 22), tr/kazy.443847, tr/spy.zbot.tkwig!, trj/chgt.d, trj/genetic.gen, verabschiedet, windows 7 |