| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.12.2014, 17:50
| #1 |
| |  Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden Hallo, ich bin neu hier (oder besser gesagt vor gaaaanz langer Zeit hab ich hier viel mitgelesen aber das ist wirklich schon sehr lange her, weswegen ich auch keine Ahnung mehr von irgendwas habe, also nicht böse sein  ).Ich habe folgendes Problem: Ich habe heute (zugegebenermaßen zu ersten mal seit längerem) einen kompletten Avast Systemscan gemacht. Der hat ein Rootkit im Ordner C:\winsxs\Temp\... gefunden (genauere Infos siehe Screenshot). Daraufhin habe ich Malewarebytes durchlaufen lassen (das irgendwie jetzt ziemlich dumm aussieht ehrlich gesagt, mochte das alte Design viel mehr  ). Es gab keine Funde (Hatte auch den Fund noch nicht in Quarantäne also hätte es Malwarebytes auch finden können). Nun hoffe ich einfach, dass es ein Fehlalarm war, aber man weiß ja nie so genau, deswegen erbitte ich eure Hilfe  . Malwarebytes Logfiles sind auch im Anhang.Achja, der Computer wird eigentlich kaum genutzt, nur immer schön geupdatet, und eigentlich nichts bedrohliches installiert. Ich surfe eigentlich auch nicht damit, nutze ihn nur wenn ich mal was am PC machen muss, was "smarte" Geräte nicht können (Word, ...). Ich bedanke mich schonmal im Vorraus für eure Hilfe, MrOh |
|
21.12.2014, 18:09
| #2 |
| /// the machine /// TB-Ausbilder    |  Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.12.2014, 19:29
| #3 |
| | Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden So
__________________ FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by -xxBenutzername- (ATTENTION: The logged in user is not administrator) on ERIKBÖHMPC on 21-12-2014 19:16:41
Running from C:\Users\-xxBenutzername-\Downloads
Loaded Profiles: -xxBenutzername- & -xxBenutzername2- (Available profiles: -xxBenutzername- & -xxBenutzername2-)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\-xxBenutzername-\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1289296 2010-02-25] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-07] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-72188511-2036229042-1087138959-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
Startup: C:\Users\-xxBenutzername-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\-xxBenutzername-\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-72188511-2036229042-1087138959-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-72188511-2036229042-1087138959-1001] ATTENTION ==> Default URLSearchHook is missing.
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\-xxBenutzername-\AppData\Roaming\Mozilla\Firefox\Profiles\gh31kozz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-72188511-2036229042-1087138959-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: NoScript - C:\Users\-xxBenutzername-\AppData\Roaming\Mozilla\Firefox\Profiles\gh31kozz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-15]
FF Extension: Adblock Plus - C:\Users\-xxBenutzername-\AppData\Roaming\Mozilla\Firefox\Profiles\gh31kozz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-15]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-01-20] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-07] (Avast Software)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [865824 2010-02-05] (Acer Incorporated)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-08-13] (Valve Corporation) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-04] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-16] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-21] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-07] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-09-06] (Oracle Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 19:16 - 2014-12-21 19:17 - 00012738 _____ () C:\Users\Erik Böhm\Downloads\FRST.txt
2014-12-21 19:16 - 2014-12-21 19:16 - 00000000 ____D () C:\FRST
2014-12-21 19:14 - 2014-12-21 19:14 - 02122240 _____ (Farbar) C:\Users\-xxBenutzername-\Downloads\FRST64.exe
2014-12-21 17:15 - 2014-12-21 17:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-21 17:14 - 2014-12-21 17:14 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-21 17:14 - 2014-12-21 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-21 17:14 - 2014-12-21 17:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-21 17:14 - 2014-12-21 17:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-21 17:14 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-21 17:14 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-21 17:14 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-21 17:12 - 2014-12-21 17:12 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Erik Böhm\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-21 13:51 - 2014-12-21 13:51 - 00001363 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-12-21 13:51 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-12-21 13:51 - 2014-12-21 13:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-12-21 13:46 - 2014-12-21 13:47 - 00000197 _____ () C:\Windows\system32\2014-12-21-12-46-59.089-AvastVBoxSVC.exe-2440.log
2014-12-21 13:44 - 2014-12-21 13:44 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-21 13:38 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-21 13:38 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-21 13:38 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-21 13:38 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-21 13:38 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-21 13:38 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-21 13:38 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-21 13:38 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-21 13:38 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-21 13:38 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-21 13:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-21 13:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-21 13:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-21 13:26 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-21 13:26 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-21 13:26 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-21 13:26 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-21 13:26 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-21 13:26 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-21 13:26 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-21 13:26 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-21 13:26 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-21 13:26 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-21 13:26 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-21 13:26 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-21 13:26 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-21 13:26 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-21 13:26 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-21 13:26 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-21 13:26 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-21 13:26 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-21 13:26 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-21 13:26 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-21 13:26 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-21 13:26 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-21 13:26 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-21 13:26 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-21 13:26 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-21 13:26 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-21 13:26 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-21 13:26 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-21 13:26 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-21 13:26 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-21 13:26 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-21 13:26 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-21 13:26 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-21 13:26 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-21 13:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-21 13:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-21 13:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-21 13:25 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-21 13:25 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-21 13:25 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-21 13:25 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-21 13:25 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-21 13:25 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-21 13:25 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 13:25 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-21 13:25 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-21 13:25 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-21 13:25 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-21 13:25 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-21 13:25 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-21 13:25 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-21 13:25 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-21 13:25 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-21 13:25 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-21 13:25 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-21 13:25 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-21 13:25 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-21 13:25 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-21 13:25 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-21 13:23 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-21 13:23 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-21 13:23 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-21 13:23 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-21 13:23 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-21 13:23 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-21 13:23 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-21 13:23 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-21 13:23 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-21 13:23 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-21 13:23 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-21 13:23 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-21 13:23 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-21 13:23 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-21 13:15 - 2014-12-21 13:16 - 00000197 _____ () C:\Windows\system32\2014-12-21-12-15-26.092-AvastVBoxSVC.exe-2720.log
2014-12-10 17:47 - 2014-12-10 17:48 - 00000197 _____ () C:\Windows\system32\2014-12-10-16-47-14.049-AvastVBoxSVC.exe-2552.log
2014-12-07 17:46 - 2014-12-07 17:46 - 00000247 _____ () C:\Windows\system32\2014-12-07-16-46-29.093-aswFe.exe-5576.log
2014-12-07 17:44 - 2014-12-07 17:46 - 00000247 _____ () C:\Windows\system32\2014-12-07-16-44-16.007-aswFe.exe-5280.log
2014-12-07 17:44 - 2014-12-07 17:44 - 00000197 _____ () C:\Windows\system32\2014-12-07-16-44-14.061-AvastVBoxSVC.exe-2700.log
2014-12-07 17:41 - 2014-12-07 17:41 - 00000247 _____ () C:\Windows\system32\2014-12-07-16-41-22.041-aswFe.exe-5592.log
2014-12-07 17:41 - 2014-12-07 17:41 - 00000197 _____ () C:\Windows\system32\2014-12-07-16-41-20.011-AvastVBoxSVC.exe-5232.log
2014-12-07 17:32 - 2014-12-07 17:32 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-07 17:32 - 2014-12-07 17:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-07 10:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-07 10:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-07 10:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-07 10:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-07 10:32 - 2014-12-07 10:33 - 00000197 _____ () C:\Windows\system32\2014-12-07-09-32-57.028-AvastVBoxSVC.exe-2544.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 19:13 - 2013-08-15 12:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 18:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-21 14:13 - 2013-08-15 12:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 14:13 - 2013-08-15 12:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 13:52 - 2009-07-14 18:58 - 00699348 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 13:52 - 2009-07-14 18:58 - 00149456 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 13:52 - 2009-07-14 06:13 - 01619312 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-21 13:49 - 2013-08-15 09:02 - 01815659 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 13:49 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:49 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:47 - 2013-08-15 13:25 - 00000000 ___RD () C:\Users\-xxBenutzername-\Dropbox
2014-12-21 13:47 - 2013-08-15 13:22 - 00000000 ____D () C:\Users\-xxBenutzername-\AppData\Roaming\Dropbox
2014-12-21 13:44 - 2014-05-10 01:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-21 13:44 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 13:44 - 2009-07-14 05:51 - 00047697 _____ () C:\Windows\setupact.log
2014-12-21 13:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-21 13:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-21 13:43 - 2013-08-15 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-21 13:42 - 2013-08-15 10:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-21 13:40 - 2013-08-15 13:25 - 00000991 _____ () C:\Users\-xxBenutzername-\Desktop\Dropbox.lnk
2014-12-21 13:40 - 2013-08-15 13:23 - 00000000 ____D () C:\Users\-xxBenutzername-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-21 13:40 - 2013-08-15 10:49 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-21 13:36 - 2013-08-15 12:23 - 00001600 _____ () C:\Windows\Sandboxie.ini
2014-12-07 17:37 - 2013-08-15 09:53 - 00236402 _____ () C:\Windows\PFRO.log
2014-12-07 17:32 - 2014-11-01 17:42 - 00001930 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-07 17:32 - 2014-05-10 09:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-07 17:32 - 2013-12-22 11:24 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-07 17:32 - 2013-11-06 18:11 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-07 17:32 - 2013-08-15 12:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-07 17:32 - 2013-08-15 12:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-07 17:32 - 2013-08-15 12:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-07 17:32 - 2013-08-15 12:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-12-07 17:32 - 2013-08-15 12:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-07 12:05 - 2014-02-23 20:49 - 00000000 ____D () C:\Users\-xxBenutzername-\AppData\Local\Microsoft Help
2014-11-24 14:04 - 2013-08-15 10:32 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\-xxBenutzername-\AppData\Local\Temp\Checkupdate.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\-xxBenutzername-\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\-xxBenutzername-\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuem0jj.dll
C:\Users\-xxBenutzername-\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\gcapi_dll.dll
C:\Users\-xxBenutzername-\AppData\Local\Temp\gtapi_signed.dll
C:\Users\-xxBenutzername-\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\SkypeSetup.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\-xxBenutzername-\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by -xxBenutzername- at 2014-12-21 19:17:23
Running from C:\Users\-xxBenutzername-\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{75FDB05A-C1C2-CD17-35CE-3C1A454CC79F}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.56 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - Canon Inc.)
ccc-core-static (x32 Version: 2010.0825.2205.37769 - Ihr Firmenname) Hidden
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Dropbox (HKU\S-1-5-21-72188511-2036229042-1087138959-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.5 - Packard Bell)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version: - )
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
Oblivion - Construction Set (HKLM-x32\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oracle VM VirtualBox 4.3.4 (HKLM\...\{5FB568DF-207C-4B21-AC57-FC0CC2A0B113}) (Version: 4.3.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Packard Bell)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.19 - Firaxis Games)
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.01 - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TES Construction Set (HKLM-x32\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Video Web Camera (HKLM-x32\...\{83299633-1261-47A3-84F3-6F02B4B8CDB1}) (Version: 2.0.6.0 - Liteon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
==================== Loaded Modules (whitelisted) =============
2013-12-25 12:38 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2010-08-26 14:45 - 2010-08-26 14:45 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-25 21:04 - 2010-08-25 21:04 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-72188511-2036229042-1087138959-500 - Administrator - Disabled)
Erik Böhm (S-1-5-21-72188511-2036229042-1087138959-1000 - Limited - Enabled) => C:\Users\Erik Böhm
Erik Böhm Admin (S-1-5-21-72188511-2036229042-1087138959-1001 - Administrator - Enabled) => C:\Users\Erik Böhm Admin
Gast (S-1-5-21-72188511-2036229042-1087138959-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/21/2014 11:13:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 7.0.670.1, Zeitstempel: 0x53d27f39
Name des fehlerhaften Moduls: glass.dll, Version: 0.0.0.0, Zeitstempel: 0x53d28873
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001046
ID des fehlerhaften Prozesses: 0x104c
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (09/21/2014 10:46:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SoftwareUpdate.exe, Version: 2.1.3.127, Zeitstempel: 0x4de6dd5a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80000003
Fehleroffset: 0x00740069
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0xSoftwareUpdate.exe0
Pfad der fehlerhaften Anwendung: SoftwareUpdate.exe1
Pfad des fehlerhaften Moduls: SoftwareUpdate.exe2
Berichtskennung: SoftwareUpdate.exe3
Error: (05/31/2014 11:08:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iTunes.exe, Version: 11.2.2.3, Zeitstempel: 0x5383f31a
Name des fehlerhaften Moduls: iTunes.dll, Version: 11.2.2.3, Zeitstempel: 0x5383f308
Ausnahmecode: 0xc000041d
Fehleroffset: 0x001c53d1
ID des fehlerhaften Prozesses: 0xe48
Startzeit der fehlerhaften Anwendung: 0xiTunes.exe0
Pfad der fehlerhaften Anwendung: iTunes.exe1
Pfad des fehlerhaften Moduls: iTunes.exe2
Berichtskennung: iTunes.exe3
Error: (05/19/2014 06:52:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 11.1.5.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ad8
Startzeit: 01cf738a62915af1
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\iTunes\iTunes.exe
Berichts-ID:
Error: (05/15/2014 08:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7e8
Startzeit: 01cf7073065e80d8
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: bf6737be-dc66-11e3-a212-206a8a1bf9e7
Error: (05/10/2014 00:16:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 11.1.5.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1198
Startzeit: 01cf6bdc476b15a2
Endzeit: 30
Anwendungspfad: C:\Program Files (x86)\iTunes\iTunes.exe
Berichts-ID:
Error: (04/17/2014 09:46:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000004479560
ID des fehlerhaften Prozesses: 0x9d0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (04/01/2014 06:15:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Wacom_Tablet.exe, Version: 6.3.7.6, Zeitstempel: 0x529f587c
Name des fehlerhaften Moduls: Wacom_Tablet.exe, Version: 6.3.7.6, Zeitstempel: 0x529f587c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000015e314
ID des fehlerhaften Prozesses: 0x1a80
Startzeit der fehlerhaften Anwendung: 0xWacom_Tablet.exe0
Pfad der fehlerhaften Anwendung: Wacom_Tablet.exe1
Pfad des fehlerhaften Moduls: Wacom_Tablet.exe2
Berichtskennung: Wacom_Tablet.exe3
Error: (03/29/2014 09:10:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Fallout3.exe, Version 1.7.0.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fd4
Startzeit: 01cf4b8755279f9e
Endzeit: 38
Anwendungspfad: C:\Games\Fallout 3\Fallout3.exe
Berichts-ID:
Error: (03/29/2014 08:43:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Fallout3.exe, Version 1.7.0.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1474
Startzeit: 01cf4b85ed46ad6f
Endzeit: 18
Anwendungspfad: C:\Games\Fallout 3\Fallout3.exe
Berichts-ID:
System errors:
=============
Error: (12/21/2014 01:51:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/21/2014 01:44:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (12/21/2014 01:14:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (12/10/2014 05:46:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (12/07/2014 05:42:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (12/07/2014 05:37:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (12/07/2014 10:30:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (11/12/2014 08:04:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/12/2014 08:04:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1352
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/12/2014 08:04:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Microsoft Office Sessions:
=========================
Error: (09/21/2014 11:13:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe7.0.670.153d27f39glass.dll0.0.0.053d28873c00000050000000000001046104c01cfd58434012440C:\Program Files\Java\jre7\bin\javaw.exeC:\Program Files\Java\jre7\bin\glass.dllf651590b-4177-11e4-81a8-206a8a1bf9e7
Error: (09/21/2014 10:46:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SoftwareUpdate.exe2.1.3.1274de6dd5aunknown0.0.0.000000000800000030074006915ec01cfd580d6a20fb0C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exeunknown2fd7912f-4174-11e4-8b96-206a8a1bf9e7
Error: (05/31/2014 11:08:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe11.2.2.35383f31aiTunes.dll11.2.2.35383f308c000041d001c53d1e4801cf7d0d3df8de24C:\Program Files (x86)\iTunes\iTunes.exeC:\Program Files (x86)\iTunes\iTunes.dll222c7559-e910-11e3-832b-206a8a1bf9e7
Error: (05/19/2014 06:52:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe11.1.5.5ad801cf738a62915af131C:\Program Files (x86)\iTunes\iTunes.exe
Error: (05/15/2014 08:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175677e801cf7073065e80d80C:\Windows\Explorer.EXEbf6737be-dc66-11e3-a212-206a8a1bf9e7
Error: (05/10/2014 00:16:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe11.1.5.5119801cf6bdc476b15a230C:\Program Files (x86)\iTunes\iTunes.exe
Error: (04/17/2014 09:46:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000044795609d001cf5995bdf207f6C:\Windows\Explorer.EXEunknown63a2d4f3-c671-11e3-aca3-206a8a1bf9e7
Error: (04/01/2014 06:15:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Wacom_Tablet.exe6.3.7.6529f587cWacom_Tablet.exe6.3.7.6529f587cc0000005000000000015e3141a8001cf4dcdf1e9ce1aC:\Program Files\Tablet\Wacom\Wacom_Tablet.exeC:\Program Files\Tablet\Wacom\Wacom_Tablet.exe309e91b9-b9c1-11e3-80b4-206a8a1bf9e7
Error: (03/29/2014 09:10:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Fallout3.exe1.7.0.3fd401cf4b8755279f9e38C:\Games\Fallout 3\Fallout3.exe
Error: (03/29/2014 08:43:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Fallout3.exe1.7.0.3147401cf4b85ed46ad6f18C:\Games\Fallout 3\Fallout3.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 53%
Total physical RAM: 3956.5 MB
Available physical RAM: 1849.79 MB
Total Pagefile: 7911.17 MB
Available Pagefile: 5604.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:38.94 GB) NTFS
Drive e: (Media Erik Böhm) (Fixed) (Total:465.76 GB) (Free:199.07 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
22.12.2014, 16:28
| #4 |
| /// the machine /// TB-Ausbilder | Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden Alle unsre Tools brauchen immer Adminrechte! Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.12.2014, 19:33
| #5 |
| | Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden Ich werde die Schritte dann später durchführen, wenn ich Zeit dazu habe. Soll ich den FRST nochmal als Admin ausführen? Und wie sieht es bisher aus... Fehlalarm oder wirklich ein Rootkit? Also, beide haben nichts gefunden. Heißt das, dass alles sauber ist? mbar-log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.22.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
-xxBenutzername- :: -xxComputername- [administrator]
22.12.2014 19:15:17
mbar-log-2014-12-22 (19-15-17).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 391468
Time elapsed: 6 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:25:52.0254 0x10ac TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:26:05.0343 0x10ac ============================================================
19:26:05.0343 0x10ac Current date / time: 2014/12/22 19:26:05.0343
19:26:05.0343 0x10ac SystemInfo:
19:26:05.0343 0x10ac
19:26:05.0343 0x10ac OS Version: 6.1.7601 ServicePack: 1.0
19:26:05.0343 0x10ac Product type: Workstation
19:26:05.0343 0x10ac ComputerName: -xxComputername-
19:26:05.0343 0x10ac UserName: -xxBenutzername2-
19:26:05.0343 0x10ac Windows directory: C:\Windows
19:26:05.0343 0x10ac System windows directory: C:\Windows
19:26:05.0343 0x10ac Running under WOW64
19:26:05.0343 0x10ac Processor architecture: Intel x64
19:26:05.0343 0x10ac Number of processors: 4
19:26:05.0343 0x10ac Page size: 0x1000
19:26:05.0343 0x10ac Boot type: Normal boot
19:26:05.0343 0x10ac ============================================================
19:26:05.0701 0x10ac KLMD registered as C:\Windows\system32\drivers\64204098.sys
19:26:05.0795 0x10ac System UUID: {B25D9D10-5F7E-34B1-66CA-9A1D91F0A9BA}
19:26:06.0169 0x10ac Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:26:06.0169 0x10ac Drive \Device\Harddisk1\DR1 - Size: 0x7470A00000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:26:06.0185 0x10ac ============================================================
19:26:06.0185 0x10ac \Device\Harddisk0\DR0:
19:26:06.0185 0x10ac MBR partitions:
19:26:06.0185 0x10ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:26:06.0185 0x10ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
19:26:06.0185 0x10ac \Device\Harddisk1\DR1:
19:26:06.0185 0x10ac MBR partitions:
19:26:06.0185 0x10ac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
19:26:06.0185 0x10ac ============================================================
19:26:06.0185 0x10ac C: <-> \Device\Harddisk0\DR0\Partition2
19:26:06.0528 0x10ac E: <-> \Device\Harddisk1\DR1\Partition1
19:26:06.0528 0x10ac ============================================================
19:26:06.0528 0x10ac Initialize success
19:26:06.0528 0x10ac ============================================================
19:27:40.0690 0x1748 ============================================================
19:27:40.0690 0x1748 Scan started
19:27:40.0690 0x1748 Mode: Manual; SigCheck; TDLFS;
19:27:40.0690 0x1748 ============================================================
19:27:40.0690 0x1748 KSN ping started
19:27:54.0559 0x1748 KSN ping finished: true
19:27:54.0860 0x1748 ================ Scan system memory ========================
19:27:54.0860 0x1748 System memory - ok
19:27:54.0877 0x1748 ================ Scan services =============================
19:27:54.0929 0x1748 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:27:55.0009 0x1748 1394ohci - ok
19:27:55.0025 0x1748 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:27:55.0057 0x1748 ACPI - ok
19:27:55.0062 0x1748 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:27:55.0095 0x1748 AcpiPmi - ok
19:27:55.0128 0x1748 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:27:55.0159 0x1748 AdobeFlashPlayerUpdateSvc - ok
19:27:55.0174 0x1748 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:27:55.0212 0x1748 adp94xx - ok
19:27:55.0223 0x1748 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:27:55.0256 0x1748 adpahci - ok
19:27:55.0265 0x1748 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:27:55.0292 0x1748 adpu320 - ok
19:27:55.0299 0x1748 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:27:55.0373 0x1748 AeLookupSvc - ok
19:27:55.0395 0x1748 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:27:55.0443 0x1748 AFD - ok
19:27:55.0449 0x1748 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:27:55.0471 0x1748 agp440 - ok
19:27:55.0477 0x1748 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:27:55.0505 0x1748 ALG - ok
19:27:55.0510 0x1748 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:27:55.0530 0x1748 aliide - ok
19:27:55.0538 0x1748 [ FF779F9DE1CDF477033858B7681CEDA8, F190057C680F41BEF49FA7BE26A5827C124EC0BFE19D3E21ED93A3287E732D99 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:27:55.0575 0x1748 AMD External Events Utility - ok
19:27:55.0579 0x1748 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:27:55.0598 0x1748 amdide - ok
19:27:55.0604 0x1748 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:27:55.0629 0x1748 AmdK8 - ok
19:27:55.0784 0x1748 [ EF2B99DCEE397B45F50594696D7B5339, 568BD4AFD14C32A1602AE98D00A6C05372C0AE48D17CBC9257272A57F72E69D4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:27:56.0065 0x1748 amdkmdag - ok
19:27:56.0085 0x1748 [ 239DCE60BEE6E1576C803948AB4D54C5, BC346ACD57E9BDBBC4C659B1C9CB4D696A42B2AB3DBC387A169C89D11D15A673 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:27:56.0123 0x1748 amdkmdap - ok
19:27:56.0129 0x1748 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:27:56.0154 0x1748 AmdPPM - ok
19:27:56.0163 0x1748 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:27:56.0186 0x1748 amdsata - ok
19:27:56.0195 0x1748 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:27:56.0221 0x1748 amdsbs - ok
19:27:56.0226 0x1748 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:27:56.0247 0x1748 amdxata - ok
19:27:56.0251 0x1748 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
19:27:56.0271 0x1748 AmUStor - ok
19:27:56.0276 0x1748 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:27:56.0363 0x1748 AppID - ok
19:27:56.0369 0x1748 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:27:56.0419 0x1748 AppIDSvc - ok
19:27:56.0427 0x1748 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:27:56.0455 0x1748 Appinfo - ok
19:27:56.0462 0x1748 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:27:56.0483 0x1748 Apple Mobile Device - ok
19:27:56.0490 0x1748 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:27:56.0512 0x1748 arc - ok
19:27:56.0518 0x1748 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:27:56.0542 0x1748 arcsas - ok
19:27:56.0558 0x1748 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:27:56.0582 0x1748 aspnet_state - ok
19:27:56.0587 0x1748 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
19:27:56.0621 0x1748 aswHwid - ok
19:27:56.0627 0x1748 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:27:56.0651 0x1748 aswMonFlt - ok
19:27:56.0659 0x1748 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
19:27:56.0681 0x1748 aswRdr - ok
19:27:56.0687 0x1748 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:27:56.0709 0x1748 aswRvrt - ok
19:27:56.0735 0x1748 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:27:56.0801 0x1748 aswSnx - ok
19:27:56.0817 0x1748 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:27:56.0859 0x1748 aswSP - ok
19:27:56.0867 0x1748 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
19:27:56.0889 0x1748 aswStm - ok
19:27:56.0900 0x1748 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:27:56.0929 0x1748 aswVmm - ok
19:27:56.0933 0x1748 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:27:56.0982 0x1748 AsyncMac - ok
19:27:56.0991 0x1748 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:27:57.0010 0x1748 atapi - ok
19:27:57.0015 0x1748 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:27:57.0041 0x1748 AthBTPort - ok
19:27:57.0045 0x1748 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
19:27:57.0070 0x1748 ATHDFU - ok
19:27:57.0077 0x1748 [ FBBE79D7445AA4494E069A0B91F9417B, 5C5EB5C27324129702D040FE9C63D2D67853E12A6E19164A805A9EE0DC4C5463 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:27:57.0094 0x1748 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:27:59.0487 0x1748 Detect skipped due to KSN trusted
19:27:59.0487 0x1748 AtherosSvc - ok
19:27:59.0558 0x1748 [ 70260C7C98CC0101316F5B2650C3BB44, 15F5DBDB1251D3F2EF2A0764BC2829A02448B98A0DF9AF316C8466F83BA9241F ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:27:59.0680 0x1748 athr - ok
19:27:59.0692 0x1748 [ FDA1E117A7E880BFF5540D180C06EA87, 061A0AC1DBCF93D568C740BB18A5D76C7FFB1E86AE9339E046E6372EB8B93426 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:27:59.0717 0x1748 AtiHDAudioService - ok
19:27:59.0723 0x1748 [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:27:59.0748 0x1748 AtiHdmiService - ok
19:27:59.0760 0x1748 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:27:59.0790 0x1748 atksgt - ok
19:27:59.0809 0x1748 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:27:59.0861 0x1748 AudioEndpointBuilder - ok
19:27:59.0880 0x1748 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:27:59.0926 0x1748 AudioSrv - ok
19:27:59.0934 0x1748 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:27:59.0969 0x1748 avast! Antivirus - ok
19:28:00.0069 0x1748 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
19:28:00.0211 0x1748 AvastVBoxSvc - ok
19:28:00.0223 0x1748 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:28:00.0266 0x1748 AxInstSV - ok
19:28:00.0280 0x1748 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:28:00.0322 0x1748 b06bdrv - ok
19:28:00.0332 0x1748 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:28:00.0365 0x1748 b57nd60a - ok
19:28:00.0374 0x1748 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:28:00.0402 0x1748 BDESVC - ok
19:28:00.0408 0x1748 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:28:00.0456 0x1748 Beep - ok
19:28:00.0478 0x1748 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:28:00.0534 0x1748 BFE - ok
19:28:00.0558 0x1748 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:28:00.0642 0x1748 BITS - ok
19:28:00.0648 0x1748 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:28:00.0671 0x1748 blbdrive - ok
19:28:00.0684 0x1748 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:28:00.0718 0x1748 Bonjour Service - ok
19:28:00.0725 0x1748 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:28:00.0754 0x1748 bowser - ok
19:28:00.0758 0x1748 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:28:00.0792 0x1748 BrFiltLo - ok
19:28:00.0796 0x1748 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:28:00.0822 0x1748 BrFiltUp - ok
19:28:00.0829 0x1748 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:28:00.0859 0x1748 Browser - ok
19:28:00.0871 0x1748 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:28:00.0912 0x1748 Brserid - ok
19:28:00.0918 0x1748 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:28:00.0945 0x1748 BrSerWdm - ok
19:28:00.0950 0x1748 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:28:00.0978 0x1748 BrUsbMdm - ok
19:28:00.0983 0x1748 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:28:01.0005 0x1748 BrUsbSer - ok
19:28:01.0017 0x1748 [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:28:01.0054 0x1748 BTATH_A2DP - ok
19:28:01.0059 0x1748 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:28:01.0082 0x1748 BTATH_BUS - ok
19:28:01.0090 0x1748 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:28:01.0119 0x1748 BTATH_HCRP - ok
19:28:01.0125 0x1748 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:28:01.0147 0x1748 BTATH_LWFLT - ok
19:28:01.0155 0x1748 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:28:01.0186 0x1748 BTATH_RCP - ok
19:28:01.0199 0x1748 [ FF8B065F96E4D9525AA7227299FBD05C, 7F15424DCD3C2B907009883D1E80E0DF3E2F38A674C12BDBC748DB85D3DB74E6 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:28:01.0236 0x1748 BtFilter - ok
19:28:01.0241 0x1748 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:28:01.0266 0x1748 BthEnum - ok
19:28:01.0271 0x1748 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:28:01.0299 0x1748 BTHMODEM - ok
19:28:01.0307 0x1748 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:28:01.0337 0x1748 BthPan - ok
19:28:01.0352 0x1748 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:28:01.0396 0x1748 BTHPORT - ok
19:28:01.0403 0x1748 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:28:01.0449 0x1748 bthserv - ok
19:28:01.0455 0x1748 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:28:01.0479 0x1748 BTHUSB - ok
19:28:01.0484 0x1748 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:28:01.0531 0x1748 cdfs - ok
19:28:01.0538 0x1748 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:28:01.0565 0x1748 cdrom - ok
19:28:01.0571 0x1748 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:28:01.0616 0x1748 CertPropSvc - ok
19:28:01.0621 0x1748 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:28:01.0647 0x1748 circlass - ok
19:28:01.0658 0x1748 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:28:01.0691 0x1748 CLFS - ok
19:28:01.0699 0x1748 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:28:01.0722 0x1748 clr_optimization_v2.0.50727_32 - ok
19:28:01.0730 0x1748 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:28:01.0754 0x1748 clr_optimization_v2.0.50727_64 - ok
19:28:01.0765 0x1748 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:28:01.0792 0x1748 clr_optimization_v4.0.30319_32 - ok
19:28:01.0800 0x1748 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:28:01.0826 0x1748 clr_optimization_v4.0.30319_64 - ok
19:28:01.0831 0x1748 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:28:01.0854 0x1748 CmBatt - ok
19:28:01.0859 0x1748 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:28:01.0880 0x1748 cmdide - ok
19:28:01.0896 0x1748 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
19:28:01.0937 0x1748 CNG - ok
19:28:01.0942 0x1748 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:28:01.0961 0x1748 Compbatt - ok
19:28:01.0966 0x1748 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:28:01.0992 0x1748 CompositeBus - ok
19:28:01.0996 0x1748 COMSysApp - ok
19:28:02.0002 0x1748 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:28:02.0022 0x1748 crcdisk - ok
19:28:02.0032 0x1748 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:28:02.0061 0x1748 CryptSvc - ok
19:28:02.0078 0x1748 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:28:02.0143 0x1748 DcomLaunch - ok
19:28:02.0154 0x1748 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:28:02.0211 0x1748 defragsvc - ok
19:28:02.0217 0x1748 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:28:02.0265 0x1748 DfsC - ok
19:28:02.0276 0x1748 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:28:02.0312 0x1748 Dhcp - ok
19:28:02.0317 0x1748 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:28:02.0362 0x1748 discache - ok
19:28:02.0367 0x1748 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:28:02.0388 0x1748 Disk - ok
19:28:02.0398 0x1748 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:28:02.0427 0x1748 Dnscache - ok
19:28:02.0437 0x1748 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:28:02.0491 0x1748 dot3svc - ok
19:28:02.0499 0x1748 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:28:02.0550 0x1748 DPS - ok
19:28:02.0554 0x1748 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:28:02.0576 0x1748 drmkaud - ok
19:28:02.0587 0x1748 [ 55F6F3E0DF82E0113082852347BF2C16, 15DC28E52BEB036057508BFB83069146D3BB0F01F9ED4FEDCF10A7A8EB50D6A4 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:28:02.0615 0x1748 DsiWMIService - ok
19:28:02.0640 0x1748 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:28:02.0694 0x1748 DXGKrnl - ok
19:28:02.0702 0x1748 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:28:02.0752 0x1748 EapHost - ok
19:28:02.0828 0x1748 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:28:02.0971 0x1748 ebdrv - ok
19:28:02.0980 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
19:28:03.0005 0x1748 EFS - ok
19:28:03.0026 0x1748 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:28:03.0088 0x1748 ehRecvr - ok
19:28:03.0094 0x1748 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:28:03.0124 0x1748 ehSched - ok
19:28:03.0139 0x1748 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:28:03.0177 0x1748 elxstor - ok
19:28:03.0201 0x1748 [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
19:28:03.0248 0x1748 ePowerSvc - ok
19:28:03.0253 0x1748 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:28:03.0275 0x1748 ErrDev - ok
19:28:03.0292 0x1748 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:28:03.0355 0x1748 EventSystem - ok
19:28:03.0365 0x1748 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:28:03.0418 0x1748 exfat - ok
19:28:03.0427 0x1748 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:28:03.0481 0x1748 fastfat - ok
19:28:03.0501 0x1748 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:28:03.0553 0x1748 Fax - ok
19:28:03.0559 0x1748 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:28:03.0581 0x1748 fdc - ok
19:28:03.0585 0x1748 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:28:03.0631 0x1748 fdPHost - ok
19:28:03.0635 0x1748 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:28:03.0683 0x1748 FDResPub - ok
19:28:03.0688 0x1748 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:28:03.0709 0x1748 FileInfo - ok
19:28:03.0713 0x1748 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:28:03.0760 0x1748 Filetrace - ok
19:28:03.0765 0x1748 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:28:03.0803 0x1748 flpydisk - ok
19:28:03.0821 0x1748 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:28:03.0850 0x1748 FltMgr - ok
19:28:03.0879 0x1748 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:28:03.0953 0x1748 FontCache - ok
19:28:03.0959 0x1748 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:28:03.0978 0x1748 FontCache3.0.0.0 - ok
19:28:03.0987 0x1748 [ 6227D8C06F94D4C59623AC661947CCD1, FA77454EB08BD568A9A6C2986F3EBBD1B6F728E01819DA6C866E77D5DEC47FF2 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
19:28:04.0015 0x1748 FoxitCloudUpdateService - ok
19:28:04.0022 0x1748 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:28:04.0043 0x1748 FsDepends - ok
19:28:04.0047 0x1748 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:28:04.0066 0x1748 Fs_Rec - ok
19:28:04.0075 0x1748 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:28:04.0104 0x1748 fvevol - ok
19:28:04.0109 0x1748 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:28:04.0130 0x1748 gagp30kx - ok
19:28:04.0135 0x1748 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:28:04.0153 0x1748 GEARAspiWDM - ok
19:28:04.0175 0x1748 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:28:04.0258 0x1748 gpsvc - ok
19:28:04.0264 0x1748 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:28:04.0288 0x1748 hcw85cir - ok
19:28:04.0299 0x1748 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:28:04.0338 0x1748 HdAudAddService - ok
19:28:04.0345 0x1748 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:28:04.0375 0x1748 HDAudBus - ok
19:28:04.0380 0x1748 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:28:04.0399 0x1748 HECIx64 - ok
19:28:04.0404 0x1748 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:28:04.0427 0x1748 HidBatt - ok
19:28:04.0434 0x1748 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:28:04.0463 0x1748 HidBth - ok
19:28:04.0468 0x1748 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:28:04.0494 0x1748 HidIr - ok
19:28:04.0499 0x1748 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
19:28:04.0516 0x1748 hidkmdf - ok
19:28:04.0521 0x1748 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:28:04.0573 0x1748 hidserv - ok
19:28:04.0581 0x1748 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:28:04.0606 0x1748 HidUsb - ok
19:28:04.0612 0x1748 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:28:04.0661 0x1748 hkmsvc - ok
19:28:04.0672 0x1748 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:28:04.0705 0x1748 HomeGroupListener - ok
19:28:04.0713 0x1748 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:28:04.0744 0x1748 HomeGroupProvider - ok
19:28:04.0750 0x1748 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:28:04.0771 0x1748 HpSAMD - ok
19:28:04.0791 0x1748 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:28:04.0867 0x1748 HTTP - ok
19:28:04.0872 0x1748 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:28:04.0890 0x1748 hwpolicy - ok
19:28:04.0897 0x1748 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:28:04.0922 0x1748 i8042prt - ok
19:28:04.0938 0x1748 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:28:04.0974 0x1748 iaStorV - ok
19:28:04.0998 0x1748 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:28:05.0056 0x1748 idsvc - ok
19:28:05.0062 0x1748 IEEtwCollectorService - ok
19:28:05.0070 0x1748 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:28:05.0091 0x1748 iirsp - ok
19:28:05.0115 0x1748 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:28:05.0178 0x1748 IKEEXT - ok
19:28:05.0188 0x1748 [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
19:28:05.0218 0x1748 Impcd - ok
19:28:05.0272 0x1748 [ 53019327813FF5AB2964B33B2C61307C, DFE61235DA59E4AD122201F0054E6073A9538764DD4FD18A11588949089FFBA9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:28:05.0381 0x1748 IntcAzAudAddService - ok
19:28:05.0389 0x1748 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:28:05.0408 0x1748 intelide - ok
19:28:05.0417 0x1748 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:28:05.0442 0x1748 intelppm - ok
19:28:05.0451 0x1748 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:28:05.0502 0x1748 IPBusEnum - ok
19:28:05.0508 0x1748 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:28:05.0558 0x1748 IpFilterDriver - ok
19:28:05.0577 0x1748 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:28:05.0634 0x1748 iphlpsvc - ok
19:28:05.0641 0x1748 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:28:05.0669 0x1748 IPMIDRV - ok
19:28:05.0676 0x1748 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:28:05.0729 0x1748 IPNAT - ok
19:28:05.0748 0x1748 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:28:05.0787 0x1748 iPod Service - ok
19:28:05.0792 0x1748 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:28:05.0826 0x1748 IRENUM - ok
19:28:05.0830 0x1748 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:28:05.0848 0x1748 isapnp - ok
19:28:05.0858 0x1748 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:28:05.0912 0x1748 iScsiPrt - ok
19:28:05.0923 0x1748 [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:28:05.0953 0x1748 k57nd60a - ok
19:28:05.0960 0x1748 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:28:05.0982 0x1748 kbdclass - ok
19:28:05.0986 0x1748 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:28:06.0009 0x1748 kbdhid - ok
19:28:06.0016 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
19:28:06.0041 0x1748 KeyIso - ok
19:28:06.0048 0x1748 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:28:06.0070 0x1748 KSecDD - ok
19:28:06.0078 0x1748 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:28:06.0102 0x1748 KSecPkg - ok
19:28:06.0107 0x1748 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:28:06.0151 0x1748 ksthunk - ok
19:28:06.0164 0x1748 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:28:06.0236 0x1748 KtmRm - ok
19:28:06.0254 0x1748 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:28:06.0315 0x1748 LanmanServer - ok
19:28:06.0322 0x1748 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:28:06.0372 0x1748 LanmanWorkstation - ok
19:28:06.0379 0x1748 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:28:06.0398 0x1748 lirsgt - ok
19:28:06.0407 0x1748 [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
19:28:06.0431 0x1748 Live Updater Service - ok
19:28:06.0437 0x1748 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:28:06.0483 0x1748 lltdio - ok
19:28:06.0496 0x1748 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:28:06.0553 0x1748 lltdsvc - ok
19:28:06.0558 0x1748 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:28:06.0605 0x1748 lmhosts - ok
19:28:06.0614 0x1748 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:28:06.0640 0x1748 LMS - ok
19:28:06.0651 0x1748 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:28:06.0674 0x1748 LSI_FC - ok
19:28:06.0681 0x1748 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:28:06.0703 0x1748 LSI_SAS - ok
19:28:06.0708 0x1748 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:28:06.0730 0x1748 LSI_SAS2 - ok
19:28:06.0737 0x1748 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:28:06.0760 0x1748 LSI_SCSI - ok
19:28:06.0766 0x1748 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:28:06.0816 0x1748 luafv - ok
19:28:06.0821 0x1748 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:28:06.0848 0x1748 Mcx2Svc - ok
19:28:06.0852 0x1748 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:28:06.0873 0x1748 megasas - ok
19:28:06.0883 0x1748 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:28:06.0913 0x1748 MegaSR - ok
19:28:06.0918 0x1748 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:28:06.0966 0x1748 MMCSS - ok
19:28:06.0970 0x1748 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:28:07.0016 0x1748 Modem - ok
19:28:07.0020 0x1748 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:28:07.0045 0x1748 monitor - ok
19:28:07.0050 0x1748 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:28:07.0071 0x1748 mouclass - ok
19:28:07.0076 0x1748 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:28:07.0099 0x1748 mouhid - ok
19:28:07.0106 0x1748 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:28:07.0129 0x1748 mountmgr - ok
19:28:07.0135 0x1748 [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:28:07.0159 0x1748 MozillaMaintenance - ok
19:28:07.0166 0x1748 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:28:07.0191 0x1748 mpio - ok
19:28:07.0198 0x1748 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:28:07.0247 0x1748 mpsdrv - ok
19:28:07.0268 0x1748 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:28:07.0346 0x1748 MpsSvc - ok
19:28:07.0355 0x1748 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:28:07.0382 0x1748 MRxDAV - ok
19:28:07.0390 0x1748 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:28:07.0417 0x1748 mrxsmb - ok
19:28:07.0428 0x1748 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:28:07.0461 0x1748 mrxsmb10 - ok
19:28:07.0467 0x1748 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:28:07.0493 0x1748 mrxsmb20 - ok
19:28:07.0498 0x1748 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:28:07.0518 0x1748 msahci - ok
19:28:07.0525 0x1748 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:28:07.0548 0x1748 msdsm - ok
19:28:07.0555 0x1748 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:28:07.0586 0x1748 MSDTC - ok
19:28:07.0593 0x1748 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:28:07.0638 0x1748 Msfs - ok
19:28:07.0641 0x1748 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:28:07.0685 0x1748 mshidkmdf - ok
19:28:07.0689 0x1748 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:28:07.0708 0x1748 msisadrv - ok
19:28:07.0718 0x1748 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:28:07.0770 0x1748 MSiSCSI - ok
19:28:07.0774 0x1748 msiserver - ok
19:28:07.0779 0x1748 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:28:07.0823 0x1748 MSKSSRV - ok
19:28:07.0827 0x1748 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:28:07.0870 0x1748 MSPCLOCK - ok
19:28:07.0874 0x1748 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:28:07.0918 0x1748 MSPQM - ok
19:28:07.0929 0x1748 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:28:07.0960 0x1748 MsRPC - ok
19:28:07.0967 0x1748 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:28:07.0987 0x1748 mssmbios - ok
19:28:07.0991 0x1748 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:28:08.0038 0x1748 MSTEE - ok
19:28:08.0045 0x1748 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:28:08.0066 0x1748 MTConfig - ok
19:28:08.0071 0x1748 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:28:08.0091 0x1748 Mup - ok
19:28:08.0106 0x1748 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:28:08.0171 0x1748 napagent - ok
19:28:08.0182 0x1748 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:28:08.0221 0x1748 NativeWifiP - ok
19:28:08.0246 0x1748 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:28:08.0301 0x1748 NDIS - ok
19:28:08.0307 0x1748 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:28:08.0353 0x1748 NdisCap - ok
19:28:08.0357 0x1748 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:28:08.0402 0x1748 NdisTapi - ok
19:28:08.0408 0x1748 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:28:08.0453 0x1748 Ndisuio - ok
19:28:08.0460 0x1748 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:28:08.0511 0x1748 NdisWan - ok
19:28:08.0516 0x1748 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:28:08.0562 0x1748 NDProxy - ok
19:28:08.0568 0x1748 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:28:08.0614 0x1748 NetBIOS - ok
19:28:08.0624 0x1748 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:28:08.0678 0x1748 NetBT - ok
19:28:08.0682 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
19:28:08.0704 0x1748 Netlogon - ok
19:28:08.0715 0x1748 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:28:08.0777 0x1748 Netman - ok
19:28:08.0784 0x1748 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:28:08.0810 0x1748 NetMsmqActivator - ok
19:28:08.0817 0x1748 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:28:08.0841 0x1748 NetPipeActivator - ok
19:28:08.0855 0x1748 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:28:08.0919 0x1748 netprofm - ok
19:28:08.0925 0x1748 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:28:08.0950 0x1748 NetTcpActivator - ok
19:28:08.0956 0x1748 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:28:08.0981 0x1748 NetTcpPortSharing - ok
19:28:08.0987 0x1748 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:28:09.0007 0x1748 nfrd960 - ok
19:28:09.0018 0x1748 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:28:09.0053 0x1748 NlaSvc - ok
19:28:09.0058 0x1748 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:28:09.0103 0x1748 Npfs - ok
19:28:09.0107 0x1748 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:28:09.0153 0x1748 nsi - ok
19:28:09.0158 0x1748 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:28:09.0203 0x1748 nsiproxy - ok
19:28:09.0246 0x1748 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:28:09.0330 0x1748 Ntfs - ok
19:28:09.0337 0x1748 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:28:09.0382 0x1748 Null - ok
19:28:09.0389 0x1748 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:28:09.0412 0x1748 nvraid - ok
19:28:09.0420 0x1748 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:28:09.0444 0x1748 nvstor - ok
19:28:09.0452 0x1748 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:28:09.0474 0x1748 nv_agp - ok
19:28:09.0480 0x1748 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:28:09.0504 0x1748 ohci1394 - ok
19:28:09.0511 0x1748 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:28:09.0535 0x1748 ose - ok
19:28:09.0646 0x1748 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:28:09.0823 0x1748 osppsvc - ok
19:28:09.0841 0x1748 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:28:09.0877 0x1748 p2pimsvc - ok
19:28:09.0891 0x1748 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:28:09.0930 0x1748 p2psvc - ok
19:28:09.0937 0x1748 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:28:09.0962 0x1748 Parport - ok
19:28:09.0968 0x1748 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:28:09.0989 0x1748 partmgr - ok
19:28:09.0997 0x1748 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:28:10.0032 0x1748 PcaSvc - ok
19:28:10.0040 0x1748 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:28:10.0066 0x1748 pci - ok
19:28:10.0070 0x1748 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:28:10.0089 0x1748 pciide - ok
19:28:10.0097 0x1748 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:28:10.0124 0x1748 pcmcia - ok
19:28:10.0130 0x1748 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:28:10.0151 0x1748 pcw - ok
19:28:10.0168 0x1748 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:28:10.0237 0x1748 PEAUTH - ok
19:28:10.0268 0x1748 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:28:10.0293 0x1748 PerfHost - ok
19:28:10.0335 0x1748 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:28:10.0439 0x1748 pla - ok
19:28:10.0454 0x1748 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:28:10.0496 0x1748 PlugPlay - ok
19:28:10.0501 0x1748 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:28:10.0526 0x1748 PNRPAutoReg - ok
19:28:10.0538 0x1748 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:28:10.0572 0x1748 PNRPsvc - ok
19:28:10.0587 0x1748 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:28:10.0657 0x1748 PolicyAgent - ok
19:28:10.0671 0x1748 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:28:10.0724 0x1748 Power - ok
19:28:10.0730 0x1748 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:28:10.0780 0x1748 PptpMiniport - ok
19:28:10.0787 0x1748 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:28:10.0813 0x1748 Processor - ok
19:28:10.0823 0x1748 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:28:10.0857 0x1748 ProfSvc - ok
19:28:10.0861 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:28:10.0883 0x1748 ProtectedStorage - ok
19:28:10.0890 0x1748 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:28:10.0940 0x1748 Psched - ok
19:28:10.0977 0x1748 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:28:11.0059 0x1748 ql2300 - ok
19:28:11.0122 0x1748 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:28:11.0159 0x1748 ql40xx - ok
19:28:11.0170 0x1748 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:28:11.0213 0x1748 QWAVE - ok
19:28:11.0218 0x1748 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:28:11.0248 0x1748 QWAVEdrv - ok
19:28:11.0253 0x1748 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:28:11.0301 0x1748 RasAcd - ok
19:28:11.0307 0x1748 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:28:11.0359 0x1748 RasAgileVpn - ok
19:28:11.0365 0x1748 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:28:11.0414 0x1748 RasAuto - ok
19:28:11.0421 0x1748 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:28:11.0472 0x1748 Rasl2tp - ok
19:28:11.0484 0x1748 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:28:11.0545 0x1748 RasMan - ok
19:28:11.0551 0x1748 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:28:11.0601 0x1748 RasPppoe - ok
19:28:11.0607 0x1748 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:28:11.0656 0x1748 RasSstp - ok
19:28:11.0667 0x1748 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:28:11.0725 0x1748 rdbss - ok
19:28:11.0730 0x1748 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:28:11.0755 0x1748 rdpbus - ok
19:28:11.0759 0x1748 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:28:11.0805 0x1748 RDPCDD - ok
19:28:11.0811 0x1748 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:28:11.0856 0x1748 RDPENCDD - ok
19:28:11.0862 0x1748 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:28:11.0909 0x1748 RDPREFMP - ok
19:28:11.0915 0x1748 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:28:11.0939 0x1748 RdpVideoMiniport - ok
19:28:11.0948 0x1748 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:28:11.0979 0x1748 RDPWD - ok
19:28:11.0988 0x1748 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:28:12.0016 0x1748 rdyboost - ok
19:28:12.0023 0x1748 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:28:12.0074 0x1748 RemoteAccess - ok
19:28:12.0082 0x1748 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:28:12.0136 0x1748 RemoteRegistry - ok
19:28:12.0144 0x1748 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:28:12.0175 0x1748 RFCOMM - ok
19:28:12.0180 0x1748 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:28:12.0227 0x1748 RpcEptMapper - ok
19:28:12.0232 0x1748 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:28:12.0255 0x1748 RpcLocator - ok
19:28:12.0270 0x1748 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:28:12.0319 0x1748 RpcSs - ok
19:28:12.0335 0x1748 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:28:12.0382 0x1748 rspndr - ok
19:28:12.0382 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
19:28:12.0397 0x1748 SamSs - ok
19:28:12.0413 0x1748 [ B38103F1B78072D53EC23AC8287A72C2, B502C6AD64DC3D1185086623D32C275CEAF1F50BE22011B2B7F55B7FC0135857 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
19:28:12.0429 0x1748 SbieDrv - ok
19:28:12.0444 0x1748 [ 542B3B5219AA6CE3E55B7C70021C0C35, B47E23E647AAD7C88DE7116F11973D3E6B7423A13B4F0709F2A11CC405423E10 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
19:28:12.0475 0x1748 SbieSvc - ok
19:28:12.0475 0x1748 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:28:12.0491 0x1748 sbp2port - ok
19:28:12.0507 0x1748 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:28:12.0553 0x1748 SCardSvr - ok
19:28:12.0569 0x1748 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:28:12.0616 0x1748 scfilter - ok
19:28:12.0631 0x1748 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:28:12.0725 0x1748 Schedule - ok
19:28:12.0741 0x1748 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:28:12.0787 0x1748 SCPolicySvc - ok
19:28:12.0787 0x1748 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:28:12.0819 0x1748 SDRSVC - ok
19:28:12.0819 0x1748 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:28:12.0865 0x1748 secdrv - ok
19:28:12.0881 0x1748 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:28:12.0928 0x1748 seclogon - ok
19:28:12.0928 0x1748 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:28:12.0975 0x1748 SENS - ok
19:28:12.0975 0x1748 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:28:13.0006 0x1748 SensrSvc - ok
19:28:13.0006 0x1748 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:28:13.0037 0x1748 Serenum - ok
19:28:13.0037 0x1748 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:28:13.0068 0x1748 Serial - ok
19:28:13.0068 0x1748 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:28:13.0084 0x1748 sermouse - ok
19:28:13.0099 0x1748 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:28:13.0146 0x1748 SessionEnv - ok
19:28:13.0146 0x1748 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:28:13.0177 0x1748 sffdisk - ok
19:28:13.0177 0x1748 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:28:13.0209 0x1748 sffp_mmc - ok
19:28:13.0209 0x1748 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:28:13.0240 0x1748 sffp_sd - ok
19:28:13.0240 0x1748 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:28:13.0255 0x1748 sfloppy - ok
19:28:13.0271 0x1748 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:28:13.0333 0x1748 SharedAccess - ok
19:28:13.0349 0x1748 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:28:13.0411 0x1748 ShellHWDetection - ok
19:28:13.0411 0x1748 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:28:13.0427 0x1748 SiSRaid2 - ok
19:28:13.0427 0x1748 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:28:13.0458 0x1748 SiSRaid4 - ok
19:28:13.0474 0x1748 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:28:13.0505 0x1748 SkypeUpdate - ok
19:28:13.0505 0x1748 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:28:13.0552 0x1748 Smb - ok
19:28:13.0567 0x1748 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:28:13.0583 0x1748 SNMPTRAP - ok
19:28:13.0583 0x1748 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:28:13.0614 0x1748 spldr - ok
19:28:13.0630 0x1748 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:28:13.0677 0x1748 Spooler - ok
19:28:13.0755 0x1748 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:28:13.0926 0x1748 sppsvc - ok
19:28:13.0942 0x1748 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:28:13.0989 0x1748 sppuinotify - ok
19:28:14.0004 0x1748 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:28:14.0035 0x1748 srv - ok
19:28:14.0051 0x1748 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:28:14.0098 0x1748 srv2 - ok
19:28:14.0098 0x1748 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:28:14.0129 0x1748 srvnet - ok
19:28:14.0129 0x1748 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:28:14.0191 0x1748 SSDPSRV - ok
19:28:14.0191 0x1748 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:28:14.0238 0x1748 SstpSvc - ok
19:28:14.0269 0x1748 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:28:19.0137 0x1748 Steam Client Service - ok
19:28:19.0137 0x1748 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:28:19.0152 0x1748 stexstor - ok
19:28:19.0168 0x1748 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:28:19.0230 0x1748 stisvc - ok
19:28:19.0230 0x1748 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:28:19.0246 0x1748 swenum - ok
19:28:19.0261 0x1748 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:28:19.0339 0x1748 swprv - ok
19:28:19.0339 0x1748 [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:28:19.0371 0x1748 SynTP - ok
19:28:19.0417 0x1748 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:28:19.0511 0x1748 SysMain - ok
19:28:19.0527 0x1748 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:28:19.0558 0x1748 TabletInputService - ok
19:28:19.0558 0x1748 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:28:19.0620 0x1748 TapiSrv - ok
19:28:19.0620 0x1748 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:28:19.0683 0x1748 TBS - ok
19:28:19.0745 0x1748 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:28:19.0839 0x1748 Tcpip - ok
19:28:19.0885 0x1748 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:28:19.0963 0x1748 TCPIP6 - ok
19:28:19.0963 0x1748 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:28:19.0995 0x1748 tcpipreg - ok
19:28:19.0995 0x1748 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:28:20.0026 0x1748 TDPIPE - ok
19:28:20.0026 0x1748 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:28:20.0041 0x1748 TDTCP - ok
19:28:20.0057 0x1748 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:28:20.0073 0x1748 tdx - ok
19:28:20.0088 0x1748 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:28:20.0104 0x1748 TermDD - ok
19:28:20.0119 0x1748 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:28:20.0166 0x1748 TermService - ok
19:28:20.0182 0x1748 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:28:20.0197 0x1748 Themes - ok
19:28:20.0213 0x1748 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:28:20.0260 0x1748 THREADORDER - ok
19:28:20.0260 0x1748 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:28:20.0322 0x1748 TrkWks - ok
19:28:20.0322 0x1748 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:28:20.0369 0x1748 TrustedInstaller - ok
19:28:20.0385 0x1748 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:28:20.0400 0x1748 tssecsrv - ok
19:28:20.0400 0x1748 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:28:20.0431 0x1748 TsUsbFlt - ok
19:28:20.0431 0x1748 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:28:20.0478 0x1748 tunnel - ok
19:28:20.0494 0x1748 [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:28:20.0509 0x1748 TurboB - ok
19:28:20.0509 0x1748 [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:28:20.0525 0x1748 TurboBoost - ok
19:28:20.0541 0x1748 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:28:20.0556 0x1748 uagp35 - ok
19:28:20.0572 0x1748 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:28:20.0634 0x1748 udfs - ok
19:28:20.0634 0x1748 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:28:20.0665 0x1748 UI0Detect - ok
19:28:20.0665 0x1748 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:28:20.0681 0x1748 uliagpkx - ok
19:28:20.0697 0x1748 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:28:20.0712 0x1748 umbus - ok
19:28:20.0712 0x1748 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:28:20.0743 0x1748 UmPass - ok
19:28:20.0790 0x1748 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:28:20.0884 0x1748 UNS - ok
19:28:20.0899 0x1748 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:28:20.0962 0x1748 upnphost - ok
19:28:20.0962 0x1748 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:28:20.0977 0x1748 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
19:28:24.0144 0x1748 Detect skipped due to KSN trusted
19:28:24.0144 0x1748 USBAAPL64 - ok
19:28:24.0160 0x1748 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:28:24.0191 0x1748 usbccgp - ok
19:28:24.0191 0x1748 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:28:24.0222 0x1748 usbcir - ok
19:28:24.0222 0x1748 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:28:24.0253 0x1748 usbehci - ok
19:28:24.0269 0x1748 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:28:24.0300 0x1748 usbhub - ok
19:28:24.0300 0x1748 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:28:24.0331 0x1748 usbohci - ok
19:28:24.0331 0x1748 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:28:24.0363 0x1748 usbprint - ok
19:28:24.0363 0x1748 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:28:24.0394 0x1748 USBSTOR - ok
19:28:24.0394 0x1748 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:28:24.0409 0x1748 usbuhci - ok
19:28:24.0425 0x1748 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:28:24.0456 0x1748 usbvideo - ok
19:28:24.0456 0x1748 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:28:24.0503 0x1748 UxSms - ok
19:28:24.0503 0x1748 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
19:28:24.0534 0x1748 VaultSvc - ok
19:28:24.0550 0x1748 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
19:28:24.0565 0x1748 VBoxAswDrv - ok
19:28:24.0581 0x1748 [ 8CEF51B3AA696A021574A6F4E4C6F5C3, E763DCF53534A40EFF41180567AF68B06CD60BD48E14127AE44DC34744E89770 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:28:24.0612 0x1748 VBoxDrv - ok
19:28:24.0612 0x1748 [ 7AC3F7C5A97CAFCCC54D9614A640A4CD, C412B27D40D7D326F9B8148A9BE691448734111187071AB30AC8AE15B875FD9F ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:28:24.0643 0x1748 VBoxNetAdp - ok
19:28:24.0643 0x1748 [ D1FC65F999E63697CFA67D8FB13E03C2, CDE5438159F7B7BC53DB1375E0BAE39351D9C5FB6534F1E73DF4C716008F9DA9 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:28:24.0675 0x1748 VBoxNetFlt - ok
19:28:24.0675 0x1748 [ 9D0B977894F8744CE2495568B16AE3D1, 0BD27FB1AB4011DF3FE72E99F8DE988082C564330BCE59320FFA63EF412C1D00 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
19:28:24.0706 0x1748 VBoxUSB - ok
19:28:24.0706 0x1748 [ 710772BFEE506DAEE114994ED4DF5035, C7E91F27F4F8AA297CC319B45C5F59F1AF8A0534C8A1BAA204EBADD02084487B ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:28:24.0721 0x1748 VBoxUSBMon - ok
19:28:24.0737 0x1748 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:28:24.0753 0x1748 vdrvroot - ok
19:28:24.0768 0x1748 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:28:24.0831 0x1748 vds - ok
19:28:24.0846 0x1748 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:28:24.0862 0x1748 vga - ok
19:28:24.0862 0x1748 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:28:24.0909 0x1748 VgaSave - ok
19:28:24.0924 0x1748 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:28:24.0955 0x1748 vhdmp - ok
19:28:24.0955 0x1748 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:28:24.0971 0x1748 viaide - ok
19:28:24.0971 0x1748 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:28:25.0002 0x1748 volmgr - ok
19:28:25.0018 0x1748 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:28:25.0033 0x1748 volmgrx - ok
19:28:25.0049 0x1748 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:28:25.0080 0x1748 volsnap - ok
19:28:25.0096 0x1748 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:28:25.0111 0x1748 vsmraid - ok
19:28:25.0158 0x1748 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:28:25.0267 0x1748 VSS - ok
19:28:25.0283 0x1748 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:28:25.0299 0x1748 vwifibus - ok
19:28:25.0314 0x1748 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:28:25.0330 0x1748 vwififlt - ok
19:28:25.0345 0x1748 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:28:25.0423 0x1748 W32Time - ok
19:28:25.0423 0x1748 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
19:28:25.0439 0x1748 WacHidRouter - ok
19:28:25.0455 0x1748 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:28:25.0470 0x1748 WacomPen - ok
19:28:25.0470 0x1748 [ 056891AD9FB65EEE3A927C9FB5131FC7, 5CEC0E460A7A247672357E04E1B6B11A6F22FBB65DE533E0216CE3B2A33EF438 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
19:28:25.0501 0x1748 wacomrouterfilter - ok
19:28:25.0501 0x1748 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:28:25.0548 0x1748 WANARP - ok
19:28:25.0548 0x1748 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:28:25.0595 0x1748 Wanarpv6 - ok
19:28:25.0626 0x1748 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:28:25.0720 0x1748 wbengine - ok
19:28:25.0720 0x1748 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:28:25.0767 0x1748 WbioSrvc - ok
19:28:25.0767 0x1748 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:28:25.0813 0x1748 wcncsvc - ok
19:28:25.0813 0x1748 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:28:25.0845 0x1748 WcsPlugInService - ok
19:28:25.0845 0x1748 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:28:25.0860 0x1748 Wd - ok
19:28:25.0891 0x1748 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:28:25.0938 0x1748 Wdf01000 - ok
19:28:25.0938 0x1748 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:28:25.0985 0x1748 WdiServiceHost - ok
19:28:26.0001 0x1748 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:28:26.0032 0x1748 WdiSystemHost - ok
19:28:26.0032 0x1748 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:28:26.0063 0x1748 WebClient - ok
19:28:26.0079 0x1748 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:28:26.0141 0x1748 Wecsvc - ok
19:28:26.0141 0x1748 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:28:26.0188 0x1748 wercplsupport - ok
19:28:26.0203 0x1748 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:28:26.0250 0x1748 WerSvc - ok
19:28:26.0250 0x1748 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:28:26.0297 0x1748 WfpLwf - ok
19:28:26.0313 0x1748 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:28:26.0328 0x1748 WIMMount - ok
19:28:26.0328 0x1748 WinDefend - ok
19:28:26.0328 0x1748 WinHttpAutoProxySvc - ok
19:28:26.0344 0x1748 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:28:26.0406 0x1748 Winmgmt - ok
19:28:26.0453 0x1748 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
19:28:26.0547 0x1748 WinRM - ok
19:28:26.0578 0x1748 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:28:26.0656 0x1748 Wlansvc - ok
19:28:26.0703 0x1748 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:28:26.0812 0x1748 wlidsvc - ok
19:28:26.0812 0x1748 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:28:26.0843 0x1748 WmiAcpi - ok
19:28:26.0859 0x1748 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:28:26.0890 0x1748 wmiApSrv - ok
19:28:26.0890 0x1748 WMPNetworkSvc - ok
19:28:26.0890 0x1748 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:28:26.0921 0x1748 WPCSvc - ok
19:28:26.0921 0x1748 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:28:26.0952 0x1748 WPDBusEnum - ok
19:28:26.0968 0x1748 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:28:27.0015 0x1748 ws2ifsl - ok
19:28:27.0015 0x1748 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:28:27.0046 0x1748 wscsvc - ok
19:28:27.0061 0x1748 WSearch - ok
19:28:27.0077 0x1748 [ B3730C83E305A8D5E195EC5CAF508D06, 616116565252E866E429250C4131A0B0F86C43BE58B97A7B34DCED6CCC2DFD93 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
19:28:27.0108 0x1748 WTabletServicePro - ok
19:28:27.0171 0x1748 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
19:28:27.0295 0x1748 wuauserv - ok
19:28:27.0311 0x1748 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:28:27.0342 0x1748 WudfPf - ok
19:28:27.0358 0x1748 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:28:27.0389 0x1748 WUDFRd - ok
19:28:27.0389 0x1748 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:28:27.0420 0x1748 wudfsvc - ok
19:28:27.0420 0x1748 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:28:27.0467 0x1748 WwanSvc - ok
19:28:27.0483 0x1748 ================ Scan global ===============================
19:28:27.0483 0x1748 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:28:27.0483 0x1748 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:28:27.0498 0x1748 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:28:27.0514 0x1748 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:28:27.0529 0x1748 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:28:27.0529 0x1748 [ Global ] - ok
19:28:27.0529 0x1748 ================ Scan MBR ==================================
19:28:27.0545 0x1748 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:28:27.0592 0x1748 \Device\Harddisk0\DR0 - ok
19:28:27.0592 0x1748 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:28:28.0029 0x1748 \Device\Harddisk1\DR1 - ok
19:28:28.0029 0x1748 ================ Scan VBR ==================================
19:28:28.0029 0x1748 [ 4DAFD32430D2DA5A7FC9A8D10D1014EB ] \Device\Harddisk0\DR0\Partition1
19:28:28.0029 0x1748 \Device\Harddisk0\DR0\Partition1 - ok
19:28:28.0029 0x1748 [ D59F0FD3BDA05E69B1B00A9759D896A4 ] \Device\Harddisk0\DR0\Partition2
19:28:28.0029 0x1748 \Device\Harddisk0\DR0\Partition2 - ok
19:28:28.0029 0x1748 [ A3C7E125C392999B4C793A85A1A14643 ] \Device\Harddisk1\DR1\Partition1
19:28:28.0029 0x1748 \Device\Harddisk1\DR1\Partition1 - ok
19:28:28.0029 0x1748 ================ Scan generic autorun ======================
19:28:28.0247 0x1748 [ 37F1D9DE11A9888D014D5BE966084B34, 992B87FF41A811418C0166B48B5509090F9A66E3CF5B85BB19ED6059A6460C55 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:28:28.0528 0x1748 RtHDVCpl - ok
19:28:28.0528 0x1748 SynTPEnh - ok
19:28:28.0543 0x1748 [ E19B41A5537C96D577DD796439DDDC29, 0B3DCD531207F13A677EEF46FF04C9FABA36308BC3F1041EE624FD946CAB0E10 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
19:28:28.0575 0x1748 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
19:28:31.0071 0x1748 Detect skipped due to KSN trusted
19:28:31.0071 0x1748 AmIcoSinglun64 - ok
19:28:31.0117 0x1748 [ 6B7DE92DAA31E9A6A703E3A405B096FB, 65CDD01EB816EB712C8EE79D63632B3E5B55BC835C5041C7A5B63A6DDF98C062 ] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
19:28:31.0164 0x1748 Acer ePower Management - ok
19:28:31.0164 0x1748 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:28:31.0195 0x1748 Logitech Download Assistant - ok
19:28:31.0211 0x1748 [ 08544009D6125F01198505EA4D8711A3, D84E61DC2E6F3B34CD895D8052376F767A3DA571BB0DB174ECB2D7A3BB0C0440 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:28:31.0227 0x1748 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:28:33.0754 0x1748 Detect skipped due to KSN trusted
19:28:33.0754 0x1748 StartCCC - ok
19:28:33.0801 0x1748 [ 69D10A8ED7E28F6425C68AB7A9564FD9, 93C112891F93D53005FDFDD9F210279E85D92F6CCC8BCD732B56E792490750DA ] C:\Program Files (x86)\Launch Manager\LManager.exe
19:28:33.0863 0x1748 LManager - ok
19:28:33.0972 0x1748 [ FFB8CB731D62EC434A552680E0F8EC1A, 7738881188FF99820F6FD667E32FE73E63260289188C449D3462F8B19C48D3FA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:28:34.0159 0x1748 AvastUI.exe - ok
19:28:34.0159 0x1748 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:28:34.0191 0x1748 iTunesHelper - ok
19:28:34.0206 0x1748 [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:28:34.0237 0x1748 SunJavaUpdateSched - ok
19:28:34.0269 0x1748 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:28:34.0331 0x1748 Sidebar - ok
19:28:34.0347 0x1748 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:28:34.0378 0x1748 mctadmin - ok
19:28:34.0409 0x1748 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:28:34.0471 0x1748 Sidebar - ok
19:28:34.0471 0x1748 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:28:34.0503 0x1748 mctadmin - ok
19:28:34.0518 0x1748 [ BA7D51208ED1A5F2DAB4894C9717CBBD, 0341CC07EEEDB598F0EC68E1FE250F3FD73C099198B364E5877D5535D25BE26B ] C:\Program Files\Sandboxie\SbieCtrl.exe
19:28:34.0565 0x1748 SandboxieControl - ok
19:28:34.0565 0x1748 Waiting for KSN requests completion. In queue: 11
19:28:35.0579 0x1748 Waiting for KSN requests completion. In queue: 11
19:28:36.0593 0x1748 Waiting for KSN requests completion. In queue: 11
19:28:37.0623 0x1748 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
19:28:37.0638 0x1748 Win FW state via NFP2: enabled
19:28:40.0321 0x1748 ============================================================
19:28:40.0321 0x1748 Scan finished
19:28:40.0321 0x1748 ============================================================
19:28:40.0337 0x06c0 Detected object count: 0
19:28:40.0337 0x06c0 Actual detected object count: 0
|
|
23.12.2014, 17:48
| #6 |
| /// the machine /// TB-Ausbilder | Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden jop, Fehlalarm
__________________ --> Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden |
|
| Themen zu Avast: Rootkit: hidden file (Schweregrad: Hoch), Malewarebytes: Keine Bedrohung gefunden |
| ahnung, avast, besser, computer, design, einfach, erbitte, fehlalarm, file, folge, folgendes, heute, infos, logfiles, malwarebytes, neu, nichts, ordner, problem, quarantäne, rootkit, screenshot, temp, wirklich, zunge |
Linear-Darstellung
